vault_keyset.h - chromiumos/platform/cryptohome - Git at Google

 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef VAULT_KEYSET_H_
 #define VAULT_KEYSET_H_

 #include <base/basictypes.h>
 #include <chromeos/secure_blob.h>

 #include "cryptohome_common.h"
 #include "vault_keyset.pb.h"

 namespace cryptohome {

 class Crypto;
 class Platform;

 // VaultKeyset holds the File Encryption Key (FEK) and File Name Encryption Key
 // (FNEK) and their corresponding signatures.
 class VaultKeyset {
  public:
   // Does not take ownership of platform and crypto. The objects pointed to by
   // them must outlive this object.
   VaultKeyset(Platform* platform, Crypto* crypto);
   virtual ~VaultKeyset();

   void FromVaultKeyset(const VaultKeyset& vault_keyset);
   void FromKeys(const VaultKeysetKeys& keys);
   bool FromKeysBlob(const chromeos::SecureBlob& keys_blob);
   bool ToKeys(VaultKeysetKeys* keys) const;
   bool ToKeysBlob(chromeos::SecureBlob* keys_blob) const;

   void CreateRandom();

   const chromeos::SecureBlob& FEK() const;
   const chromeos::SecureBlob& FEK_SIG() const;
   const chromeos::SecureBlob& FEK_SALT() const;
   const chromeos::SecureBlob& FNEK() const;
   const chromeos::SecureBlob& FNEK_SIG() const;
   const chromeos::SecureBlob& FNEK_SALT() const;

   bool Load(const std::string& filename, const chromeos::SecureBlob& key);
   bool Save(const std::string& filename, const chromeos::SecureBlob& key);

  private:
   chromeos::SecureBlob fek_;
   chromeos::SecureBlob fek_sig_;
   chromeos::SecureBlob fek_salt_;
   chromeos::SecureBlob fnek_;
   chromeos::SecureBlob fnek_sig_;
   chromeos::SecureBlob fnek_salt_;

   Platform* platform_;
   Crypto* crypto_;

   SerializedVaultKeyset serialized_;

   DISALLOW_COPY_AND_ASSIGN(VaultKeyset);
 };

 }  // namespace cryptohome

 #endif  // VAULT_KEYSET_H_
	// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef VAULT_KEYSET_H_
	#define VAULT_KEYSET_H_

	#include <base/basictypes.h>
	#include <chromeos/secure_blob.h>

	#include "cryptohome_common.h"
	#include "vault_keyset.pb.h"

	namespace cryptohome {

	class Crypto;
	class Platform;

	// VaultKeyset holds the File Encryption Key (FEK) and File Name Encryption Key
	// (FNEK) and their corresponding signatures.
	class VaultKeyset {
	public:
	// Does not take ownership of platform and crypto. The objects pointed to by
	// them must outlive this object.
	VaultKeyset(Platform* platform, Crypto* crypto);
	virtual ~VaultKeyset();

	void FromVaultKeyset(const VaultKeyset& vault_keyset);
	void FromKeys(const VaultKeysetKeys& keys);
	bool FromKeysBlob(const chromeos::SecureBlob& keys_blob);
	bool ToKeys(VaultKeysetKeys* keys) const;
	bool ToKeysBlob(chromeos::SecureBlob* keys_blob) const;

	void CreateRandom();

	const chromeos::SecureBlob& FEK() const;
	const chromeos::SecureBlob& FEK_SIG() const;
	const chromeos::SecureBlob& FEK_SALT() const;
	const chromeos::SecureBlob& FNEK() const;
	const chromeos::SecureBlob& FNEK_SIG() const;
	const chromeos::SecureBlob& FNEK_SALT() const;

	bool Load(const std::string& filename, const chromeos::SecureBlob& key);
	bool Save(const std::string& filename, const chromeos::SecureBlob& key);

	private:
	chromeos::SecureBlob fek_;
	chromeos::SecureBlob fek_sig_;
	chromeos::SecureBlob fek_salt_;
	chromeos::SecureBlob fnek_;
	chromeos::SecureBlob fnek_sig_;
	chromeos::SecureBlob fnek_salt_;

	Platform* platform_;
	Crypto* crypto_;

	SerializedVaultKeyset serialized_;

	DISALLOW_COPY_AND_ASSIGN(VaultKeyset);
	};

	} // namespace cryptohome

	#endif // VAULT_KEYSET_H_