diff options
Diffstat (limited to 'base/nigori.h')
| -rw-r--r-- | base/nigori.h | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/base/nigori.h b/base/nigori.h deleted file mode 100644 index df6bf9a..0000000 --- a/base/nigori.h +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef BASE_CRYPTO_NIGORI_H_ -#define BASE_CRYPTO_NIGORI_H_ - -#include <string> - -#include "base/crypto/symmetric_key.h" -#include "base/scoped_ptr.h" - -namespace base { - -// A (partial) implementation of Nigori, a protocol to securely store secrets in -// the cloud. This implementation does not support server authentication or -// assisted key derivation. -// -// To store secrets securely, use the |Permute| method to derive a lookup name -// for your secret (basically a map key), and |Encrypt| and |Decrypt| to store -// and retrieve the secret. -// -// TODO: Link to doc. -class Nigori { - public: - enum Type { - Password = 1, - }; - - // Creates a Nigori client for communicating with |hostname|. Note that - // |hostname| is used to derive the keys used to encrypt and decrypt data. - explicit Nigori(const std::string& hostname); - virtual ~Nigori(); - - // Initialize the client with the supplied |username| and |password|. - bool Init(const std::string& username, const std::string& password); - - // Derives a secure lookup name from |type| and |name|. If |hostname|, - // |username| and |password| are kept constant, a given |type| and |name| pair - // always yields the same |permuted| value. Note that |permuted| will be - // Base64 encoded. - bool Permute(Type type, const std::string& name, std::string* permuted); - - // Encrypts |value|. Note that on success, |encrypted| will be Base64 - // encoded. - bool Encrypt(const std::string& value, std::string* encrypted); - - // Decrypts |value| into |decrypted|. It is assumed that |value| is Base64 - // encoded. - bool Decrypt(const std::string& value, std::string* decrypted); - - static const char kSaltSalt[]; // The salt used to derive the user salt. - static const size_t kSaltKeySize = 8; - static const size_t kDerivedKeySizeInBits = 128; - static const size_t kIvSize = 16; - static const size_t kHashSize = 32; - - static const size_t kSaltIterations = 1001; - static const size_t kUserIterations = 1002; - static const size_t kEncryptionIterations = 1003; - static const size_t kSigningIterations = 1004; - - private: - const std::string hostname_; - scoped_ptr<SymmetricKey> user_key_; - scoped_ptr<SymmetricKey> encryption_key_; - scoped_ptr<SymmetricKey> mac_key_; -}; - -} // namespace base - -#endif // BASE_CRYPTO_NIGORI_H_ |