cryptohome/crypto/scrypt.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2021 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CRYPTOHOME_CRYPTO_SCRYPT_H_
 #define CRYPTOHOME_CRYPTO_SCRYPT_H_

 #include <string>
 #include <vector>

 #include <openssl/bn.h>
 #include <openssl/evp.h>

 #include <base/files/file_path.h>
 #include <base/macros.h>
 #include <brillo/secure_blob.h>

 #include "cryptohome/attestation.pb.h"
 #include "cryptohome/crypto_error.h"

 namespace cryptohome {

 extern const unsigned int kDefaultPasswordRounds;
 extern const unsigned int kDefaultLegacyPasswordRounds;
 extern const unsigned int kDefaultPassBlobSize;
 extern const unsigned int kScryptMetadataSize;
 extern const unsigned int kScryptMaxMem;
 extern const double kScryptMaxEncryptTime;
 extern const int kTpmDecryptMaxRetries;

 // A struct wrapping the scrypt parameters, with the default production
 // parameters set.
 struct ScryptParameters {
   // N is the work factor. Scrypt stores N sequential hash results in RAM,
   // randomizes their order, and XORs them.
   int n_factor = 16384;
   // The r factor iterates the hash function 2r times, so that memory and CPU
   // consumption grow with r.
   uint32_t r_factor = 8;
   // P is the parallelization factor.
   uint32_t p_factor = 1;
 };

 extern const ScryptParameters kDefaultScryptParams;
 extern const ScryptParameters kTestScryptParams;

 // Derives secrets and other values from User Passkey.
 //
 // Parameters
 //   passkey - The User Passkey, from which to derive the secrets.
 //   salt - The salt used when deriving the secrets.
 //   gen_secrets (IN-OUT) - Vector containing resulting secrets.
 //                          The caller allocates each blob in |gen_secrets|
 //                          to the appropriate (non-empty) size.
 //
 bool DeriveSecretsScrypt(const brillo::SecureBlob& passkey,
                          const brillo::SecureBlob& salt,
                          std::vector<brillo::SecureBlob*> gen_secrets);

 // |passkey| - The User Passkey, from which to derive the secrets.
 // |salt| - The salt used when deriving the secrets.
 // |work_factor| - The work factor passed to scrypt.
 // |block_size| - The block size passed to scrypt.
 // |parallel_factor| - The parallel factor passed to scrypt.
 // |result| - The blob, allocated by the caller to the correct size,
 //            containing the result secret.
 //
 //  Returns true on success.
 bool Scrypt(const brillo::SecureBlob& passkey,
             const brillo::SecureBlob& salt,
             int work_factor,
             int block_size,
             int parallel_factor,
             brillo::SecureBlob* result);

 // Encrypt a provided blob using libscrypt, which sets up a header, derives
 // the keys, encrypts, and HMACs.
 //
 // The parameters are as follows:
 // - blob: Data blob to be encrypted.
 // - key_source: User passphrase key used for encryption.
 // - max_encrypt_time: A max encryption time which can specified.
 // - wrapped_blob: Pointer to blob where encrypted data is stored.
 //
 // Returns true on success, and false on failure.
 bool DeprecatedEncryptScryptBlob(const brillo::SecureBlob& blob,
                                  const brillo::SecureBlob& key_source,
                                  brillo::SecureBlob* wrapped_blob);

 // Companion decryption function for DeprecatedEncryptScryptBlob().
 // This decrypts the data blobs which were encrypted using
 // DeprecatedEncryptScryptBlob().
 //
 // Returns true on success. On failure, false is returned, and
 // |error| is set with the appropriate error code.
 bool DeprecatedDecryptScryptBlob(const brillo::SecureBlob& wrapped_blob,
                                  const brillo::SecureBlob& key,
                                  brillo::SecureBlob* blob,
                                  CryptoError* error);

 // This verifies that the default scrypt params are used in production.
 void AssertProductionScryptParams();

 // This updates the global scrypt testing parameters.
 void SetScryptTestingParams();

 }  // namespace cryptohome

 #endif  // CRYPTOHOME_CRYPTO_SCRYPT_H_
	// Copyright 2021 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CRYPTOHOME_CRYPTO_SCRYPT_H_
	#define CRYPTOHOME_CRYPTO_SCRYPT_H_

	#include <string>
	#include <vector>

	#include <openssl/bn.h>
	#include <openssl/evp.h>

	#include <base/files/file_path.h>
	#include <base/macros.h>
	#include <brillo/secure_blob.h>

	#include "cryptohome/attestation.pb.h"
	#include "cryptohome/crypto_error.h"

	namespace cryptohome {

	extern const unsigned int kDefaultPasswordRounds;
	extern const unsigned int kDefaultLegacyPasswordRounds;
	extern const unsigned int kDefaultPassBlobSize;
	extern const unsigned int kScryptMetadataSize;
	extern const unsigned int kScryptMaxMem;
	extern const double kScryptMaxEncryptTime;
	extern const int kTpmDecryptMaxRetries;

	// A struct wrapping the scrypt parameters, with the default production
	// parameters set.
	struct ScryptParameters {
	// N is the work factor. Scrypt stores N sequential hash results in RAM,
	// randomizes their order, and XORs them.
	int n_factor = 16384;
	// The r factor iterates the hash function 2r times, so that memory and CPU
	// consumption grow with r.
	uint32_t r_factor = 8;
	// P is the parallelization factor.
	uint32_t p_factor = 1;
	};

	extern const ScryptParameters kDefaultScryptParams;
	extern const ScryptParameters kTestScryptParams;

	// Derives secrets and other values from User Passkey.
	//
	// Parameters
	// passkey - The User Passkey, from which to derive the secrets.
	// salt - The salt used when deriving the secrets.
	// gen_secrets (IN-OUT) - Vector containing resulting secrets.
	// The caller allocates each blob in \|gen_secrets\|
	// to the appropriate (non-empty) size.
	//
	bool DeriveSecretsScrypt(const brillo::SecureBlob& passkey,
	const brillo::SecureBlob& salt,
	std::vector<brillo::SecureBlob*> gen_secrets);

	// \|passkey\| - The User Passkey, from which to derive the secrets.
	// \|salt\| - The salt used when deriving the secrets.
	// \|work_factor\| - The work factor passed to scrypt.
	// \|block_size\| - The block size passed to scrypt.
	// \|parallel_factor\| - The parallel factor passed to scrypt.
	// \|result\| - The blob, allocated by the caller to the correct size,
	// containing the result secret.
	//
	// Returns true on success.
	bool Scrypt(const brillo::SecureBlob& passkey,
	const brillo::SecureBlob& salt,
	int work_factor,
	int block_size,
	int parallel_factor,
	brillo::SecureBlob* result);

	// Encrypt a provided blob using libscrypt, which sets up a header, derives
	// the keys, encrypts, and HMACs.
	//
	// The parameters are as follows:
	// - blob: Data blob to be encrypted.
	// - key_source: User passphrase key used for encryption.
	// - max_encrypt_time: A max encryption time which can specified.
	// - wrapped_blob: Pointer to blob where encrypted data is stored.
	//
	// Returns true on success, and false on failure.
	bool DeprecatedEncryptScryptBlob(const brillo::SecureBlob& blob,
	const brillo::SecureBlob& key_source,
	brillo::SecureBlob* wrapped_blob);

	// Companion decryption function for DeprecatedEncryptScryptBlob().
	// This decrypts the data blobs which were encrypted using
	// DeprecatedEncryptScryptBlob().
	//
	// Returns true on success. On failure, false is returned, and
	// \|error\| is set with the appropriate error code.
	bool DeprecatedDecryptScryptBlob(const brillo::SecureBlob& wrapped_blob,
	const brillo::SecureBlob& key,
	brillo::SecureBlob* blob,
	CryptoError* error);

	// This verifies that the default scrypt params are used in production.
	void AssertProductionScryptParams();

	// This updates the global scrypt testing parameters.
	void SetScryptTestingParams();

	} // namespace cryptohome

	#endif // CRYPTOHOME_CRYPTO_SCRYPT_H_