cryptohome/libscrypt_compat_auth_block.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2020 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_
 #define CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_

 #include "cryptohome/auth_block.h"
 #include "cryptohome/auth_block_state.h"

 namespace cryptohome {

 // AuthBlocks generally output a populated AuthBlockState in the Create()
 // method, and consume the same AuthBlockState in the Derive() method.
 // LibScryptCompat is a special case because it includes the metadata at the
 // beginning of the same buffer as the encrypted blob. Thus, Create() outputs an
 // empty AuthBlockState and the KeyBlobs struct stores the encrypted buffers,
 // which happen to have the metadata at the beginning. When Derive() is called,
 // those entire blobs are put into the AuthBlockState, so Derive() can parse the
 // metadata from there.
 class LibScryptCompatAuthBlock : public AuthBlock {
  public:
   LibScryptCompatAuthBlock();
   ~LibScryptCompatAuthBlock() = default;

   // Derives a high entropy secret from the user's password with scrypt.
   // Returns a key for each field that must be wrapped by scrypt, such as the
   // wrapped_chaps_key, etc.
   base::Optional<AuthBlockState> Create(const AuthInput& user_input,
                                         KeyBlobs* key_blobs,
                                         CryptoError* error) override;

   // This uses Scrypt to derive high entropy keys from the user's password.
   bool Derive(const AuthInput& auth_input,
               const AuthBlockState& state,
               KeyBlobs* key_blobs,
               CryptoError* error) override;

  protected:
   explicit LibScryptCompatAuthBlock(DerivationType);
 };

 }  // namespace cryptohome

 #endif  // CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_
	// Copyright 2020 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_
	#define CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_

	#include "cryptohome/auth_block.h"
	#include "cryptohome/auth_block_state.h"

	namespace cryptohome {

	// AuthBlocks generally output a populated AuthBlockState in the Create()
	// method, and consume the same AuthBlockState in the Derive() method.
	// LibScryptCompat is a special case because it includes the metadata at the
	// beginning of the same buffer as the encrypted blob. Thus, Create() outputs an
	// empty AuthBlockState and the KeyBlobs struct stores the encrypted buffers,
	// which happen to have the metadata at the beginning. When Derive() is called,
	// those entire blobs are put into the AuthBlockState, so Derive() can parse the
	// metadata from there.
	class LibScryptCompatAuthBlock : public AuthBlock {
	public:
	LibScryptCompatAuthBlock();
	~LibScryptCompatAuthBlock() = default;

	// Derives a high entropy secret from the user's password with scrypt.
	// Returns a key for each field that must be wrapped by scrypt, such as the
	// wrapped_chaps_key, etc.
	base::Optional<AuthBlockState> Create(const AuthInput& user_input,
	KeyBlobs* key_blobs,
	CryptoError* error) override;

	// This uses Scrypt to derive high entropy keys from the user's password.
	bool Derive(const AuthInput& auth_input,
	const AuthBlockState& state,
	KeyBlobs* key_blobs,
	CryptoError* error) override;

	protected:
	explicit LibScryptCompatAuthBlock(DerivationType);
	};

	} // namespace cryptohome

	#endif // CRYPTOHOME_LIBSCRYPT_COMPAT_AUTH_BLOCK_H_