blob: 1fb699d0760e0f97aae93ca06b319a53fc11e2d1 [file] [log] [blame] [edit]
// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef LIBBRILLO_BRILLO_SECURE_BLOB_H_
#define LIBBRILLO_BRILLO_SECURE_BLOB_H_
#include <initializer_list>
#include <string>
#include <vector>
#include <brillo/asan.h>
#include <brillo/brillo_export.h>
#include <brillo/secure_allocator.h>
namespace brillo {
using Blob = std::vector<uint8_t>;
// Define types based on the SecureAllocator for instantiation.
// ------------------------------------------------------------
// Define SecureVector as a vector using a SecureAllocator.
// Over time, the goal is to remove the differentiating functions
// from SecureBlob (to_string(), char_data()) till it converges with
// SecureVector.
using SecureVector = std::vector<uint8_t, SecureAllocator<uint8_t>>;
// Conversion of Blob to/from std::string, where the string holds raw byte
// contents.
BRILLO_EXPORT std::string BlobToString(const Blob& blob);
BRILLO_EXPORT Blob BlobFromString(const std::string& bytes);
// Returns a concatenation of given Blobs.
BRILLO_EXPORT Blob CombineBlobs(const std::initializer_list<Blob>& blobs);
// SecureBlob erases the contents on destruction. It does not guarantee erasure
// on resize, assign, etc.
class BRILLO_EXPORT SecureBlob : public SecureVector {
public:
SecureBlob() = default;
// Inherit standard constructors from SecureVector.
using SecureVector::vector;
explicit SecureBlob(const Blob& blob);
explicit SecureBlob(const std::string& data);
~SecureBlob();
void resize(size_type count);
void resize(size_type count, const value_type& value);
void clear();
std::string to_string() const;
char* char_data() { return reinterpret_cast<char*>(data()); }
const char* char_data() const {
return reinterpret_cast<const char*>(data());
}
static SecureBlob Combine(const SecureBlob& blob1, const SecureBlob& blob2);
static bool HexStringToSecureBlob(const std::string& input,
SecureBlob* output);
};
// Conversion of SecureBlob data to/from SecureBlob hex. This is useful
// for sensitive data like encryption keys, that should, in the ideal case never
// be exposed as strings in the first place. In case the existing data or hex
// string is already exposed as a std::string, it is preferable to use the
// BlobToString variant.
BRILLO_EXPORT SecureBlob SecureBlobToSecureHex(const SecureBlob& blob);
BRILLO_EXPORT SecureBlob SecureHexToSecureBlob(const SecureBlob& hex);
} // namespace brillo
#endif // LIBBRILLO_BRILLO_SECURE_BLOB_H_