cryptohome/auth_blocks/challenge_credential_auth_block.cc - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2020 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "cryptohome/auth_blocks/challenge_credential_auth_block.h"

 #include <utility>
 #include <variant>

 #include <base/logging.h>
 #include <base/notreached.h>

 #include "cryptohome/auth_blocks/auth_block_state.h"
 #include "cryptohome/auth_blocks/libscrypt_compat_auth_block.h"
 #include "cryptohome/cryptohome_metrics.h"
 #include "cryptohome/key_objects.h"

 namespace cryptohome {

 ChallengeCredentialAuthBlock::ChallengeCredentialAuthBlock()
     : LibScryptCompatAuthBlock(kSignatureChallengeProtected) {}

 CryptoError ChallengeCredentialAuthBlock::Create(
     const AuthInput& user_input,
     AuthBlockState* auth_block_state,
     KeyBlobs* key_blobs) {
   AuthBlockState auth_state;
   CryptoError error =
       LibScryptCompatAuthBlock::Create(user_input, &auth_state, key_blobs);
   if (error != CryptoError::CE_NONE) {
     LOG(ERROR) << "scrypt derivation failed for challenge credential";
     return error;
   }
   if (auto* scrypt_state =
           std::get_if<LibScryptCompatAuthBlockState>(&auth_state.state)) {
     ChallengeCredentialAuthBlockState cc_state = {.scrypt_state =
                                                       std::move(*scrypt_state)};
     *auth_block_state = AuthBlockState{.state = std::move(cc_state)};
     return CryptoError::CE_NONE;

   } else {
     // This should never happen, but handling it anyway on the safe side.
     NOTREACHED() << "scrypt derivation failed for challenge credential";
     return CryptoError::CE_OTHER_CRYPTO;
   }
 }

 CryptoError ChallengeCredentialAuthBlock::Derive(const AuthInput& user_input,
                                                  const AuthBlockState& state,
                                                  KeyBlobs* key_blobs) {
   const ChallengeCredentialAuthBlockState* cc_state =
       std::get_if<ChallengeCredentialAuthBlockState>(&state.state);
   if (cc_state == nullptr) {
     LOG(ERROR) << "Invalid state for challenge credential AuthBlock";
     return CryptoError::CE_OTHER_FATAL;
   }

   AuthBlockState scrypt_state = {.state = cc_state->scrypt_state};
   return LibScryptCompatAuthBlock::Derive(user_input, scrypt_state, key_blobs);
 }

 }  // namespace cryptohome
	// Copyright 2020 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "cryptohome/auth_blocks/challenge_credential_auth_block.h"

	#include <utility>
	#include <variant>

	#include <base/logging.h>
	#include <base/notreached.h>

	#include "cryptohome/auth_blocks/auth_block_state.h"
	#include "cryptohome/auth_blocks/libscrypt_compat_auth_block.h"
	#include "cryptohome/cryptohome_metrics.h"
	#include "cryptohome/key_objects.h"

	namespace cryptohome {

	ChallengeCredentialAuthBlock::ChallengeCredentialAuthBlock()
	: LibScryptCompatAuthBlock(kSignatureChallengeProtected) {}

	CryptoError ChallengeCredentialAuthBlock::Create(
	const AuthInput& user_input,
	AuthBlockState* auth_block_state,
	KeyBlobs* key_blobs) {
	AuthBlockState auth_state;
	CryptoError error =
	LibScryptCompatAuthBlock::Create(user_input, &auth_state, key_blobs);
	if (error != CryptoError::CE_NONE) {
	LOG(ERROR) << "scrypt derivation failed for challenge credential";
	return error;
	}
	if (auto* scrypt_state =
	std::get_if<LibScryptCompatAuthBlockState>(&auth_state.state)) {
	ChallengeCredentialAuthBlockState cc_state = {.scrypt_state =
	std::move(*scrypt_state)};
	*auth_block_state = AuthBlockState{.state = std::move(cc_state)};
	return CryptoError::CE_NONE;

	} else {
	// This should never happen, but handling it anyway on the safe side.
	NOTREACHED() << "scrypt derivation failed for challenge credential";
	return CryptoError::CE_OTHER_CRYPTO;
	}
	}

	CryptoError ChallengeCredentialAuthBlock::Derive(const AuthInput& user_input,
	const AuthBlockState& state,
	KeyBlobs* key_blobs) {
	const ChallengeCredentialAuthBlockState* cc_state =
	std::get_if<ChallengeCredentialAuthBlockState>(&state.state);
	if (cc_state == nullptr) {
	LOG(ERROR) << "Invalid state for challenge credential AuthBlock";
	return CryptoError::CE_OTHER_FATAL;
	}

	AuthBlockState scrypt_state = {.state = cc_state->scrypt_state};
	return LibScryptCompatAuthBlock::Derive(user_input, scrypt_state, key_blobs);
	}

	} // namespace cryptohome