1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_SYNC_UTIL_NIGORI_H_
6#define CHROME_BROWSER_SYNC_UTIL_NIGORI_H_
7#pragma once
8
9#include <string>
10
11#include "base/memory/scoped_ptr.h"
12#include "crypto/symmetric_key.h"
13
14namespace browser_sync {
15
16// A (partial) implementation of Nigori, a protocol to securely store secrets in
17// the cloud. This implementation does not support server authentication or
18// assisted key derivation.
19//
20// To store secrets securely, use the |Permute| method to derive a lookup name
21// for your secret (basically a map key), and |Encrypt| and |Decrypt| to store
22// and retrieve the secret.
23//
24// TODO: Link to doc.
25class Nigori {
26 public:
27  enum Type {
28    Password = 1,
29  };
30
31  Nigori();
32  virtual ~Nigori();
33
34  // Initialize the client with the given |hostname|, |username| and |password|.
35  bool InitByDerivation(const std::string& hostname,
36                        const std::string& username,
37                        const std::string& password);
38
39  // Initialize the client by importing the given keys instead of deriving new
40  // ones.
41  bool InitByImport(const std::string& user_key,
42                    const std::string& encryption_key,
43                    const std::string& mac_key);
44
45  // Derives a secure lookup name from |type| and |name|. If |hostname|,
46  // |username| and |password| are kept constant, a given |type| and |name| pair
47  // always yields the same |permuted| value. Note that |permuted| will be
48  // Base64 encoded.
49  bool Permute(Type type, const std::string& name, std::string* permuted) const;
50
51  // Encrypts |value|. Note that on success, |encrypted| will be Base64
52  // encoded.
53  bool Encrypt(const std::string& value, std::string* encrypted) const;
54
55  // Decrypts |value| into |decrypted|. It is assumed that |value| is Base64
56  // encoded.
57  bool Decrypt(const std::string& value, std::string* decrypted) const;
58
59  // Exports the raw derived keys.
60  bool ExportKeys(std::string* user_key,
61                  std::string* encryption_key,
62                  std::string* mac_key) const;
63
64  static const char kSaltSalt[];  // The salt used to derive the user salt.
65  static const size_t kSaltKeySizeInBits = 128;
66  static const size_t kDerivedKeySizeInBits = 128;
67  static const size_t kIvSize = 16;
68  static const size_t kHashSize = 32;
69
70  static const size_t kSaltIterations = 1001;
71  static const size_t kUserIterations = 1002;
72  static const size_t kEncryptionIterations = 1003;
73  static const size_t kSigningIterations = 1004;
74
75 private:
76  scoped_ptr<crypto::SymmetricKey> user_key_;
77  scoped_ptr<crypto::SymmetricKey> encryption_key_;
78  scoped_ptr<crypto::SymmetricKey> mac_key_;
79};
80
81}  // namespace browser_sync
82
83#endif  // CHROME_BROWSER_SYNC_UTIL_NIGORI_H_
84