crypto: secure key wrapping/unwrapping

This commit adds in the ability to use the WrappedKeyData from the metadata package to wrap and unwrap cryptographic keys of any length. This makes use of several cryptographic primitives: - Unsalted, SHA256-based HKDF for key stretching - AES256 in CTR mode for encryption - SHA256-based HMAC for authentication Note that the key wrapping/unwrapping uses an "Encrypt then MAC" scheme for doing authenticated unwrapping. This means we can detect if bogus metadata has been given. This package also standardizes the length for fscrypt's internal keys. This CL is the first to add benchmarks, which can be run with: go test -bench=. ./... Change-Id: I2e5fc23a8a8cc36b17ccb3f26f03edcaccc517e1
author: Joe Richey <joerichey@google.com> 2017-03-02 11:58:07 -0800
committer: Joe Richey joerichey@google.com <joerichey@google.com> 2017-05-02 13:39:18 -0700
commit: 8128b35375dfc4846dd1573dda55ef232ffd2d66 (patch)
tree: 6f9eaf8651d9801424fa167cc168cabee8d191bf /crypto/key.go
parent: 8b09f614f9cc5038c71c6d75af6ab65071cca951 (diff)
1 files changed, 0 insertions, 3 deletions
diff --git a/crypto/key.go b/crypto/key.go
index 31d4667..428e89f 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -43,9 +43,6 @@ const (
 	ServiceF2FS = "f2fs:"
 )
 
-// PolicyKeyLen is the length of all keys passed directly to the Keyring
-const PolicyKeyLen = unix.FS_MAX_KEY_SIZE
-
 /*
 UseMlock determines whether we should use the mlock/munlock syscalls to
 prevent sensitive data like keys and passphrases from being paged to disk.
author	Joe Richey <joerichey@google.com>	2017-03-02 11:58:07 -0800
committer	Joe Richey joerichey@google.com <joerichey@google.com>	2017-05-02 13:39:18 -0700
commit	8128b35375dfc4846dd1573dda55ef232ffd2d66 (patch)
tree	6f9eaf8651d9801424fa167cc168cabee8d191bf /crypto/key.go
parent	8b09f614f9cc5038c71c6d75af6ab65071cca951 (diff)