From 8128b35375dfc4846dd1573dda55ef232ffd2d66 Mon Sep 17 00:00:00 2001
From: Joe Richey <joerichey@google.com>
Date: Thu, 2 Mar 2017 11:58:07 -0800
Subject: crypto: secure key wrapping/unwrapping

This commit adds in the ability to use the WrappedKeyData from the
metadata package to wrap and unwrap cryptographic keys of any length.
This makes use of several cryptographic primitives:
	- Unsalted, SHA256-based HKDF for key stretching
	- AES256 in CTR mode for encryption
	- SHA256-based HMAC for authentication

Note that the key wrapping/unwrapping uses an "Encrypt then MAC" scheme
for doing authenticated unwrapping. This means we can detect if bogus
metadata has been given. This package also standardizes the length for
fscrypt's internal keys.

This CL is the first to add benchmarks, which can be run with:
	go test -bench=. ./...

Change-Id: I2e5fc23a8a8cc36b17ccb3f26f03edcaccc517e1
---
 crypto/key.go | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'crypto/key.go')

diff --git a/crypto/key.go b/crypto/key.go
index 31d4667..428e89f 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -43,9 +43,6 @@ const (
 	ServiceF2FS = "f2fs:"
 )
 
-// PolicyKeyLen is the length of all keys passed directly to the Keyring
-const PolicyKeyLen = unix.FS_MAX_KEY_SIZE
-
 /*
 UseMlock determines whether we should use the mlock/munlock syscalls to
 prevent sensitive data like keys and passphrases from being paged to disk.
-- 
cgit v1.2.3