xref: /aosp_15_r20/external/tink/cc/restricted_data.h (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2022 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 
17 #ifndef TINK_RESTRICTED_DATA_H_
18 #define TINK_RESTRICTED_DATA_H_
19 
20 #include "tink/secret_key_access_token.h"
21 #include "tink/util/secret_data.h"
22 
23 namespace crypto {
24 namespace tink {
25 
26 // Stores secret (sensitive) data that is safely destroyed in the event of
27 // core dumps (similar to `util::SecretData`) and access restricted via
28 // `SecurityKeyAccessToken`.  This class is particularly useful for
29 // encapsulating cryptographic key material.
30 //
31 // Example:
32 //     RestrictedData restricted_data(/*num_random_bytes=*/32);
33 //     absl::string_view raw_secret =
34 //         restricted_data.GetSecret(InsecureSecretKeyAccess::Get());
35 class RestrictedData {
36  public:
37   // Copyable and movable.
38   RestrictedData(const RestrictedData& other) = default;
39   RestrictedData& operator=(const RestrictedData& other) = default;
40   RestrictedData(RestrictedData&& other) = default;
41   RestrictedData& operator=(RestrictedData&& other) = default;
42 
43   // Creates a new RestrictedData object that wraps `secret`. Note that creating
44   // a `token` requires access to `InsecureSecretKeyAccess::Get()`.
RestrictedData(absl::string_view secret,SecretKeyAccessToken token)45   explicit RestrictedData(absl::string_view secret, SecretKeyAccessToken token)
46       : secret_(util::SecretDataFromStringView(secret)) {}
47 
48   // Creates a new RestrictedData object that wraps a secret containing
49   // `num_random_bytes`. The program will terminate if `num_random_bytes` is a
50   // negative value.
51   explicit RestrictedData(int64_t num_random_bytes);
52 
53   // Returns the secret for this RestrictedData object. Note that creating a
54   // `token` requires access to `InsecureSecretKeyAccess::Get()`.
GetSecret(SecretKeyAccessToken token)55   absl::string_view GetSecret(SecretKeyAccessToken token) const {
56     return util::SecretDataAsStringView(secret_);
57   }
58 
size()59   int64_t size() const { return secret_.size(); }
60 
61   // Constant-time comparison operators.
62   bool operator==(const RestrictedData& other) const;
63   bool operator!=(const RestrictedData& other) const {
64     return !(*this == other);
65   }
66 
67  private:
68   util::SecretData secret_;
69 };
70 
71 }  // namespace tink
72 }  // namespace crypto
73 
74 #endif  // TINK_RESTRICTED_DATA_H_
75