| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/curve25519_key_exchange.h" | 5 #include "net/quic/crypto/curve25519_key_exchange.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "crypto/curve25519.h" | 8 #include "crypto/curve25519.h" |
| 9 #include "net/quic/crypto/quic_random.h" | 9 #include "net/quic/crypto/quic_random.h" |
| 10 | 10 |
| 11 using base::StringPiece; | 11 using base::StringPiece; |
| 12 using std::string; | 12 using std::string; |
| 13 | 13 |
| 14 namespace net { | 14 namespace net { |
| 15 | 15 |
| 16 Curve25519KeyExchange::Curve25519KeyExchange() { | 16 Curve25519KeyExchange::Curve25519KeyExchange() {} |
| 17 } | |
| 18 | 17 |
| 19 Curve25519KeyExchange::~Curve25519KeyExchange() { | 18 Curve25519KeyExchange::~Curve25519KeyExchange() {} |
| 20 } | |
| 21 | 19 |
| 22 // static | 20 // static |
| 23 Curve25519KeyExchange* Curve25519KeyExchange::New( | 21 Curve25519KeyExchange* Curve25519KeyExchange::New( |
| 24 const StringPiece& private_key) { | 22 const StringPiece& private_key) { |
| 25 Curve25519KeyExchange* ka; | 23 Curve25519KeyExchange* ka; |
| 26 // We don't want to #include the NaCl headers in the public header file, so | 24 // We don't want to #include the NaCl headers in the public header file, so |
| 27 // we use literals for the sizes of private_key_ and public_key_. Here we | 25 // we use literals for the sizes of private_key_ and public_key_. Here we |
| 28 // assert that those values are equal to the values from the NaCl header. | 26 // assert that those values are equal to the values from the NaCl header. |
| 29 COMPILE_ASSERT( | 27 COMPILE_ASSERT( |
| 30 sizeof(ka->private_key_) == crypto::curve25519::kScalarBytes, | 28 sizeof(ka->private_key_) == crypto::curve25519::kScalarBytes, |
| 31 header_out_of_sync); | 29 header_out_of_sync); |
| 32 COMPILE_ASSERT( | 30 COMPILE_ASSERT(sizeof(ka->public_key_) == crypto::curve25519::kBytes, |
| 33 sizeof(ka->public_key_) == crypto::curve25519::kBytes, | 31 header_out_of_sync); |
| 34 header_out_of_sync); | |
| 35 | 32 |
| 36 if (private_key.size() != crypto::curve25519::kScalarBytes) { | 33 if (private_key.size() != crypto::curve25519::kScalarBytes) { |
| 37 return NULL; | 34 return NULL; |
| 38 } | 35 } |
| 39 | 36 |
| 40 ka = new Curve25519KeyExchange(); | 37 ka = new Curve25519KeyExchange(); |
| 41 memcpy(ka->private_key_, private_key.data(), | 38 memcpy(ka->private_key_, private_key.data(), |
| 42 crypto::curve25519::kScalarBytes); | 39 crypto::curve25519::kScalarBytes); |
| 43 crypto::curve25519::ScalarBaseMult(ka->private_key_, ka->public_key_); | 40 crypto::curve25519::ScalarBaseMult(ka->private_key_, ka->public_key_); |
| 44 return ka; | 41 return ka; |
| 45 } | 42 } |
| 46 | 43 |
| 47 // static | 44 // static |
| 48 string Curve25519KeyExchange::NewPrivateKey(QuicRandom* rand) { | 45 string Curve25519KeyExchange::NewPrivateKey(QuicRandom* rand) { |
| 49 uint8 private_key[crypto::curve25519::kScalarBytes]; | 46 uint8 private_key[crypto::curve25519::kScalarBytes]; |
| 50 rand->RandBytes(private_key, sizeof(private_key)); | 47 rand->RandBytes(private_key, sizeof(private_key)); |
| 51 | 48 |
| 52 // This makes |private_key| a valid scalar, as specified on | 49 // This makes |private_key| a valid scalar, as specified on |
| 53 // http://cr.yp.to/ecdh.html | 50 // http://cr.yp.to/ecdh.html |
| 54 private_key[0] &= 248; | 51 private_key[0] &= 248; |
| 55 private_key[31] &= 127; | 52 private_key[31] &= 127; |
| 56 private_key[31] |= 64; | 53 private_key[31] |= 64; |
| 57 return string(reinterpret_cast<char*>(private_key), sizeof(private_key)); | 54 return string(reinterpret_cast<char*>(private_key), sizeof(private_key)); |
| 58 } | 55 } |
| 59 | 56 |
| 57 KeyExchange* Curve25519KeyExchange::NewKeyPair(QuicRandom* rand) const { |
| 58 const string private_value = NewPrivateKey(rand); |
| 59 return Curve25519KeyExchange::New(private_value); |
| 60 } |
| 61 |
| 60 bool Curve25519KeyExchange::CalculateSharedKey( | 62 bool Curve25519KeyExchange::CalculateSharedKey( |
| 61 const StringPiece& peer_public_value, | 63 const StringPiece& peer_public_value, |
| 62 string* out_result) const { | 64 string* out_result) const { |
| 63 if (peer_public_value.size() != crypto::curve25519::kBytes) { | 65 if (peer_public_value.size() != crypto::curve25519::kBytes) { |
| 64 return false; | 66 return false; |
| 65 } | 67 } |
| 66 | 68 |
| 67 uint8 result[crypto::curve25519::kBytes]; | 69 uint8 result[crypto::curve25519::kBytes]; |
| 68 crypto::curve25519::ScalarMult( | 70 crypto::curve25519::ScalarMult( |
| 69 private_key_, | 71 private_key_, |
| 70 reinterpret_cast<const uint8*>(peer_public_value.data()), | 72 reinterpret_cast<const uint8*>(peer_public_value.data()), |
| 71 result); | 73 result); |
| 72 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); | 74 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); |
| 73 | 75 |
| 74 return true; | 76 return true; |
| 75 } | 77 } |
| 76 | 78 |
| 77 StringPiece Curve25519KeyExchange::public_value() const { | 79 StringPiece Curve25519KeyExchange::public_value() const { |
| 78 return StringPiece(reinterpret_cast<const char*>(public_key_), | 80 return StringPiece(reinterpret_cast<const char*>(public_key_), |
| 79 sizeof(public_key_)); | 81 sizeof(public_key_)); |
| 80 } | 82 } |
| 81 | 83 |
| 82 CryptoTag Curve25519KeyExchange::tag() const { | 84 QuicTag Curve25519KeyExchange::tag() const { return kC255; } |
| 83 return kC255; | |
| 84 } | |
| 85 | 85 |
| 86 } // namespace net | 86 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
