Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(629)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/p256_key_exchange_openssl.cc

Issue 14816006: Land Recent QUIC changes (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Added missing NET_PRIVATE_EXPORT to QuicWallTime Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/quic/crypto/p256_key_exchange_nss.cc ('k') | net/quic/crypto/quic_decrypter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/p256_key_exchange.h" 5 #include "net/quic/crypto/p256_key_exchange.h"
6 6
7 #include <openssl/ec.h> 7 #include <openssl/ec.h>
8 #include <openssl/ecdh.h> 8 #include <openssl/ecdh.h>
9 #include <openssl/evp.h> 9 #include <openssl/evp.h>
10 10
11 #include "base/logging.h" 11 #include "base/logging.h"
12 12
13 using base::StringPiece; 13 using base::StringPiece;
14 using std::string; 14 using std::string;
15 15
16 namespace net { 16 namespace net {
17 17
18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8* public_key) 18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8* public_key)
19 : private_key_(private_key) { 19 : private_key_(private_key) {
20 memcpy(public_key_, public_key, sizeof(public_key_)); 20 memcpy(public_key_, public_key, sizeof(public_key_));
21 } 21 }
22 22
23 P256KeyExchange::~P256KeyExchange() { 23 P256KeyExchange::~P256KeyExchange() {}
24 }
25 24
26 // static 25 // static
27 P256KeyExchange* P256KeyExchange::New(StringPiece key) { 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) {
28 if (key.empty()) { 27 if (key.empty()) {
29 DLOG(INFO) << "Private key is empty"; 28 DLOG(INFO) << "Private key is empty";
30 return NULL; 29 return NULL;
31 } 30 }
32 31
33 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); 32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data());
34 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key( 33 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key(
35 d2i_ECPrivateKey(NULL, &keyp, key.size())); 34 d2i_ECPrivateKey(NULL, &keyp, key.size()));
36 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { 35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) {
37 DLOG(INFO) << "Private key is invalid."; 36 DLOG(INFO) << "Private key is invalid.";
38 return NULL; 37 return NULL;
39 } 38 }
40 39
41 uint8 public_key[kUncompressedP256PointBytes]; 40 uint8 public_key[kUncompressedP256PointBytes];
42 if (EC_POINT_point2oct( 41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()),
43 EC_KEY_get0_group(private_key.get()), 42 EC_KEY_get0_public_key(private_key.get()),
44 EC_KEY_get0_public_key(private_key.get()), 43 POINT_CONVERSION_UNCOMPRESSED, public_key,
45 POINT_CONVERSION_UNCOMPRESSED, 44 sizeof(public_key), NULL) != sizeof(public_key)) {
46 public_key,
47 sizeof(public_key),
48 NULL) != sizeof(public_key)) {
49 DLOG(INFO) << "Can't get public key."; 45 DLOG(INFO) << "Can't get public key.";
50 return NULL; 46 return NULL;
51 } 47 }
52 48
53 return new P256KeyExchange(private_key.release(), public_key); 49 return new P256KeyExchange(private_key.release(), public_key);
54 } 50 }
55 51
56 // static 52 // static
57 string P256KeyExchange::NewPrivateKey() { 53 string P256KeyExchange::NewPrivateKey() {
58 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> key( 54 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> key(
(...skipping 10 matching lines...) Expand all
69 } 65 }
70 scoped_ptr<uint8[]> private_key(new uint8[key_len]); 66 scoped_ptr<uint8[]> private_key(new uint8[key_len]);
71 uint8* keyp = private_key.get(); 67 uint8* keyp = private_key.get();
72 if (!i2d_ECPrivateKey(key.get(), &keyp)) { 68 if (!i2d_ECPrivateKey(key.get(), &keyp)) {
73 DLOG(INFO) << "Can't convert private key to string."; 69 DLOG(INFO) << "Can't convert private key to string.";
74 return string(); 70 return string();
75 } 71 }
76 return string(reinterpret_cast<char*>(private_key.get()), key_len); 72 return string(reinterpret_cast<char*>(private_key.get()), key_len);
77 } 73 }
78 74
79 bool P256KeyExchange::CalculateSharedKey( 75 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const {
80 const StringPiece& peer_public_value, 76 // TODO(agl): avoid the serialisation/deserialisation in this function.
81 string* out_result) const { 77 const string private_value = NewPrivateKey();
78 return P256KeyExchange::New(private_value);
79 }
80
81 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value,
82 string* out_result) const {
82 if (peer_public_value.size() != kUncompressedP256PointBytes) { 83 if (peer_public_value.size() != kUncompressedP256PointBytes) {
83 DLOG(INFO) << "Peer public value is invalid"; 84 DLOG(INFO) << "Peer public value is invalid";
84 return false; 85 return false;
85 } 86 }
86 87
87 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point( 88 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point(
88 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); 89 EC_POINT_new(EC_KEY_get0_group(private_key_.get())));
89 if (!point.get() || 90 if (!point.get() ||
90 !EC_POINT_oct2point( /* also test if point is on curve */ 91 !EC_POINT_oct2point( /* also test if point is on curve */
91 EC_KEY_get0_group(private_key_.get()), 92 EC_KEY_get0_group(private_key_.get()),
92 point.get(), 93 point.get(),
93 reinterpret_cast<const uint8*>(peer_public_value.data()), 94 reinterpret_cast<const uint8*>(peer_public_value.data()),
94 peer_public_value.size(), 95 peer_public_value.size(), NULL)) {
95 NULL)) {
96 DLOG(INFO) << "Can't convert peer public value to curve point."; 96 DLOG(INFO) << "Can't convert peer public value to curve point.";
97 return false; 97 return false;
98 } 98 }
99 99
100 uint8 result[kP256FieldBytes]; 100 uint8 result[kP256FieldBytes];
101 if (ECDH_compute_key( 101 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(),
102 result, 102 NULL) != sizeof(result)) {
103 sizeof(result),
104 point.get(),
105 private_key_.get(),
106 NULL) != sizeof(result)) {
107 DLOG(INFO) << "Can't compute ECDH shared key."; 103 DLOG(INFO) << "Can't compute ECDH shared key.";
108 return false; 104 return false;
109 } 105 }
110 106
111 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); 107 out_result->assign(reinterpret_cast<char*>(result), sizeof(result));
112 return true; 108 return true;
113 } 109 }
114 110
115 StringPiece P256KeyExchange::public_value() const { 111 StringPiece P256KeyExchange::public_value() const {
116 return StringPiece(reinterpret_cast<const char*>(public_key_), 112 return StringPiece(reinterpret_cast<const char*>(public_key_),
117 sizeof(public_key_)); 113 sizeof(public_key_));
118 } 114 }
119 115
120 CryptoTag P256KeyExchange::tag() const { 116 QuicTag P256KeyExchange::tag() const { return kP256; }
121 return kP256;
122 }
123 117
124 } // namespace net 118 } // namespace net
125 119
OLDNEW
« no previous file with comments | « net/quic/crypto/p256_key_exchange_nss.cc ('k') | net/quic/crypto/quic_decrypter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698