OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sync/util/nigori.h" | 5 #include "components/sync/base/nigori.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include <sstream> | 9 #include <sstream> |
10 #include <vector> | 10 #include <vector> |
11 | 11 |
12 #include "base/base64.h" | 12 #include "base/base64.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
15 #include "base/sys_byteorder.h" | 15 #include "base/sys_byteorder.h" |
(...skipping 27 matching lines...) Expand all Loading... |
43 // followed by the big-endian representation of the value of |type|, with 32 | 43 // followed by the big-endian representation of the value of |type|, with 32 |
44 // bits, to the stream. | 44 // bits, to the stream. |
45 NigoriStream& operator<<(const Nigori::Type type) { | 45 NigoriStream& operator<<(const Nigori::Type type) { |
46 uint32_t size = base::HostToNet32(sizeof(uint32_t)); | 46 uint32_t size = base::HostToNet32(sizeof(uint32_t)); |
47 stream_.write(reinterpret_cast<char*>(&size), sizeof(uint32_t)); | 47 stream_.write(reinterpret_cast<char*>(&size), sizeof(uint32_t)); |
48 uint32_t value = base::HostToNet32(type); | 48 uint32_t value = base::HostToNet32(type); |
49 stream_.write(reinterpret_cast<char*>(&value), sizeof(uint32_t)); | 49 stream_.write(reinterpret_cast<char*>(&value), sizeof(uint32_t)); |
50 return *this; | 50 return *this; |
51 } | 51 } |
52 | 52 |
53 std::string str() { | 53 std::string str() { return stream_.str(); } |
54 return stream_.str(); | |
55 } | |
56 | 54 |
57 private: | 55 private: |
58 std::ostringstream stream_; | 56 std::ostringstream stream_; |
59 }; | 57 }; |
60 | 58 |
61 // static | 59 // static |
62 const char Nigori::kSaltSalt[] = "saltsalt"; | 60 const char Nigori::kSaltSalt[] = "saltsalt"; |
63 | 61 |
64 Nigori::Nigori() { | 62 Nigori::Nigori() {} |
65 } | |
66 | 63 |
67 Nigori::~Nigori() { | 64 Nigori::~Nigori() {} |
68 } | |
69 | 65 |
70 bool Nigori::InitByDerivation(const std::string& hostname, | 66 bool Nigori::InitByDerivation(const std::string& hostname, |
71 const std::string& username, | 67 const std::string& username, |
72 const std::string& password) { | 68 const std::string& password) { |
73 NigoriStream salt_password; | 69 NigoriStream salt_password; |
74 salt_password << username << hostname; | 70 salt_password << username << hostname; |
75 | 71 |
76 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8) | 72 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8) |
77 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword( | 73 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword( |
78 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations, | 74 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations, |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
113 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key); | 109 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key); |
114 DCHECK(encryption_key_); | 110 DCHECK(encryption_key_); |
115 | 111 |
116 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key); | 112 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key); |
117 DCHECK(mac_key_); | 113 DCHECK(mac_key_); |
118 | 114 |
119 return user_key_ && encryption_key_ && mac_key_; | 115 return user_key_ && encryption_key_ && mac_key_; |
120 } | 116 } |
121 | 117 |
122 // Permute[Kenc,Kmac](type || name) | 118 // Permute[Kenc,Kmac](type || name) |
123 bool Nigori::Permute(Type type, const std::string& name, | 119 bool Nigori::Permute(Type type, |
| 120 const std::string& name, |
124 std::string* permuted) const { | 121 std::string* permuted) const { |
125 DCHECK_LT(0U, name.size()); | 122 DCHECK_LT(0U, name.size()); |
126 | 123 |
127 NigoriStream plaintext; | 124 NigoriStream plaintext; |
128 plaintext << type << name; | 125 plaintext << type << name; |
129 | 126 |
130 Encryptor encryptor; | 127 Encryptor encryptor; |
131 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, | 128 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, |
132 std::string(kIvSize, 0))) | 129 std::string(kIvSize, 0))) |
133 return false; | 130 return false; |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
199 return false; | 196 return false; |
200 | 197 |
201 if (input.size() < kIvSize * 2 + kHashSize) | 198 if (input.size() < kIvSize * 2 + kHashSize) |
202 return false; | 199 return false; |
203 | 200 |
204 // The input is: | 201 // The input is: |
205 // * iv (16 bytes) | 202 // * iv (16 bytes) |
206 // * ciphertext (multiple of 16 bytes) | 203 // * ciphertext (multiple of 16 bytes) |
207 // * hash (32 bytes) | 204 // * hash (32 bytes) |
208 std::string iv(input.substr(0, kIvSize)); | 205 std::string iv(input.substr(0, kIvSize)); |
209 std::string ciphertext(input.substr(kIvSize, | 206 std::string ciphertext( |
210 input.size() - (kIvSize + kHashSize))); | 207 input.substr(kIvSize, input.size() - (kIvSize + kHashSize))); |
211 std::string hash(input.substr(input.size() - kHashSize, kHashSize)); | 208 std::string hash(input.substr(input.size() - kHashSize, kHashSize)); |
212 | 209 |
213 std::string raw_mac_key; | 210 std::string raw_mac_key; |
214 if (!mac_key_->GetRawKey(&raw_mac_key)) | 211 if (!mac_key_->GetRawKey(&raw_mac_key)) |
215 return false; | 212 return false; |
216 | 213 |
217 HMAC hmac(HMAC::SHA256); | 214 HMAC hmac(HMAC::SHA256); |
218 if (!hmac.Init(raw_mac_key)) | 215 if (!hmac.Init(raw_mac_key)) |
219 return false; | 216 return false; |
220 | 217 |
221 std::vector<unsigned char> expected(kHashSize); | 218 std::vector<unsigned char> expected(kHashSize); |
222 if (!hmac.Sign(ciphertext, &expected[0], expected.size())) | 219 if (!hmac.Sign(ciphertext, &expected[0], expected.size())) |
223 return false; | 220 return false; |
224 | 221 |
225 if (hash.compare(0, hash.size(), | 222 if (hash.compare(0, hash.size(), reinterpret_cast<char*>(&expected[0]), |
226 reinterpret_cast<char *>(&expected[0]), | |
227 expected.size())) | 223 expected.size())) |
228 return false; | 224 return false; |
229 | 225 |
230 Encryptor encryptor; | 226 Encryptor encryptor; |
231 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv)) | 227 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv)) |
232 return false; | 228 return false; |
233 | 229 |
234 if (!encryptor.Decrypt(ciphertext, value)) | 230 if (!encryptor.Decrypt(ciphertext, value)) |
235 return false; | 231 return false; |
236 | 232 |
237 return true; | 233 return true; |
238 } | 234 } |
239 | 235 |
240 bool Nigori::ExportKeys(std::string* user_key, | 236 bool Nigori::ExportKeys(std::string* user_key, |
241 std::string* encryption_key, | 237 std::string* encryption_key, |
242 std::string* mac_key) const { | 238 std::string* mac_key) const { |
243 DCHECK(user_key); | 239 DCHECK(user_key); |
244 DCHECK(encryption_key); | 240 DCHECK(encryption_key); |
245 DCHECK(mac_key); | 241 DCHECK(mac_key); |
246 | 242 |
247 return user_key_->GetRawKey(user_key) && | 243 return user_key_->GetRawKey(user_key) && |
248 encryption_key_->GetRawKey(encryption_key) && | 244 encryption_key_->GetRawKey(encryption_key) && |
249 mac_key_->GetRawKey(mac_key); | 245 mac_key_->GetRawKey(mac_key); |
250 } | 246 } |
251 | 247 |
252 } // namespace syncer | 248 } // namespace syncer |
OLD | NEW |