Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(172)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sync/util/nigori.cc

Issue 10698177: Added crypto random-number generator (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Comment fixes Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« crypto/random.h ('K') | « crypto/random_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sync/util/nigori.h" 5 #include "sync/util/nigori.h"
6 6
7 #include <sstream> 7 #include <sstream>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
11 #include "base/logging.h" 11 #include "base/logging.h"
12 #include "base/rand_util.h"
13 #include "base/string_util.h" 12 #include "base/string_util.h"
14 #include "base/sys_byteorder.h" 13 #include "base/sys_byteorder.h"
15 #include "crypto/encryptor.h" 14 #include "crypto/encryptor.h"
16 #include "crypto/hmac.h" 15 #include "crypto/hmac.h"
16 #include "crypto/random.h"
17 #include "crypto/symmetric_key.h" 17 #include "crypto/symmetric_key.h"
18 18
19 using base::Base64Encode; 19 using base::Base64Encode;
20 using base::Base64Decode; 20 using base::Base64Decode;
21 using base::RandInt;
22 using crypto::Encryptor; 21 using crypto::Encryptor;
23 using crypto::HMAC; 22 using crypto::HMAC;
24 using crypto::SymmetricKey; 23 using crypto::SymmetricKey;
25 24
26 namespace syncer { 25 namespace syncer {
27 26
28 // NigoriStream simplifies the concatenation operation of the Nigori protocol. 27 // NigoriStream simplifies the concatenation operation of the Nigori protocol.
29 class NigoriStream { 28 class NigoriStream {
30 public: 29 public:
31 // Append the big-endian representation of the length of |value| with 32 bits, 30 // Append the big-endian representation of the length of |value| with 32 bits,
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after
147 if (!hmac.Sign(ciphertext, &hash[0], hash.size())) 146 if (!hmac.Sign(ciphertext, &hash[0], hash.size()))
148 return false; 147 return false;
149 148
150 std::string output; 149 std::string output;
151 output.assign(ciphertext); 150 output.assign(ciphertext);
152 output.append(hash.begin(), hash.end()); 151 output.append(hash.begin(), hash.end());
153 152
154 return Base64Encode(output, permuted); 153 return Base64Encode(output, permuted);
155 } 154 }
156 155
157 std::string GenerateRandomString(size_t size) {
158 // TODO(albertb): Use a secure random function.
159 std::string random(size, 0);
160 for (size_t i = 0; i < size; ++i)
161 random[i] = RandInt(0, 0xff);
162 return random;
163 }
164
165 // Enc[Kenc,Kmac](value) 156 // Enc[Kenc,Kmac](value)
166 bool Nigori::Encrypt(const std::string& value, std::string* encrypted) const { 157 bool Nigori::Encrypt(const std::string& value, std::string* encrypted) const {
167 if (0U >= value.size()) 158 if (0U >= value.size())
168 return false; 159 return false;
169 160
170 std::string iv = GenerateRandomString(kIvSize); 161 std::string iv;
162 crypto::RandBytes(base::WriteInto(&iv, kIvSize + 1), kIvSize);
171 163
172 Encryptor encryptor; 164 Encryptor encryptor;
173 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv)) 165 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv))
174 return false; 166 return false;
175 167
176 std::string ciphertext; 168 std::string ciphertext;
177 if (!encryptor.Encrypt(value, &ciphertext)) 169 if (!encryptor.Encrypt(value, &ciphertext))
178 return false; 170 return false;
179 171
180 std::string raw_mac_key; 172 std::string raw_mac_key;
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
248 DCHECK(user_key); 240 DCHECK(user_key);
249 DCHECK(encryption_key); 241 DCHECK(encryption_key);
250 DCHECK(mac_key); 242 DCHECK(mac_key);
251 243
252 return user_key_->GetRawKey(user_key) && 244 return user_key_->GetRawKey(user_key) &&
253 encryption_key_->GetRawKey(encryption_key) && 245 encryption_key_->GetRawKey(encryption_key) &&
254 mac_key_->GetRawKey(mac_key); 246 mac_key_->GetRawKey(mac_key);
255 } 247 }
256 248
257 } // namespace syncer 249 } // namespace syncer
OLDNEW
« crypto/random.h ('K') | « crypto/random_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698