| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 | 9 |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 661 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 672 strlen(QuicCryptoConfig::kCETVLabel) + 1); | 672 strlen(QuicCryptoConfig::kCETVLabel) + 1); |
| 673 hkdf_input.append(reinterpret_cast<char*>(&connection_id), | 673 hkdf_input.append(reinterpret_cast<char*>(&connection_id), |
| 674 sizeof(connection_id)); | 674 sizeof(connection_id)); |
| 675 hkdf_input.append(client_hello_copy_serialized.data(), | 675 hkdf_input.append(client_hello_copy_serialized.data(), |
| 676 client_hello_copy_serialized.length()); | 676 client_hello_copy_serialized.length()); |
| 677 hkdf_input.append(requested_config->serialized); | 677 hkdf_input.append(requested_config->serialized); |
| 678 | 678 |
| 679 CrypterPair crypters; | 679 CrypterPair crypters; |
| 680 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, | 680 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, |
| 681 info.client_nonce, info.server_nonce, | 681 info.client_nonce, info.server_nonce, |
| 682 hkdf_input, CryptoUtils::SERVER, &crypters, | 682 hkdf_input, Perspective::IS_SERVER, &crypters, |
| 683 nullptr /* subkey secret */)) { | 683 nullptr /* subkey secret */)) { |
| 684 *error_details = "Symmetric key setup failed"; | 684 *error_details = "Symmetric key setup failed"; |
| 685 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 685 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 686 } | 686 } |
| 687 | 687 |
| 688 char plaintext[kMaxPacketSize]; | 688 char plaintext[kMaxPacketSize]; |
| 689 size_t plaintext_length = 0; | 689 size_t plaintext_length = 0; |
| 690 const bool success = crypters.decrypter->DecryptPacket( | 690 const bool success = crypters.decrypter->DecryptPacket( |
| 691 0 /* sequence number */, StringPiece() /* associated data */, | 691 0 /* sequence number */, StringPiece() /* associated data */, |
| 692 cetv_ciphertext, plaintext, &plaintext_length, kMaxPacketSize); | 692 cetv_ciphertext, plaintext, &plaintext_length, kMaxPacketSize); |
| (...skipping 19 matching lines...) Expand all Loading... |
| 712 params->channel_id = key.as_string(); | 712 params->channel_id = key.as_string(); |
| 713 } | 713 } |
| 714 } | 714 } |
| 715 | 715 |
| 716 string hkdf_input; | 716 string hkdf_input; |
| 717 size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1; | 717 size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1; |
| 718 hkdf_input.reserve(label_len + hkdf_suffix.size()); | 718 hkdf_input.reserve(label_len + hkdf_suffix.size()); |
| 719 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len); | 719 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len); |
| 720 hkdf_input.append(hkdf_suffix); | 720 hkdf_input.append(hkdf_suffix); |
| 721 | 721 |
| 722 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, | 722 if (!CryptoUtils::DeriveKeys( |
| 723 info.client_nonce, info.server_nonce, hkdf_input, | 723 params->initial_premaster_secret, params->aead, info.client_nonce, |
| 724 CryptoUtils::SERVER, | 724 info.server_nonce, hkdf_input, Perspective::IS_SERVER, |
| 725 ¶ms->initial_crypters, | 725 ¶ms->initial_crypters, nullptr /* subkey secret */)) { |
| 726 nullptr /* subkey secret */)) { | |
| 727 *error_details = "Symmetric key setup failed"; | 726 *error_details = "Symmetric key setup failed"; |
| 728 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 727 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 729 } | 728 } |
| 730 | 729 |
| 731 string forward_secure_public_value; | 730 string forward_secure_public_value; |
| 732 if (ephemeral_key_source_.get()) { | 731 if (ephemeral_key_source_.get()) { |
| 733 params->forward_secure_premaster_secret = | 732 params->forward_secure_premaster_secret = |
| 734 ephemeral_key_source_->CalculateForwardSecureKey( | 733 ephemeral_key_source_->CalculateForwardSecureKey( |
| 735 key_exchange, rand, clock->ApproximateNow(), public_value, | 734 key_exchange, rand, clock->ApproximateNow(), public_value, |
| 736 &forward_secure_public_value); | 735 &forward_secure_public_value); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 747 } | 746 } |
| 748 | 747 |
| 749 string forward_secure_hkdf_input; | 748 string forward_secure_hkdf_input; |
| 750 label_len = strlen(QuicCryptoConfig::kForwardSecureLabel) + 1; | 749 label_len = strlen(QuicCryptoConfig::kForwardSecureLabel) + 1; |
| 751 forward_secure_hkdf_input.reserve(label_len + hkdf_suffix.size()); | 750 forward_secure_hkdf_input.reserve(label_len + hkdf_suffix.size()); |
| 752 forward_secure_hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, | 751 forward_secure_hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, |
| 753 label_len); | 752 label_len); |
| 754 forward_secure_hkdf_input.append(hkdf_suffix); | 753 forward_secure_hkdf_input.append(hkdf_suffix); |
| 755 | 754 |
| 756 if (!CryptoUtils::DeriveKeys( | 755 if (!CryptoUtils::DeriveKeys( |
| 757 params->forward_secure_premaster_secret, params->aead, | 756 params->forward_secure_premaster_secret, params->aead, |
| 758 info.client_nonce, info.server_nonce, forward_secure_hkdf_input, | 757 info.client_nonce, info.server_nonce, forward_secure_hkdf_input, |
| 759 CryptoUtils::SERVER, ¶ms->forward_secure_crypters, | 758 Perspective::IS_SERVER, ¶ms->forward_secure_crypters, |
| 760 ¶ms->subkey_secret)) { | 759 ¶ms->subkey_secret)) { |
| 761 *error_details = "Symmetric key setup failed"; | 760 *error_details = "Symmetric key setup failed"; |
| 762 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 761 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 763 } | 762 } |
| 764 | 763 |
| 765 out->set_tag(kSHLO); | 764 out->set_tag(kSHLO); |
| 766 QuicTagVector supported_version_tags; | 765 QuicTagVector supported_version_tags; |
| 767 for (size_t i = 0; i < supported_versions.size(); ++i) { | 766 for (size_t i = 0; i < supported_versions.size(); ++i) { |
| 768 supported_version_tags.push_back | 767 supported_version_tags.push_back |
| 769 (QuicVersionToQuicTag(supported_versions[i])); | 768 (QuicVersionToQuicTag(supported_versions[i])); |
| 770 } | 769 } |
| (...skipping 922 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1693 QuicCryptoServerConfig::Config::Config() | 1692 QuicCryptoServerConfig::Config::Config() |
| 1694 : channel_id_enabled(false), | 1693 : channel_id_enabled(false), |
| 1695 is_primary(false), | 1694 is_primary(false), |
| 1696 primary_time(QuicWallTime::Zero()), | 1695 primary_time(QuicWallTime::Zero()), |
| 1697 priority(0), | 1696 priority(0), |
| 1698 source_address_token_boxer(nullptr) {} | 1697 source_address_token_boxer(nullptr) {} |
| 1699 | 1698 |
| 1700 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); } | 1699 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); } |
| 1701 | 1700 |
| 1702 } // namespace net | 1701 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1009543004:
Create a Perspective enum to use instead of a bool is_server to improve (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master