Chromium Code Reviews Chromium Code Reviews
Issue 1378613004:
Set Token-Binding HTTP header (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new| Index: net/ssl/token_binding_openssl.cc |
| diff --git a/net/ssl/token_binding_openssl.cc b/net/ssl/token_binding_openssl.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..c4cd57f7e47b10a11b9cce7c29a7542438fea965 |
| --- /dev/null |
| +++ b/net/ssl/token_binding_openssl.cc |
| @@ -0,0 +1,148 @@ |
| +// Copyright 2015 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "net/ssl/token_binding.h" |
| + |
| +#include <openssl/bytestring.h> |
| +#include <openssl/ec.h> |
| +#include <openssl/evp.h> |
| +#include <openssl/mem.h> |
| + |
| +#include "crypto/scoped_openssl_types.h" |
| +#include "net/base/net_errors.h" |
| +#include "net/ssl/ssl_config.h" |
| + |
| +namespace net { |
| + |
| +namespace { |
| + |
| +enum TokenBindingType { |
| + TB_TYPE_PROVIDED = 0, |
| + TB_TYPE_REFERRED = 1, |
| +}; |
| + |
| +bool BuildTokenBindingID(TokenBindingType type, |
| + crypto::ECPrivateKey* key, |
| + CBB* out) { |
| + CBB ec_point; |
| + if (!CBB_add_u8(out, type) || !CBB_add_u8(out, TB_PARAM_ECDSAP256) || |
| + !CBB_add_u8_length_prefixed(out, &ec_point)) { |
| + return false; |
| + } |
| + |
| + EVP_PKEY* pkey = key->key(); |
| + static const int kExpectedKeyLength = 65; |
| + if (i2d_PublicKey(pkey, NULL) != kExpectedKeyLength) |
|
davidben
2015/11/18 20:49:01
It's kind of confusing what type you're using when
nharper
2015/12/04 01:42:20
Done.
|
| + return false; |
| + uint8_t buf[kExpectedKeyLength]; |
| + uint8_t* bufp = buf; |
| + if (i2d_PublicKey(pkey, &bufp) != kExpectedKeyLength) |
| + return false; |
| + |
| + if (!CBB_add_bytes(&ec_point, buf, kExpectedKeyLength) || !CBB_flush(out)) { |
| + return false; |
| + } |
|
davidben
2015/11/18 20:49:01
You can save the extra copy by doing:
uint8_t *
nharper
2015/12/04 01:42:20
Done.
|
| + return true; |
| +} |
| + |
| +} // namespace |
| + |
| +int BuildTokenBindingMessageFromTokenBindings( |
| + const std::vector<std::string>& token_bindings, |
| + std::string* out) { |
| + CBB tb_message, tb_messages; |
|
davidben
2015/11/18 20:49:01
tb_message vs tb_messages is kind of confusing. I'
nharper
2015/12/04 01:42:20
Done.
|
| + if (!CBB_init(&tb_message, 0) || |
| + !CBB_add_u16_length_prefixed(&tb_message, &tb_messages)) { |
| + CBB_cleanup(&tb_message); |
| + return ERR_FAILED; |
| + } |
| + for (const std::string& token_binding : token_bindings) { |
| + if (!CBB_add_bytes( |
| + &tb_messages, |
| + reinterpret_cast<uint8_t*>(const_cast<char*>(token_binding.data())), |
|
davidben
2015/11/18 20:49:01
No need for the const_cast
nharper
2015/12/04 01:42:20
Done.
|
| + token_binding.size())) { |
| + CBB_cleanup(&tb_message); |
| + return ERR_FAILED; |
| + } |
| + } |
| + |
| + uint8_t* out_data; |
| + size_t out_len; |
| + if (!CBB_finish(&tb_message, &out_data, &out_len)) { |
| + CBB_cleanup(&tb_message); |
| + return ERR_FAILED; |
| + } |
| + out->assign(reinterpret_cast<char*>(out_data), out_len); |
| + OPENSSL_free(out_data); |
| + return OK; |
| +} |
| + |
| +int BuildProvidedTokenBinding(crypto::ECPrivateKey* key, |
| + const std::vector<uint8_t>& signed_ekm, |
| + std::string* out) { |
| + uint8_t* out_data; |
| + size_t out_len; |
| + CBB token_binding; |
| + if (!CBB_init(&token_binding, 0) || |
| + !BuildTokenBindingID(TB_TYPE_PROVIDED, key, &token_binding) || |
| + !CBB_add_u16(&token_binding, signed_ekm.size()) || |
| + !CBB_add_bytes(&token_binding, &signed_ekm[0], signed_ekm.size()) || |
|
davidben
2015/11/18 20:49:01
vector_as_array(&signed_ekm)
nharper
2015/12/04 01:42:20
Done.
|
| + // 0-length extensions |
| + !CBB_add_u16(&token_binding, 0) || |
| + !CBB_finish(&token_binding, &out_data, &out_len)) { |
| + CBB_cleanup(&token_binding); |
| + return ERR_FAILED; |
| + } |
| + out->assign(reinterpret_cast<char*>(out_data), out_len); |
| + OPENSSL_free(out_data); |
| + return OK; |
| +} |
| + |
| +bool ParseTokenBindingMessage(const std::string& token_binding_message, |
| + std::string* ec_point_out, |
| + std::string* signature_out) { |
| + CBS tb_message, tb, ec_point, signature; |
| + uint8_t tb_type, tb_param; |
| + CBS_init(&tb_message, |
| + reinterpret_cast<const uint8_t*>(token_binding_message.data()), |
| + token_binding_message.size()); |
| + if (!CBS_get_u16_length_prefixed(&tb_message, &tb) || |
| + !CBS_get_u8(&tb, &tb_type) || !CBS_get_u8(&tb, &tb_param) || |
| + !CBS_get_u8_length_prefixed(&tb, &ec_point) || |
| + !CBS_get_u16_length_prefixed(&tb, &signature) || |
| + tb_type != TB_TYPE_PROVIDED || tb_param != TB_PARAM_ECDSAP256) { |
| + return false; |
| + } |
| + |
| + *ec_point_out = std::string( |
| + reinterpret_cast<const char*>(CBS_data(&ec_point)), CBS_len(&ec_point)); |
| + *signature_out = std::string( |
| + reinterpret_cast<const char*>(CBS_data(&signature)), CBS_len(&signature)); |
| + return true; |
| +} |
| + |
| +bool VerifyEKMSignature(const std::string& ec_point, |
| + const std::string& signature, |
| + const std::string& ekm) { |
| + crypto::ScopedEC_Key key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
| + EC_KEY* keyp = key.get(); |
| + const uint8_t* ec_point_data = |
| + reinterpret_cast<const uint8_t*>(ec_point.data()); |
| + if (o2i_ECPublicKey(&keyp, &ec_point_data, ec_point.size()) != key.get()) |
| + return false; |
| + crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); |
| + if (!EVP_PKEY_assign_EC_KEY(pkey.get(), key.release())) |
| + return false; |
| + crypto::ScopedEVP_PKEY_CTX pctx(EVP_PKEY_CTX_new(pkey.get(), nullptr)); |
| + if (!EVP_PKEY_verify_init(pctx.get()) || |
| + !EVP_PKEY_verify( |
| + pctx.get(), reinterpret_cast<const uint8_t*>(signature.data()), |
| + signature.size(), reinterpret_cast<const uint8_t*>(ekm.data()), |
| + ekm.size())) { |
| + return false; |
| + } |
| + return true; |
| +} |
| + |
| +} // namespace net |
