| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/crypto_utils.h" | 5 #include "net/quic/crypto/crypto_utils.h" |
| 6 | 6 |
| 7 #include "crypto/hkdf.h" | 7 #include "crypto/hkdf.h" |
| 8 #include "net/quic/crypto/crypto_handshake.h" | 8 #include "net/quic/crypto/crypto_handshake.h" |
| 9 #include "net/quic/crypto/crypto_protocol.h" | 9 #include "net/quic/crypto/crypto_protocol.h" |
| 10 #include "net/quic/crypto/quic_decrypter.h" | 10 #include "net/quic/crypto/quic_decrypter.h" |
| 11 #include "net/quic/crypto/quic_encrypter.h" | 11 #include "net/quic/crypto/quic_encrypter.h" |
| 12 #include "net/quic/crypto/quic_random.h" | 12 #include "net/quic/crypto/quic_random.h" |
| 13 #include "net/quic/quic_clock.h" | 13 #include "net/quic/quic_time.h" |
| 14 | 14 |
| 15 using base::StringPiece; | 15 using base::StringPiece; |
| 16 using std::string; | 16 using std::string; |
| 17 | 17 |
| 18 namespace net { | 18 namespace net { |
| 19 | 19 |
| 20 // static | 20 // static |
| 21 bool CryptoUtils::FindMutualTag(const CryptoTagVector& our_tags_vector, | 21 bool CryptoUtils::FindMutualTag(const CryptoTagVector& our_tags_vector, |
| 22 const CryptoTag* their_tags, | 22 const CryptoTag* their_tags, |
| 23 size_t num_their_tags, | 23 size_t num_their_tags, |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 57 } | 57 } |
| 58 } | 58 } |
| 59 return true; | 59 return true; |
| 60 } | 60 } |
| 61 } | 61 } |
| 62 } | 62 } |
| 63 | 63 |
| 64 return false; | 64 return false; |
| 65 } | 65 } |
| 66 | 66 |
| 67 void CryptoUtils::GenerateNonce(const QuicClock* clock, | 67 void CryptoUtils::GenerateNonce(QuicTime::Delta now, |
| 68 QuicRandom* random_generator, | 68 QuicRandom* random_generator, |
| 69 const string& orbit, | 69 StringPiece orbit, |
| 70 string* nonce) { | 70 string* nonce) { |
| 71 // a 4-byte timestamp + 28 random bytes. | 71 // a 4-byte timestamp + 28 random bytes. |
| 72 nonce->reserve(kNonceSize); | 72 nonce->reserve(kNonceSize); |
| 73 nonce->resize(kNonceSize); | 73 nonce->resize(kNonceSize); |
| 74 QuicTime::Delta now = clock->NowAsDeltaSinceUnixEpoch(); | |
| 75 uint32 gmt_unix_time = now.ToSeconds(); | 74 uint32 gmt_unix_time = now.ToSeconds(); |
| 76 memcpy(&(*nonce)[0], &gmt_unix_time, sizeof(gmt_unix_time)); | 75 memcpy(&(*nonce)[0], &gmt_unix_time, sizeof(gmt_unix_time)); |
| 77 | 76 |
| 78 size_t bytes_written = sizeof(gmt_unix_time); | 77 size_t bytes_written = sizeof(gmt_unix_time); |
| 79 if (orbit.size() == 8) { | 78 if (orbit.size() == 8) { |
| 80 memcpy(&(*nonce)[bytes_written], orbit.data(), orbit.size()); | 79 memcpy(&(*nonce)[bytes_written], orbit.data(), orbit.size()); |
| 81 bytes_written += orbit.size(); | 80 bytes_written += orbit.size(); |
| 82 } | 81 } |
| 83 random_generator->RandBytes(&(*nonce)[bytes_written], | 82 random_generator->RandBytes(&(*nonce)[bytes_written], |
| 84 kNonceSize - bytes_written); | 83 kNonceSize - bytes_written); |
| 85 } | 84 } |
| 86 | 85 |
| 87 void CryptoUtils::DeriveKeys(QuicCryptoNegotiatedParameters* params, | 86 void CryptoUtils::DeriveKeys(QuicCryptoNegotiatedParameters* params, |
| 88 StringPiece nonce, | 87 StringPiece client_nonce, |
| 89 const string& hkdf_input, | 88 const string& hkdf_input, |
| 90 Perspective perspective) { | 89 Perspective perspective) { |
| 91 params->encrypter.reset(QuicEncrypter::Create(params->aead)); | 90 params->encrypter.reset(QuicEncrypter::Create(params->aead)); |
| 92 params->decrypter.reset(QuicDecrypter::Create(params->aead)); | 91 params->decrypter.reset(QuicDecrypter::Create(params->aead)); |
| 93 size_t key_bytes = params->encrypter->GetKeySize(); | 92 size_t key_bytes = params->encrypter->GetKeySize(); |
| 94 size_t nonce_prefix_bytes = params->encrypter->GetNoncePrefixSize(); | 93 size_t nonce_prefix_bytes = params->encrypter->GetNoncePrefixSize(); |
| 95 | 94 |
| 95 StringPiece nonce = client_nonce; |
| 96 string nonce_storage; |
| 97 if (!params->server_nonce.empty()) { |
| 98 nonce_storage = client_nonce.as_string() + params->server_nonce; |
| 99 nonce = nonce_storage; |
| 100 } |
| 101 |
| 96 crypto::HKDF hkdf(params->premaster_secret, nonce, | 102 crypto::HKDF hkdf(params->premaster_secret, nonce, |
| 97 hkdf_input, key_bytes, nonce_prefix_bytes); | 103 hkdf_input, key_bytes, nonce_prefix_bytes); |
| 98 if (perspective == SERVER) { | 104 if (perspective == SERVER) { |
| 99 params->encrypter->SetKey(hkdf.server_write_key()); | 105 params->encrypter->SetKey(hkdf.server_write_key()); |
| 100 params->encrypter->SetNoncePrefix(hkdf.server_write_iv()); | 106 params->encrypter->SetNoncePrefix(hkdf.server_write_iv()); |
| 101 params->decrypter->SetKey(hkdf.client_write_key()); | 107 params->decrypter->SetKey(hkdf.client_write_key()); |
| 102 params->decrypter->SetNoncePrefix(hkdf.client_write_iv()); | 108 params->decrypter->SetNoncePrefix(hkdf.client_write_iv()); |
| 103 } else { | 109 } else { |
| 104 params->encrypter->SetKey(hkdf.client_write_key()); | 110 params->encrypter->SetKey(hkdf.client_write_key()); |
| 105 params->encrypter->SetNoncePrefix(hkdf.client_write_iv()); | 111 params->encrypter->SetNoncePrefix(hkdf.client_write_iv()); |
| 106 params->decrypter->SetKey(hkdf.server_write_key()); | 112 params->decrypter->SetKey(hkdf.server_write_key()); |
| 107 params->decrypter->SetNoncePrefix(hkdf.server_write_iv()); | 113 params->decrypter->SetNoncePrefix(hkdf.server_write_iv()); |
| 108 } | 114 } |
| 109 } | 115 } |
| 110 | 116 |
| 111 } // namespace net | 117 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
