| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/gcm_driver/crypto/encryption_header_parsers.h" | 5 #include "components/gcm_driver/crypto/encryption_header_parsers.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/numerics/safe_math.h" | 8 #include "base/numerics/safe_math.h" |
| 9 #include "base/strings/string_number_conversions.h" | 9 #include "base/strings/string_number_conversions.h" |
| 10 #include "base/strings/string_piece.h" | 10 #include "base/strings/string_piece.h" |
| 11 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
| 12 #include "net/http/http_util.h" | 12 #include "net/http/http_util.h" |
| 13 | 13 |
| 14 namespace gcm { | 14 namespace gcm { |
| 15 | 15 |
| 16 namespace { | 16 namespace { |
| 17 | 17 |
| 18 // The default record size in bytes, as defined in section two of | 18 // The default record size in bytes, as defined in section two of |
| 19 // https://tools.ietf.org/html/draft-thomson-http-encryption-01. | 19 // https://tools.ietf.org/html/draft-thomson-http-encryption-02. |
| 20 const uint64_t kDefaultRecordSizeBytes = 4096; | 20 const uint64_t kDefaultRecordSizeBytes = 4096; |
| 21 | 21 |
| 22 // TODO(peter): Unify the base64url implementations. https://crbug.com/536745 | 22 // TODO(peter): Unify the base64url implementations. https://crbug.com/536745 |
| 23 bool Base64URLDecode(const base::StringPiece& input, std::string* output) { | 23 bool Base64URLDecode(const base::StringPiece& input, std::string* output) { |
| 24 // Bail on malformed strings, which already contain a '+' or a '/'. All valid | 24 // Bail on malformed strings, which already contain a '+' or a '/'. All valid |
| 25 // strings should escape these special characters as '-' and '_', | 25 // strings should escape these special characters as '-' and '_', |
| 26 // respectively. | 26 // respectively. |
| 27 if (input.find_first_of("+/") != std::string::npos) | 27 if (input.find_first_of("+/") != std::string::npos) |
| 28 return false; | 28 return false; |
| 29 | 29 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 | 79 |
| 80 // Parses the string between |input_begin| and |input_end| according to the | 80 // Parses the string between |input_begin| and |input_end| according to the |
| 81 // extended ABNF syntax for the Encryption HTTP header, per the "parameter" | 81 // extended ABNF syntax for the Encryption HTTP header, per the "parameter" |
| 82 // rule from RFC 7231 (https://tools.ietf.org/html/rfc7231). | 82 // rule from RFC 7231 (https://tools.ietf.org/html/rfc7231). |
| 83 // | 83 // |
| 84 // encryption_params = [ parameter *( ";" parameter ) ] | 84 // encryption_params = [ parameter *( ";" parameter ) ] |
| 85 // | 85 // |
| 86 // This implementation applies the parameters defined in section 3.1 of the | 86 // This implementation applies the parameters defined in section 3.1 of the |
| 87 // HTTP encryption encoding document: | 87 // HTTP encryption encoding document: |
| 88 // | 88 // |
| 89 // https://tools.ietf.org/html/draft-thomson-http-encryption-01#section-3.1 | 89 // https://tools.ietf.org/html/draft-thomson-http-encryption-02#section-3.1 |
| 90 // | 90 // |
| 91 // This means that the three supported parameters are: | 91 // This means that the three supported parameters are: |
| 92 // | 92 // |
| 93 // [ "keyid" "=" string ] | 93 // [ "keyid" "=" string ] |
| 94 // [ ";" "salt" "=" base64url ] | 94 // [ ";" "salt" "=" base64url ] |
| 95 // [ ";" "rs" "=" octet-count ] | 95 // [ ";" "rs" "=" octet-count ] |
| 96 bool ParseEncryptionHeaderValuesImpl(std::string::const_iterator input_begin, | 96 bool ParseEncryptionHeaderValuesImpl(std::string::const_iterator input_begin, |
| 97 std::string::const_iterator input_end, | 97 std::string::const_iterator input_end, |
| 98 EncryptionHeaderValues* values) { | 98 EncryptionHeaderValues* values) { |
| 99 net::HttpUtil::NameValuePairsIterator name_value_pairs( | 99 net::HttpUtil::NameValuePairsIterator name_value_pairs( |
| (...skipping 19 matching lines...) Expand all Loading... |
| 119 } | 119 } |
| 120 } else { | 120 } else { |
| 121 // Silently ignore unknown directives for forward compatibility. | 121 // Silently ignore unknown directives for forward compatibility. |
| 122 } | 122 } |
| 123 } | 123 } |
| 124 | 124 |
| 125 return name_value_pairs.valid(); | 125 return name_value_pairs.valid(); |
| 126 } | 126 } |
| 127 | 127 |
| 128 // Parses the string between |input_begin| and |input_end| according to the | 128 // Parses the string between |input_begin| and |input_end| according to the |
| 129 // extended ABNF syntax for the Encryption-Key HTTP header, per the "parameter" | 129 // extended ABNF syntax for the Crypto-Key HTTP header, per the "parameter" rule |
| 130 // rule from RFC 7231 (https://tools.ietf.org/html/rfc7231). | 130 // from RFC 7231 (https://tools.ietf.org/html/rfc7231). |
| 131 // | 131 // |
| 132 // encryption_params = [ parameter *( ";" parameter ) ] | 132 // encryption_params = [ parameter *( ";" parameter ) ] |
| 133 // | 133 // |
| 134 // This implementation applies the parameters defined in section 4 of the | 134 // This implementation applies the parameters defined in section 4 of the |
| 135 // HTTP encryption encoding document: | 135 // HTTP encryption encoding document: |
| 136 // | 136 // |
| 137 //https://tools.ietf.org/html/draft-thomson-http-encryption-01#section-4 | 137 //https://tools.ietf.org/html/draft-thomson-http-encryption-02#section-4 |
| 138 // | 138 // |
| 139 // This means that the three supported parameters are: | 139 // This means that the three supported parameters are: |
| 140 // | 140 // |
| 141 // [ "keyid" "=" string ] | 141 // [ "keyid" "=" string ] |
| 142 // [ ";" "key" "=" base64url ] | 142 // [ ";" "aesgcm128" "=" base64url ] |
| 143 // [ ";" "dh" "=" base64url ] | 143 // [ ";" "dh" "=" base64url ] |
| 144 bool ParseEncryptionKeyHeaderValuesImpl(std::string::const_iterator input_begin, | 144 bool ParseCryptoKeyHeaderValuesImpl(std::string::const_iterator input_begin, |
| 145 std::string::const_iterator input_end, | 145 std::string::const_iterator input_end, |
| 146 EncryptionKeyHeaderValues* values) { | 146 CryptoKeyHeaderValues* values) { |
| 147 net::HttpUtil::NameValuePairsIterator name_value_pairs( | 147 net::HttpUtil::NameValuePairsIterator name_value_pairs( |
| 148 input_begin, input_end, ';', | 148 input_begin, input_end, ';', |
| 149 net::HttpUtil::NameValuePairsIterator::VALUES_NOT_OPTIONAL); | 149 net::HttpUtil::NameValuePairsIterator::VALUES_NOT_OPTIONAL); |
| 150 | 150 |
| 151 while (name_value_pairs.GetNext()) { | 151 while (name_value_pairs.GetNext()) { |
| 152 const base::StringPiece name(name_value_pairs.name_begin(), | 152 const base::StringPiece name(name_value_pairs.name_begin(), |
| 153 name_value_pairs.name_end()); | 153 name_value_pairs.name_end()); |
| 154 | 154 |
| 155 if (base::LowerCaseEqualsASCII(name, "keyid")) { | 155 if (base::LowerCaseEqualsASCII(name, "keyid")) { |
| 156 values->keyid.assign(name_value_pairs.value_begin(), | 156 values->keyid.assign(name_value_pairs.value_begin(), |
| 157 name_value_pairs.value_end()); | 157 name_value_pairs.value_end()); |
| 158 } else if (base::LowerCaseEqualsASCII(name, "key")) { | 158 } else if (base::LowerCaseEqualsASCII(name, "aesgcm128")) { |
| 159 if (!ValueToDecodedString(name_value_pairs.value_begin(), | 159 if (!ValueToDecodedString(name_value_pairs.value_begin(), |
| 160 name_value_pairs.value_end(), &values->key)) { | 160 name_value_pairs.value_end(), |
| 161 &values->aesgcm128)) { |
| 161 return false; | 162 return false; |
| 162 } | 163 } |
| 163 } else if (base::LowerCaseEqualsASCII(name, "dh")) { | 164 } else if (base::LowerCaseEqualsASCII(name, "dh")) { |
| 164 if (!ValueToDecodedString(name_value_pairs.value_begin(), | 165 if (!ValueToDecodedString(name_value_pairs.value_begin(), |
| 165 name_value_pairs.value_end(), &values->dh)) { | 166 name_value_pairs.value_end(), &values->dh)) { |
| 166 return false; | 167 return false; |
| 167 } | 168 } |
| 168 } else { | 169 } else { |
| 169 // Silently ignore unknown directives for forward compatibility. | 170 // Silently ignore unknown directives for forward compatibility. |
| 170 } | 171 } |
| (...skipping 21 matching lines...) Expand all Loading... |
| 192 return false; | 193 return false; |
| 193 } | 194 } |
| 194 | 195 |
| 195 candidate_values.push_back(candidate_value); | 196 candidate_values.push_back(candidate_value); |
| 196 } | 197 } |
| 197 | 198 |
| 198 values->swap(candidate_values); | 199 values->swap(candidate_values); |
| 199 return true; | 200 return true; |
| 200 } | 201 } |
| 201 | 202 |
| 202 bool ParseEncryptionKeyHeader(const std::string& input, | 203 bool ParseCryptoKeyHeader(const std::string& input, |
| 203 std::vector<EncryptionKeyHeaderValues>* values) { | 204 std::vector<CryptoKeyHeaderValues>* values) { |
| 204 DCHECK(values); | 205 DCHECK(values); |
| 205 | 206 |
| 206 std::vector<EncryptionKeyHeaderValues> candidate_values; | 207 std::vector<CryptoKeyHeaderValues> candidate_values; |
| 207 | 208 |
| 208 net::HttpUtil::ValuesIterator value_iterator(input.begin(), input.end(), ','); | 209 net::HttpUtil::ValuesIterator value_iterator(input.begin(), input.end(), ','); |
| 209 while (value_iterator.GetNext()) { | 210 while (value_iterator.GetNext()) { |
| 210 EncryptionKeyHeaderValues candidate_value; | 211 CryptoKeyHeaderValues candidate_value; |
| 211 if (!ParseEncryptionKeyHeaderValuesImpl(value_iterator.value_begin(), | 212 if (!ParseCryptoKeyHeaderValuesImpl(value_iterator.value_begin(), |
| 212 value_iterator.value_end(), | 213 value_iterator.value_end(), |
| 213 &candidate_value)) { | 214 &candidate_value)) { |
| 214 return false; | 215 return false; |
| 215 } | 216 } |
| 216 | 217 |
| 217 candidate_values.push_back(candidate_value); | 218 candidate_values.push_back(candidate_value); |
| 218 } | 219 } |
| 219 | 220 |
| 220 values->swap(candidate_values); | 221 values->swap(candidate_values); |
| 221 return true; | 222 return true; |
| 222 } | 223 } |
| 223 | 224 |
| 224 } // namespace gcm | 225 } // namespace gcm |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1446163002:
Rename Encryption-Key to Crypto-Key, "key" parameter to "aesgcm128". (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master