Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(725)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/certificate_reporting/error_reporter.cc

Issue 1459783002: Roll src/third_party/boringssl/src d7421ebf6..3ac32b1ed (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « DEPS ('k') | crypto/BUILD.gn » ('j') | third_party/boringssl/boringssl.gyp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/certificate_reporting/error_reporter.cc
diff --git a/components/certificate_reporting/error_reporter.cc b/components/certificate_reporting/error_reporter.cc
index d811112c3ef989e61c498a3fdc82b23f7171c8ad..0f866aaefaf20febcc20a7122512caa6baefacb3 100644
--- a/components/certificate_reporting/error_reporter.cc
+++ b/components/certificate_reporting/error_reporter.cc
@@ -34,11 +34,13 @@ static const uint32 kServerPublicKeyVersion = 1;
static const char kHkdfLabel[] = "certificate report";
-std::string GetHkdfSubkeySecret(size_t subkey_length,
- const uint8* private_key,
- const uint8* public_key) {
+bool GetHkdfSubkeySecret(size_t subkey_length,
+ const uint8* private_key,
+ const uint8* public_key,
+ std::string* secret) {
uint8 shared_secret[crypto::curve25519::kBytes];
- crypto::curve25519::ScalarMult(private_key, public_key, shared_secret);
+ if (!crypto::curve25519::ScalarMult(private_key, public_key, shared_secret))
+ return false;
// By mistake, the HKDF label here ends up with an extra null byte on
// the end, due to using sizeof(kHkdfLabel) in the StringPiece
@@ -55,7 +57,8 @@ std::string GetHkdfSubkeySecret(size_t subkey_length,
base::StringPiece(kHkdfLabel, sizeof(kHkdfLabel)),
0 /* key bytes */, 0 /* iv bytes */, subkey_length);
- return hkdf.subkey_secret().as_string();
+ *secret = hkdf.subkey_secret().as_string();
+ return true;
}
bool EncryptSerializedReport(const uint8* server_public_key,
@@ -70,9 +73,12 @@ bool EncryptSerializedReport(const uint8* server_public_key,
crypto::curve25519::ScalarBaseMult(private_key, public_key);
crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256);
- const std::string key =
- GetHkdfSubkeySecret(aead.KeyLength(), private_key,
- reinterpret_cast<const uint8*>(server_public_key));
+ const std::string key;
+ if (!GetHkdfSubkeySecret(aead.KeyLength(), private_key,
+ reinterpret_cast<const uint8*>(server_public_key),
+ &key)) {
+ return false;
estark 2015/11/19 00:25:18 nit: add a LOG(ERROR) here?
davidben 2015/11/19 00:41:36 Done.
+ }
aead.Init(&key);
// Use an all-zero nonce because the key is random per-message.
@@ -157,10 +163,13 @@ bool ErrorReporter::DecryptErrorReport(
const EncryptedCertLoggerRequest& encrypted_report,
std::string* decrypted_serialized_report) {
crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256);
- const std::string key =
- GetHkdfSubkeySecret(aead.KeyLength(), server_private_key,
- reinterpret_cast<const uint8*>(
- encrypted_report.client_public_key().data()));
+ const std::string key;
+ if (!GetHkdfSubkeySecret(aead.KeyLength(), server_private_key,
+ reinterpret_cast<const uint8*>(
+ encrypted_report.client_public_key().data()),
+ &key)) {
+ return false;
estark 2015/11/19 00:25:18 same nit here
davidben 2015/11/19 00:41:37 Done.
+ }
aead.Init(&key);
// Use an all-zero nonce because the key is random per-message.
« no previous file with comments | « DEPS ('k') | crypto/BUILD.gn » ('j') | third_party/boringssl/boringssl.gyp » ('J')

Powered by Google App Engine
This is Rietveld 408576698