OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/crypto/p256_key_exchange.h" | 5 #include "net/quic/crypto/p256_key_exchange.h" |
6 | 6 |
7 #include <openssl/ec.h> | 7 #include <openssl/ec.h> |
8 #include <openssl/ecdh.h> | 8 #include <openssl/ecdh.h> |
9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
10 | 10 |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 | 12 |
13 using base::StringPiece; | 13 using base::StringPiece; |
14 using std::string; | 14 using std::string; |
15 | 15 |
16 namespace net { | 16 namespace net { |
17 | 17 |
18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8* public_key) | 18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8_t* public_key) |
19 : private_key_(private_key) { | 19 : private_key_(private_key) { |
20 memcpy(public_key_, public_key, sizeof(public_key_)); | 20 memcpy(public_key_, public_key, sizeof(public_key_)); |
21 } | 21 } |
22 | 22 |
23 P256KeyExchange::~P256KeyExchange() {} | 23 P256KeyExchange::~P256KeyExchange() {} |
24 | 24 |
25 // static | 25 // static |
26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { | 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { |
27 if (key.empty()) { | 27 if (key.empty()) { |
28 DVLOG(1) << "Private key is empty"; | 28 DVLOG(1) << "Private key is empty"; |
29 return nullptr; | 29 return nullptr; |
30 } | 30 } |
31 | 31 |
32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); | 32 const uint8_t* keyp = reinterpret_cast<const uint8_t*>(key.data()); |
33 crypto::ScopedEC_KEY private_key( | 33 crypto::ScopedEC_KEY private_key( |
34 d2i_ECPrivateKey(nullptr, &keyp, key.size())); | 34 d2i_ECPrivateKey(nullptr, &keyp, key.size())); |
35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { | 35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { |
36 DVLOG(1) << "Private key is invalid."; | 36 DVLOG(1) << "Private key is invalid."; |
37 return nullptr; | 37 return nullptr; |
38 } | 38 } |
39 | 39 |
40 uint8 public_key[kUncompressedP256PointBytes]; | 40 uint8_t public_key[kUncompressedP256PointBytes]; |
41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), | 41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), |
42 EC_KEY_get0_public_key(private_key.get()), | 42 EC_KEY_get0_public_key(private_key.get()), |
43 POINT_CONVERSION_UNCOMPRESSED, public_key, | 43 POINT_CONVERSION_UNCOMPRESSED, public_key, |
44 sizeof(public_key), nullptr) != sizeof(public_key)) { | 44 sizeof(public_key), nullptr) != sizeof(public_key)) { |
45 DVLOG(1) << "Can't get public key."; | 45 DVLOG(1) << "Can't get public key."; |
46 return nullptr; | 46 return nullptr; |
47 } | 47 } |
48 | 48 |
49 return new P256KeyExchange(private_key.release(), public_key); | 49 return new P256KeyExchange(private_key.release(), public_key); |
50 } | 50 } |
51 | 51 |
52 // static | 52 // static |
53 string P256KeyExchange::NewPrivateKey() { | 53 string P256KeyExchange::NewPrivateKey() { |
54 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | 54 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
55 if (!key.get() || !EC_KEY_generate_key(key.get())) { | 55 if (!key.get() || !EC_KEY_generate_key(key.get())) { |
56 DVLOG(1) << "Can't generate a new private key."; | 56 DVLOG(1) << "Can't generate a new private key."; |
57 return string(); | 57 return string(); |
58 } | 58 } |
59 | 59 |
60 int key_len = i2d_ECPrivateKey(key.get(), nullptr); | 60 int key_len = i2d_ECPrivateKey(key.get(), nullptr); |
61 if (key_len <= 0) { | 61 if (key_len <= 0) { |
62 DVLOG(1) << "Can't convert private key to string"; | 62 DVLOG(1) << "Can't convert private key to string"; |
63 return string(); | 63 return string(); |
64 } | 64 } |
65 scoped_ptr<uint8[]> private_key(new uint8[key_len]); | 65 scoped_ptr<uint8_t[]> private_key(new uint8_t[key_len]); |
66 uint8* keyp = private_key.get(); | 66 uint8_t* keyp = private_key.get(); |
67 if (!i2d_ECPrivateKey(key.get(), &keyp)) { | 67 if (!i2d_ECPrivateKey(key.get(), &keyp)) { |
68 DVLOG(1) << "Can't convert private key to string."; | 68 DVLOG(1) << "Can't convert private key to string."; |
69 return string(); | 69 return string(); |
70 } | 70 } |
71 return string(reinterpret_cast<char*>(private_key.get()), key_len); | 71 return string(reinterpret_cast<char*>(private_key.get()), key_len); |
72 } | 72 } |
73 | 73 |
74 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const { | 74 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const { |
75 // TODO(agl): avoid the serialisation/deserialisation in this function. | 75 // TODO(agl): avoid the serialisation/deserialisation in this function. |
76 const string private_value = NewPrivateKey(); | 76 const string private_value = NewPrivateKey(); |
77 return P256KeyExchange::New(private_value); | 77 return P256KeyExchange::New(private_value); |
78 } | 78 } |
79 | 79 |
80 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, | 80 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, |
81 string* out_result) const { | 81 string* out_result) const { |
82 if (peer_public_value.size() != kUncompressedP256PointBytes) { | 82 if (peer_public_value.size() != kUncompressedP256PointBytes) { |
83 DVLOG(1) << "Peer public value is invalid"; | 83 DVLOG(1) << "Peer public value is invalid"; |
84 return false; | 84 return false; |
85 } | 85 } |
86 | 86 |
87 crypto::ScopedEC_POINT point( | 87 crypto::ScopedEC_POINT point( |
88 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); | 88 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); |
89 if (!point || | 89 if (!point || |
90 !EC_POINT_oct2point(/* also test if point is on curve */ | 90 !EC_POINT_oct2point(/* also test if point is on curve */ |
91 EC_KEY_get0_group(private_key_.get()), point.get(), | 91 EC_KEY_get0_group(private_key_.get()), point.get(), |
92 reinterpret_cast<const uint8*>( | 92 reinterpret_cast<const uint8_t*>( |
93 peer_public_value.data()), | 93 peer_public_value.data()), |
94 peer_public_value.size(), nullptr)) { | 94 peer_public_value.size(), nullptr)) { |
95 DVLOG(1) << "Can't convert peer public value to curve point."; | 95 DVLOG(1) << "Can't convert peer public value to curve point."; |
96 return false; | 96 return false; |
97 } | 97 } |
98 | 98 |
99 uint8 result[kP256FieldBytes]; | 99 uint8_t result[kP256FieldBytes]; |
100 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(), | 100 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(), |
101 nullptr) != sizeof(result)) { | 101 nullptr) != sizeof(result)) { |
102 DVLOG(1) << "Can't compute ECDH shared key."; | 102 DVLOG(1) << "Can't compute ECDH shared key."; |
103 return false; | 103 return false; |
104 } | 104 } |
105 | 105 |
106 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); | 106 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); |
107 return true; | 107 return true; |
108 } | 108 } |
109 | 109 |
110 StringPiece P256KeyExchange::public_value() const { | 110 StringPiece P256KeyExchange::public_value() const { |
111 return StringPiece(reinterpret_cast<const char*>(public_key_), | 111 return StringPiece(reinterpret_cast<const char*>(public_key_), |
112 sizeof(public_key_)); | 112 sizeof(public_key_)); |
113 } | 113 } |
114 | 114 |
115 QuicTag P256KeyExchange::tag() const { | 115 QuicTag P256KeyExchange::tag() const { |
116 return kP256; | 116 return kP256; |
117 } | 117 } |
118 | 118 |
119 } // namespace net | 119 } // namespace net |
OLD | NEW |