| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/p256_key_exchange.h" | 5 #include "net/quic/crypto/p256_key_exchange.h" |
| 6 | 6 |
| 7 #include <openssl/ec.h> | 7 #include <openssl/ec.h> |
| 8 #include <openssl/ecdh.h> | 8 #include <openssl/ecdh.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 | 12 |
| 13 using base::StringPiece; | 13 using base::StringPiece; |
| 14 using std::string; | 14 using std::string; |
| 15 | 15 |
| 16 namespace net { | 16 namespace net { |
| 17 | 17 |
| 18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8* public_key) | 18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8_t* public_key) |
| 19 : private_key_(private_key) { | 19 : private_key_(private_key) { |
| 20 memcpy(public_key_, public_key, sizeof(public_key_)); | 20 memcpy(public_key_, public_key, sizeof(public_key_)); |
| 21 } | 21 } |
| 22 | 22 |
| 23 P256KeyExchange::~P256KeyExchange() {} | 23 P256KeyExchange::~P256KeyExchange() {} |
| 24 | 24 |
| 25 // static | 25 // static |
| 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { | 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { |
| 27 if (key.empty()) { | 27 if (key.empty()) { |
| 28 DVLOG(1) << "Private key is empty"; | 28 DVLOG(1) << "Private key is empty"; |
| 29 return nullptr; | 29 return nullptr; |
| 30 } | 30 } |
| 31 | 31 |
| 32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); | 32 const uint8_t* keyp = reinterpret_cast<const uint8_t*>(key.data()); |
| 33 crypto::ScopedEC_KEY private_key( | 33 crypto::ScopedEC_KEY private_key( |
| 34 d2i_ECPrivateKey(nullptr, &keyp, key.size())); | 34 d2i_ECPrivateKey(nullptr, &keyp, key.size())); |
| 35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { | 35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { |
| 36 DVLOG(1) << "Private key is invalid."; | 36 DVLOG(1) << "Private key is invalid."; |
| 37 return nullptr; | 37 return nullptr; |
| 38 } | 38 } |
| 39 | 39 |
| 40 uint8 public_key[kUncompressedP256PointBytes]; | 40 uint8_t public_key[kUncompressedP256PointBytes]; |
| 41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), | 41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), |
| 42 EC_KEY_get0_public_key(private_key.get()), | 42 EC_KEY_get0_public_key(private_key.get()), |
| 43 POINT_CONVERSION_UNCOMPRESSED, public_key, | 43 POINT_CONVERSION_UNCOMPRESSED, public_key, |
| 44 sizeof(public_key), nullptr) != sizeof(public_key)) { | 44 sizeof(public_key), nullptr) != sizeof(public_key)) { |
| 45 DVLOG(1) << "Can't get public key."; | 45 DVLOG(1) << "Can't get public key."; |
| 46 return nullptr; | 46 return nullptr; |
| 47 } | 47 } |
| 48 | 48 |
| 49 return new P256KeyExchange(private_key.release(), public_key); | 49 return new P256KeyExchange(private_key.release(), public_key); |
| 50 } | 50 } |
| 51 | 51 |
| 52 // static | 52 // static |
| 53 string P256KeyExchange::NewPrivateKey() { | 53 string P256KeyExchange::NewPrivateKey() { |
| 54 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | 54 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
| 55 if (!key.get() || !EC_KEY_generate_key(key.get())) { | 55 if (!key.get() || !EC_KEY_generate_key(key.get())) { |
| 56 DVLOG(1) << "Can't generate a new private key."; | 56 DVLOG(1) << "Can't generate a new private key."; |
| 57 return string(); | 57 return string(); |
| 58 } | 58 } |
| 59 | 59 |
| 60 int key_len = i2d_ECPrivateKey(key.get(), nullptr); | 60 int key_len = i2d_ECPrivateKey(key.get(), nullptr); |
| 61 if (key_len <= 0) { | 61 if (key_len <= 0) { |
| 62 DVLOG(1) << "Can't convert private key to string"; | 62 DVLOG(1) << "Can't convert private key to string"; |
| 63 return string(); | 63 return string(); |
| 64 } | 64 } |
| 65 scoped_ptr<uint8[]> private_key(new uint8[key_len]); | 65 scoped_ptr<uint8_t[]> private_key(new uint8_t[key_len]); |
| 66 uint8* keyp = private_key.get(); | 66 uint8_t* keyp = private_key.get(); |
| 67 if (!i2d_ECPrivateKey(key.get(), &keyp)) { | 67 if (!i2d_ECPrivateKey(key.get(), &keyp)) { |
| 68 DVLOG(1) << "Can't convert private key to string."; | 68 DVLOG(1) << "Can't convert private key to string."; |
| 69 return string(); | 69 return string(); |
| 70 } | 70 } |
| 71 return string(reinterpret_cast<char*>(private_key.get()), key_len); | 71 return string(reinterpret_cast<char*>(private_key.get()), key_len); |
| 72 } | 72 } |
| 73 | 73 |
| 74 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const { | 74 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const { |
| 75 // TODO(agl): avoid the serialisation/deserialisation in this function. | 75 // TODO(agl): avoid the serialisation/deserialisation in this function. |
| 76 const string private_value = NewPrivateKey(); | 76 const string private_value = NewPrivateKey(); |
| 77 return P256KeyExchange::New(private_value); | 77 return P256KeyExchange::New(private_value); |
| 78 } | 78 } |
| 79 | 79 |
| 80 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, | 80 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, |
| 81 string* out_result) const { | 81 string* out_result) const { |
| 82 if (peer_public_value.size() != kUncompressedP256PointBytes) { | 82 if (peer_public_value.size() != kUncompressedP256PointBytes) { |
| 83 DVLOG(1) << "Peer public value is invalid"; | 83 DVLOG(1) << "Peer public value is invalid"; |
| 84 return false; | 84 return false; |
| 85 } | 85 } |
| 86 | 86 |
| 87 crypto::ScopedEC_POINT point( | 87 crypto::ScopedEC_POINT point( |
| 88 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); | 88 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); |
| 89 if (!point || | 89 if (!point || |
| 90 !EC_POINT_oct2point(/* also test if point is on curve */ | 90 !EC_POINT_oct2point(/* also test if point is on curve */ |
| 91 EC_KEY_get0_group(private_key_.get()), point.get(), | 91 EC_KEY_get0_group(private_key_.get()), point.get(), |
| 92 reinterpret_cast<const uint8*>( | 92 reinterpret_cast<const uint8_t*>( |
| 93 peer_public_value.data()), | 93 peer_public_value.data()), |
| 94 peer_public_value.size(), nullptr)) { | 94 peer_public_value.size(), nullptr)) { |
| 95 DVLOG(1) << "Can't convert peer public value to curve point."; | 95 DVLOG(1) << "Can't convert peer public value to curve point."; |
| 96 return false; | 96 return false; |
| 97 } | 97 } |
| 98 | 98 |
| 99 uint8 result[kP256FieldBytes]; | 99 uint8_t result[kP256FieldBytes]; |
| 100 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(), | 100 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(), |
| 101 nullptr) != sizeof(result)) { | 101 nullptr) != sizeof(result)) { |
| 102 DVLOG(1) << "Can't compute ECDH shared key."; | 102 DVLOG(1) << "Can't compute ECDH shared key."; |
| 103 return false; | 103 return false; |
| 104 } | 104 } |
| 105 | 105 |
| 106 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); | 106 out_result->assign(reinterpret_cast<char*>(result), sizeof(result)); |
| 107 return true; | 107 return true; |
| 108 } | 108 } |
| 109 | 109 |
| 110 StringPiece P256KeyExchange::public_value() const { | 110 StringPiece P256KeyExchange::public_value() const { |
| 111 return StringPiece(reinterpret_cast<const char*>(public_key_), | 111 return StringPiece(reinterpret_cast<const char*>(public_key_), |
| 112 sizeof(public_key_)); | 112 sizeof(public_key_)); |
| 113 } | 113 } |
| 114 | 114 |
| 115 QuicTag P256KeyExchange::tag() const { | 115 QuicTag P256KeyExchange::tag() const { |
| 116 return kP256; | 116 return kP256; |
| 117 } | 117 } |
| 118 | 118 |
| 119 } // namespace net | 119 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1535363003:
Switch to standard integer types in net/. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master