| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/certificate_reporting/error_reporter.h" | 5 #include "components/certificate_reporting/error_reporter.h" |
| 6 | 6 |
| 7 #include <stddef.h> |
| 8 |
| 7 #include <set> | 9 #include <set> |
| 8 | 10 |
| 9 #include "base/logging.h" | 11 #include "base/logging.h" |
| 10 #include "components/certificate_reporting/encrypted_cert_logger.pb.h" | 12 #include "components/certificate_reporting/encrypted_cert_logger.pb.h" |
| 11 | 13 |
| 12 #if defined(USE_OPENSSL) | 14 #if defined(USE_OPENSSL) |
| 13 #include "crypto/aead_openssl.h" | 15 #include "crypto/aead_openssl.h" |
| 14 #endif | 16 #endif |
| 15 | 17 |
| 16 #include "crypto/curve25519.h" | 18 #include "crypto/curve25519.h" |
| 17 #include "crypto/hkdf.h" | 19 #include "crypto/hkdf.h" |
| 18 #include "crypto/random.h" | 20 #include "crypto/random.h" |
| 19 #include "net/url_request/certificate_report_sender.h" | 21 #include "net/url_request/certificate_report_sender.h" |
| 20 | 22 |
| 21 namespace certificate_reporting { | 23 namespace certificate_reporting { |
| 22 | 24 |
| 23 namespace { | 25 namespace { |
| 24 | 26 |
| 25 // Constants used for crypto. The corresponding private key is used by | 27 // Constants used for crypto. The corresponding private key is used by |
| 26 // the SafeBrowsing client-side detection server to decrypt reports. | 28 // the SafeBrowsing client-side detection server to decrypt reports. |
| 27 static const uint8 kServerPublicKey[] = { | 29 static const uint8_t kServerPublicKey[] = { |
| 28 0x51, 0xcc, 0x52, 0x67, 0x42, 0x47, 0x3b, 0x10, 0xe8, 0x63, 0x18, | 30 0x51, 0xcc, 0x52, 0x67, 0x42, 0x47, 0x3b, 0x10, 0xe8, 0x63, 0x18, |
| 29 0x3c, 0x61, 0xa7, 0x96, 0x76, 0x86, 0x91, 0x40, 0x71, 0x39, 0x5f, | 31 0x3c, 0x61, 0xa7, 0x96, 0x76, 0x86, 0x91, 0x40, 0x71, 0x39, 0x5f, |
| 30 0x31, 0x1a, 0x39, 0x5b, 0x76, 0xb1, 0x6b, 0x3d, 0x6a, 0x2b}; | 32 0x31, 0x1a, 0x39, 0x5b, 0x76, 0xb1, 0x6b, 0x3d, 0x6a, 0x2b}; |
| 31 static const uint32 kServerPublicKeyVersion = 1; | 33 static const uint32_t kServerPublicKeyVersion = 1; |
| 32 | 34 |
| 33 #if defined(USE_OPENSSL) | 35 #if defined(USE_OPENSSL) |
| 34 | 36 |
| 35 static const char kHkdfLabel[] = "certificate report"; | 37 static const char kHkdfLabel[] = "certificate report"; |
| 36 | 38 |
| 37 bool GetHkdfSubkeySecret(size_t subkey_length, | 39 bool GetHkdfSubkeySecret(size_t subkey_length, |
| 38 const uint8* private_key, | 40 const uint8_t* private_key, |
| 39 const uint8* public_key, | 41 const uint8_t* public_key, |
| 40 std::string* secret) { | 42 std::string* secret) { |
| 41 uint8 shared_secret[crypto::curve25519::kBytes]; | 43 uint8_t shared_secret[crypto::curve25519::kBytes]; |
| 42 if (!crypto::curve25519::ScalarMult(private_key, public_key, shared_secret)) | 44 if (!crypto::curve25519::ScalarMult(private_key, public_key, shared_secret)) |
| 43 return false; | 45 return false; |
| 44 | 46 |
| 45 // By mistake, the HKDF label here ends up with an extra null byte on | 47 // By mistake, the HKDF label here ends up with an extra null byte on |
| 46 // the end, due to using sizeof(kHkdfLabel) in the StringPiece | 48 // the end, due to using sizeof(kHkdfLabel) in the StringPiece |
| 47 // constructor instead of strlen(kHkdfLabel). Ideally this code should | 49 // constructor instead of strlen(kHkdfLabel). Ideally this code should |
| 48 // be just passing kHkdfLabel directly into the HKDF constructor. | 50 // be just passing kHkdfLabel directly into the HKDF constructor. |
| 49 // | 51 // |
| 50 // TODO(estark): fix this in coordination with the server-side code -- | 52 // TODO(estark): fix this in coordination with the server-side code -- |
| 51 // perhaps by rolling the public key version forward and using the | 53 // perhaps by rolling the public key version forward and using the |
| 52 // version to decide whether to use the extra-null-byte version of the | 54 // version to decide whether to use the extra-null-byte version of the |
| 53 // label. https://crbug.com/517746 | 55 // label. https://crbug.com/517746 |
| 54 crypto::HKDF hkdf(base::StringPiece(reinterpret_cast<char*>(shared_secret), | 56 crypto::HKDF hkdf(base::StringPiece(reinterpret_cast<char*>(shared_secret), |
| 55 sizeof(shared_secret)), | 57 sizeof(shared_secret)), |
| 56 "" /* salt */, | 58 "" /* salt */, |
| 57 base::StringPiece(kHkdfLabel, sizeof(kHkdfLabel)), | 59 base::StringPiece(kHkdfLabel, sizeof(kHkdfLabel)), |
| 58 0 /* key bytes */, 0 /* iv bytes */, subkey_length); | 60 0 /* key bytes */, 0 /* iv bytes */, subkey_length); |
| 59 | 61 |
| 60 *secret = hkdf.subkey_secret().as_string(); | 62 *secret = hkdf.subkey_secret().as_string(); |
| 61 return true; | 63 return true; |
| 62 } | 64 } |
| 63 | 65 |
| 64 bool EncryptSerializedReport(const uint8* server_public_key, | 66 bool EncryptSerializedReport(const uint8_t* server_public_key, |
| 65 uint32 server_public_key_version, | 67 uint32_t server_public_key_version, |
| 66 const std::string& report, | 68 const std::string& report, |
| 67 EncryptedCertLoggerRequest* encrypted_report) { | 69 EncryptedCertLoggerRequest* encrypted_report) { |
| 68 // Generate an ephemeral key pair to generate a shared secret. | 70 // Generate an ephemeral key pair to generate a shared secret. |
| 69 uint8 public_key[crypto::curve25519::kBytes]; | 71 uint8_t public_key[crypto::curve25519::kBytes]; |
| 70 uint8 private_key[crypto::curve25519::kScalarBytes]; | 72 uint8_t private_key[crypto::curve25519::kScalarBytes]; |
| 71 | 73 |
| 72 crypto::RandBytes(private_key, sizeof(private_key)); | 74 crypto::RandBytes(private_key, sizeof(private_key)); |
| 73 crypto::curve25519::ScalarBaseMult(private_key, public_key); | 75 crypto::curve25519::ScalarBaseMult(private_key, public_key); |
| 74 | 76 |
| 75 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); | 77 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); |
| 76 std::string key; | 78 std::string key; |
| 77 if (!GetHkdfSubkeySecret(aead.KeyLength(), private_key, | 79 if (!GetHkdfSubkeySecret(aead.KeyLength(), private_key, |
| 78 reinterpret_cast<const uint8*>(server_public_key), | 80 reinterpret_cast<const uint8_t*>(server_public_key), |
| 79 &key)) { | 81 &key)) { |
| 80 LOG(ERROR) << "Error getting subkey secret."; | 82 LOG(ERROR) << "Error getting subkey secret."; |
| 81 return false; | 83 return false; |
| 82 } | 84 } |
| 83 aead.Init(&key); | 85 aead.Init(&key); |
| 84 | 86 |
| 85 // Use an all-zero nonce because the key is random per-message. | 87 // Use an all-zero nonce because the key is random per-message. |
| 86 std::string nonce(aead.NonceLength(), '\0'); | 88 std::string nonce(aead.NonceLength(), '\0'); |
| 87 | 89 |
| 88 std::string ciphertext; | 90 std::string ciphertext; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 109 net::CertificateReportSender::CookiesPreference cookies_preference) | 111 net::CertificateReportSender::CookiesPreference cookies_preference) |
| 110 : ErrorReporter(upload_url, | 112 : ErrorReporter(upload_url, |
| 111 kServerPublicKey, | 113 kServerPublicKey, |
| 112 kServerPublicKeyVersion, | 114 kServerPublicKeyVersion, |
| 113 make_scoped_ptr(new net::CertificateReportSender( | 115 make_scoped_ptr(new net::CertificateReportSender( |
| 114 request_context, | 116 request_context, |
| 115 cookies_preference))) {} | 117 cookies_preference))) {} |
| 116 | 118 |
| 117 ErrorReporter::ErrorReporter( | 119 ErrorReporter::ErrorReporter( |
| 118 const GURL& upload_url, | 120 const GURL& upload_url, |
| 119 const uint8 server_public_key[/* 32 */], | 121 const uint8_t server_public_key[/* 32 */], |
| 120 const uint32 server_public_key_version, | 122 const uint32_t server_public_key_version, |
| 121 scoped_ptr<net::CertificateReportSender> certificate_report_sender) | 123 scoped_ptr<net::CertificateReportSender> certificate_report_sender) |
| 122 : certificate_report_sender_(certificate_report_sender.Pass()), | 124 : certificate_report_sender_(certificate_report_sender.Pass()), |
| 123 upload_url_(upload_url), | 125 upload_url_(upload_url), |
| 124 server_public_key_(server_public_key), | 126 server_public_key_(server_public_key), |
| 125 server_public_key_version_(server_public_key_version) { | 127 server_public_key_version_(server_public_key_version) { |
| 126 DCHECK(certificate_report_sender_); | 128 DCHECK(certificate_report_sender_); |
| 127 DCHECK(!upload_url.is_empty()); | 129 DCHECK(!upload_url.is_empty()); |
| 128 } | 130 } |
| 129 | 131 |
| 130 ErrorReporter::~ErrorReporter() {} | 132 ErrorReporter::~ErrorReporter() {} |
| (...skipping 22 matching lines...) Expand all Loading... |
| 153 #if defined(USE_OPENSSL) | 155 #if defined(USE_OPENSSL) |
| 154 return true; | 156 return true; |
| 155 #else | 157 #else |
| 156 return false; | 158 return false; |
| 157 #endif | 159 #endif |
| 158 } | 160 } |
| 159 | 161 |
| 160 // Used only by tests. | 162 // Used only by tests. |
| 161 #if defined(USE_OPENSSL) | 163 #if defined(USE_OPENSSL) |
| 162 bool ErrorReporter::DecryptErrorReport( | 164 bool ErrorReporter::DecryptErrorReport( |
| 163 const uint8 server_private_key[32], | 165 const uint8_t server_private_key[32], |
| 164 const EncryptedCertLoggerRequest& encrypted_report, | 166 const EncryptedCertLoggerRequest& encrypted_report, |
| 165 std::string* decrypted_serialized_report) { | 167 std::string* decrypted_serialized_report) { |
| 166 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); | 168 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); |
| 167 std::string key; | 169 std::string key; |
| 168 if (!GetHkdfSubkeySecret(aead.KeyLength(), server_private_key, | 170 if (!GetHkdfSubkeySecret(aead.KeyLength(), server_private_key, |
| 169 reinterpret_cast<const uint8*>( | 171 reinterpret_cast<const uint8_t*>( |
| 170 encrypted_report.client_public_key().data()), | 172 encrypted_report.client_public_key().data()), |
| 171 &key)) { | 173 &key)) { |
| 172 LOG(ERROR) << "Error getting subkey secret."; | 174 LOG(ERROR) << "Error getting subkey secret."; |
| 173 return false; | 175 return false; |
| 174 } | 176 } |
| 175 aead.Init(&key); | 177 aead.Init(&key); |
| 176 | 178 |
| 177 // Use an all-zero nonce because the key is random per-message. | 179 // Use an all-zero nonce because the key is random per-message. |
| 178 std::string nonce(aead.NonceLength(), 0); | 180 std::string nonce(aead.NonceLength(), 0); |
| 179 | 181 |
| 180 return aead.Open(encrypted_report.encrypted_report(), nonce, std::string(), | 182 return aead.Open(encrypted_report.encrypted_report(), nonce, std::string(), |
| 181 decrypted_serialized_report); | 183 decrypted_serialized_report); |
| 182 } | 184 } |
| 183 #endif | 185 #endif |
| 184 | 186 |
| 185 } // namespace certificate_reporting | 187 } // namespace certificate_reporting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1546143002:
Switch to standard integer types in components/, part 1 of 4. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master