Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(342)

Side by Side Diff: net/quic/crypto/crypto_secret_boxer.cc

Issue 1715593002: QUIC: obtain source address token keys from internal key server. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@114217654
Patch Set: Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/crypto_secret_boxer.h ('k') | net/quic/crypto/crypto_secret_boxer_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/crypto_secret_boxer.h" 5 #include "net/quic/crypto/crypto_secret_boxer.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" 9 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h"
10 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" 10 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
11 #include "net/quic/crypto/crypto_protocol.h" 11 #include "net/quic/crypto/crypto_protocol.h"
12 #include "net/quic/crypto/quic_decrypter.h" 12 #include "net/quic/crypto/quic_decrypter.h"
13 #include "net/quic/crypto/quic_encrypter.h" 13 #include "net/quic/crypto/quic_encrypter.h"
14 #include "net/quic/crypto/quic_random.h" 14 #include "net/quic/crypto/quic_random.h"
15 15
16 using base::StringPiece; 16 using base::StringPiece;
17 using std::string; 17 using std::string;
18 using std::vector;
18 19
19 namespace net { 20 namespace net {
20 21
21 // Defined kKeySize for GetKeySize() and SetKey(). 22 // Defined kKeySize for GetKeySize() and SetKey().
22 static const size_t kKeySize = 16; 23 static const size_t kKeySize = 16;
23 24
24 // kBoxNonceSize contains the number of bytes of nonce that we use in each box. 25 // kBoxNonceSize contains the number of bytes of nonce that we use in each box.
25 // TODO(rtenneti): Add support for kBoxNonceSize to be 16 bytes. 26 // TODO(rtenneti): Add support for kBoxNonceSize to be 16 bytes.
26 // 27 //
27 // From agl@: 28 // From agl@:
28 // 96-bit nonces are on the edge. An attacker who can collect 2^41 29 // 96-bit nonces are on the edge. An attacker who can collect 2^41
29 // source-address tokens has a 1% chance of finding a duplicate. 30 // source-address tokens has a 1% chance of finding a duplicate.
30 // 31 //
31 // The "average" DDoS is now 32.4M PPS. That's 2^25 source-address tokens 32 // The "average" DDoS is now 32.4M PPS. That's 2^25 source-address tokens
32 // per second. So one day of that DDoS botnot would reach the 1% mark. 33 // per second. So one day of that DDoS botnot would reach the 1% mark.
33 // 34 //
34 // It's not terrible, but it's not a "forget about it" margin. 35 // It's not terrible, but it's not a "forget about it" margin.
35 static const size_t kBoxNonceSize = 12; 36 static const size_t kBoxNonceSize = 12;
36 37
38 CryptoSecretBoxer::CryptoSecretBoxer() {}
39
40 CryptoSecretBoxer::~CryptoSecretBoxer() {}
41
37 // static 42 // static
38 size_t CryptoSecretBoxer::GetKeySize() { 43 size_t CryptoSecretBoxer::GetKeySize() {
39 return kKeySize; 44 return kKeySize;
40 } 45 }
41 46
42 void CryptoSecretBoxer::SetKey(StringPiece key) { 47 void CryptoSecretBoxer::SetKeys(const vector<string>& keys) {
43 DCHECK_EQ(kKeySize, key.size()); 48 DCHECK(!keys.empty());
44 key_ = key.as_string(); 49 vector<string> copy = keys;
50 for (const string& key : keys) {
51 DCHECK_EQ(kKeySize, key.size());
52 }
53 base::AutoLock l(lock_);
54 keys_.swap(copy);
45 } 55 }
46 56
47 string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const { 57 string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const {
48 scoped_ptr<Aes128Gcm12Encrypter> encrypter(new Aes128Gcm12Encrypter()); 58 scoped_ptr<Aes128Gcm12Encrypter> encrypter(new Aes128Gcm12Encrypter());
49 if (!encrypter->SetKey(key_)) { 59 {
50 DLOG(DFATAL) << "CryptoSecretBoxer's encrypter->SetKey failed."; 60 base::AutoLock l(lock_);
51 return string(); 61 DCHECK_EQ(kKeySize, keys_[0].size());
62 if (!encrypter->SetKey(keys_[0])) {
63 DLOG(DFATAL) << "CryptoSecretBoxer's encrypter->SetKey failed.";
64 return string();
65 }
52 } 66 }
53 size_t ciphertext_size = encrypter->GetCiphertextSize(plaintext.length()); 67 size_t ciphertext_size = encrypter->GetCiphertextSize(plaintext.length());
54 68
55 string ret; 69 string ret;
56 const size_t len = kBoxNonceSize + ciphertext_size; 70 const size_t len = kBoxNonceSize + ciphertext_size;
57 ret.resize(len); 71 ret.resize(len);
58 char* data = &ret[0]; 72 char* data = &ret[0];
59 73
60 // Generate nonce. 74 // Generate nonce.
61 rand->RandBytes(data, kBoxNonceSize); 75 rand->RandBytes(data, kBoxNonceSize);
(...skipping 17 matching lines...) Expand all
79 } 93 }
80 94
81 StringPiece nonce(ciphertext.data(), kBoxNonceSize); 95 StringPiece nonce(ciphertext.data(), kBoxNonceSize);
82 ciphertext.remove_prefix(kBoxNonceSize); 96 ciphertext.remove_prefix(kBoxNonceSize);
83 QuicPacketNumber packet_number; 97 QuicPacketNumber packet_number;
84 StringPiece nonce_prefix(nonce.data(), nonce.size() - sizeof(packet_number)); 98 StringPiece nonce_prefix(nonce.data(), nonce.size() - sizeof(packet_number));
85 memcpy(&packet_number, nonce.data() + nonce_prefix.size(), 99 memcpy(&packet_number, nonce.data() + nonce_prefix.size(),
86 sizeof(packet_number)); 100 sizeof(packet_number));
87 101
88 scoped_ptr<Aes128Gcm12Decrypter> decrypter(new Aes128Gcm12Decrypter()); 102 scoped_ptr<Aes128Gcm12Decrypter> decrypter(new Aes128Gcm12Decrypter());
89 if (!decrypter->SetKey(key_)) {
90 DLOG(DFATAL) << "CryptoSecretBoxer's decrypter->SetKey failed.";
91 return false;
92 }
93 decrypter->SetNoncePrefix(nonce_prefix);
94 char plaintext[kMaxPacketSize]; 103 char plaintext[kMaxPacketSize];
95 size_t plaintext_length = 0; 104 size_t plaintext_length = 0;
96 const bool success = decrypter->DecryptPacket( 105 bool ok = false;
97 /*path_id=*/0u, packet_number, /*associated data=*/StringPiece(), 106 {
98 ciphertext, plaintext, &plaintext_length, kMaxPacketSize); 107 base::AutoLock l(lock_);
99 if (!success) { 108 for (const string& key : keys_) {
109 if (decrypter->SetKey(key)) {
110 decrypter->SetNoncePrefix(nonce_prefix);
111 if (decrypter->DecryptPacket(
112 /*path_id=*/0u, packet_number,
113 /*associated data=*/StringPiece(), ciphertext, plaintext,
114 &plaintext_length, kMaxPacketSize)) {
115 ok = true;
116 break;
117 }
118 }
119 }
120 }
121 if (!ok) {
100 return false; 122 return false;
101 } 123 }
102 124
103 out_storage->resize(plaintext_length); 125 out_storage->resize(plaintext_length);
104 out_storage->assign(plaintext, plaintext_length); 126 out_storage->assign(plaintext, plaintext_length);
105 out->set(out_storage->data(), plaintext_length); 127 out->set(out_storage->data(), plaintext_length);
106 return true; 128 return true;
107 } 129 }
108 130
109 } // namespace net 131 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/crypto_secret_boxer.h ('k') | net/quic/crypto/crypto_secret_boxer_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698