OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/crypto/chacha20_poly1305_decrypter.h" | 5 #include "net/quic/crypto/chacha20_poly1305_decrypter.h" |
6 | 6 |
7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
8 | 8 |
9 using base::StringPiece; | 9 using base::StringPiece; |
10 | 10 |
11 namespace net { | 11 namespace net { |
12 | 12 |
13 namespace { | 13 namespace { |
14 | 14 |
15 const size_t kKeySize = 32; | 15 const size_t kKeySize = 32; |
16 const size_t kNoncePrefixSize = 0; | 16 const size_t kNoncePrefixSize = 0; |
17 | 17 |
18 } // namespace | 18 } // namespace |
19 | 19 |
20 ChaCha20Poly1305Decrypter::ChaCha20Poly1305Decrypter() | 20 ChaCha20Poly1305Decrypter::ChaCha20Poly1305Decrypter() |
21 : AeadBaseDecrypter(CKM_NSS_CHACHA20_POLY1305, | 21 : AeadBaseDecrypter(CKM_NSS_CHACHA20_POLY1305, |
davidben
2016/03/30 18:39:25
Oof, I hadn't realized we actually supported ChaCh
Ryan Sleevi
2016/03/31 02:52:58
Do we have tests that cover the old behaviour?
An
davidben
2016/03/31 05:23:00
I believe both sets of ChaCha20Poly1305 classes in
Ryan Hamilton
2016/04/04 14:37:01
Yes, that's right. Do the unit tests pass with thi
davidben
2016/04/04 14:55:52
In that case, should we just take the code out? We
Ryan Hamilton
2016/04/04 16:00:50
Perhaps I should have said "do". I know that we ha
| |
22 kKeySize, | 22 kKeySize, |
23 kAuthTagSize, | 23 kAuthTagSize, |
24 kNoncePrefixSize) { | 24 kNoncePrefixSize) { |
25 static_assert(kKeySize <= kMaxKeySize, "key size too big"); | 25 static_assert(kKeySize <= kMaxKeySize, "key size too big"); |
26 static_assert(kNoncePrefixSize <= kMaxNoncePrefixSize, | 26 static_assert(kNoncePrefixSize <= kMaxNoncePrefixSize, |
27 "nonce prefix size too big"); | 27 "nonce prefix size too big"); |
28 } | 28 } |
29 | 29 |
30 ChaCha20Poly1305Decrypter::~ChaCha20Poly1305Decrypter() {} | 30 ChaCha20Poly1305Decrypter::~ChaCha20Poly1305Decrypter() {} |
31 | 31 |
32 void ChaCha20Poly1305Decrypter::FillAeadParams(StringPiece nonce, | 32 void ChaCha20Poly1305Decrypter::FillAeadParams(StringPiece nonce, |
33 StringPiece associated_data, | 33 StringPiece associated_data, |
34 size_t auth_tag_size, | 34 size_t auth_tag_size, |
35 AeadParams* aead_params) const { | 35 AeadParams* aead_params) const { |
36 aead_params->len = sizeof(aead_params->data.nss_aead_params); | 36 aead_params->len = sizeof(aead_params->data.nss_aead_params); |
37 CK_NSS_AEAD_PARAMS* nss_aead_params = &aead_params->data.nss_aead_params; | 37 CK_NSS_AEAD_PARAMS* nss_aead_params = &aead_params->data.nss_aead_params; |
38 nss_aead_params->pIv = | 38 nss_aead_params->pNonce = |
39 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data())); | 39 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data())); |
40 nss_aead_params->ulIvLen = nonce.size(); | 40 nss_aead_params->ulNonceLen = nonce.size(); |
davidben
2016/03/30 18:39:25
This would be contingent on a src/third_party/nss
Ryan Sleevi
2016/03/31 02:52:58
Correct. Sorry, I didn't upload the DEPS bit yet,
davidben
2016/03/31 05:23:00
Got it.
| |
41 nss_aead_params->pAAD = | 41 nss_aead_params->pAAD = |
42 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data())); | 42 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data())); |
43 nss_aead_params->ulAADLen = associated_data.size(); | 43 nss_aead_params->ulAADLen = associated_data.size(); |
44 nss_aead_params->ulTagLen = auth_tag_size; | 44 nss_aead_params->ulTagLen = auth_tag_size; |
45 } | 45 } |
46 | 46 |
47 const char* ChaCha20Poly1305Decrypter::cipher_name() const { | 47 const char* ChaCha20Poly1305Decrypter::cipher_name() const { |
48 // TODO(rtenneti): Use TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 instead of | 48 // TODO(rtenneti): Use TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 instead of |
49 // hard coded string. | 49 // hard coded string. |
50 // return TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305; | 50 // return TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305; |
51 return "ECDHE-RSA-CHACHA20-POLY1305"; | 51 return "ECDHE-RSA-CHACHA20-POLY1305"; |
52 } | 52 } |
53 | 53 |
54 uint32_t ChaCha20Poly1305Decrypter::cipher_id() const { | 54 uint32_t ChaCha20Poly1305Decrypter::cipher_id() const { |
55 // TODO(rtenneti): when Chromium requires NSS 3.15.2 or later, use | 55 // TODO(rtenneti): when Chromium requires NSS 3.15.2 or later, use |
56 // TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 instead of 0xCC13. | 56 // TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 instead of 0xCC13. |
57 // "OR" 0x03000000 to match OpenSSL/BoringSSL implementations. | 57 // "OR" 0x03000000 to match OpenSSL/BoringSSL implementations. |
58 return 0x03000000 | 0xCC13; | 58 return 0x03000000 | 0xCC13; |
59 } | 59 } |
60 | 60 |
61 } // namespace net | 61 } // namespace net |
OLD | NEW |