| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <openssl/err.h> | 5 #include <openssl/err.h> |
| 6 #include <openssl/evp.h> | 6 #include <openssl/evp.h> |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "net/quic/crypto/aead_base_decrypter.h" | 10 #include "net/quic/crypto/aead_base_decrypter.h" |
| 11 #include "net/quic/quic_bug_tracker.h" |
| 11 #include "net/quic/quic_flags.h" | 12 #include "net/quic/quic_flags.h" |
| 12 #include "net/quic/quic_utils.h" | 13 #include "net/quic/quic_utils.h" |
| 13 | 14 |
| 14 using base::StringPiece; | 15 using base::StringPiece; |
| 16 using std::string; |
| 15 | 17 |
| 16 namespace net { | 18 namespace net { |
| 17 | 19 |
| 18 namespace { | 20 namespace { |
| 19 | 21 |
| 20 // Clear OpenSSL error stack. | 22 // Clear OpenSSL error stack. |
| 21 void ClearOpenSslErrors() { | 23 void ClearOpenSslErrors() { |
| 22 while (ERR_get_error()) { | 24 while (ERR_get_error()) { |
| 23 } | 25 } |
| 24 } | 26 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 39 | 41 |
| 40 } // namespace | 42 } // namespace |
| 41 | 43 |
| 42 AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* aead_alg, | 44 AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* aead_alg, |
| 43 size_t key_size, | 45 size_t key_size, |
| 44 size_t auth_tag_size, | 46 size_t auth_tag_size, |
| 45 size_t nonce_prefix_size) | 47 size_t nonce_prefix_size) |
| 46 : aead_alg_(aead_alg), | 48 : aead_alg_(aead_alg), |
| 47 key_size_(key_size), | 49 key_size_(key_size), |
| 48 auth_tag_size_(auth_tag_size), | 50 auth_tag_size_(auth_tag_size), |
| 49 nonce_prefix_size_(nonce_prefix_size) { | 51 nonce_prefix_size_(nonce_prefix_size), |
| 52 have_preliminary_key_(false) { |
| 53 DCHECK_GT(256u, key_size); |
| 54 DCHECK_GT(256u, auth_tag_size); |
| 55 DCHECK_GT(256u, nonce_prefix_size); |
| 50 DCHECK_LE(key_size_, sizeof(key_)); | 56 DCHECK_LE(key_size_, sizeof(key_)); |
| 51 DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_)); | 57 DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_)); |
| 52 } | 58 } |
| 53 | 59 |
| 54 AeadBaseDecrypter::~AeadBaseDecrypter() {} | 60 AeadBaseDecrypter::~AeadBaseDecrypter() {} |
| 55 | 61 |
| 56 bool AeadBaseDecrypter::SetKey(StringPiece key) { | 62 bool AeadBaseDecrypter::SetKey(StringPiece key) { |
| 57 DCHECK_EQ(key.size(), key_size_); | 63 DCHECK_EQ(key.size(), key_size_); |
| 58 if (key.size() != key_size_) { | 64 if (key.size() != key_size_) { |
| 59 return false; | 65 return false; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 72 | 78 |
| 73 bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) { | 79 bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) { |
| 74 DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_); | 80 DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_); |
| 75 if (nonce_prefix.size() != nonce_prefix_size_) { | 81 if (nonce_prefix.size() != nonce_prefix_size_) { |
| 76 return false; | 82 return false; |
| 77 } | 83 } |
| 78 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size()); | 84 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size()); |
| 79 return true; | 85 return true; |
| 80 } | 86 } |
| 81 | 87 |
| 88 bool AeadBaseDecrypter::SetPreliminaryKey(StringPiece key) { |
| 89 DCHECK(!have_preliminary_key_); |
| 90 SetKey(key); |
| 91 have_preliminary_key_ = true; |
| 92 |
| 93 return true; |
| 94 } |
| 95 |
| 96 bool AeadBaseDecrypter::SetDiversificationNonce(DiversificationNonce nonce) { |
| 97 if (!have_preliminary_key_) { |
| 98 return true; |
| 99 } |
| 100 |
| 101 string key, nonce_prefix; |
| 102 DiversifyPreliminaryKey( |
| 103 StringPiece(reinterpret_cast<const char*>(key_), key_size_), |
| 104 StringPiece(reinterpret_cast<const char*>(nonce_prefix_), |
| 105 nonce_prefix_size_), |
| 106 nonce, key_size_, nonce_prefix_size_, &key, &nonce_prefix); |
| 107 |
| 108 if (!SetKey(key) || !SetNoncePrefix(nonce_prefix)) { |
| 109 DCHECK(false); |
| 110 return false; |
| 111 } |
| 112 |
| 113 have_preliminary_key_ = false; |
| 114 return true; |
| 115 } |
| 116 |
| 82 bool AeadBaseDecrypter::DecryptPacket(QuicPathId path_id, | 117 bool AeadBaseDecrypter::DecryptPacket(QuicPathId path_id, |
| 83 QuicPacketNumber packet_number, | 118 QuicPacketNumber packet_number, |
| 84 StringPiece associated_data, | 119 StringPiece associated_data, |
| 85 StringPiece ciphertext, | 120 StringPiece ciphertext, |
| 86 char* output, | 121 char* output, |
| 87 size_t* output_length, | 122 size_t* output_length, |
| 88 size_t max_output_length) { | 123 size_t max_output_length) { |
| 89 if (ciphertext.length() < auth_tag_size_) { | 124 if (ciphertext.length() < auth_tag_size_) { |
| 90 return false; | 125 return false; |
| 91 } | 126 } |
| 92 | 127 |
| 128 if (have_preliminary_key_) { |
| 129 QUIC_BUG << "Unable to decrypt while key diversification is pending"; |
| 130 return false; |
| 131 } |
| 132 |
| 93 uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)]; | 133 uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)]; |
| 94 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number); | 134 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number); |
| 95 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); | 135 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); |
| 96 uint64_t path_id_packet_number = | 136 uint64_t path_id_packet_number = |
| 97 QuicUtils::PackPathIdAndPacketNumber(path_id, packet_number); | 137 QuicUtils::PackPathIdAndPacketNumber(path_id, packet_number); |
| 98 memcpy(nonce + nonce_prefix_size_, &path_id_packet_number, | 138 memcpy(nonce + nonce_prefix_size_, &path_id_packet_number, |
| 99 sizeof(path_id_packet_number)); | 139 sizeof(path_id_packet_number)); |
| 100 if (!EVP_AEAD_CTX_open( | 140 if (!EVP_AEAD_CTX_open( |
| 101 ctx_.get(), reinterpret_cast<uint8_t*>(output), output_length, | 141 ctx_.get(), reinterpret_cast<uint8_t*>(output), output_length, |
| 102 max_output_length, reinterpret_cast<const uint8_t*>(nonce), | 142 max_output_length, reinterpret_cast<const uint8_t*>(nonce), |
| (...skipping 15 matching lines...) Expand all Loading... |
| 118 | 158 |
| 119 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { | 159 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { |
| 120 if (nonce_prefix_size_ == 0) { | 160 if (nonce_prefix_size_ == 0) { |
| 121 return StringPiece(); | 161 return StringPiece(); |
| 122 } | 162 } |
| 123 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), | 163 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), |
| 124 nonce_prefix_size_); | 164 nonce_prefix_size_); |
| 125 } | 165 } |
| 126 | 166 |
| 127 } // namespace net | 167 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1904213002:
QUIC: support diversified keys with version 33. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@hkdf