| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 543 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 554 QuicVersion version, | 554 QuicVersion version, |
| 555 const QuicVersionVector& supported_versions, | 555 const QuicVersionVector& supported_versions, |
| 556 bool use_stateless_rejects, | 556 bool use_stateless_rejects, |
| 557 QuicConnectionId server_designated_connection_id, | 557 QuicConnectionId server_designated_connection_id, |
| 558 const QuicClock* clock, | 558 const QuicClock* clock, |
| 559 QuicRandom* rand, | 559 QuicRandom* rand, |
| 560 QuicCompressedCertsCache* compressed_certs_cache, | 560 QuicCompressedCertsCache* compressed_certs_cache, |
| 561 QuicCryptoNegotiatedParameters* params, | 561 QuicCryptoNegotiatedParameters* params, |
| 562 QuicCryptoProof* crypto_proof, | 562 QuicCryptoProof* crypto_proof, |
| 563 CryptoHandshakeMessage* out, | 563 CryptoHandshakeMessage* out, |
| 564 DiversificationNonce* out_diversification_nonce, |
| 564 string* error_details) const { | 565 string* error_details) const { |
| 565 DCHECK(error_details); | 566 DCHECK(error_details); |
| 566 | 567 |
| 567 const CryptoHandshakeMessage& client_hello = | 568 const CryptoHandshakeMessage& client_hello = |
| 568 validate_chlo_result.client_hello; | 569 validate_chlo_result.client_hello; |
| 569 const ClientHelloInfo& info = validate_chlo_result.info; | 570 const ClientHelloInfo& info = validate_chlo_result.info; |
| 570 | 571 |
| 571 QuicErrorCode valid = CryptoUtils::ValidateClientHello( | 572 QuicErrorCode valid = CryptoUtils::ValidateClientHello( |
| 572 client_hello, version, supported_versions, error_details); | 573 client_hello, version, supported_versions, error_details); |
| 573 if (valid != QUIC_NO_ERROR) | 574 if (valid != QUIC_NO_ERROR) |
| (...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 733 strlen(QuicCryptoConfig::kCETVLabel) + 1); | 734 strlen(QuicCryptoConfig::kCETVLabel) + 1); |
| 734 hkdf_input.append(reinterpret_cast<char*>(&connection_id), | 735 hkdf_input.append(reinterpret_cast<char*>(&connection_id), |
| 735 sizeof(connection_id)); | 736 sizeof(connection_id)); |
| 736 hkdf_input.append(client_hello_copy_serialized.data(), | 737 hkdf_input.append(client_hello_copy_serialized.data(), |
| 737 client_hello_copy_serialized.length()); | 738 client_hello_copy_serialized.length()); |
| 738 hkdf_input.append(requested_config->serialized); | 739 hkdf_input.append(requested_config->serialized); |
| 739 | 740 |
| 740 CrypterPair crypters; | 741 CrypterPair crypters; |
| 741 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, | 742 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, |
| 742 info.client_nonce, info.server_nonce, | 743 info.client_nonce, info.server_nonce, |
| 743 hkdf_input, Perspective::IS_SERVER, &crypters, | 744 hkdf_input, Perspective::IS_SERVER, |
| 744 nullptr /* subkey secret */)) { | 745 CryptoUtils::Diversification::Never(), |
| 746 &crypters, nullptr /* subkey secret */)) { |
| 745 *error_details = "Symmetric key setup failed"; | 747 *error_details = "Symmetric key setup failed"; |
| 746 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 748 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 747 } | 749 } |
| 748 | 750 |
| 749 char plaintext[kMaxPacketSize]; | 751 char plaintext[kMaxPacketSize]; |
| 750 size_t plaintext_length = 0; | 752 size_t plaintext_length = 0; |
| 751 const bool success = crypters.decrypter->DecryptPacket( | 753 const bool success = crypters.decrypter->DecryptPacket( |
| 752 kDefaultPathId, 0 /* packet number */, | 754 kDefaultPathId, 0 /* packet number */, |
| 753 StringPiece() /* associated data */, cetv_ciphertext, plaintext, | 755 StringPiece() /* associated data */, cetv_ciphertext, plaintext, |
| 754 &plaintext_length, kMaxPacketSize); | 756 &plaintext_length, kMaxPacketSize); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 775 } | 777 } |
| 776 } | 778 } |
| 777 | 779 |
| 778 string hkdf_input; | 780 string hkdf_input; |
| 779 size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1; | 781 size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1; |
| 780 hkdf_input.reserve(label_len + hkdf_suffix.size()); | 782 hkdf_input.reserve(label_len + hkdf_suffix.size()); |
| 781 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len); | 783 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len); |
| 782 hkdf_input.append(hkdf_suffix); | 784 hkdf_input.append(hkdf_suffix); |
| 783 | 785 |
| 784 string* subkey_secret = ¶ms->initial_subkey_secret; | 786 string* subkey_secret = ¶ms->initial_subkey_secret; |
| 787 CryptoUtils::Diversification diversification = |
| 788 CryptoUtils::Diversification::Never(); |
| 789 if (version > QUIC_VERSION_32) { |
| 790 rand->RandBytes(reinterpret_cast<char*>(out_diversification_nonce), |
| 791 sizeof(*out_diversification_nonce)); |
| 792 diversification = |
| 793 CryptoUtils::Diversification::Now(out_diversification_nonce); |
| 794 } |
| 795 |
| 785 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, | 796 if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead, |
| 786 info.client_nonce, info.server_nonce, hkdf_input, | 797 info.client_nonce, info.server_nonce, hkdf_input, |
| 787 Perspective::IS_SERVER, | 798 Perspective::IS_SERVER, diversification, |
| 788 ¶ms->initial_crypters, subkey_secret)) { | 799 ¶ms->initial_crypters, subkey_secret)) { |
| 789 *error_details = "Symmetric key setup failed"; | 800 *error_details = "Symmetric key setup failed"; |
| 790 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 801 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 791 } | 802 } |
| 792 | 803 |
| 793 string forward_secure_public_value; | 804 string forward_secure_public_value; |
| 794 if (ephemeral_key_source_.get()) { | 805 if (ephemeral_key_source_.get()) { |
| 795 params->forward_secure_premaster_secret = | 806 params->forward_secure_premaster_secret = |
| 796 ephemeral_key_source_->CalculateForwardSecureKey( | 807 ephemeral_key_source_->CalculateForwardSecureKey( |
| 797 key_exchange, rand, clock->ApproximateNow(), public_value, | 808 key_exchange, rand, clock->ApproximateNow(), public_value, |
| (...skipping 15 matching lines...) Expand all Loading... |
| 813 forward_secure_hkdf_input.reserve(label_len + hkdf_suffix.size()); | 824 forward_secure_hkdf_input.reserve(label_len + hkdf_suffix.size()); |
| 814 forward_secure_hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, | 825 forward_secure_hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, |
| 815 label_len); | 826 label_len); |
| 816 forward_secure_hkdf_input.append(hkdf_suffix); | 827 forward_secure_hkdf_input.append(hkdf_suffix); |
| 817 | 828 |
| 818 string shlo_nonce; | 829 string shlo_nonce; |
| 819 if (version > QUIC_VERSION_26) { | 830 if (version > QUIC_VERSION_26) { |
| 820 shlo_nonce = NewServerNonce(rand, info.now); | 831 shlo_nonce = NewServerNonce(rand, info.now); |
| 821 out->SetStringPiece(kServerNonceTag, shlo_nonce); | 832 out->SetStringPiece(kServerNonceTag, shlo_nonce); |
| 822 } | 833 } |
| 834 |
| 823 if (!CryptoUtils::DeriveKeys( | 835 if (!CryptoUtils::DeriveKeys( |
| 824 params->forward_secure_premaster_secret, params->aead, | 836 params->forward_secure_premaster_secret, params->aead, |
| 825 info.client_nonce, | 837 info.client_nonce, |
| 826 shlo_nonce.empty() ? info.server_nonce : shlo_nonce, | 838 shlo_nonce.empty() ? info.server_nonce : shlo_nonce, |
| 827 forward_secure_hkdf_input, Perspective::IS_SERVER, | 839 forward_secure_hkdf_input, Perspective::IS_SERVER, |
| 840 CryptoUtils::Diversification::Never(), |
| 828 ¶ms->forward_secure_crypters, ¶ms->subkey_secret)) { | 841 ¶ms->forward_secure_crypters, ¶ms->subkey_secret)) { |
| 829 *error_details = "Symmetric key setup failed"; | 842 *error_details = "Symmetric key setup failed"; |
| 830 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; | 843 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED; |
| 831 } | 844 } |
| 832 | 845 |
| 833 out->set_tag(kSHLO); | 846 out->set_tag(kSHLO); |
| 834 QuicTagVector supported_version_tags; | 847 QuicTagVector supported_version_tags; |
| 835 for (size_t i = 0; i < supported_versions.size(); ++i) { | 848 for (size_t i = 0; i < supported_versions.size(); ++i) { |
| 836 supported_version_tags.push_back( | 849 supported_version_tags.push_back( |
| 837 QuicVersionToQuicTag(supported_versions[i])); | 850 QuicVersionToQuicTag(supported_versions[i])); |
| (...skipping 981 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1819 priority(0), | 1832 priority(0), |
| 1820 source_address_token_boxer(nullptr) {} | 1833 source_address_token_boxer(nullptr) {} |
| 1821 | 1834 |
| 1822 QuicCryptoServerConfig::Config::~Config() { | 1835 QuicCryptoServerConfig::Config::~Config() { |
| 1823 STLDeleteElements(&key_exchanges); | 1836 STLDeleteElements(&key_exchanges); |
| 1824 } | 1837 } |
| 1825 | 1838 |
| 1826 QuicCryptoProof::QuicCryptoProof() {} | 1839 QuicCryptoProof::QuicCryptoProof() {} |
| 1827 QuicCryptoProof::~QuicCryptoProof() {} | 1840 QuicCryptoProof::~QuicCryptoProof() {} |
| 1828 } // namespace net | 1841 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1904213002:
QUIC: support diversified keys with version 33. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@hkdf