Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1931)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/quic/crypto/crypto_utils.cc

Issue 1904213002: QUIC: support diversified keys with version 33. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@hkdf
Patch Set: Rebase Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/quic/crypto/crypto_utils.h ('k') | net/quic/crypto/null_decrypter.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/quic/crypto/crypto_utils.cc
diff --git a/net/quic/crypto/crypto_utils.cc b/net/quic/crypto/crypto_utils.cc
index b8c63eca7c1fc5e738a1c5ed912d72f22553f9d2..6ec4e5e8aae73f2564690eb7effd83b1f0c3c363 100644
--- a/net/quic/crypto/crypto_utils.cc
+++ b/net/quic/crypto/crypto_utils.cc
@@ -14,6 +14,7 @@
#include "net/quic/crypto/quic_decrypter.h"
#include "net/quic/crypto/quic_encrypter.h"
#include "net/quic/crypto/quic_random.h"
+#include "net/quic/quic_bug_tracker.h"
#include "net/quic/quic_time.h"
#include "net/quic/quic_utils.h"
#include "url/url_canon.h"
@@ -90,6 +91,7 @@ bool CryptoUtils::DeriveKeys(StringPiece premaster_secret,
StringPiece server_nonce,
const string& hkdf_input,
Perspective perspective,
+ Diversification diversification,
CrypterPair* crypters,
string* subkey_secret) {
crypters->encrypter.reset(QuicEncrypter::Create(aead));
@@ -108,21 +110,67 @@ bool CryptoUtils::DeriveKeys(StringPiece premaster_secret,
crypto::HKDF hkdf(premaster_secret, nonce, hkdf_input, key_bytes,
nonce_prefix_bytes, subkey_secret_bytes);
- if (perspective == Perspective::IS_SERVER) {
- if (!crypters->encrypter->SetKey(hkdf.server_write_key()) ||
- !crypters->encrypter->SetNoncePrefix(hkdf.server_write_iv()) ||
- !crypters->decrypter->SetKey(hkdf.client_write_key()) ||
- !crypters->decrypter->SetNoncePrefix(hkdf.client_write_iv())) {
- return false;
+
+ // Key derivation depends on the key diversification method being employed.
+ // both the client and the server support never doing key diversification.
+ // The server also supports immediate diversification, and the client
+ // supports pending diversification.
+ switch (diversification.mode()) {
+ case Diversification::NEVER: {
+ if (perspective == Perspective::IS_SERVER) {
+ if (!crypters->encrypter->SetKey(hkdf.server_write_key()) ||
+ !crypters->encrypter->SetNoncePrefix(hkdf.server_write_iv()) ||
+ !crypters->decrypter->SetKey(hkdf.client_write_key()) ||
+ !crypters->decrypter->SetNoncePrefix(hkdf.client_write_iv())) {
+ return false;
+ }
+ } else {
+ if (!crypters->encrypter->SetKey(hkdf.client_write_key()) ||
+ !crypters->encrypter->SetNoncePrefix(hkdf.client_write_iv()) ||
+ !crypters->decrypter->SetKey(hkdf.server_write_key()) ||
+ !crypters->decrypter->SetNoncePrefix(hkdf.server_write_iv())) {
+ return false;
+ }
+ }
+ break;
}
- } else {
- if (!crypters->encrypter->SetKey(hkdf.client_write_key()) ||
- !crypters->encrypter->SetNoncePrefix(hkdf.client_write_iv()) ||
- !crypters->decrypter->SetKey(hkdf.server_write_key()) ||
- !crypters->decrypter->SetNoncePrefix(hkdf.server_write_iv())) {
- return false;
+ case Diversification::PENDING: {
+ if (perspective == Perspective::IS_SERVER) {
+ QUIC_BUG << "Pending diversification is only for clients.";
+ return false;
+ }
+
+ if (!crypters->encrypter->SetKey(hkdf.client_write_key()) ||
+ !crypters->encrypter->SetNoncePrefix(hkdf.client_write_iv()) ||
+ !crypters->decrypter->SetPreliminaryKey(hkdf.server_write_key()) ||
+ !crypters->decrypter->SetNoncePrefix(hkdf.server_write_iv())) {
+ return false;
+ }
+ break;
+ }
+ case Diversification::NOW: {
+ if (perspective == Perspective::IS_CLIENT) {
+ QUIC_BUG << "Immediate diversification is only for servers.";
+ return false;
+ }
+
+ string key, nonce_prefix;
+ QuicDecrypter::DiversifyPreliminaryKey(
+ hkdf.server_write_key(), hkdf.server_write_iv(),
+ *diversification.nonce(), key_bytes, nonce_prefix_bytes, &key,
+ &nonce_prefix);
+ if (!crypters->decrypter->SetKey(hkdf.client_write_key()) ||
+ !crypters->decrypter->SetNoncePrefix(hkdf.client_write_iv()) ||
+ !crypters->encrypter->SetKey(key) ||
+ !crypters->encrypter->SetNoncePrefix(nonce_prefix)) {
+ return false;
+ }
+ break;
}
+ default:
+ DCHECK(false);
}
+
if (subkey_secret != nullptr) {
hkdf.subkey_secret().CopyToString(subkey_secret);
}
« no previous file with comments | « net/quic/crypto/crypto_utils.h ('k') | net/quic/crypto/null_decrypter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698