Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(113)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/channel_id_openssl.cc

Issue 1916463002: Rename _openssl files in net/quic/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Merge in headers. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/channel_id.cc ('k') | net/quic/crypto/p256_key_exchange.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/crypto/channel_id.h"
6
7 #include <openssl/bn.h>
8 #include <openssl/ec.h>
9 #include <openssl/ecdsa.h>
10 #include <openssl/obj_mac.h>
11 #include <openssl/sha.h>
12
13 #include "crypto/openssl_util.h"
14 #include "crypto/scoped_openssl_types.h"
15
16 using base::StringPiece;
17
18 namespace net {
19
20 // static
21 bool ChannelIDVerifier::Verify(StringPiece key,
22 StringPiece signed_data,
23 StringPiece signature) {
24 return VerifyRaw(key, signed_data, signature, true);
25 }
26
27 // static
28 bool ChannelIDVerifier::VerifyRaw(StringPiece key,
29 StringPiece signed_data,
30 StringPiece signature,
31 bool is_channel_id_signature) {
32 if (key.size() != 32 * 2 || signature.size() != 32 * 2) {
33 return false;
34 }
35
36 crypto::ScopedEC_GROUP p256(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
37 if (!p256) {
38 return false;
39 }
40
41 crypto::ScopedBIGNUM x(BN_new()), y(BN_new()), r(BN_new()), s(BN_new());
42
43 ECDSA_SIG sig;
44 sig.r = r.get();
45 sig.s = s.get();
46
47 const uint8_t* key_bytes = reinterpret_cast<const uint8_t*>(key.data());
48 const uint8_t* signature_bytes =
49 reinterpret_cast<const uint8_t*>(signature.data());
50
51 if (BN_bin2bn(key_bytes + 0, 32, x.get()) == nullptr ||
52 BN_bin2bn(key_bytes + 32, 32, y.get()) == nullptr ||
53 BN_bin2bn(signature_bytes + 0, 32, sig.r) == nullptr ||
54 BN_bin2bn(signature_bytes + 32, 32, sig.s) == nullptr) {
55 return false;
56 }
57
58 crypto::ScopedEC_POINT point(EC_POINT_new(p256.get()));
59 if (!point ||
60 !EC_POINT_set_affine_coordinates_GFp(p256.get(), point.get(), x.get(),
61 y.get(), nullptr)) {
62 return false;
63 }
64
65 crypto::ScopedEC_KEY ecdsa_key(EC_KEY_new());
66 if (ecdsa_key.get() == nullptr ||
67 !EC_KEY_set_group(ecdsa_key.get(), p256.get()) ||
68 !EC_KEY_set_public_key(ecdsa_key.get(), point.get())) {
69 return false;
70 }
71
72 SHA256_CTX sha256;
73 SHA256_Init(&sha256);
74 if (is_channel_id_signature) {
75 SHA256_Update(&sha256, kContextStr, strlen(kContextStr) + 1);
76 SHA256_Update(&sha256, kClientToServerStr, strlen(kClientToServerStr) + 1);
77 }
78 SHA256_Update(&sha256, signed_data.data(), signed_data.size());
79
80 unsigned char digest[SHA256_DIGEST_LENGTH];
81 SHA256_Final(digest, &sha256);
82
83 return ECDSA_do_verify(digest, sizeof(digest), &sig, ecdsa_key.get()) == 1;
84 }
85
86 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/channel_id.cc ('k') | net/quic/crypto/p256_key_exchange.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698