components/sync/base/nigori.cc - Issue 2130453004: [Sync] Move //sync to //components/sync.

Side by Side Diff: components/sync/base/nigori.cc

Issue 2130453004: [Sync] Move //sync to //components/sync. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase. Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sync/util/nigori.h"	5 #include "components/sync/base/nigori.h"

6	6

7 #include <stdint.h>	7 #include <stdint.h>

8	8

9 #include <sstream>	9 #include <sstream>

10 #include <vector>	10 #include <vector>

11	11

12 #include "base/base64.h"	12 #include "base/base64.h"

13 #include "base/logging.h"	13 #include "base/logging.h"

14 #include "base/strings/string_util.h"	14 #include "base/strings/string_util.h"

15 #include "base/sys_byteorder.h"	15 #include "base/sys_byteorder.h"

(...skipping 27 matching lines...) Expand all Loading...
43 // followed by the big-endian representation of the value of \|type\|, with 32	43 // followed by the big-endian representation of the value of \|type\|, with 32

44 // bits, to the stream.	44 // bits, to the stream.

45 NigoriStream& operator<<(const Nigori::Type type) {	45 NigoriStream& operator<<(const Nigori::Type type) {

46 uint32_t size = base::HostToNet32(sizeof(uint32_t));	46 uint32_t size = base::HostToNet32(sizeof(uint32_t));

47 stream_.write(reinterpret_cast<char*>(&size), sizeof(uint32_t));	47 stream_.write(reinterpret_cast<char*>(&size), sizeof(uint32_t));

48 uint32_t value = base::HostToNet32(type);	48 uint32_t value = base::HostToNet32(type);

49 stream_.write(reinterpret_cast<char*>(&value), sizeof(uint32_t));	49 stream_.write(reinterpret_cast<char*>(&value), sizeof(uint32_t));

50 return *this;	50 return *this;

51 }	51 }

52	52

53 std::string str() {	53 std::string str() { return stream_.str(); }

54 return stream_.str();

55 }

56	54

57 private:	55 private:

58 std::ostringstream stream_;	56 std::ostringstream stream_;

59 };	57 };

60	58

61 // static	59 // static

62 const char Nigori::kSaltSalt[] = "saltsalt";	60 const char Nigori::kSaltSalt[] = "saltsalt";

63	61

64 Nigori::Nigori() {	62 Nigori::Nigori() {}

65 }

66	63

67 Nigori::~Nigori() {	64 Nigori::~Nigori() {}

68 }

69	65

70 bool Nigori::InitByDerivation(const std::string& hostname,	66 bool Nigori::InitByDerivation(const std::string& hostname,

71 const std::string& username,	67 const std::string& username,

72 const std::string& password) {	68 const std::string& password) {

73 NigoriStream salt_password;	69 NigoriStream salt_password;

74 salt_password << username << hostname;	70 salt_password << username << hostname;

75	71

76 // Suser = PBKDF2(Username \|\| Servername, "saltsalt", Nsalt, 8)	72 // Suser = PBKDF2(Username \|\| Servername, "saltsalt", Nsalt, 8)

77 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword(	73 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword(

78 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations,	74 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations,

(...skipping 34 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
113 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key);	109 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key);

114 DCHECK(encryption_key_);	110 DCHECK(encryption_key_);

115	111

116 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key);	112 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key);

117 DCHECK(mac_key_);	113 DCHECK(mac_key_);

118	114

119 return user_key_ && encryption_key_ && mac_key_;	115 return user_key_ && encryption_key_ && mac_key_;

120 }	116 }

121	117

122 // Permute[Kenc,Kmac](type \|\| name)	118 // Permute[Kenc,Kmac](type \|\| name)

123 bool Nigori::Permute(Type type, const std::string& name,	119 bool Nigori::Permute(Type type,

	120 const std::string& name,

124 std::string* permuted) const {	121 std::string* permuted) const {

125 DCHECK_LT(0U, name.size());	122 DCHECK_LT(0U, name.size());

126	123

127 NigoriStream plaintext;	124 NigoriStream plaintext;

128 plaintext << type << name;	125 plaintext << type << name;

129	126

130 Encryptor encryptor;	127 Encryptor encryptor;

131 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC,	128 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC,

132 std::string(kIvSize, 0)))	129 std::string(kIvSize, 0)))

133 return false;	130 return false;

(...skipping 65 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
199 return false;	196 return false;

200	197

201 if (input.size() < kIvSize * 2 + kHashSize)	198 if (input.size() < kIvSize * 2 + kHashSize)

202 return false;	199 return false;

203	200

204 // The input is:	201 // The input is:

205 // * iv (16 bytes)	202 // * iv (16 bytes)

206 // * ciphertext (multiple of 16 bytes)	203 // * ciphertext (multiple of 16 bytes)

207 // * hash (32 bytes)	204 // * hash (32 bytes)

208 std::string iv(input.substr(0, kIvSize));	205 std::string iv(input.substr(0, kIvSize));

209 std::string ciphertext(input.substr(kIvSize,	206 std::string ciphertext(

210 input.size() - (kIvSize + kHashSize)));	207 input.substr(kIvSize, input.size() - (kIvSize + kHashSize)));

211 std::string hash(input.substr(input.size() - kHashSize, kHashSize));	208 std::string hash(input.substr(input.size() - kHashSize, kHashSize));

212	209

213 std::string raw_mac_key;	210 std::string raw_mac_key;

214 if (!mac_key_->GetRawKey(&raw_mac_key))	211 if (!mac_key_->GetRawKey(&raw_mac_key))

215 return false;	212 return false;

216	213

217 HMAC hmac(HMAC::SHA256);	214 HMAC hmac(HMAC::SHA256);

218 if (!hmac.Init(raw_mac_key))	215 if (!hmac.Init(raw_mac_key))

219 return false;	216 return false;

220	217

221 std::vector<unsigned char> expected(kHashSize);	218 std::vector<unsigned char> expected(kHashSize);

222 if (!hmac.Sign(ciphertext, &expected[0], expected.size()))	219 if (!hmac.Sign(ciphertext, &expected[0], expected.size()))

223 return false;	220 return false;

224	221

225 if (hash.compare(0, hash.size(),	222 if (hash.compare(0, hash.size(), reinterpret_cast<char*>(&expected[0]),

226 reinterpret_cast<char *>(&expected[0]),

227 expected.size()))	223 expected.size()))

228 return false;	224 return false;

229	225

230 Encryptor encryptor;	226 Encryptor encryptor;

231 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv))	227 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv))

232 return false;	228 return false;

233	229

234 if (!encryptor.Decrypt(ciphertext, value))	230 if (!encryptor.Decrypt(ciphertext, value))

235 return false;	231 return false;

236	232

237 return true;	233 return true;

238 }	234 }

239	235

240 bool Nigori::ExportKeys(std::string* user_key,	236 bool Nigori::ExportKeys(std::string* user_key,

241 std::string* encryption_key,	237 std::string* encryption_key,

242 std::string* mac_key) const {	238 std::string* mac_key) const {

243 DCHECK(user_key);	239 DCHECK(user_key);

244 DCHECK(encryption_key);	240 DCHECK(encryption_key);

245 DCHECK(mac_key);	241 DCHECK(mac_key);

246	242

247 return user_key_->GetRawKey(user_key) &&	243 return user_key_->GetRawKey(user_key) &&

248 encryption_key_->GetRawKey(encryption_key) &&	244 encryption_key_->GetRawKey(encryption_key) &&

249 mac_key_->GetRawKey(mac_key);	245 mac_key_->GetRawKey(mac_key);

250 }	246 }

251	247

252 } // namespace syncer	248 } // namespace syncer

OLD	NEW

« no previous file with comments | « components/sync/base/nigori.h ('k') | components/sync/base/nigori_unittest.cc » ('j') | no next file with comments »