| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/rappor/byte_vector_utils.h" | 5 #include "components/rappor/byte_vector_utils.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/rand_util.h" | 11 #include "base/rand_util.h" |
| 12 #include "base/strings/string_number_conversions.h" | 12 #include "base/strings/string_number_conversions.h" |
| 13 #include "crypto/random.h" | 13 #include "crypto/random.h" |
| 14 | 14 |
| 15 namespace rappor { | 15 namespace rappor { |
| 16 | 16 |
| 17 namespace { | 17 namespace { |
| 18 | 18 |
| 19 // Reinterpets a ByteVector as a StringPiece. | 19 // Reinterpets a ByteVector as a StringPiece. |
| 20 base::StringPiece ByteVectorAsStringPiece(const ByteVector& lhs) { | 20 base::StringPiece ByteVectorAsStringPiece(const ByteVector& lhs) { |
| 21 return base::StringPiece(reinterpret_cast<const char *>(&lhs[0]), lhs.size()); | 21 return base::StringPiece(reinterpret_cast<const char *>(&lhs[0]), lhs.size()); |
| 22 } | 22 } |
| 23 | 23 |
| 24 // Concatenates parameters together as a string. | 24 // Concatenates parameters together as a string. |
| 25 std::string Concat(const ByteVector& value, char c, const std::string& data) { | 25 std::string Concat(const ByteVector& value, char c, base::StringPiece data) { |
| 26 return std::string(value.begin(), value.end()) + c + data; | 26 std::string result(value.begin(), value.end()); |
| 27 result += c; |
| 28 data.AppendToString(&result); |
| 29 return result; |
| 27 } | 30 } |
| 28 | 31 |
| 29 // Performs the operation: K = HMAC(K, data) | 32 // Performs the operation: K = HMAC(K, data) |
| 30 // The input "K" is passed by initializing |hmac| with it. | 33 // The input "K" is passed by initializing |hmac| with it. |
| 31 // The output "K" is returned by initializing |result| with it. | 34 // The output "K" is returned by initializing |result| with it. |
| 32 // Returns false on an error. | 35 // Returns false on an error. |
| 33 bool HMAC_Rotate(const crypto::HMAC& hmac, | 36 bool HMAC_Rotate(const crypto::HMAC& hmac, |
| 34 const std::string& data, | 37 const std::string& data, |
| 35 crypto::HMAC* result) { | 38 crypto::HMAC* result) { |
| 36 ByteVector key(hmac.DigestLength()); | 39 ByteVector key(hmac.DigestLength()); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 47 return hmac.Sign(ByteVectorAsStringPiece(*value), | 50 return hmac.Sign(ByteVectorAsStringPiece(*value), |
| 48 &(*value)[0], value->size()); | 51 &(*value)[0], value->size()); |
| 49 } | 52 } |
| 50 | 53 |
| 51 // Implements (Key, V) = HMAC_DRBG_Update(provided_data, Key, V) | 54 // Implements (Key, V) = HMAC_DRBG_Update(provided_data, Key, V) |
| 52 // See: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf | 55 // See: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf |
| 53 // "V" is read from and written to |value|. | 56 // "V" is read from and written to |value|. |
| 54 // The input "Key" is passed by initializing |hmac1| with it. | 57 // The input "Key" is passed by initializing |hmac1| with it. |
| 55 // The output "Key" is returned by initializing |out_hmac| with it. | 58 // The output "Key" is returned by initializing |out_hmac| with it. |
| 56 // Returns false on an error. | 59 // Returns false on an error. |
| 57 bool HMAC_DRBG_Update(const std::string& provided_data, | 60 bool HMAC_DRBG_Update(base::StringPiece provided_data, |
| 58 const crypto::HMAC& hmac1, | 61 const crypto::HMAC& hmac1, |
| 59 ByteVector* value, | 62 ByteVector* value, |
| 60 crypto::HMAC* out_hmac) { | 63 crypto::HMAC* out_hmac) { |
| 61 // HMAC_DRBG Update Process | 64 // HMAC_DRBG Update Process |
| 62 crypto::HMAC temp_hmac(crypto::HMAC::SHA256); | 65 crypto::HMAC temp_hmac(crypto::HMAC::SHA256); |
| 63 crypto::HMAC* hmac2 = provided_data.size() > 0 ? &temp_hmac : out_hmac; | 66 crypto::HMAC* hmac2 = provided_data.size() > 0 ? &temp_hmac : out_hmac; |
| 64 // 1. K = HMAC(K, V || 0x00 || provided_data) | 67 // 1. K = HMAC(K, V || 0x00 || provided_data) |
| 65 if (!HMAC_Rotate(hmac1, Concat(*value, 0x00, provided_data), hmac2)) | 68 if (!HMAC_Rotate(hmac1, Concat(*value, 0x00, provided_data), hmac2)) |
| 66 return false; | 69 return false; |
| 67 // 2. V = HMAC(K, V) | 70 // 2. V = HMAC(K, V) |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 157 case PROBABILITY_0: | 160 case PROBABILITY_0: |
| 158 return ByteVector(byte_count_); | 161 return ByteVector(byte_count_); |
| 159 } | 162 } |
| 160 NOTREACHED(); | 163 NOTREACHED(); |
| 161 return ByteVector(byte_count_); | 164 return ByteVector(byte_count_); |
| 162 } | 165 } |
| 163 | 166 |
| 164 HmacByteVectorGenerator::HmacByteVectorGenerator( | 167 HmacByteVectorGenerator::HmacByteVectorGenerator( |
| 165 size_t byte_count, | 168 size_t byte_count, |
| 166 const std::string& entropy_input, | 169 const std::string& entropy_input, |
| 167 const std::string& personalization_string) | 170 base::StringPiece personalization_string) |
| 168 : ByteVectorGenerator(byte_count), | 171 : ByteVectorGenerator(byte_count), |
| 169 hmac_(crypto::HMAC::SHA256), | 172 hmac_(crypto::HMAC::SHA256), |
| 170 value_(hmac_.DigestLength(), 0x01), | 173 value_(hmac_.DigestLength(), 0x01), |
| 171 generated_bytes_(0) { | 174 generated_bytes_(0) { |
| 172 // HMAC_DRBG Instantiate Process | 175 // HMAC_DRBG Instantiate Process |
| 173 // See: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf | 176 // See: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf |
| 174 // 1. seed_material = entropy_input + nonce + personalization_string | 177 // 1. seed_material = entropy_input + nonce + personalization_string |
| 175 // Note: We are using the 8.6.7 interpretation, where the entropy_input and | 178 // Note: We are using the 8.6.7 interpretation, where the entropy_input and |
| 176 // nonce are acquired at the same time from the same source. | 179 // nonce are acquired at the same time from the same source. |
| 177 DCHECK_EQ(kEntropyInputSize, entropy_input.size()); | 180 DCHECK_EQ(kEntropyInputSize, entropy_input.size()); |
| 178 std::string seed_material(entropy_input + personalization_string); | 181 std::string seed_material(entropy_input); |
| 182 personalization_string.AppendToString(&seed_material); |
| 179 // 2. Key = 0x00 00...00 | 183 // 2. Key = 0x00 00...00 |
| 180 crypto::HMAC hmac1(crypto::HMAC::SHA256); | 184 crypto::HMAC hmac1(crypto::HMAC::SHA256); |
| 181 if (!hmac1.Init(std::string(hmac_.DigestLength(), 0x00))) | 185 if (!hmac1.Init(std::string(hmac_.DigestLength(), 0x00))) |
| 182 NOTREACHED(); | 186 NOTREACHED(); |
| 183 // 3. V = 0x01 01...01 | 187 // 3. V = 0x01 01...01 |
| 184 // (value_ in initializer list) | 188 // (value_ in initializer list) |
| 185 | 189 |
| 186 // 4. (Key, V) = HMAC_DRBG_Update(seed_material, Key, V) | 190 // 4. (Key, V) = HMAC_DRBG_Update(seed_material, Key, V) |
| 187 if (!HMAC_DRBG_Update(seed_material, hmac1, &value_, &hmac_)) | 191 if (!HMAC_DRBG_Update(seed_material, hmac1, &value_, &hmac_)) |
| 188 NOTREACHED(); | 192 NOTREACHED(); |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 235 bytes_to_go -= n; | 239 bytes_to_go -= n; |
| 236 generated_bytes_ += n; | 240 generated_bytes_ += n; |
| 237 // Check max_number_of_bits_per_request from 10.1 Table 2 | 241 // Check max_number_of_bits_per_request from 10.1 Table 2 |
| 238 // max_number_of_bits_per_request == 2^19 bits == 2^16 bytes | 242 // max_number_of_bits_per_request == 2^19 bits == 2^16 bytes |
| 239 DCHECK_LT(generated_bytes_, 1U << 16); | 243 DCHECK_LT(generated_bytes_, 1U << 16); |
| 240 } | 244 } |
| 241 return bytes; | 245 return bytes; |
| 242 } | 246 } |
| 243 | 247 |
| 244 } // namespace rappor | 248 } // namespace rappor |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2156383002:
Avoid some string copies in RAPPOR code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master