| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/quic/crypto/crypto_secret_boxer.h" | |
| 6 | |
| 7 #include <memory> | |
| 8 | |
| 9 #include "base/logging.h" | |
| 10 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" | |
| 11 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" | |
| 12 #include "net/quic/crypto/crypto_protocol.h" | |
| 13 #include "net/quic/crypto/quic_decrypter.h" | |
| 14 #include "net/quic/crypto/quic_encrypter.h" | |
| 15 #include "net/quic/crypto/quic_random.h" | |
| 16 | |
| 17 using base::StringPiece; | |
| 18 using std::string; | |
| 19 using std::vector; | |
| 20 | |
| 21 namespace net { | |
| 22 | |
| 23 // Defined kKeySize for GetKeySize() and SetKey(). | |
| 24 static const size_t kKeySize = 16; | |
| 25 | |
| 26 // kBoxNonceSize contains the number of bytes of nonce that we use in each box. | |
| 27 // TODO(rtenneti): Add support for kBoxNonceSize to be 16 bytes. | |
| 28 // | |
| 29 // From agl@: | |
| 30 // 96-bit nonces are on the edge. An attacker who can collect 2^41 | |
| 31 // source-address tokens has a 1% chance of finding a duplicate. | |
| 32 // | |
| 33 // The "average" DDoS is now 32.4M PPS. That's 2^25 source-address tokens | |
| 34 // per second. So one day of that DDoS botnot would reach the 1% mark. | |
| 35 // | |
| 36 // It's not terrible, but it's not a "forget about it" margin. | |
| 37 static const size_t kBoxNonceSize = 12; | |
| 38 | |
| 39 CryptoSecretBoxer::CryptoSecretBoxer() {} | |
| 40 | |
| 41 CryptoSecretBoxer::~CryptoSecretBoxer() {} | |
| 42 | |
| 43 // static | |
| 44 size_t CryptoSecretBoxer::GetKeySize() { | |
| 45 return kKeySize; | |
| 46 } | |
| 47 | |
| 48 void CryptoSecretBoxer::SetKeys(const vector<string>& keys) { | |
| 49 DCHECK(!keys.empty()); | |
| 50 vector<string> copy = keys; | |
| 51 for (const string& key : keys) { | |
| 52 DCHECK_EQ(kKeySize, key.size()); | |
| 53 } | |
| 54 base::AutoLock l(lock_); | |
| 55 keys_.swap(copy); | |
| 56 } | |
| 57 | |
| 58 string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const { | |
| 59 std::unique_ptr<Aes128Gcm12Encrypter> encrypter(new Aes128Gcm12Encrypter()); | |
| 60 { | |
| 61 base::AutoLock l(lock_); | |
| 62 DCHECK_EQ(kKeySize, keys_[0].size()); | |
| 63 if (!encrypter->SetKey(keys_[0])) { | |
| 64 DLOG(DFATAL) << "CryptoSecretBoxer's encrypter->SetKey failed."; | |
| 65 return string(); | |
| 66 } | |
| 67 } | |
| 68 size_t ciphertext_size = encrypter->GetCiphertextSize(plaintext.length()); | |
| 69 | |
| 70 string ret; | |
| 71 const size_t len = kBoxNonceSize + ciphertext_size; | |
| 72 ret.resize(len); | |
| 73 char* data = &ret[0]; | |
| 74 | |
| 75 // Generate nonce. | |
| 76 rand->RandBytes(data, kBoxNonceSize); | |
| 77 memcpy(data + kBoxNonceSize, plaintext.data(), plaintext.size()); | |
| 78 | |
| 79 if (!encrypter->Encrypt( | |
| 80 StringPiece(data, kBoxNonceSize), StringPiece(), plaintext, | |
| 81 reinterpret_cast<unsigned char*>(data + kBoxNonceSize))) { | |
| 82 DLOG(DFATAL) << "CryptoSecretBoxer's Encrypt failed."; | |
| 83 return string(); | |
| 84 } | |
| 85 | |
| 86 return ret; | |
| 87 } | |
| 88 | |
| 89 bool CryptoSecretBoxer::Unbox(StringPiece ciphertext, | |
| 90 string* out_storage, | |
| 91 StringPiece* out) const { | |
| 92 if (ciphertext.size() < kBoxNonceSize) { | |
| 93 return false; | |
| 94 } | |
| 95 | |
| 96 StringPiece nonce(ciphertext.data(), kBoxNonceSize); | |
| 97 ciphertext.remove_prefix(kBoxNonceSize); | |
| 98 QuicPacketNumber packet_number; | |
| 99 StringPiece nonce_prefix(nonce.data(), nonce.size() - sizeof(packet_number)); | |
| 100 memcpy(&packet_number, nonce.data() + nonce_prefix.size(), | |
| 101 sizeof(packet_number)); | |
| 102 | |
| 103 std::unique_ptr<Aes128Gcm12Decrypter> decrypter(new Aes128Gcm12Decrypter()); | |
| 104 char plaintext[kMaxPacketSize]; | |
| 105 size_t plaintext_length = 0; | |
| 106 bool ok = false; | |
| 107 { | |
| 108 base::AutoLock l(lock_); | |
| 109 for (const string& key : keys_) { | |
| 110 if (decrypter->SetKey(key)) { | |
| 111 decrypter->SetNoncePrefix(nonce_prefix); | |
| 112 if (decrypter->DecryptPacket( | |
| 113 /*path_id=*/0u, packet_number, | |
| 114 /*associated data=*/StringPiece(), ciphertext, plaintext, | |
| 115 &plaintext_length, kMaxPacketSize)) { | |
| 116 ok = true; | |
| 117 break; | |
| 118 } | |
| 119 } | |
| 120 } | |
| 121 } | |
| 122 if (!ok) { | |
| 123 return false; | |
| 124 } | |
| 125 | |
| 126 out_storage->resize(plaintext_length); | |
| 127 out_storage->assign(plaintext, plaintext_length); | |
| 128 out->set(out_storage->data(), plaintext_length); | |
| 129 return true; | |
| 130 } | |
| 131 | |
| 132 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2193073003:
Move shared files in net/quic/ into net/quic/core/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master