net/quic/core/crypto/curve25519_key_exchange.cc - Issue 2457153003: Remove crypto/curve25519.h in favor of BoringSSL's.

Side by Side Diff: net/quic/core/crypto/curve25519_key_exchange.cc

Issue 2457153003: Remove crypto/curve25519.h in favor of BoringSSL's. (Closed)

Patch Set: \ Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/quic/core/crypto/curve25519_key_exchange.h"	5 #include "net/quic/core/crypto/curve25519_key_exchange.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "crypto/curve25519.h"

9 #include "net/quic/core/crypto/quic_random.h"	8 #include "net/quic/core/crypto/quic_random.h"

	9 #include "third_party/boringssl/src/include/openssl/curve25519.h"

10	10

11 using base::StringPiece;	11 using base::StringPiece;

12 using std::string;	12 using std::string;

13	13

14 namespace net {	14 namespace net {

15	15

16 Curve25519KeyExchange::Curve25519KeyExchange() {}	16 Curve25519KeyExchange::Curve25519KeyExchange() {}

17	17

18 Curve25519KeyExchange::~Curve25519KeyExchange() {}	18 Curve25519KeyExchange::~Curve25519KeyExchange() {}

19	19

20 // static	20 // static

21 Curve25519KeyExchange* Curve25519KeyExchange::New(StringPiece private_key) {	21 Curve25519KeyExchange* Curve25519KeyExchange::New(StringPiece private_key) {

22 Curve25519KeyExchange* ka;	22 if (private_key.size() != 32) {
	Ryan Hamilton 2016/10/31 18:31:11 This file is key in sync with the internal reposit This file is key in sync with the internal repository. Could these changes be made there as well? davidben 2016/10/31 18:36:19 Sure. Though probably after the latter comment is Show quoted text On 2016/10/31 18:31:11, Ryan Hamilton wrote: > This file is key in sync with the internal repository. Could these changes be > made there as well? Sure. Though probably after the latter comment is resolved, which means I'll park this for a week for it to roll into the internal repo. (That's fine. Not in any hurry here or anything.) Ryan Hamilton 2016/10/31 18:46:07 Great, thanks! Let me know if I can help... Show quoted text On 2016/10/31 18:36:19, davidben wrote: > On 2016/10/31 18:31:11, Ryan Hamilton wrote: > > This file is key in sync with the internal repository. Could these changes be > > made there as well? > > Sure. Though probably after the latter comment is resolved, which means I'll > park this for a week for it to roll into the internal repo. (That's fine. Not in > any hurry here or anything.) Great, thanks! Let me know if I can help...
23 // We don't want to #include the NaCl headers in the public header file, so

24 // we use literals for the sizes of private_key_ and public_key_. Here we

25 // assert that those values are equal to the values from the NaCl header.

26 static_assert(sizeof(ka->private_key_) == crypto::curve25519::kScalarBytes,

27 "header out of sync");

28 static_assert(sizeof(ka->public_key_) == crypto::curve25519::kBytes,

29 "header out of sync");

30

31 if (private_key.size() != crypto::curve25519::kScalarBytes) {

32 return nullptr;	23 return nullptr;

33 }	24 }

34	25

35 ka = new Curve25519KeyExchange();	26 Curve25519KeyExchange* ka = new Curve25519KeyExchange();

36 memcpy(ka->private_key_, private_key.data(),	27 memcpy(ka->private_key_, private_key.data(), 32);
	Ryan Hamilton 2016/10/31 18:31:11 instead of 32 in several places, can we make this instead of 32 in several places, can we make this a kSomething? davidben 2016/10/31 18:36:19 They're just 32 in the header. I can add some cons Show quoted text On 2016/10/31 18:31:11, Ryan Hamilton wrote: > instead of 32 in several places, can we make this a kSomething? They're just 32 in the header. I can add some constants though. Looks like we have them for Ed25519, but not X25519. https://commondatastorage.googleapis.com/chromium-boringssl-docs/curve25519.h... Ryan Hamilton 2016/10/31 18:46:07 Fee free to make the constant local to this file. Show quoted text On 2016/10/31 18:36:19, davidben wrote: > On 2016/10/31 18:31:11, Ryan Hamilton wrote: > > instead of 32 in several places, can we make this a kSomething? > > They're just 32 in the header. I can add some constants though. Looks like we > have them for Ed25519, but not X25519. > > https://commondatastorage.googleapis.com/chromium-boringssl-docs/curve25519.h... Fee free to make the constant local to this file. davidben 2016/10/31 18:49:56 Eh, it's a fair comment and one that I think shoul Show quoted text On 2016/10/31 18:46:07, Ryan Hamilton wrote: > On 2016/10/31 18:36:19, davidben wrote: > > On 2016/10/31 18:31:11, Ryan Hamilton wrote: > > > instead of 32 in several places, can we make this a kSomething? > > > > They're just 32 in the header. I can add some constants though. Looks like we > > have them for Ed25519, but not X25519. > > > > > https://commondatastorage.googleapis.com/chromium-boringssl-docs/curve25519.h... > > Fee free to make the constant local to this file. Eh, it's a fair comment and one that I think should be provided by BoringSSL's header. I've uploaded: https://boringssl-review.googlesource.com/c/11941/ (No big deal. This was just idle cleanup. If I cared, I'd cherry-pick it into the internal repo, but I don't actually care enough. :-) )
37 crypto::curve25519::kScalarBytes);	28 X25519_public_from_private(ka->public_key_, ka->private_key_);

38 crypto::curve25519::ScalarBaseMult(ka->private_key_, ka->public_key_);

39 return ka;	29 return ka;

40 }	30 }

41	31

42 // static	32 // static

43 string Curve25519KeyExchange::NewPrivateKey(QuicRandom* rand) {	33 string Curve25519KeyExchange::NewPrivateKey(QuicRandom* rand) {

44 uint8_t private_key[crypto::curve25519::kScalarBytes];	34 uint8_t private_key[32];

45 rand->RandBytes(private_key, sizeof(private_key));	35 rand->RandBytes(private_key, sizeof(private_key));

46	36

47 // This makes \|private_key\| a valid scalar, as specified on	37 // This makes \|private_key\| a valid scalar, as specified on

48 // http://cr.yp.to/ecdh.html	38 // http://cr.yp.to/ecdh.html

49 private_key[0] &= 248;	39 private_key[0] &= 248;

50 private_key[31] &= 127;	40 private_key[31] &= 127;

51 private_key[31] \|= 64;	41 private_key[31] \|= 64;

52 return string(reinterpret_cast<char*>(private_key), sizeof(private_key));	42 return string(reinterpret_cast<char*>(private_key), sizeof(private_key));

53 }	43 }

54	44

55 KeyExchange* Curve25519KeyExchange::NewKeyPair(QuicRandom* rand) const {	45 KeyExchange* Curve25519KeyExchange::NewKeyPair(QuicRandom* rand) const {

56 const string private_value = NewPrivateKey(rand);	46 const string private_value = NewPrivateKey(rand);

57 return Curve25519KeyExchange::New(private_value);	47 return Curve25519KeyExchange::New(private_value);

58 }	48 }

59	49

60 bool Curve25519KeyExchange::CalculateSharedKey(StringPiece peer_public_value,	50 bool Curve25519KeyExchange::CalculateSharedKey(StringPiece peer_public_value,

61 string* out_result) const {	51 string* out_result) const {

62 if (peer_public_value.size() != crypto::curve25519::kBytes) {	52 if (peer_public_value.size() != 32) {

63 return false;	53 return false;

64 }	54 }

65	55

66 uint8_t result[crypto::curve25519::kBytes];	56 uint8_t result[32];

67 if (!crypto::curve25519::ScalarMult(	57 if (!X25519(result, private_key_,

68 private_key_,	58 reinterpret_cast<const uint8_t*>(peer_public_value.data()))) {

69 reinterpret_cast<const uint8_t*>(peer_public_value.data()), result)) {

70 return false;	59 return false;

71 }	60 }

72 out_result->assign(reinterpret_cast<char*>(result), sizeof(result));	61 out_result->assign(reinterpret_cast<char*>(result), sizeof(result));

73	62

74 return true;	63 return true;

75 }	64 }

76	65

77 StringPiece Curve25519KeyExchange::public_value() const {	66 StringPiece Curve25519KeyExchange::public_value() const {

78 return StringPiece(reinterpret_cast<const char*>(public_key_),	67 return StringPiece(reinterpret_cast<const char*>(public_key_),

79 sizeof(public_key_));	68 sizeof(public_key_));

80 }	69 }

81	70

82 QuicTag Curve25519KeyExchange::tag() const {	71 QuicTag Curve25519KeyExchange::tag() const {

83 return kC255;	72 return kC255;

84 }	73 }

85	74

86 } // namespace net	75 } // namespace net

OLD	NEW

« no previous file with comments | « crypto/curve25519_unittest.cc ('k') | no next file » | no next file with comments »