Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_handshake.cc

Issue 26471007: QUIC: don't ignore SetKey and SetNoncePrefix return values. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Merging with tip Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/quic/crypto/crypto_server_config.cc » ('j') | net/quic/crypto/crypto_utils.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/crypto_handshake.h" 5 #include "net/quic/crypto/crypto_handshake.h"
6 6
7 #include <ctype.h> 7 #include <ctype.h>
8 8
9 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
10 #include "base/stl_util.h" 10 #include "base/stl_util.h"
(...skipping 741 matching lines...) Expand 10 before | Expand all | Expand 10 after
752 if (!channel_id_signer_->Sign(server_hostname, hkdf_input, 752 if (!channel_id_signer_->Sign(server_hostname, hkdf_input,
753 &key, &signature)) { 753 &key, &signature)) {
754 *error_details = "Channel ID signature failed"; 754 *error_details = "Channel ID signature failed";
755 return QUIC_INVALID_CHANNEL_ID_SIGNATURE; 755 return QUIC_INVALID_CHANNEL_ID_SIGNATURE;
756 } 756 }
757 757
758 cetv.SetStringPiece(kCIDK, key); 758 cetv.SetStringPiece(kCIDK, key);
759 cetv.SetStringPiece(kCIDS, signature); 759 cetv.SetStringPiece(kCIDS, signature);
760 760
761 CrypterPair crypters; 761 CrypterPair crypters;
762 CryptoUtils::DeriveKeys(out_params->initial_premaster_secret, 762 if (!CryptoUtils::DeriveKeys(out_params->initial_premaster_secret,
763 out_params->aead, out_params->client_nonce, 763 out_params->aead, out_params->client_nonce,
764 out_params->server_nonce, hkdf_input, 764 out_params->server_nonce, hkdf_input,
765 CryptoUtils::CLIENT, &crypters); 765 CryptoUtils::CLIENT, &crypters)) {
766 *error_details = "Symmetric key setup failed";
767 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
768 }
766 769
767 const QuicData& cetv_plaintext = cetv.GetSerialized(); 770 const QuicData& cetv_plaintext = cetv.GetSerialized();
768 scoped_ptr<QuicData> cetv_ciphertext(crypters.encrypter->EncryptPacket( 771 scoped_ptr<QuicData> cetv_ciphertext(crypters.encrypter->EncryptPacket(
769 0 /* sequence number */, 772 0 /* sequence number */,
770 StringPiece() /* associated data */, 773 StringPiece() /* associated data */,
771 cetv_plaintext.AsStringPiece())); 774 cetv_plaintext.AsStringPiece()));
772 if (!cetv_ciphertext.get()) { 775 if (!cetv_ciphertext.get()) {
773 *error_details = "Packet encryption failed"; 776 *error_details = "Packet encryption failed";
774 return QUIC_ENCRYPTION_FAILURE; 777 return QUIC_ENCRYPTION_FAILURE;
775 } 778 }
(...skipping 11 matching lines...) Expand all
787 out_params->hkdf_input_suffix.append(client_hello_serialized.data(), 790 out_params->hkdf_input_suffix.append(client_hello_serialized.data(),
788 client_hello_serialized.length()); 791 client_hello_serialized.length());
789 out_params->hkdf_input_suffix.append(cached->server_config()); 792 out_params->hkdf_input_suffix.append(cached->server_config());
790 793
791 string hkdf_input; 794 string hkdf_input;
792 const size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1; 795 const size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1;
793 hkdf_input.reserve(label_len + out_params->hkdf_input_suffix.size()); 796 hkdf_input.reserve(label_len + out_params->hkdf_input_suffix.size());
794 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len); 797 hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len);
795 hkdf_input.append(out_params->hkdf_input_suffix); 798 hkdf_input.append(out_params->hkdf_input_suffix);
796 799
797 CryptoUtils::DeriveKeys(out_params->initial_premaster_secret, 800 if (!CryptoUtils::DeriveKeys(
798 out_params->aead, out_params->client_nonce, 801 out_params->initial_premaster_secret, out_params->aead,
799 out_params->server_nonce, hkdf_input, 802 out_params->client_nonce, out_params->server_nonce, hkdf_input,
800 CryptoUtils::CLIENT, &out_params->initial_crypters); 803 CryptoUtils::CLIENT, &out_params->initial_crypters)) {
804 *error_details = "Symmetric key setup failed";
805 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
806 }
801 807
802 return QUIC_NO_ERROR; 808 return QUIC_NO_ERROR;
803 } 809 }
804 810
805 QuicErrorCode QuicCryptoClientConfig::ProcessRejection( 811 QuicErrorCode QuicCryptoClientConfig::ProcessRejection(
806 const CryptoHandshakeMessage& rej, 812 const CryptoHandshakeMessage& rej,
807 QuicWallTime now, 813 QuicWallTime now,
808 CachedState* cached, 814 CachedState* cached,
809 QuicCryptoNegotiatedParameters* out_params, 815 QuicCryptoNegotiatedParameters* out_params,
810 string* error_details) { 816 string* error_details) {
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
897 *error_details = "Key exchange failure"; 903 *error_details = "Key exchange failure";
898 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER; 904 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
899 } 905 }
900 906
901 string hkdf_input; 907 string hkdf_input;
902 const size_t label_len = strlen(QuicCryptoConfig::kForwardSecureLabel) + 1; 908 const size_t label_len = strlen(QuicCryptoConfig::kForwardSecureLabel) + 1;
903 hkdf_input.reserve(label_len + out_params->hkdf_input_suffix.size()); 909 hkdf_input.reserve(label_len + out_params->hkdf_input_suffix.size());
904 hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, label_len); 910 hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel, label_len);
905 hkdf_input.append(out_params->hkdf_input_suffix); 911 hkdf_input.append(out_params->hkdf_input_suffix);
906 912
907 CryptoUtils::DeriveKeys( 913 if (!CryptoUtils::DeriveKeys(
908 out_params->forward_secure_premaster_secret, out_params->aead, 914 out_params->forward_secure_premaster_secret, out_params->aead,
909 out_params->client_nonce, out_params->server_nonce, hkdf_input, 915 out_params->client_nonce, out_params->server_nonce, hkdf_input,
910 CryptoUtils::CLIENT, &out_params->forward_secure_crypters); 916 CryptoUtils::CLIENT, &out_params->forward_secure_crypters)) {
917 *error_details = "Symmetric key setup failed";
918 return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
919 }
911 920
912 return QUIC_NO_ERROR; 921 return QUIC_NO_ERROR;
913 } 922 }
914 923
915 ProofVerifier* QuicCryptoClientConfig::proof_verifier() const { 924 ProofVerifier* QuicCryptoClientConfig::proof_verifier() const {
916 return proof_verifier_.get(); 925 return proof_verifier_.get();
917 } 926 }
918 927
919 void QuicCryptoClientConfig::SetProofVerifier(ProofVerifier* verifier) { 928 void QuicCryptoClientConfig::SetProofVerifier(ProofVerifier* verifier) {
920 proof_verifier_.reset(verifier); 929 proof_verifier_.reset(verifier);
(...skipping 11 matching lines...) Expand all
932 const std::string& server_hostname, 941 const std::string& server_hostname,
933 const std::string& canonical_server_hostname, 942 const std::string& canonical_server_hostname,
934 QuicCryptoClientConfig* canonical_crypto_config) { 943 QuicCryptoClientConfig* canonical_crypto_config) {
935 CachedState* canonical_cached = 944 CachedState* canonical_cached =
936 canonical_crypto_config->LookupOrCreate(canonical_server_hostname); 945 canonical_crypto_config->LookupOrCreate(canonical_server_hostname);
937 CachedState* cached = LookupOrCreate(server_hostname); 946 CachedState* cached = LookupOrCreate(server_hostname);
938 cached->InitializeFrom(*canonical_cached); 947 cached->InitializeFrom(*canonical_cached);
939 } 948 }
940 949
941 } // namespace net 950 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/quic/crypto/crypto_server_config.cc » ('j') | net/quic/crypto/crypto_utils.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698