Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(17)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_utils.cc

Issue 26471007: QUIC: don't ignore SetKey and SetNoncePrefix return values. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Merging with tip Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/quic/crypto/crypto_utils.h ('K') | « net/quic/crypto/crypto_utils.h ('k') | net/quic/quic_protocol.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/crypto_utils.h" 5 #include "net/quic/crypto/crypto_utils.h"
6 6
7 #include "crypto/hkdf.h" 7 #include "crypto/hkdf.h"
8 #include "net/base/net_util.h" 8 #include "net/base/net_util.h"
9 #include "net/quic/crypto/crypto_handshake.h" 9 #include "net/quic/crypto/crypto_handshake.h"
10 #include "net/quic/crypto/crypto_protocol.h" 10 #include "net/quic/crypto/crypto_protocol.h"
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 } 70 }
71 71
72 // Erase the trailing dots. 72 // Erase the trailing dots.
73 if (host_end != host.length()) { 73 if (host_end != host.length()) {
74 host.erase(host_end, host.length() - host_end); 74 host.erase(host_end, host.length() - host_end);
75 } 75 }
76 return host; 76 return host;
77 } 77 }
78 78
79 // static 79 // static
80 void CryptoUtils::DeriveKeys(StringPiece premaster_secret, 80 bool CryptoUtils::DeriveKeys(StringPiece premaster_secret,
81 QuicTag aead, 81 QuicTag aead,
82 StringPiece client_nonce, 82 StringPiece client_nonce,
83 StringPiece server_nonce, 83 StringPiece server_nonce,
84 const string& hkdf_input, 84 const string& hkdf_input,
85 Perspective perspective, 85 Perspective perspective,
86 CrypterPair* out) { 86 CrypterPair* out) {
87 out->encrypter.reset(QuicEncrypter::Create(aead)); 87 out->encrypter.reset(QuicEncrypter::Create(aead));
88 out->decrypter.reset(QuicDecrypter::Create(aead)); 88 out->decrypter.reset(QuicDecrypter::Create(aead));
89 size_t key_bytes = out->encrypter->GetKeySize(); 89 size_t key_bytes = out->encrypter->GetKeySize();
90 size_t nonce_prefix_bytes = out->encrypter->GetNoncePrefixSize(); 90 size_t nonce_prefix_bytes = out->encrypter->GetNoncePrefixSize();
91 91
92 StringPiece nonce = client_nonce; 92 StringPiece nonce = client_nonce;
93 string nonce_storage; 93 string nonce_storage;
94 if (!server_nonce.empty()) { 94 if (!server_nonce.empty()) {
95 nonce_storage = client_nonce.as_string() + server_nonce.as_string(); 95 nonce_storage = client_nonce.as_string() + server_nonce.as_string();
96 nonce = nonce_storage; 96 nonce = nonce_storage;
97 } 97 }
98 98
99 crypto::HKDF hkdf(premaster_secret, nonce, hkdf_input, key_bytes, 99 crypto::HKDF hkdf(premaster_secret, nonce, hkdf_input, key_bytes,
100 nonce_prefix_bytes); 100 nonce_prefix_bytes);
101 if (perspective == SERVER) { 101 if (perspective == SERVER) {
102 out->encrypter->SetKey(hkdf.server_write_key()); 102 if (!out->encrypter->SetKey(hkdf.server_write_key()) ||
103 out->encrypter->SetNoncePrefix(hkdf.server_write_iv()); 103 !out->encrypter->SetNoncePrefix(hkdf.server_write_iv()) ||
104 out->decrypter->SetKey(hkdf.client_write_key()); 104 !out->decrypter->SetKey(hkdf.client_write_key()) ||
105 out->decrypter->SetNoncePrefix(hkdf.client_write_iv()); 105 !out->decrypter->SetNoncePrefix(hkdf.client_write_iv())) {
106 return false;
107 }
106 } else { 108 } else {
107 out->encrypter->SetKey(hkdf.client_write_key()); 109 if (!out->encrypter->SetKey(hkdf.client_write_key()) ||
108 out->encrypter->SetNoncePrefix(hkdf.client_write_iv()); 110 !out->encrypter->SetNoncePrefix(hkdf.client_write_iv()) ||
109 out->decrypter->SetKey(hkdf.server_write_key()); 111 !out->decrypter->SetKey(hkdf.server_write_key()) ||
110 out->decrypter->SetNoncePrefix(hkdf.server_write_iv()); 112 !out->decrypter->SetNoncePrefix(hkdf.server_write_iv())) {
113 return false;
114 }
111 } 115 }
116
117 return true;
112 } 118 }
113 119
114 } // namespace net 120 } // namespace net
OLDNEW
« net/quic/crypto/crypto_utils.h ('K') | « net/quic/crypto/crypto_utils.h ('k') | net/quic/quic_protocol.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698