net/quic/core/crypto/quic_crypto_server_config.cc - Issue 2672403003: Replace crypto::SecureHash with calls to SHA256.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/quic/core/crypto/quic_crypto_server_config.cc

Issue 2672403003: Replace crypto::SecureHash with calls to SHA256. (Closed)

Patch Set: Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/core/crypto/quic_crypto_server_config.cc

diff --git a/net/quic/core/crypto/quic_crypto_server_config.cc b/net/quic/core/crypto/quic_crypto_server_config.cc

index 4e6f0310e11181892dcba2a6dda497e0e818d76d..440eecdf83bf0fd94038fc679e0528cf95c638d3 100644

--- a/net/quic/core/crypto/quic_crypto_server_config.cc

+++ b/net/quic/core/crypto/quic_crypto_server_config.cc

@@ -11,7 +11,6 @@

#include "base/macros.h"

#include "crypto/hkdf.h"

-#include "crypto/secure_hash.h"

#include "net/quic/core/crypto/aes_128_gcm_12_decrypter.h"

#include "net/quic/core/crypto/aes_128_gcm_12_encrypter.h"

#include "net/quic/core/crypto/cert_compressor.h"

@@ -40,6 +39,7 @@

#include "net/quic/platform/api/quic_reference_counted.h"

#include "net/quic/platform/api/quic_text_utils.h"

#include "net/quic/platform/api/quic_url_utils.h"

+#include "third_party/boringssl/src/include/openssl/sha.h"

using base::StringPiece;

using std::string;

@@ -66,8 +66,6 @@ string DeriveSourceAddressTokenKey(StringPiece source_address_token_secret) {

} // namespace

-using crypto::SecureHash;

class ValidateClientHelloHelper {

public:

// Note: stores a pointer to a unique_ptr, and std::moves the unique_ptr when

@@ -264,12 +262,14 @@ QuicCryptoServerConfig::GenerateConfig(QuicRandom* rand,

// thus we make it a hash of the rest of the server config.

std::unique_ptr<QuicData> serialized(

CryptoFramer::ConstructHandshakeMessage(msg));

- std::unique_ptr<SecureHash> hash(SecureHash::Create(SecureHash::SHA256));

- hash->Update(serialized->data(), serialized->length());

- char scid_bytes[16];

- hash->Finish(scid_bytes, sizeof(scid_bytes));

- msg.SetStringPiece(kSCID, StringPiece(scid_bytes, sizeof(scid_bytes)));

+ uint8_t scid_bytes[SHA256_DIGEST_LENGTH];

+ SHA256(reinterpret_cast<const uint8_t*>(serialized->data()),

+ serialized->length(), scid_bytes);

+ // The SCID is a truncated SHA-256 digest.

+ static_assert(16 <= SHA256_DIGEST_LENGTH, "SCID length too high.");

+ msg.SetStringPiece(

+ kSCID, StringPiece(reinterpret_cast<const char*>(scid_bytes), 16));

} else {

msg.SetStringPiece(kSCID, options.id);

}

« no previous file with comments | « net/quic/core/crypto/crypto_utils.cc ('k') | net/quic/core/quic_crypto_server_stream.cc » ('j') | no next file with comments »