| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/crypto/crypto_secret_boxer.h" | 5 #include "net/quic/core/crypto/crypto_secret_boxer.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "net/quic/core/crypto/aes_128_gcm_12_decrypter.h" | 10 #include "net/quic/core/crypto/aes_128_gcm_12_decrypter.h" |
| 11 #include "net/quic/core/crypto/aes_128_gcm_12_encrypter.h" | 11 #include "net/quic/core/crypto/aes_128_gcm_12_encrypter.h" |
| 12 #include "net/quic/core/crypto/crypto_protocol.h" | 12 #include "net/quic/core/crypto/crypto_protocol.h" |
| 13 #include "net/quic/core/crypto/quic_decrypter.h" | 13 #include "net/quic/core/crypto/quic_decrypter.h" |
| 14 #include "net/quic/core/crypto/quic_encrypter.h" | 14 #include "net/quic/core/crypto/quic_encrypter.h" |
| 15 #include "net/quic/core/crypto/quic_random.h" | 15 #include "net/quic/core/crypto/quic_random.h" |
| 16 | 16 |
| 17 using base::StringPiece; | |
| 18 using std::string; | 17 using std::string; |
| 19 | 18 |
| 20 namespace net { | 19 namespace net { |
| 21 | 20 |
| 22 // Defined kKeySize for GetKeySize() and SetKey(). | 21 // Defined kKeySize for GetKeySize() and SetKey(). |
| 23 static const size_t kKeySize = 16; | 22 static const size_t kKeySize = 16; |
| 24 | 23 |
| 25 // kBoxNonceSize contains the number of bytes of nonce that we use in each box. | 24 // kBoxNonceSize contains the number of bytes of nonce that we use in each box. |
| 26 // TODO(rtenneti): Add support for kBoxNonceSize to be 16 bytes. | 25 // TODO(rtenneti): Add support for kBoxNonceSize to be 16 bytes. |
| 27 // | 26 // |
| (...skipping 19 matching lines...) Expand all Loading... |
| 47 void CryptoSecretBoxer::SetKeys(const std::vector<string>& keys) { | 46 void CryptoSecretBoxer::SetKeys(const std::vector<string>& keys) { |
| 48 DCHECK(!keys.empty()); | 47 DCHECK(!keys.empty()); |
| 49 std::vector<string> copy = keys; | 48 std::vector<string> copy = keys; |
| 50 for (const string& key : keys) { | 49 for (const string& key : keys) { |
| 51 DCHECK_EQ(kKeySize, key.size()); | 50 DCHECK_EQ(kKeySize, key.size()); |
| 52 } | 51 } |
| 53 QuicWriterMutexLock l(&lock_); | 52 QuicWriterMutexLock l(&lock_); |
| 54 keys_.swap(copy); | 53 keys_.swap(copy); |
| 55 } | 54 } |
| 56 | 55 |
| 57 string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const { | 56 string CryptoSecretBoxer::Box(QuicRandom* rand, |
| 57 QuicStringPiece plaintext) const { |
| 58 std::unique_ptr<Aes128Gcm12Encrypter> encrypter(new Aes128Gcm12Encrypter()); | 58 std::unique_ptr<Aes128Gcm12Encrypter> encrypter(new Aes128Gcm12Encrypter()); |
| 59 { | 59 { |
| 60 QuicReaderMutexLock l(&lock_); | 60 QuicReaderMutexLock l(&lock_); |
| 61 DCHECK_EQ(kKeySize, keys_[0].size()); | 61 DCHECK_EQ(kKeySize, keys_[0].size()); |
| 62 if (!encrypter->SetKey(keys_[0])) { | 62 if (!encrypter->SetKey(keys_[0])) { |
| 63 DLOG(DFATAL) << "CryptoSecretBoxer's encrypter->SetKey failed."; | 63 DLOG(DFATAL) << "CryptoSecretBoxer's encrypter->SetKey failed."; |
| 64 return string(); | 64 return string(); |
| 65 } | 65 } |
| 66 } | 66 } |
| 67 size_t ciphertext_size = encrypter->GetCiphertextSize(plaintext.length()); | 67 size_t ciphertext_size = encrypter->GetCiphertextSize(plaintext.length()); |
| 68 | 68 |
| 69 string ret; | 69 string ret; |
| 70 const size_t len = kBoxNonceSize + ciphertext_size; | 70 const size_t len = kBoxNonceSize + ciphertext_size; |
| 71 ret.resize(len); | 71 ret.resize(len); |
| 72 char* data = &ret[0]; | 72 char* data = &ret[0]; |
| 73 | 73 |
| 74 // Generate nonce. | 74 // Generate nonce. |
| 75 rand->RandBytes(data, kBoxNonceSize); | 75 rand->RandBytes(data, kBoxNonceSize); |
| 76 memcpy(data + kBoxNonceSize, plaintext.data(), plaintext.size()); | 76 memcpy(data + kBoxNonceSize, plaintext.data(), plaintext.size()); |
| 77 | 77 |
| 78 if (!encrypter->Encrypt( | 78 if (!encrypter->Encrypt( |
| 79 StringPiece(data, kBoxNonceSize), StringPiece(), plaintext, | 79 QuicStringPiece(data, kBoxNonceSize), QuicStringPiece(), plaintext, |
| 80 reinterpret_cast<unsigned char*>(data + kBoxNonceSize))) { | 80 reinterpret_cast<unsigned char*>(data + kBoxNonceSize))) { |
| 81 DLOG(DFATAL) << "CryptoSecretBoxer's Encrypt failed."; | 81 DLOG(DFATAL) << "CryptoSecretBoxer's Encrypt failed."; |
| 82 return string(); | 82 return string(); |
| 83 } | 83 } |
| 84 | 84 |
| 85 return ret; | 85 return ret; |
| 86 } | 86 } |
| 87 | 87 |
| 88 bool CryptoSecretBoxer::Unbox(StringPiece ciphertext, | 88 bool CryptoSecretBoxer::Unbox(QuicStringPiece ciphertext, |
| 89 string* out_storage, | 89 string* out_storage, |
| 90 StringPiece* out) const { | 90 QuicStringPiece* out) const { |
| 91 if (ciphertext.size() < kBoxNonceSize) { | 91 if (ciphertext.size() < kBoxNonceSize) { |
| 92 return false; | 92 return false; |
| 93 } | 93 } |
| 94 | 94 |
| 95 StringPiece nonce(ciphertext.data(), kBoxNonceSize); | 95 QuicStringPiece nonce(ciphertext.data(), kBoxNonceSize); |
| 96 ciphertext.remove_prefix(kBoxNonceSize); | 96 ciphertext.remove_prefix(kBoxNonceSize); |
| 97 QuicPacketNumber packet_number; | 97 QuicPacketNumber packet_number; |
| 98 StringPiece nonce_prefix(nonce.data(), nonce.size() - sizeof(packet_number)); | 98 QuicStringPiece nonce_prefix(nonce.data(), |
| 99 nonce.size() - sizeof(packet_number)); |
| 99 memcpy(&packet_number, nonce.data() + nonce_prefix.size(), | 100 memcpy(&packet_number, nonce.data() + nonce_prefix.size(), |
| 100 sizeof(packet_number)); | 101 sizeof(packet_number)); |
| 101 | 102 |
| 102 std::unique_ptr<Aes128Gcm12Decrypter> decrypter(new Aes128Gcm12Decrypter()); | 103 std::unique_ptr<Aes128Gcm12Decrypter> decrypter(new Aes128Gcm12Decrypter()); |
| 103 char plaintext[kMaxPacketSize]; | 104 char plaintext[kMaxPacketSize]; |
| 104 size_t plaintext_length = 0; | 105 size_t plaintext_length = 0; |
| 105 bool ok = false; | 106 bool ok = false; |
| 106 { | 107 { |
| 107 QuicReaderMutexLock l(&lock_); | 108 QuicReaderMutexLock l(&lock_); |
| 108 for (const string& key : keys_) { | 109 for (const string& key : keys_) { |
| 109 if (decrypter->SetKey(key)) { | 110 if (decrypter->SetKey(key)) { |
| 110 decrypter->SetNoncePrefix(nonce_prefix); | 111 decrypter->SetNoncePrefix(nonce_prefix); |
| 111 if (decrypter->DecryptPacket(QUIC_VERSION_36, packet_number, | 112 if (decrypter->DecryptPacket(QUIC_VERSION_36, packet_number, |
| 112 /*associated data=*/StringPiece(), | 113 /*associated data=*/QuicStringPiece(), |
| 113 ciphertext, plaintext, &plaintext_length, | 114 ciphertext, plaintext, &plaintext_length, |
| 114 kMaxPacketSize)) { | 115 kMaxPacketSize)) { |
| 115 ok = true; | 116 ok = true; |
| 116 break; | 117 break; |
| 117 } | 118 } |
| 118 } | 119 } |
| 119 } | 120 } |
| 120 } | 121 } |
| 121 if (!ok) { | 122 if (!ok) { |
| 122 return false; | 123 return false; |
| 123 } | 124 } |
| 124 | 125 |
| 125 out_storage->resize(plaintext_length); | 126 out_storage->resize(plaintext_length); |
| 126 out_storage->assign(plaintext, plaintext_length); | 127 out_storage->assign(plaintext, plaintext_length); |
| 127 out->set(out_storage->data(), plaintext_length); | 128 out->set(out_storage->data(), plaintext_length); |
| 128 return true; | 129 return true; |
| 129 } | 130 } |
| 130 | 131 |
| 131 } // namespace net | 132 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2740453006:
Add QuicStringPiece which is actually StringPiece. (Closed)
