OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/gcm_driver/crypto/gcm_message_cryptographer.h" | 5 #include "components/gcm_driver/crypto/gcm_message_cryptographer.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
50 ~WebPushEncryptionDraft03() override = default; | 50 ~WebPushEncryptionDraft03() override = default; |
51 | 51 |
52 // GCMMessageCryptographer::EncryptionScheme implementation. | 52 // GCMMessageCryptographer::EncryptionScheme implementation. |
53 std::string DerivePseudoRandomKey( | 53 std::string DerivePseudoRandomKey( |
54 const base::StringPiece& /* recipient_public_key */, | 54 const base::StringPiece& /* recipient_public_key */, |
55 const base::StringPiece& /* sender_public_key */, | 55 const base::StringPiece& /* sender_public_key */, |
56 const base::StringPiece& ecdh_shared_secret, | 56 const base::StringPiece& ecdh_shared_secret, |
57 const base::StringPiece& auth_secret) override { | 57 const base::StringPiece& auth_secret) override { |
58 const char kInfo[] = "Content-Encoding: auth"; | 58 const char kInfo[] = "Content-Encoding: auth"; |
59 | 59 |
60 std::string info; | 60 // This deliberately copies over the NUL terminus. |
61 info.reserve(sizeof(kInfo) + 1); | 61 base::StringPiece info(kInfo, sizeof(kInfo)); |
62 info.append(kInfo); | |
63 info.append(1, '\0'); | |
64 | 62 |
65 crypto::HKDF hkdf(ecdh_shared_secret, auth_secret, info, | 63 crypto::HKDF hkdf(ecdh_shared_secret, auth_secret, info, |
66 32, /* key_bytes_to_generate */ | 64 32, /* key_bytes_to_generate */ |
67 0, /* iv_bytes_to_generate */ | 65 0, /* iv_bytes_to_generate */ |
68 0 /* subkey_secret_bytes_to_generate */); | 66 0 /* subkey_secret_bytes_to_generate */); |
69 | 67 |
70 return hkdf.client_write_key().as_string(); | 68 return hkdf.client_write_key().as_string(); |
71 } | 69 } |
72 | 70 |
73 // Creates the info parameter for an HKDF value for the given | 71 // Creates the info parameter for an HKDF value for the given |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
190 const base::StringPiece& recipient_public_key, | 188 const base::StringPiece& recipient_public_key, |
191 const base::StringPiece& sender_public_key, | 189 const base::StringPiece& sender_public_key, |
192 const base::StringPiece& ecdh_shared_secret, | 190 const base::StringPiece& ecdh_shared_secret, |
193 const base::StringPiece& auth_secret) override { | 191 const base::StringPiece& auth_secret) override { |
194 DCHECK_EQ(recipient_public_key.size(), 65u); | 192 DCHECK_EQ(recipient_public_key.size(), 65u); |
195 DCHECK_EQ(sender_public_key.size(), 65u); | 193 DCHECK_EQ(sender_public_key.size(), 65u); |
196 | 194 |
197 const char kInfo[] = "WebPush: info"; | 195 const char kInfo[] = "WebPush: info"; |
198 | 196 |
199 std::string info; | 197 std::string info; |
200 info.reserve(sizeof(kInfo) + 1 + 65 + 65); | 198 info.reserve(sizeof(kInfo) + 65 + 65); |
201 info.append(kInfo); | 199 |
202 info.append(1, '\0'); | 200 // This deliberately copies over the NUL terminus. |
| 201 info.append(kInfo, sizeof(kInfo)); |
203 | 202 |
204 recipient_public_key.AppendToString(&info); | 203 recipient_public_key.AppendToString(&info); |
205 sender_public_key.AppendToString(&info); | 204 sender_public_key.AppendToString(&info); |
206 | 205 |
207 crypto::HKDF hkdf(ecdh_shared_secret, auth_secret, info, | 206 crypto::HKDF hkdf(ecdh_shared_secret, auth_secret, info, |
208 32, /* key_bytes_to_generate */ | 207 32, /* key_bytes_to_generate */ |
209 0, /* iv_bytes_to_generate */ | 208 0, /* iv_bytes_to_generate */ |
210 0 /* subkey_secret_bytes_to_generate */); | 209 0 /* subkey_secret_bytes_to_generate */); |
211 | 210 |
212 return hkdf.client_write_key().as_string(); | 211 return hkdf.client_write_key().as_string(); |
(...skipping 270 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
483 | 482 |
484 // https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02 | 483 // https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02 |
485 // defines that the result should be XOR'ed with the record's sequence number, | 484 // defines that the result should be XOR'ed with the record's sequence number, |
486 // however, Web Push encryption is limited to a single record per | 485 // however, Web Push encryption is limited to a single record per |
487 // https://tools.ietf.org/html/draft-ietf-webpush-encryption-03. | 486 // https://tools.ietf.org/html/draft-ietf-webpush-encryption-03. |
488 | 487 |
489 return hkdf.client_write_key().as_string(); | 488 return hkdf.client_write_key().as_string(); |
490 } | 489 } |
491 | 490 |
492 } // namespace gcm | 491 } // namespace gcm |
OLD | NEW |