| OLD | NEW |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/p256_key_exchange.h" | 5 #include "net/quic/crypto/p256_key_exchange.h" |
| 6 | 6 |
| 7 #include <openssl/ec.h> | 7 #include <openssl/ec.h> |
| 8 #include <openssl/ecdh.h> | 8 #include <openssl/ecdh.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 | 10 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 P256KeyExchange::~P256KeyExchange() {} | 23 P256KeyExchange::~P256KeyExchange() {} |
| 24 | 24 |
| 25 // static | 25 // static |
| 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { | 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { |
| 27 if (key.empty()) { | 27 if (key.empty()) { |
| 28 DVLOG(1) << "Private key is empty"; | 28 DVLOG(1) << "Private key is empty"; |
| 29 return NULL; | 29 return NULL; |
| 30 } | 30 } |
| 31 | 31 |
| 32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); | 32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); |
| 33 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key( | 33 crypto::ScopedEC_KEY private_key(d2i_ECPrivateKey(NULL, &keyp, key.size())); |
| 34 d2i_ECPrivateKey(NULL, &keyp, key.size())); | |
| 35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { | 34 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { |
| 36 DVLOG(1) << "Private key is invalid."; | 35 DVLOG(1) << "Private key is invalid."; |
| 37 return NULL; | 36 return NULL; |
| 38 } | 37 } |
| 39 | 38 |
| 40 uint8 public_key[kUncompressedP256PointBytes]; | 39 uint8 public_key[kUncompressedP256PointBytes]; |
| 41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), | 40 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), |
| 42 EC_KEY_get0_public_key(private_key.get()), | 41 EC_KEY_get0_public_key(private_key.get()), |
| 43 POINT_CONVERSION_UNCOMPRESSED, public_key, | 42 POINT_CONVERSION_UNCOMPRESSED, public_key, |
| 44 sizeof(public_key), NULL) != sizeof(public_key)) { | 43 sizeof(public_key), NULL) != sizeof(public_key)) { |
| 45 DVLOG(1) << "Can't get public key."; | 44 DVLOG(1) << "Can't get public key."; |
| 46 return NULL; | 45 return NULL; |
| 47 } | 46 } |
| 48 | 47 |
| 49 return new P256KeyExchange(private_key.release(), public_key); | 48 return new P256KeyExchange(private_key.release(), public_key); |
| 50 } | 49 } |
| 51 | 50 |
| 52 // static | 51 // static |
| 53 string P256KeyExchange::NewPrivateKey() { | 52 string P256KeyExchange::NewPrivateKey() { |
| 54 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> key( | 53 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
| 55 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | |
| 56 if (!key.get() || !EC_KEY_generate_key(key.get())) { | 54 if (!key.get() || !EC_KEY_generate_key(key.get())) { |
| 57 DVLOG(1) << "Can't generate a new private key."; | 55 DVLOG(1) << "Can't generate a new private key."; |
| 58 return string(); | 56 return string(); |
| 59 } | 57 } |
| 60 | 58 |
| 61 int key_len = i2d_ECPrivateKey(key.get(), NULL); | 59 int key_len = i2d_ECPrivateKey(key.get(), NULL); |
| 62 if (key_len <= 0) { | 60 if (key_len <= 0) { |
| 63 DVLOG(1) << "Can't convert private key to string"; | 61 DVLOG(1) << "Can't convert private key to string"; |
| 64 return string(); | 62 return string(); |
| 65 } | 63 } |
| (...skipping 12 matching lines...) Expand all Loading... |
| 78 return P256KeyExchange::New(private_value); | 76 return P256KeyExchange::New(private_value); |
| 79 } | 77 } |
| 80 | 78 |
| 81 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, | 79 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, |
| 82 string* out_result) const { | 80 string* out_result) const { |
| 83 if (peer_public_value.size() != kUncompressedP256PointBytes) { | 81 if (peer_public_value.size() != kUncompressedP256PointBytes) { |
| 84 DVLOG(1) << "Peer public value is invalid"; | 82 DVLOG(1) << "Peer public value is invalid"; |
| 85 return false; | 83 return false; |
| 86 } | 84 } |
| 87 | 85 |
| 88 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point( | 86 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free>::Type point( |
| 89 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); | 87 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); |
| 90 if (!point.get() || | 88 if (!point.get() || |
| 91 !EC_POINT_oct2point( /* also test if point is on curve */ | 89 !EC_POINT_oct2point( /* also test if point is on curve */ |
| 92 EC_KEY_get0_group(private_key_.get()), | 90 EC_KEY_get0_group(private_key_.get()), |
| 93 point.get(), | 91 point.get(), |
| 94 reinterpret_cast<const uint8*>(peer_public_value.data()), | 92 reinterpret_cast<const uint8*>(peer_public_value.data()), |
| 95 peer_public_value.size(), NULL)) { | 93 peer_public_value.size(), NULL)) { |
| 96 DVLOG(1) << "Can't convert peer public value to curve point."; | 94 DVLOG(1) << "Can't convert peer public value to curve point."; |
| 97 return false; | 95 return false; |
| 98 } | 96 } |
| (...skipping 11 matching lines...) Expand all Loading... |
| 110 | 108 |
| 111 StringPiece P256KeyExchange::public_value() const { | 109 StringPiece P256KeyExchange::public_value() const { |
| 112 return StringPiece(reinterpret_cast<const char*>(public_key_), | 110 return StringPiece(reinterpret_cast<const char*>(public_key_), |
| 113 sizeof(public_key_)); | 111 sizeof(public_key_)); |
| 114 } | 112 } |
| 115 | 113 |
| 116 QuicTag P256KeyExchange::tag() const { return kP256; } | 114 QuicTag P256KeyExchange::tag() const { return kP256; } |
| 117 | 115 |
| 118 } // namespace net | 116 } // namespace net |
| 119 | 117 |
| OLD | NEW |