OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/crypto/p256_key_exchange.h" | 5 #include "net/quic/crypto/p256_key_exchange.h" |
6 | 6 |
7 #include <openssl/ec.h> | 7 #include <openssl/ec.h> |
8 #include <openssl/ecdh.h> | 8 #include <openssl/ecdh.h> |
9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
10 | 10 |
(...skipping 12 matching lines...) Expand all Loading... |
23 P256KeyExchange::~P256KeyExchange() {} | 23 P256KeyExchange::~P256KeyExchange() {} |
24 | 24 |
25 // static | 25 // static |
26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { | 26 P256KeyExchange* P256KeyExchange::New(StringPiece key) { |
27 if (key.empty()) { | 27 if (key.empty()) { |
28 DVLOG(1) << "Private key is empty"; | 28 DVLOG(1) << "Private key is empty"; |
29 return NULL; | 29 return NULL; |
30 } | 30 } |
31 | 31 |
32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); | 32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data()); |
33 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key( | 33 crypto::ScopedEC_KEY private_key(d2i_ECPrivateKey(NULL, &keyp, key.size())); |
34 d2i_ECPrivateKey(NULL, &keyp, key.size())); | |
35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { | 34 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) { |
36 DVLOG(1) << "Private key is invalid."; | 35 DVLOG(1) << "Private key is invalid."; |
37 return NULL; | 36 return NULL; |
38 } | 37 } |
39 | 38 |
40 uint8 public_key[kUncompressedP256PointBytes]; | 39 uint8 public_key[kUncompressedP256PointBytes]; |
41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), | 40 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()), |
42 EC_KEY_get0_public_key(private_key.get()), | 41 EC_KEY_get0_public_key(private_key.get()), |
43 POINT_CONVERSION_UNCOMPRESSED, public_key, | 42 POINT_CONVERSION_UNCOMPRESSED, public_key, |
44 sizeof(public_key), NULL) != sizeof(public_key)) { | 43 sizeof(public_key), NULL) != sizeof(public_key)) { |
45 DVLOG(1) << "Can't get public key."; | 44 DVLOG(1) << "Can't get public key."; |
46 return NULL; | 45 return NULL; |
47 } | 46 } |
48 | 47 |
49 return new P256KeyExchange(private_key.release(), public_key); | 48 return new P256KeyExchange(private_key.release(), public_key); |
50 } | 49 } |
51 | 50 |
52 // static | 51 // static |
53 string P256KeyExchange::NewPrivateKey() { | 52 string P256KeyExchange::NewPrivateKey() { |
54 crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> key( | 53 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
55 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | |
56 if (!key.get() || !EC_KEY_generate_key(key.get())) { | 54 if (!key.get() || !EC_KEY_generate_key(key.get())) { |
57 DVLOG(1) << "Can't generate a new private key."; | 55 DVLOG(1) << "Can't generate a new private key."; |
58 return string(); | 56 return string(); |
59 } | 57 } |
60 | 58 |
61 int key_len = i2d_ECPrivateKey(key.get(), NULL); | 59 int key_len = i2d_ECPrivateKey(key.get(), NULL); |
62 if (key_len <= 0) { | 60 if (key_len <= 0) { |
63 DVLOG(1) << "Can't convert private key to string"; | 61 DVLOG(1) << "Can't convert private key to string"; |
64 return string(); | 62 return string(); |
65 } | 63 } |
(...skipping 12 matching lines...) Expand all Loading... |
78 return P256KeyExchange::New(private_value); | 76 return P256KeyExchange::New(private_value); |
79 } | 77 } |
80 | 78 |
81 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, | 79 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value, |
82 string* out_result) const { | 80 string* out_result) const { |
83 if (peer_public_value.size() != kUncompressedP256PointBytes) { | 81 if (peer_public_value.size() != kUncompressedP256PointBytes) { |
84 DVLOG(1) << "Peer public value is invalid"; | 82 DVLOG(1) << "Peer public value is invalid"; |
85 return false; | 83 return false; |
86 } | 84 } |
87 | 85 |
88 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point( | 86 crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free>::Type point( |
89 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); | 87 EC_POINT_new(EC_KEY_get0_group(private_key_.get()))); |
90 if (!point.get() || | 88 if (!point.get() || |
91 !EC_POINT_oct2point( /* also test if point is on curve */ | 89 !EC_POINT_oct2point( /* also test if point is on curve */ |
92 EC_KEY_get0_group(private_key_.get()), | 90 EC_KEY_get0_group(private_key_.get()), |
93 point.get(), | 91 point.get(), |
94 reinterpret_cast<const uint8*>(peer_public_value.data()), | 92 reinterpret_cast<const uint8*>(peer_public_value.data()), |
95 peer_public_value.size(), NULL)) { | 93 peer_public_value.size(), NULL)) { |
96 DVLOG(1) << "Can't convert peer public value to curve point."; | 94 DVLOG(1) << "Can't convert peer public value to curve point."; |
97 return false; | 95 return false; |
98 } | 96 } |
(...skipping 11 matching lines...) Expand all Loading... |
110 | 108 |
111 StringPiece P256KeyExchange::public_value() const { | 109 StringPiece P256KeyExchange::public_value() const { |
112 return StringPiece(reinterpret_cast<const char*>(public_key_), | 110 return StringPiece(reinterpret_cast<const char*>(public_key_), |
113 sizeof(public_key_)); | 111 sizeof(public_key_)); |
114 } | 112 } |
115 | 113 |
116 QuicTag P256KeyExchange::tag() const { return kP256; } | 114 QuicTag P256KeyExchange::tag() const { return kP256; } |
117 | 115 |
118 } // namespace net | 116 } // namespace net |
119 | 117 |
OLD | NEW |