Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(491)

Unified Diff: net/quic/crypto/crypto_utils.h

Issue 423333002: Implement QUIC key extraction. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Pass a size_t constant as a size_t argument. Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/quic/crypto/crypto_utils.h
diff --git a/net/quic/crypto/crypto_utils.h b/net/quic/crypto/crypto_utils.h
index ec6384c131e639d30a3d957000f7bd093714bff7..af3ecbb82671a7cc31740696fca0239383fccc81 100644
--- a/net/quic/crypto/crypto_utils.h
+++ b/net/quic/crypto/crypto_utils.h
@@ -49,19 +49,31 @@ class NET_EXPORT_PRIVATE CryptoUtils {
// literals. IsValidSNI() should be called before calling NormalizeHostname().
static std::string NormalizeHostname(const char* hostname);
- // DeriveKeys populates |out->encrypter| and |out->decrypter| given the
- // contents of |premaster_secret|, |client_nonce|, |server_nonce| and
- // |hkdf_input|. |aead| determines which cipher will be used. |perspective|
- // controls whether the server's keys are assigned to |encrypter| or
- // |decrypter|. |server_nonce| is optional and, if non-empty, is mixed into
- // the key derivation.
+ // DeriveKeys populates |crypters->encrypter|, |crypters->decrypter|, and
+ // |subkey_secret| (optional -- may be null) given the contents of
+ // |premaster_secret|, |client_nonce|, |server_nonce| and |hkdf_input|. |aead|
+ // determines which cipher will be used. |perspective| controls whether the
+ // server's keys are assigned to |encrypter| or |decrypter|. |server_nonce| is
+ // optional and, if non-empty, is mixed into the key derivation.
+ // |subkey_secret| will have the same length as |premaster_secret|.
static bool DeriveKeys(base::StringPiece premaster_secret,
QuicTag aead,
base::StringPiece client_nonce,
base::StringPiece server_nonce,
const std::string& hkdf_input,
Perspective perspective,
- CrypterPair* out);
+ CrypterPair* crypters,
+ std::string* subkey_secret);
+
+ // Performs key extraction to derive a new secret of |result_len| bytes
+ // dependent on |subkey_secret|, |label|, and |context|. Returns false if the
+ // parameters are invalid (e.g. |label| contains null bytes); returns true on
+ // success.
+ static bool ExportKeyingMaterial(base::StringPiece subkey_secret,
+ base::StringPiece label,
+ base::StringPiece context,
+ size_t result_len,
+ std::string* result);
private:
DISALLOW_COPY_AND_ASSIGN(CryptoUtils);

Powered by Google App Engine
This is Rietveld 408576698