| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/aead_base_decrypter.h" | 5 #include "net/quic/crypto/aead_base_decrypter.h" |
| 6 | 6 |
| 7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
| 8 | 8 |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "crypto/scoped_nss_types.h" | 10 #include "crypto/scoped_nss_types.h" |
| (...skipping 30 matching lines...) Loading... |
| 41 bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) { | 41 bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) { |
| 42 DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_); | 42 DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_); |
| 43 if (nonce_prefix.size() != nonce_prefix_size_) { | 43 if (nonce_prefix.size() != nonce_prefix_size_) { |
| 44 return false; | 44 return false; |
| 45 } | 45 } |
| 46 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size()); | 46 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size()); |
| 47 return true; | 47 return true; |
| 48 } | 48 } |
| 49 | 49 |
| 50 bool AeadBaseDecrypter::Decrypt(StringPiece nonce, | 50 bool AeadBaseDecrypter::Decrypt(StringPiece nonce, |
| 51 StringPiece associated_data, | 51 const StringPiece& associated_data, |
| 52 StringPiece ciphertext, | 52 const StringPiece& ciphertext, |
| 53 uint8* output, | 53 uint8* output, |
| 54 size_t* output_length) { | 54 size_t* output_length, |
| 55 size_t max_output_length) { |
| 55 if (ciphertext.length() < auth_tag_size_ || | 56 if (ciphertext.length() < auth_tag_size_ || |
| 56 nonce.size() != nonce_prefix_size_ + sizeof(QuicPacketSequenceNumber)) { | 57 nonce.size() != nonce_prefix_size_ + sizeof(QuicPacketSequenceNumber)) { |
| 57 return false; | 58 return false; |
| 58 } | 59 } |
| 59 // NSS 3.14.x incorrectly requires an output buffer at least as long as | 60 // NSS 3.14.x incorrectly requires an output buffer at least as long as |
| 60 // the ciphertext (NSS bug | 61 // the ciphertext (NSS bug |
| 61 // https://bugzilla.mozilla.org/show_bug.cgi?id= 853674). Fortunately | 62 // https://bugzilla.mozilla.org/show_bug.cgi?id= 853674). Fortunately |
| 62 // QuicDecrypter::Decrypt() specifies that |output| must be as long as | 63 // QuicDecrypter::Decrypt() specifies that |output| must be as long as |
| 63 // |ciphertext| on entry. | 64 // |ciphertext| on entry. |
| 64 size_t plaintext_size = ciphertext.length() - auth_tag_size_; | 65 size_t plaintext_size = ciphertext.length() - auth_tag_size_; |
| (...skipping 28 matching lines...) Loading... |
| 93 | 94 |
| 94 AeadParams aead_params = {0}; | 95 AeadParams aead_params = {0}; |
| 95 FillAeadParams(nonce, associated_data, auth_tag_size_, &aead_params); | 96 FillAeadParams(nonce, associated_data, auth_tag_size_, &aead_params); |
| 96 | 97 |
| 97 SECItem param; | 98 SECItem param; |
| 98 param.type = siBuffer; | 99 param.type = siBuffer; |
| 99 param.data = reinterpret_cast<unsigned char*>(&aead_params.data); | 100 param.data = reinterpret_cast<unsigned char*>(&aead_params.data); |
| 100 param.len = aead_params.len; | 101 param.len = aead_params.len; |
| 101 | 102 |
| 102 unsigned int output_len; | 103 unsigned int output_len; |
| 103 if (pk11_decrypt_(aead_key.get(), aead_mechanism_, ¶m, | 104 if (pk11_decrypt_(aead_key.get(), aead_mechanism_, ¶m, output, |
| 104 output, &output_len, ciphertext.length(), | 105 &output_len, max_output_length, |
| 105 reinterpret_cast<const unsigned char*>(ciphertext.data()), | 106 reinterpret_cast<const unsigned char*>(ciphertext.data()), |
| 106 ciphertext.length()) != SECSuccess) { | 107 ciphertext.length()) != SECSuccess) { |
| 107 return false; | 108 return false; |
| 108 } | 109 } |
| 109 | 110 |
| 110 if (output_len != plaintext_size) { | 111 if (output_len != plaintext_size) { |
| 111 DVLOG(1) << "Wrong output length"; | 112 DVLOG(1) << "Wrong output length"; |
| 112 return false; | 113 return false; |
| 113 } | 114 } |
| 114 *output_length = output_len; | 115 *output_length = output_len; |
| 115 return true; | 116 return true; |
| 116 } | 117 } |
| 117 | 118 |
| 118 QuicData* AeadBaseDecrypter::DecryptPacket( | 119 bool AeadBaseDecrypter::DecryptPacket(QuicPacketSequenceNumber sequence_number, |
| 119 QuicPacketSequenceNumber sequence_number, | 120 const StringPiece& associated_data, |
| 120 StringPiece associated_data, | 121 const StringPiece& ciphertext, |
| 121 StringPiece ciphertext) { | 122 char* output, |
| 123 size_t* output_length, |
| 124 size_t max_output_length) { |
| 122 if (ciphertext.length() < auth_tag_size_) { | 125 if (ciphertext.length() < auth_tag_size_) { |
| 123 return nullptr; | 126 return false; |
| 124 } | 127 } |
| 125 size_t plaintext_size; | |
| 126 scoped_ptr<char[]> plaintext(new char[ciphertext.length()]); | |
| 127 | 128 |
| 128 uint8 nonce[sizeof(nonce_prefix_) + sizeof(sequence_number)]; | 129 uint8 nonce[sizeof(nonce_prefix_) + sizeof(sequence_number)]; |
| 129 const size_t nonce_size = nonce_prefix_size_ + sizeof(sequence_number); | 130 const size_t nonce_size = nonce_prefix_size_ + sizeof(sequence_number); |
| 130 DCHECK_LE(nonce_size, sizeof(nonce)); | 131 DCHECK_LE(nonce_size, sizeof(nonce)); |
| 131 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); | 132 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); |
| 132 memcpy(nonce + nonce_prefix_size_, &sequence_number, sizeof(sequence_number)); | 133 memcpy(nonce + nonce_prefix_size_, &sequence_number, sizeof(sequence_number)); |
| 133 if (!Decrypt(StringPiece(reinterpret_cast<char*>(nonce), nonce_size), | 134 return Decrypt(StringPiece(reinterpret_cast<char*>(nonce), nonce_size), |
| 134 associated_data, ciphertext, | 135 associated_data, ciphertext, reinterpret_cast<uint8*>(output), |
| 135 reinterpret_cast<uint8*>(plaintext.get()), | 136 output_length, max_output_length); |
| 136 &plaintext_size)) { | |
| 137 return nullptr; | |
| 138 } | |
| 139 return new QuicData(plaintext.release(), plaintext_size, true); | |
| 140 } | 137 } |
| 141 | 138 |
| 142 StringPiece AeadBaseDecrypter::GetKey() const { | 139 StringPiece AeadBaseDecrypter::GetKey() const { |
| 143 return StringPiece(reinterpret_cast<const char*>(key_), key_size_); | 140 return StringPiece(reinterpret_cast<const char*>(key_), key_size_); |
| 144 } | 141 } |
| 145 | 142 |
| 146 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { | 143 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { |
| 147 if (nonce_prefix_size_ == 0) { | 144 if (nonce_prefix_size_ == 0) { |
| 148 return StringPiece(); | 145 return StringPiece(); |
| 149 } | 146 } |
| 150 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), | 147 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), |
| 151 nonce_prefix_size_); | 148 nonce_prefix_size_); |
| 152 } | 149 } |
| 153 | 150 |
| 154 } // namespace net | 151 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews