net/quic/crypto/aead_base_encrypter_nss.cc - Issue 992733002: Remove //net (except for Android test stuff) and sdch

Side by Side Diff: net/quic/crypto/aead_base_encrypter_nss.cc

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master

Patch Set: Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "net/quic/crypto/aead_base_encrypter.h"

6

7 #include <pk11pub.h>

8

9 #include "base/memory/scoped_ptr.h"

10 #include "crypto/scoped_nss_types.h"

11

12 using base::StringPiece;

13

14 namespace net {

15

16 AeadBaseEncrypter::AeadBaseEncrypter(CK_MECHANISM_TYPE aead_mechanism,

17 PK11_EncryptFunction pk11_encrypt,

18 size_t key_size,

19 size_t auth_tag_size,

20 size_t nonce_prefix_size)

21 : aead_mechanism_(aead_mechanism),

22 pk11_encrypt_(pk11_encrypt),

23 key_size_(key_size),

24 auth_tag_size_(auth_tag_size),

25 nonce_prefix_size_(nonce_prefix_size) {

26 DCHECK_LE(key_size_, sizeof(key_));

27 DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_));

28 }

29

30 AeadBaseEncrypter::~AeadBaseEncrypter() {}

31

32 bool AeadBaseEncrypter::SetKey(StringPiece key) {

33 DCHECK_EQ(key.size(), key_size_);

34 if (key.size() != key_size_) {

35 return false;

36 }

37 memcpy(key_, key.data(), key.size());

38 return true;

39 }

40

41 bool AeadBaseEncrypter::SetNoncePrefix(StringPiece nonce_prefix) {

42 DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_);

43 if (nonce_prefix.size() != nonce_prefix_size_) {

44 return false;

45 }

46 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size());

47 return true;

48 }

49

50 bool AeadBaseEncrypter::Encrypt(StringPiece nonce,

51 StringPiece associated_data,

52 StringPiece plaintext,

53 unsigned char* output) {

54 if (nonce.size() != nonce_prefix_size_ + sizeof(QuicPacketSequenceNumber)) {

55 return false;

56 }

57

58 size_t ciphertext_size = GetCiphertextSize(plaintext.length());

59

60 // Import key_ into NSS.

61 SECItem key_item;

62 key_item.type = siBuffer;

63 key_item.data = key_;

64 key_item.len = key_size_;

65 PK11SlotInfo* slot = PK11_GetInternalSlot();

66

67 // TODO(wtc): For an AES-GCM key, the correct value for \|key_mechanism\| is

68 // CKM_AES_GCM, but because of NSS bug

69 // https://bugzilla.mozilla.org/show_bug.cgi?id=853285, use CKM_AES_ECB as a

70 // workaround. Remove this when we require NSS 3.15.

71 CK_MECHANISM_TYPE key_mechanism = aead_mechanism_;

72 if (key_mechanism == CKM_AES_GCM) {

73 key_mechanism = CKM_AES_ECB;

74 }

75

76 // The exact value of the \|origin\| argument doesn't matter to NSS as long as

77 // it's not PK11_OriginFortezzaHack, so we pass PK11_OriginUnwrap as a

78 // placeholder.

79 crypto::ScopedPK11SymKey aead_key(PK11_ImportSymKey(

80 slot, key_mechanism, PK11_OriginUnwrap, CKA_ENCRYPT, &key_item, nullptr));

81 PK11_FreeSlot(slot);

82 slot = nullptr;

83 if (!aead_key) {

84 DVLOG(1) << "PK11_ImportSymKey failed";

85 return false;

86 }

87

88 AeadParams aead_params = {0};

89 FillAeadParams(nonce, associated_data, auth_tag_size_, &aead_params);

90

91 SECItem param;

92 param.type = siBuffer;

93 param.data = reinterpret_cast<unsigned char*>(&aead_params.data);

94 param.len = aead_params.len;

95

96 unsigned int output_len;

97 if (pk11_encrypt_(aead_key.get(), aead_mechanism_, &param,

98 output, &output_len, ciphertext_size,

99 reinterpret_cast<const unsigned char*>(plaintext.data()),

100 plaintext.size()) != SECSuccess) {

101 DVLOG(1) << "pk11_encrypt_ failed";

102 return false;

103 }

104

105 if (output_len != ciphertext_size) {

106 DVLOG(1) << "Wrong output length";

107 return false;

108 }

109

110 return true;

111 }

112

113 bool AeadBaseEncrypter::EncryptPacket(QuicPacketSequenceNumber sequence_number,

114 StringPiece associated_data,

115 StringPiece plaintext,

116 char* output,

117 size_t* output_length,

118 size_t max_output_length) {

119 size_t ciphertext_size = GetCiphertextSize(plaintext.length());

120 if (max_output_length < ciphertext_size) {

121 return false;

122 }

123 // TODO(ianswett): Introduce a check to ensure that we don't encrypt with the

124 // same sequence number twice.

125 const size_t nonce_size = nonce_prefix_size_ + sizeof(sequence_number);

126 memcpy(output, nonce_prefix_, nonce_prefix_size_);

127 memcpy(output + nonce_prefix_size_, &sequence_number,

128 sizeof(sequence_number));

129 if (!Encrypt(StringPiece(output, nonce_size), associated_data, plaintext,

130 reinterpret_cast<unsigned char*>(output))) {

131 return false;

132 }

133 *output_length = ciphertext_size;

134 return true;

135 }

136

137 size_t AeadBaseEncrypter::GetKeySize() const { return key_size_; }

138

139 size_t AeadBaseEncrypter::GetNoncePrefixSize() const {

140 return nonce_prefix_size_;

141 }

142

143 size_t AeadBaseEncrypter::GetMaxPlaintextSize(size_t ciphertext_size) const {

144 return ciphertext_size - auth_tag_size_;

145 }

146

147 size_t AeadBaseEncrypter::GetCiphertextSize(size_t plaintext_size) const {

148 return plaintext_size + auth_tag_size_;

149 }

150

151 StringPiece AeadBaseEncrypter::GetKey() const {

152 return StringPiece(reinterpret_cast<const char*>(key_), key_size_);

153 }

154

155 StringPiece AeadBaseEncrypter::GetNoncePrefix() const {

156 if (nonce_prefix_size_ == 0) {

157 return StringPiece();

158 }

159 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),

160 nonce_prefix_size_);

161 }

162

163 } // namespace net

OLD	NEW

« no previous file with comments | « net/quic/crypto/aead_base_encrypter.h ('k') | net/quic/crypto/aead_base_encrypter_openssl.cc » ('j') | no next file with comments »