| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 // | |
| 5 // Some helpers for quic crypto | |
| 6 | |
| 7 #ifndef NET_QUIC_CRYPTO_CRYPTO_UTILS_H_ | |
| 8 #define NET_QUIC_CRYPTO_CRYPTO_UTILS_H_ | |
| 9 | |
| 10 #include <string> | |
| 11 | |
| 12 #include "base/strings/string_piece.h" | |
| 13 #include "net/base/net_export.h" | |
| 14 #include "net/quic/crypto/crypto_handshake.h" | |
| 15 #include "net/quic/crypto/crypto_protocol.h" | |
| 16 #include "net/quic/quic_protocol.h" | |
| 17 #include "net/quic/quic_time.h" | |
| 18 | |
| 19 namespace net { | |
| 20 | |
| 21 class QuicTime; | |
| 22 class QuicRandom; | |
| 23 struct QuicCryptoNegotiatedParameters; | |
| 24 | |
| 25 class NET_EXPORT_PRIVATE CryptoUtils { | |
| 26 public: | |
| 27 enum Perspective { | |
| 28 SERVER, | |
| 29 CLIENT, | |
| 30 }; | |
| 31 | |
| 32 // Generates the connection nonce. The nonce is formed as: | |
| 33 // <4 bytes> current time | |
| 34 // <8 bytes> |orbit| (or random if |orbit| is empty) | |
| 35 // <20 bytes> random | |
| 36 static void GenerateNonce(QuicWallTime now, | |
| 37 QuicRandom* random_generator, | |
| 38 base::StringPiece orbit, | |
| 39 std::string* nonce); | |
| 40 | |
| 41 // Returns true if the sni is valid, false otherwise. | |
| 42 // (1) disallow IP addresses; | |
| 43 // (2) check that the hostname contains valid characters only; and | |
| 44 // (3) contains at least one dot. | |
| 45 static bool IsValidSNI(base::StringPiece sni); | |
| 46 | |
| 47 // Convert hostname to lowercase and remove the trailing '.'. | |
| 48 // Returns |hostname|. NormalizeHostname() doesn't support IP address | |
| 49 // literals. IsValidSNI() should be called before calling NormalizeHostname(). | |
| 50 static std::string NormalizeHostname(const char* hostname); | |
| 51 | |
| 52 // DeriveKeys populates |crypters->encrypter|, |crypters->decrypter|, and | |
| 53 // |subkey_secret| (optional -- may be null) given the contents of | |
| 54 // |premaster_secret|, |client_nonce|, |server_nonce| and |hkdf_input|. |aead| | |
| 55 // determines which cipher will be used. |perspective| controls whether the | |
| 56 // server's keys are assigned to |encrypter| or |decrypter|. |server_nonce| is | |
| 57 // optional and, if non-empty, is mixed into the key derivation. | |
| 58 // |subkey_secret| will have the same length as |premaster_secret|. | |
| 59 static bool DeriveKeys(base::StringPiece premaster_secret, | |
| 60 QuicTag aead, | |
| 61 base::StringPiece client_nonce, | |
| 62 base::StringPiece server_nonce, | |
| 63 const std::string& hkdf_input, | |
| 64 Perspective perspective, | |
| 65 CrypterPair* crypters, | |
| 66 std::string* subkey_secret); | |
| 67 | |
| 68 // Performs key extraction to derive a new secret of |result_len| bytes | |
| 69 // dependent on |subkey_secret|, |label|, and |context|. Returns false if the | |
| 70 // parameters are invalid (e.g. |label| contains null bytes); returns true on | |
| 71 // success. | |
| 72 static bool ExportKeyingMaterial(base::StringPiece subkey_secret, | |
| 73 base::StringPiece label, | |
| 74 base::StringPiece context, | |
| 75 size_t result_len, | |
| 76 std::string* result); | |
| 77 | |
| 78 private: | |
| 79 DISALLOW_COPY_AND_ASSIGN(CryptoUtils); | |
| 80 }; | |
| 81 | |
| 82 } // namespace net | |
| 83 | |
| 84 #endif // NET_QUIC_CRYPTO_CRYPTO_UTILS_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master