| // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/quic/crypto/crypto_secret_boxer.h" |
| |
| #include "base/logging.h" |
| #include "base/memory/scoped_ptr.h" |
| #include "crypto/secure_hash.h" |
| #include "crypto/sha2.h" |
| #include "net/quic/crypto/quic_random.h" |
| |
| using base::StringPiece; |
| using std::string; |
| |
| namespace net { |
| |
| // Defined kKeySize for GetKeySize() and SetKey(). |
| static const size_t kKeySize = 16; |
| |
| // kBoxNonceSize contains the number of bytes of nonce that we use in each box. |
| static const size_t kBoxNonceSize = 16; |
| |
| // static |
| size_t CryptoSecretBoxer::GetKeySize() { return kKeySize; } |
| |
| void CryptoSecretBoxer::SetKey(StringPiece key) { |
| DCHECK_EQ(static_cast<size_t>(kKeySize), key.size()); |
| key_ = key.as_string(); |
| } |
| |
| // TODO(rtenneti): Delete sha256 based code. Use Aes128Gcm12Encrypter to Box the |
| // plaintext. This is temporary solution for tests to pass. |
| string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const { |
| string ret; |
| const size_t len = kBoxNonceSize + plaintext.size() + crypto::kSHA256Length; |
| ret.resize(len); |
| char* data = &ret[0]; |
| |
| // Generate nonce. |
| rand->RandBytes(data, kBoxNonceSize); |
| memcpy(data + kBoxNonceSize, plaintext.data(), plaintext.size()); |
| |
| // Compute sha256 for nonce + plaintext. |
| scoped_ptr<crypto::SecureHash> sha256(crypto::SecureHash::Create( |
| crypto::SecureHash::SHA256)); |
| sha256->Update(data, kBoxNonceSize + plaintext.size()); |
| sha256->Finish(data + kBoxNonceSize + plaintext.size(), |
| crypto::kSHA256Length); |
| |
| return ret; |
| } |
| |
| // TODO(rtenneti): Delete sha256 based code. Use Aes128Gcm12Decrypter to Unbox |
| // the plaintext. This is temporary solution for tests to pass. |
| bool CryptoSecretBoxer::Unbox(StringPiece ciphertext, |
| string* out_storage, |
| StringPiece* out) const { |
| if (ciphertext.size() < kBoxNonceSize + crypto::kSHA256Length) { |
| return false; |
| } |
| |
| const size_t plaintext_len = |
| ciphertext.size() - kBoxNonceSize - crypto::kSHA256Length; |
| out_storage->resize(plaintext_len); |
| char* data = const_cast<char*>(out_storage->data()); |
| |
| // Copy plaintext from ciphertext. |
| if (plaintext_len != 0) { |
| memcpy(data, ciphertext.data() + kBoxNonceSize, plaintext_len); |
| } |
| |
| // Compute sha256 for nonce + plaintext. |
| scoped_ptr<crypto::SecureHash> sha256(crypto::SecureHash::Create( |
| crypto::SecureHash::SHA256)); |
| sha256->Update(ciphertext.data(), ciphertext.size() - crypto::kSHA256Length); |
| char sha256_bytes[crypto::kSHA256Length]; |
| sha256->Finish(sha256_bytes, sizeof(sha256_bytes)); |
| |
| // Verify sha256. |
| if (0 != memcmp(ciphertext.data() + ciphertext.size() - crypto::kSHA256Length, |
| sha256_bytes, crypto::kSHA256Length)) { |
| return false; |
| } |
| |
| out->set(data, plaintext_len); |
| return true; |
| } |
| |
| } // namespace net |