net/quic/crypto/p256_key_exchange.h - platform/external/chromium_org - Git at Google

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_
 #define NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_

 #include <string>

 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string_piece.h"
 #include "net/base/net_export.h"
 #include "net/quic/crypto/key_exchange.h"

 #if defined(USE_OPENSSL)
 #include "crypto/openssl_util.h"
 // Forward declaration for openssl/*.h
 typedef struct ec_key_st EC_KEY;
 extern "C" void EC_KEY_free(EC_KEY* key);
 #else
 #include "crypto/ec_private_key.h"
 #include "crypto/scoped_nss_types.h"
 #endif

 namespace net {

 // P256KeyExchange implements a KeyExchange using elliptic-curve
 // Diffie-Hellman on NIST P-256.
 class NET_EXPORT_PRIVATE P256KeyExchange : public KeyExchange {
  public:
   virtual ~P256KeyExchange();

   // New creates a new key exchange object from a private key. If
   // |private_key| is invalid, NULL is returned.
   static P256KeyExchange* New(base::StringPiece private_key);

   // |NewPrivateKey| returns a private key, suitable for passing to |New|.
   // If |NewPrivateKey| can't generate a private key, it returns an empty
   // string.
   static std::string NewPrivateKey();

   // KeyExchange interface.
   virtual KeyExchange* NewKeyPair(QuicRandom* rand) const OVERRIDE;
   virtual bool CalculateSharedKey(const base::StringPiece& peer_public_value,
                                   std::string* shared_key) const OVERRIDE;
   virtual base::StringPiece public_value() const OVERRIDE;
   virtual QuicTag tag() const OVERRIDE;

  private:
   enum {
     // A P-256 field element consists of 32 bytes.
     kP256FieldBytes = 32,
     // A P-256 point in uncompressed form consists of 0x04 (to denote
     // that the point is uncompressed) followed by two, 32-byte field
     // elements.
     kUncompressedP256PointBytes = 1 + 2 * kP256FieldBytes,
     // The first byte in an uncompressed P-256 point.
     kUncompressedECPointForm = 0x04,
   };

 #if defined(USE_OPENSSL)
   // P256KeyExchange takes ownership of |private_key|, and expects
   // |public_key| consists of |kUncompressedP256PointBytes| bytes.
   P256KeyExchange(EC_KEY* private_key, const uint8* public_key);

   crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key_;
 #else
   // P256KeyExchange takes ownership of |key_pair|, and expects
   // |public_key| consists of |kUncompressedP256PointBytes| bytes.
   P256KeyExchange(crypto::ECPrivateKey* key_pair, const uint8* public_key);

   scoped_ptr<crypto::ECPrivateKey> key_pair_;
 #endif
   // The public key stored as an uncompressed P-256 point.
   uint8 public_key_[kUncompressedP256PointBytes];
 };

 }  // namespace net
 #endif  // NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_
	// Copyright (c) 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_
	#define NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_

	#include <string>

	#include "base/memory/scoped_ptr.h"
	#include "base/strings/string_piece.h"
	#include "net/base/net_export.h"
	#include "net/quic/crypto/key_exchange.h"

	#if defined(USE_OPENSSL)
	#include "crypto/openssl_util.h"
	// Forward declaration for openssl/*.h
	typedef struct ec_key_st EC_KEY;
	extern "C" void EC_KEY_free(EC_KEY* key);
	#else
	#include "crypto/ec_private_key.h"
	#include "crypto/scoped_nss_types.h"
	#endif

	namespace net {

	// P256KeyExchange implements a KeyExchange using elliptic-curve
	// Diffie-Hellman on NIST P-256.
	class NET_EXPORT_PRIVATE P256KeyExchange : public KeyExchange {
	public:
	virtual ~P256KeyExchange();

	// New creates a new key exchange object from a private key. If
	// \|private_key\| is invalid, NULL is returned.
	static P256KeyExchange* New(base::StringPiece private_key);

	// \|NewPrivateKey\| returns a private key, suitable for passing to \|New\|.
	// If \|NewPrivateKey\| can't generate a private key, it returns an empty
	// string.
	static std::string NewPrivateKey();

	// KeyExchange interface.
	virtual KeyExchange* NewKeyPair(QuicRandom* rand) const OVERRIDE;
	virtual bool CalculateSharedKey(const base::StringPiece& peer_public_value,
	std::string* shared_key) const OVERRIDE;
	virtual base::StringPiece public_value() const OVERRIDE;
	virtual QuicTag tag() const OVERRIDE;

	private:
	enum {
	// A P-256 field element consists of 32 bytes.
	kP256FieldBytes = 32,
	// A P-256 point in uncompressed form consists of 0x04 (to denote
	// that the point is uncompressed) followed by two, 32-byte field
	// elements.
	kUncompressedP256PointBytes = 1 + 2 * kP256FieldBytes,
	// The first byte in an uncompressed P-256 point.
	kUncompressedECPointForm = 0x04,
	};

	#if defined(USE_OPENSSL)
	// P256KeyExchange takes ownership of \|private_key\|, and expects
	// \|public_key\| consists of \|kUncompressedP256PointBytes\| bytes.
	P256KeyExchange(EC_KEY* private_key, const uint8* public_key);

	crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> private_key_;
	#else
	// P256KeyExchange takes ownership of \|key_pair\|, and expects
	// \|public_key\| consists of \|kUncompressedP256PointBytes\| bytes.
	P256KeyExchange(crypto::ECPrivateKey* key_pair, const uint8* public_key);

	scoped_ptr<crypto::ECPrivateKey> key_pair_;
	#endif
	// The public key stored as an uncompressed P-256 point.
	uint8 public_key_[kUncompressedP256PointBytes];
	};

	} // namespace net
	#endif // NET_QUIC_CRYPTO_P256_KEY_EXCHANGE_H_