Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / net / quic / crypto / p256_key_exchange_openssl.cc
blob88d45c8e4a2d49e16e596adbe9744e7d2cff1f18
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/quic/crypto/p256_key_exchange.h"
7 #include <openssl/ec.h>
8 #include <openssl/ecdh.h>
9 #include <openssl/evp.h>
11 #include "base/logging.h"
13 using base::StringPiece;
14 using std::string;
16 namespace net {
18 P256KeyExchange::P256KeyExchange(EC_KEY* private_key, const uint8* public_key)
19 : private_key_(private_key) {
20 memcpy(public_key_, public_key, sizeof(public_key_));
23 P256KeyExchange::~P256KeyExchange() {}
25 // static
26 P256KeyExchange* P256KeyExchange::New(StringPiece key) {
27 if (key.empty()) {
28 DVLOG(1) << "Private key is empty";
29 return nullptr;
32 const uint8* keyp = reinterpret_cast<const uint8*>(key.data());
33 crypto::ScopedEC_KEY private_key(d2i_ECPrivateKey(nullptr, &keyp,
34 key.size()));
35 if (!private_key.get() || !EC_KEY_check_key(private_key.get())) {
36 DVLOG(1) << "Private key is invalid.";
37 return nullptr;
40 uint8 public_key[kUncompressedP256PointBytes];
41 if (EC_POINT_point2oct(EC_KEY_get0_group(private_key.get()),
42 EC_KEY_get0_public_key(private_key.get()),
43 POINT_CONVERSION_UNCOMPRESSED, public_key,
44 sizeof(public_key), nullptr) != sizeof(public_key)) {
45 DVLOG(1) << "Can't get public key.";
46 return nullptr;
49 return new P256KeyExchange(private_key.release(), public_key);
52 // static
53 string P256KeyExchange::NewPrivateKey() {
54 crypto::ScopedEC_KEY key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
55 if (!key.get() || !EC_KEY_generate_key(key.get())) {
56 DVLOG(1) << "Can't generate a new private key.";
57 return string();
60 int key_len = i2d_ECPrivateKey(key.get(), nullptr);
61 if (key_len <= 0) {
62 DVLOG(1) << "Can't convert private key to string";
63 return string();
65 scoped_ptr<uint8[]> private_key(new uint8[key_len]);
66 uint8* keyp = private_key.get();
67 if (!i2d_ECPrivateKey(key.get(), &keyp)) {
68 DVLOG(1) << "Can't convert private key to string.";
69 return string();
71 return string(reinterpret_cast<char*>(private_key.get()), key_len);
74 KeyExchange* P256KeyExchange::NewKeyPair(QuicRandom* /*rand*/) const {
75 // TODO(agl): avoid the serialisation/deserialisation in this function.
76 const string private_value = NewPrivateKey();
77 return P256KeyExchange::New(private_value);
80 bool P256KeyExchange::CalculateSharedKey(const StringPiece& peer_public_value,
81 string* out_result) const {
82 if (peer_public_value.size() != kUncompressedP256PointBytes) {
83 DVLOG(1) << "Peer public value is invalid";
84 return false;
87 crypto::ScopedEC_POINT point(
88 EC_POINT_new(EC_KEY_get0_group(private_key_.get())));
89 if (!point ||
90 !EC_POINT_oct2point(/* also test if point is on curve */
91 EC_KEY_get0_group(private_key_.get()), point.get(),
92 reinterpret_cast<const uint8*>(
93 peer_public_value.data()),
94 peer_public_value.size(), nullptr)) {
95 DVLOG(1) << "Can't convert peer public value to curve point.";
96 return false;
99 uint8 result[kP256FieldBytes];
100 if (ECDH_compute_key(result, sizeof(result), point.get(), private_key_.get(),
101 nullptr) != sizeof(result)) {
102 DVLOG(1) << "Can't compute ECDH shared key.";
103 return false;
106 out_result->assign(reinterpret_cast<char*>(result), sizeof(result));
107 return true;
110 StringPiece P256KeyExchange::public_value() const {
111 return StringPiece(reinterpret_cast<const char*>(public_key_),
112 sizeof(public_key_));
115 QuicTag P256KeyExchange::tag() const { return kP256; }
117 } // namespace net