search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove PlatformFile from profile_browsertest
[chromium-blink-merge.git] / net / quic / crypto / crypto_secret_boxer.cc
blob73562c638bcc9df84d6167f6612356c238663bda
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/crypto/crypto_secret_boxer.h"
6
7 #include "base/logging.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "crypto/secure_hash.h"
10 #include "crypto/sha2.h"
11 #include "net/quic/crypto/quic_random.h"
12
13 using base::StringPiece;
14 using std::string;
15
16 namespace net {
17
18 // Defined kKeySize for GetKeySize() and SetKey().
19 static const size_t kKeySize = 16;
20
21 // kBoxNonceSize contains the number of bytes of nonce that we use in each box.
22 static const size_t kBoxNonceSize = 16;
23
24 // static
25 size_t CryptoSecretBoxer::GetKeySize() { return kKeySize; }
26
27 void CryptoSecretBoxer::SetKey(StringPiece key) {
28 DCHECK_EQ(static_cast<size_t>(kKeySize), key.size());
29 key_ = key.as_string();
30 }
31
32 // TODO(rtenneti): Delete sha256 based code. Use Aes128Gcm12Encrypter to Box the
33 // plaintext. This is temporary solution for tests to pass.
34 string CryptoSecretBoxer::Box(QuicRandom* rand, StringPiece plaintext) const {
35 string ret;
36 const size_t len = kBoxNonceSize + plaintext.size() + crypto::kSHA256Length;
37 ret.resize(len);
38 char* data = &ret[0];
39
40 // Generate nonce.
41 rand->RandBytes(data, kBoxNonceSize);
42 memcpy(data + kBoxNonceSize, plaintext.data(), plaintext.size());
43
44 // Compute sha256 for nonce + plaintext.
45 scoped_ptr<crypto::SecureHash> sha256(crypto::SecureHash::Create(
46 crypto::SecureHash::SHA256));
47 sha256->Update(data, kBoxNonceSize + plaintext.size());
48 sha256->Finish(data + kBoxNonceSize + plaintext.size(),
49 crypto::kSHA256Length);
50
51 return ret;
52 }
53
54 // TODO(rtenneti): Delete sha256 based code. Use Aes128Gcm12Decrypter to Unbox
55 // the plaintext. This is temporary solution for tests to pass.
56 bool CryptoSecretBoxer::Unbox(StringPiece ciphertext,
57 string* out_storage,
58 StringPiece* out) const {
59 if (ciphertext.size() < kBoxNonceSize + crypto::kSHA256Length) {
60 return false;
61 }
62
63 const size_t plaintext_len =
64 ciphertext.size() - kBoxNonceSize - crypto::kSHA256Length;
65 out_storage->resize(plaintext_len);
66 char* data = const_cast<char*>(out_storage->data());
67
68 // Copy plaintext from ciphertext.
69 if (plaintext_len != 0) {
70 memcpy(data, ciphertext.data() + kBoxNonceSize, plaintext_len);
71 }
72
73 // Compute sha256 for nonce + plaintext.
74 scoped_ptr<crypto::SecureHash> sha256(crypto::SecureHash::Create(
75 crypto::SecureHash::SHA256));
76 sha256->Update(ciphertext.data(), ciphertext.size() - crypto::kSHA256Length);
77 char sha256_bytes[crypto::kSHA256Length];
78 sha256->Finish(sha256_bytes, sizeof(sha256_bytes));
79
80 // Verify sha256.
81 if (0 != memcmp(ciphertext.data() + ciphertext.size() - crypto::kSHA256Length,
82 sha256_bytes, crypto::kSHA256Length)) {
83 return false;
84 }
85
86 out->set(data, plaintext_len);
87 return true;
88 }
89
90 } // namespace net