cygprofile: increase timeouts to allow showing web contents
[chromium-blink-merge.git] / components / certificate_reporting / error_reporter.cc
blobd811112c3ef989e61c498a3fdc82b23f7171c8ad
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/certificate_reporting/error_reporter.h"
7 #include <set>
9 #include "base/logging.h"
10 #include "components/certificate_reporting/encrypted_cert_logger.pb.h"
12 #if defined(USE_OPENSSL)
13 #include "crypto/aead_openssl.h"
14 #endif
16 #include "crypto/curve25519.h"
17 #include "crypto/hkdf.h"
18 #include "crypto/random.h"
19 #include "net/url_request/certificate_report_sender.h"
21 namespace certificate_reporting {
23 namespace {
25 // Constants used for crypto. The corresponding private key is used by
26 // the SafeBrowsing client-side detection server to decrypt reports.
27 static const uint8 kServerPublicKey[] = {
28 0x51, 0xcc, 0x52, 0x67, 0x42, 0x47, 0x3b, 0x10, 0xe8, 0x63, 0x18,
29 0x3c, 0x61, 0xa7, 0x96, 0x76, 0x86, 0x91, 0x40, 0x71, 0x39, 0x5f,
30 0x31, 0x1a, 0x39, 0x5b, 0x76, 0xb1, 0x6b, 0x3d, 0x6a, 0x2b};
31 static const uint32 kServerPublicKeyVersion = 1;
33 #if defined(USE_OPENSSL)
35 static const char kHkdfLabel[] = "certificate report";
37 std::string GetHkdfSubkeySecret(size_t subkey_length,
38 const uint8* private_key,
39 const uint8* public_key) {
40 uint8 shared_secret[crypto::curve25519::kBytes];
41 crypto::curve25519::ScalarMult(private_key, public_key, shared_secret);
43 // By mistake, the HKDF label here ends up with an extra null byte on
44 // the end, due to using sizeof(kHkdfLabel) in the StringPiece
45 // constructor instead of strlen(kHkdfLabel). Ideally this code should
46 // be just passing kHkdfLabel directly into the HKDF constructor.
48 // TODO(estark): fix this in coordination with the server-side code --
49 // perhaps by rolling the public key version forward and using the
50 // version to decide whether to use the extra-null-byte version of the
51 // label. https://crbug.com/517746
52 crypto::HKDF hkdf(base::StringPiece(reinterpret_cast<char*>(shared_secret),
53 sizeof(shared_secret)),
54 "" /* salt */,
55 base::StringPiece(kHkdfLabel, sizeof(kHkdfLabel)),
56 0 /* key bytes */, 0 /* iv bytes */, subkey_length);
58 return hkdf.subkey_secret().as_string();
61 bool EncryptSerializedReport(const uint8* server_public_key,
62 uint32 server_public_key_version,
63 const std::string& report,
64 EncryptedCertLoggerRequest* encrypted_report) {
65 // Generate an ephemeral key pair to generate a shared secret.
66 uint8 public_key[crypto::curve25519::kBytes];
67 uint8 private_key[crypto::curve25519::kScalarBytes];
69 crypto::RandBytes(private_key, sizeof(private_key));
70 crypto::curve25519::ScalarBaseMult(private_key, public_key);
72 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256);
73 const std::string key =
74 GetHkdfSubkeySecret(aead.KeyLength(), private_key,
75 reinterpret_cast<const uint8*>(server_public_key));
76 aead.Init(&key);
78 // Use an all-zero nonce because the key is random per-message.
79 std::string nonce(aead.NonceLength(), '\0');
81 std::string ciphertext;
82 if (!aead.Seal(report, nonce, std::string(), &ciphertext)) {
83 LOG(ERROR) << "Error sealing certificate report.";
84 return false;
87 encrypted_report->set_encrypted_report(ciphertext);
88 encrypted_report->set_server_public_key_version(server_public_key_version);
89 encrypted_report->set_client_public_key(reinterpret_cast<char*>(public_key),
90 sizeof(public_key));
91 encrypted_report->set_algorithm(
92 EncryptedCertLoggerRequest::AEAD_ECDH_AES_128_CTR_HMAC_SHA256);
93 return true;
95 #endif
97 } // namespace
99 ErrorReporter::ErrorReporter(
100 net::URLRequestContext* request_context,
101 const GURL& upload_url,
102 net::CertificateReportSender::CookiesPreference cookies_preference)
103 : ErrorReporter(upload_url,
104 kServerPublicKey,
105 kServerPublicKeyVersion,
106 make_scoped_ptr(new net::CertificateReportSender(
107 request_context,
108 cookies_preference))) {}
110 ErrorReporter::ErrorReporter(
111 const GURL& upload_url,
112 const uint8 server_public_key[/* 32 */],
113 const uint32 server_public_key_version,
114 scoped_ptr<net::CertificateReportSender> certificate_report_sender)
115 : certificate_report_sender_(certificate_report_sender.Pass()),
116 upload_url_(upload_url),
117 server_public_key_(server_public_key),
118 server_public_key_version_(server_public_key_version) {
119 DCHECK(certificate_report_sender_);
120 DCHECK(!upload_url.is_empty());
123 ErrorReporter::~ErrorReporter() {}
125 void ErrorReporter::SendExtendedReportingReport(
126 const std::string& serialized_report) {
127 if (upload_url_.SchemeIsCryptographic()) {
128 certificate_report_sender_->Send(upload_url_, serialized_report);
129 } else {
130 DCHECK(IsHttpUploadUrlSupported());
131 #if defined(USE_OPENSSL)
132 EncryptedCertLoggerRequest encrypted_report;
133 if (!EncryptSerializedReport(server_public_key_, server_public_key_version_,
134 serialized_report, &encrypted_report)) {
135 LOG(ERROR) << "Failed to encrypt serialized report.";
136 return;
138 std::string serialized_encrypted_report;
139 encrypted_report.SerializeToString(&serialized_encrypted_report);
140 certificate_report_sender_->Send(upload_url_, serialized_encrypted_report);
141 #endif
145 bool ErrorReporter::IsHttpUploadUrlSupported() {
146 #if defined(USE_OPENSSL)
147 return true;
148 #else
149 return false;
150 #endif
153 // Used only by tests.
154 #if defined(USE_OPENSSL)
155 bool ErrorReporter::DecryptErrorReport(
156 const uint8 server_private_key[32],
157 const EncryptedCertLoggerRequest& encrypted_report,
158 std::string* decrypted_serialized_report) {
159 crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256);
160 const std::string key =
161 GetHkdfSubkeySecret(aead.KeyLength(), server_private_key,
162 reinterpret_cast<const uint8*>(
163 encrypted_report.client_public_key().data()));
164 aead.Init(&key);
166 // Use an all-zero nonce because the key is random per-message.
167 std::string nonce(aead.NonceLength(), 0);
169 return aead.Open(encrypted_report.encrypted_report(), nonce, std::string(),
170 decrypted_serialized_report);
172 #endif
174 } // namespace certificate_reporting