1 files changed, 173 insertions, 0 deletions

diff --git a/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc b/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc
new file mode 100644
index 00000000000..bb08a044aa4
--- /dev/null
+++ b/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc
@@ -0,0 +1,173 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/quic/test_tools/crypto_test_utils.h"
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+#include <openssl/obj_mac.h>
+#include <openssl/sha.h>
+
+#include "crypto/openssl_util.h"
+#include "crypto/secure_hash.h"
+#include "net/quic/crypto/channel_id.h"
+
+using base::StringPiece;
+using std::string;
+
+namespace {
+
+void EvpMdCtxCleanUp(EVP_MD_CTX* ctx) {
+  (void)EVP_MD_CTX_cleanup(ctx);
+}
+
+} // namespace anonymous
+
+namespace net {
+
+namespace test {
+
+class TestChannelIDSigner : public ChannelIDSigner {
+ public:
+  virtual ~TestChannelIDSigner() { }
+
+  // ChannelIDSigner implementation.
+
+  virtual bool Sign(const string& hostname,
+                    StringPiece signed_data,
+                    string* out_key,
+                    string* out_signature) OVERRIDE {
+    crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key(
+        HostnameToKey(hostname));
+
+    *out_key = SerializeKey(ecdsa_key.get());
+    if (out_key->empty()) {
+      return false;
+    }
+
+    EVP_MD_CTX md_ctx;
+    EVP_MD_CTX_init(&md_ctx);
+    crypto::ScopedOpenSSL<EVP_MD_CTX, EvpMdCtxCleanUp>
+        md_ctx_cleanup(&md_ctx);
+
+    if (EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL,
+                           ecdsa_key.get()) != 1) {
+      return false;
+    }
+
+    EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kContextStr,
+                     strlen(ChannelIDVerifier::kContextStr) + 1);
+    EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kClientToServerStr,
+                     strlen(ChannelIDVerifier::kClientToServerStr) + 1);
+    EVP_DigestUpdate(&md_ctx, signed_data.data(), signed_data.size());
+
+    size_t sig_len;
+    if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
+      return false;
+    }
+
+    scoped_ptr<uint8[]> der_sig(new uint8[sig_len]);
+    if (!EVP_DigestSignFinal(&md_ctx, der_sig.get(), &sig_len)) {
+      return false;
+    }
+
+    uint8* derp = der_sig.get();
+    crypto::ScopedOpenSSL<ECDSA_SIG, ECDSA_SIG_free> sig(
+        d2i_ECDSA_SIG(NULL, const_cast<const uint8**>(&derp), sig_len));
+    if (sig.get() == NULL) {
+      return false;
+    }
+
+    // The signature consists of a pair of 32-byte numbers.
+    static const size_t kSignatureLength = 32 * 2;
+    scoped_ptr<uint8[]> signature(new uint8[kSignatureLength]);
+    memset(signature.get(), 0, kSignatureLength);
+    BN_bn2bin(sig.get()->r, signature.get() + 32 - BN_num_bytes(sig.get()->r));
+    BN_bn2bin(sig.get()->s, signature.get() + 64 - BN_num_bytes(sig.get()->s));
+
+    *out_signature = string(reinterpret_cast<char*>(signature.get()),
+                            kSignatureLength);
+
+    return true;
+  }
+
+  virtual string GetKeyForHostname(const string& hostname) OVERRIDE {
+    crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key(
+        HostnameToKey(hostname));
+    return SerializeKey(ecdsa_key.get());
+  }
+
+ private:
+  static EVP_PKEY* HostnameToKey(const string& hostname) {
+    // In order to generate a deterministic key for a given hostname the
+    // hostname is hashed with SHA-256 and the resulting digest is treated as a
+    // big-endian number. The most-significant bit is cleared to ensure that
+    // the resulting value is less than the order of the group and then it's
+    // taken as a private key. Given the private key, the public key is
+    // calculated with a group multiplication.
+    SHA256_CTX sha256;
+    SHA256_Init(&sha256);
+    SHA256_Update(&sha256, hostname.data(), hostname.size());
+
+    unsigned char digest[SHA256_DIGEST_LENGTH];
+    SHA256_Final(digest, &sha256);
+
+    // Ensure that the digest is less than the order of the P-256 group by
+    // clearing the most-significant bit.
+    digest[0] &= 0x7f;
+
+    crypto::ScopedOpenSSL<BIGNUM, BN_free> k(BN_new());
+    CHECK(BN_bin2bn(digest, sizeof(digest), k.get()) != NULL);
+
+    crypto::ScopedOpenSSL<EC_GROUP, EC_GROUP_free> p256(
+        EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    CHECK(p256.get());
+
+    crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> ecdsa_key(EC_KEY_new());
+    CHECK(ecdsa_key.get() != NULL &&
+          EC_KEY_set_group(ecdsa_key.get(), p256.get()));
+
+    crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point(
+        EC_POINT_new(p256.get()));
+    CHECK(EC_POINT_mul(p256.get(), point.get(), k.get(), NULL, NULL, NULL));
+
+    EC_KEY_set_private_key(ecdsa_key.get(), k.get());
+    EC_KEY_set_public_key(ecdsa_key.get(), point.get());
+
+    crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> pkey(EVP_PKEY_new());
+    // EVP_PKEY_set1_EC_KEY takes a reference so no |release| here.
+    EVP_PKEY_set1_EC_KEY(pkey.get(), ecdsa_key.get());
+
+    return pkey.release();
+  }
+
+  static string SerializeKey(EVP_PKEY* key) {
+    // i2d_PublicKey will produce an ANSI X9.62 public key which, for a P-256
+    // key, is 0x04 (meaning uncompressed) followed by the x and y field
+    // elements as 32-byte, big-endian numbers.
+    static const int kExpectedKeyLength = 65;
+
+    int len = i2d_PublicKey(key, NULL);
+    if (len != kExpectedKeyLength) {
+      return "";
+    }
+
+    uint8 buf[kExpectedKeyLength];
+    uint8* derp = buf;
+    i2d_PublicKey(key, &derp);
+
+    return string(reinterpret_cast<char*>(buf + 1), kExpectedKeyLength - 1);
+  }
+};
+
+// static
+ChannelIDSigner* CryptoTestUtils::ChannelIDSignerForTesting() {
+  return new TestChannelIDSigner();
+}
+
+}  // namespace test
+
+}  // namespace net