diff options
Diffstat (limited to 'chromium/net/quic/test_tools/crypto_test_utils_openssl.cc')
-rw-r--r-- | chromium/net/quic/test_tools/crypto_test_utils_openssl.cc | 173 |
1 files changed, 173 insertions, 0 deletions
diff --git a/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc b/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc new file mode 100644 index 00000000000..bb08a044aa4 --- /dev/null +++ b/chromium/net/quic/test_tools/crypto_test_utils_openssl.cc @@ -0,0 +1,173 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/quic/test_tools/crypto_test_utils.h" + +#include <openssl/bn.h> +#include <openssl/ec.h> +#include <openssl/ecdsa.h> +#include <openssl/evp.h> +#include <openssl/obj_mac.h> +#include <openssl/sha.h> + +#include "crypto/openssl_util.h" +#include "crypto/secure_hash.h" +#include "net/quic/crypto/channel_id.h" + +using base::StringPiece; +using std::string; + +namespace { + +void EvpMdCtxCleanUp(EVP_MD_CTX* ctx) { + (void)EVP_MD_CTX_cleanup(ctx); +} + +} // namespace anonymous + +namespace net { + +namespace test { + +class TestChannelIDSigner : public ChannelIDSigner { + public: + virtual ~TestChannelIDSigner() { } + + // ChannelIDSigner implementation. + + virtual bool Sign(const string& hostname, + StringPiece signed_data, + string* out_key, + string* out_signature) OVERRIDE { + crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key( + HostnameToKey(hostname)); + + *out_key = SerializeKey(ecdsa_key.get()); + if (out_key->empty()) { + return false; + } + + EVP_MD_CTX md_ctx; + EVP_MD_CTX_init(&md_ctx); + crypto::ScopedOpenSSL<EVP_MD_CTX, EvpMdCtxCleanUp> + md_ctx_cleanup(&md_ctx); + + if (EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, + ecdsa_key.get()) != 1) { + return false; + } + + EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kContextStr, + strlen(ChannelIDVerifier::kContextStr) + 1); + EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kClientToServerStr, + strlen(ChannelIDVerifier::kClientToServerStr) + 1); + EVP_DigestUpdate(&md_ctx, signed_data.data(), signed_data.size()); + + size_t sig_len; + if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) { + return false; + } + + scoped_ptr<uint8[]> der_sig(new uint8[sig_len]); + if (!EVP_DigestSignFinal(&md_ctx, der_sig.get(), &sig_len)) { + return false; + } + + uint8* derp = der_sig.get(); + crypto::ScopedOpenSSL<ECDSA_SIG, ECDSA_SIG_free> sig( + d2i_ECDSA_SIG(NULL, const_cast<const uint8**>(&derp), sig_len)); + if (sig.get() == NULL) { + return false; + } + + // The signature consists of a pair of 32-byte numbers. + static const size_t kSignatureLength = 32 * 2; + scoped_ptr<uint8[]> signature(new uint8[kSignatureLength]); + memset(signature.get(), 0, kSignatureLength); + BN_bn2bin(sig.get()->r, signature.get() + 32 - BN_num_bytes(sig.get()->r)); + BN_bn2bin(sig.get()->s, signature.get() + 64 - BN_num_bytes(sig.get()->s)); + + *out_signature = string(reinterpret_cast<char*>(signature.get()), + kSignatureLength); + + return true; + } + + virtual string GetKeyForHostname(const string& hostname) OVERRIDE { + crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key( + HostnameToKey(hostname)); + return SerializeKey(ecdsa_key.get()); + } + + private: + static EVP_PKEY* HostnameToKey(const string& hostname) { + // In order to generate a deterministic key for a given hostname the + // hostname is hashed with SHA-256 and the resulting digest is treated as a + // big-endian number. The most-significant bit is cleared to ensure that + // the resulting value is less than the order of the group and then it's + // taken as a private key. Given the private key, the public key is + // calculated with a group multiplication. + SHA256_CTX sha256; + SHA256_Init(&sha256); + SHA256_Update(&sha256, hostname.data(), hostname.size()); + + unsigned char digest[SHA256_DIGEST_LENGTH]; + SHA256_Final(digest, &sha256); + + // Ensure that the digest is less than the order of the P-256 group by + // clearing the most-significant bit. + digest[0] &= 0x7f; + + crypto::ScopedOpenSSL<BIGNUM, BN_free> k(BN_new()); + CHECK(BN_bin2bn(digest, sizeof(digest), k.get()) != NULL); + + crypto::ScopedOpenSSL<EC_GROUP, EC_GROUP_free> p256( + EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); + CHECK(p256.get()); + + crypto::ScopedOpenSSL<EC_KEY, EC_KEY_free> ecdsa_key(EC_KEY_new()); + CHECK(ecdsa_key.get() != NULL && + EC_KEY_set_group(ecdsa_key.get(), p256.get())); + + crypto::ScopedOpenSSL<EC_POINT, EC_POINT_free> point( + EC_POINT_new(p256.get())); + CHECK(EC_POINT_mul(p256.get(), point.get(), k.get(), NULL, NULL, NULL)); + + EC_KEY_set_private_key(ecdsa_key.get(), k.get()); + EC_KEY_set_public_key(ecdsa_key.get(), point.get()); + + crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> pkey(EVP_PKEY_new()); + // EVP_PKEY_set1_EC_KEY takes a reference so no |release| here. + EVP_PKEY_set1_EC_KEY(pkey.get(), ecdsa_key.get()); + + return pkey.release(); + } + + static string SerializeKey(EVP_PKEY* key) { + // i2d_PublicKey will produce an ANSI X9.62 public key which, for a P-256 + // key, is 0x04 (meaning uncompressed) followed by the x and y field + // elements as 32-byte, big-endian numbers. + static const int kExpectedKeyLength = 65; + + int len = i2d_PublicKey(key, NULL); + if (len != kExpectedKeyLength) { + return ""; + } + + uint8 buf[kExpectedKeyLength]; + uint8* derp = buf; + i2d_PublicKey(key, &derp); + + return string(reinterpret_cast<char*>(buf + 1), kExpectedKeyLength - 1); + } +}; + +// static +ChannelIDSigner* CryptoTestUtils::ChannelIDSignerForTesting() { + return new TestChannelIDSigner(); +} + +} // namespace test + +} // namespace net |