Implement QUIC key extraction.

Added a new subkey_secret output to crypto::HKDF which is saved by the forward-secure key derivation and used for a new ExportKeyingMaterial method on QuicCryptoStream. This will be used in Chromium for WebRTC on QUIC. Generated some tests by making a straightforward alternative implementation in Python. Written by Daniel Ziegler. Merge internal CL: 72073257 R=agl@chromium.org,dmziegler@chromium.org BUG= Review URL: https://codereview.chromium.org/423333002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286738 0039d316-1c4b-4281-b951-d872f2087c98
author: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-07-31 11:36:37 +0000
committer: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-07-31 11:36:37 +0000
commit: 2fe8b630617b48ec4590b04dccf70b87db0a84a0 (patch)
tree: 8299aa8c9ffebd0de620e7fe73c3c779ec91bd10 /crypto/hkdf.cc
parent: cc405e47896d2b031f8f42a93337538e162ab1e4 (diff)
download: chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.zip
chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.tar.gz
chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.tar.bz2
1 files changed, 11 insertions, 3 deletions
diff --git a/crypto/hkdf.cc b/crypto/hkdf.cc
index 1cd8468..82aae24 100644
--- a/crypto/hkdf.cc
+++ b/crypto/hkdf.cc
@@ -5,6 +5,7 @@
 #include "crypto/hkdf.h"
 
 #include "base/logging.h"
+#include "base/memory/scoped_ptr.h"
 #include "crypto/hmac.h"
 
 namespace crypto {
@@ -15,7 +16,8 @@ HKDF::HKDF(const base::StringPiece& secret,
            const base::StringPiece& salt,
            const base::StringPiece& info,
            size_t key_bytes_to_generate,
-           size_t iv_bytes_to_generate) {
+           size_t iv_bytes_to_generate,
+           size_t subkey_secret_bytes_to_generate) {
   // https://tools.ietf.org/html/rfc5869#section-2.2
   base::StringPiece actual_salt = salt;
   char zeros[kSHA256HashLength];
@@ -40,8 +42,9 @@ HKDF::HKDF(const base::StringPiece& secret,
   // https://tools.ietf.org/html/rfc5869#section-2.3
   // Perform the Expand phase to turn the pseudorandom key
   // and info into the output keying material.
-  const size_t material_length =
-      2*key_bytes_to_generate + 2*iv_bytes_to_generate;
+  const size_t material_length = 2 * key_bytes_to_generate +
+                                 2 * iv_bytes_to_generate +
+                                 subkey_secret_bytes_to_generate;
   const size_t n = (material_length + kSHA256HashLength-1) /
                    kSHA256HashLength;
   DCHECK_LT(n, 256u);
@@ -90,6 +93,11 @@ HKDF::HKDF(const base::StringPiece& secret,
     j += iv_bytes_to_generate;
     server_write_iv_ = base::StringPiece(reinterpret_cast<char*>(&output_[j]),
                                          iv_bytes_to_generate);
+    j += iv_bytes_to_generate;
+  }
+  if (subkey_secret_bytes_to_generate) {
+    subkey_secret_ = base::StringPiece(reinterpret_cast<char*>(&output_[j]),
+                                       subkey_secret_bytes_to_generate);
   }
 }
author	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-07-31 11:36:37 +0000
committer	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-07-31 11:36:37 +0000
commit	2fe8b630617b48ec4590b04dccf70b87db0a84a0 (patch)
tree	8299aa8c9ffebd0de620e7fe73c3c779ec91bd10 /crypto/hkdf.cc
parent	cc405e47896d2b031f8f42a93337538e162ab1e4 (diff)
download	chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.zip chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.tar.gz chromium_src-2fe8b630617b48ec4590b04dccf70b87db0a84a0.tar.bz2