| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added a new subkey_secret output to crypto::HKDF which is
saved by the forward-secure key derivation and used for a new
ExportKeyingMaterial method on QuicCryptoStream. This will be used
in Chromium for WebRTC on QUIC.
Generated some tests by making a straightforward alternative
implementation in Python.
Written by Daniel Ziegler.
Merge internal CL: 72073257
R=agl@chromium.org,dmziegler@chromium.org
BUG=
Review URL: https://codereview.chromium.org/423333002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286738 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge internal change: 44173744
Add default return to avoid crashing when we get an unknown
error code from the peer.
Merge internal change: 44160057
Fix incorrect DCHECK while serializing version negotiation
packet.
Merge internal change: 44156166
Reorder the addends in GetPacketHeaderSize to match the order
of the public header fields.
Merge internal change: 44153020
Changing retransmission and retransmittable data boolean flags
to enums.
Merge internal change: 44071662
Remove methods from QuicTime for converting to/from
microseconds and milliseconds since the epoch for QuicTime is
unspecified. (It wraps TimeTicks in Chromium).
Merge internal change: 44069965
Change InterArrival feedback message to traffic in delta since
the "start" of the connection instead of a delta since the epoch.
One step closer to being able to remove QuicTime::To/FromMicroseconds
since those methods don't "do the right thing".
Merge internal change: 44037996
Changing kForce into an enum.
Merge internal change: 44024887
Cleanups from landing P-256 key exchange in Chromium.
Merge internal change: 44023801
Fix for std::vector in QuicPacketPublicHeader's memory
corruption by memset.
Merge internal change: 44022862
Merging cleanup changes from chromium.
Merge internal change: 44009665
Plug in the new decrypter and encrypter after the new keys have
been derived.
This is a first cut, as some details on changing the encryption
keys still need to be worked out. Our interim solution is
permissive trial decryption, which allows the peer to encrypt
with the wrong key, either using the new key too early or using
the null key for too long. The latter will leak confidential
information, so we err on the side of using the new key too early.
WARNING: the interim solution protects against eavesdroppers, but
is vulberable to active attackers.
Merge internal change: 44006658
Start tracking server and client stream resets and export them
via varz.
Merge internal change: 43971847
Pull out RstStreamFrame error code from QuicErrorCode so that
they don't appear in the tracked ConnectionClose error map.
This will also help in tracking RstStream error codes separately.
Merge internal change: 43968620
Adding Client/Server logging to all LOGS/DLOGs Not bothering
with VLOGs/DVLOGS unless it's requested.
Merge internal change: 43948596
crypto: step 5.
This change implements source-address tokens at the server and has the client
echo them. Source address tokens are opaque (to the client) bytestrings that
prove ownership of an IP address. In order to prevent amplification attacks,
the server demands that the client have a valid source address token for the IP
address that it's claiming to come from and that the token is reasonably
recent.
Since we already have it implemented, this code uses AES-GCM to encrypt and
authenticate the tokens with a fixed, dummy secret (for now). In the future,
the secret will be derived from the primary, private key in the same way that
SessionTicket keys used to be.
The QuicEncrypter/Decrypter code was written to be quite specific to the task
of encrypting and decrypting packets and, as part of this, it exposed only 64
bits of the AEAD nonce.
Since all GFEs will share the same token secret, and they'll all create tokens
with random nonces, that runs an unacceptably high risk of an attacker
obtaining two tokens with the same nonce.
Thus this change also reworks the QuicEncrypter/Decrypter so that the full
nonce is exposed and thus we can use 96-bit nonces. That's still not completely
wonderful but, at 10Mpps an attacker would still take a year to obtain a pair
of nonces, so it's good enough for a while at least.
Merge internal change: 43893806
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/13282004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191569 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handle versioning by closing the connection on version mismatch for now.
Merge internal change: 43606997
Number of cleanups from landing recent crypto changes.
Merge internal change: 43606111
Added delta_time_largest_observed to ReceivedPacketInfo to calculate accurate RTT.
Merge internal change: 43582099
Implement server-side QUIC key expansion. The derived keys are still not being used yet.
TODO: Code is in crypto_test_utils needs to be enabled.
Merge internal change: 43570937
Added AbandoningPacket to congestion control to avoid issue with FEC.
Merge internal change: 43570099
Wait infinite (aka wait for next ack) is not handled correctly.
Merge internal change: 43558636
Enable faster stats for QUIC.
Merge internal change: 43557310
Implement QUIC key expansion on the client side. The keys are not being used yet.
Merge internal change: 43515237
Add missing quic_stats files.
Track some connection stats.
Merge internal change: 43506869
Fix bug in WriteQueuedPackets
Merge internal change: 43499600
Small comment change in crypto_handshake's ProcessServerHello method.
Merge internal change: 43448804
R=rch@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/12806002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188096 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
deletion of virtual and removed and'ing with 0xFF.
R=wtc@chromium.org
TEST=crypt unittests
Review URL: https://chromiumcodereview.appspot.com/12330157
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184832 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added a2b_hex function to move common code in hkdf_unittest.cc
and to make it similar to CL - 40300624.
Merge internal CL: 40300624
Original approved CL: https://chromiumcodereview.appspot.com/12326029/
R=agl@chromium.org, rsleevi@chromium.org
Review URL: https://chromiumcodereview.appspot.com/12335045
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184306 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It failed in this way:
[ RUN ] HKDFTest.HKDFConstruct
c:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\include\vector(932) : Assertion failed: vector subscript out of range
c:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\include\vector(933) : Assertion failed: "Standard C++ Libraries Out of Range" && 0
http://build.chromium.org/p/chromium.win/builders/XP%20Tests%20%28dbg%29%281%29/builds/33019/steps/crypto_unittests/logs/stdio
> Porting of HKDF changes from server.
>
> Merge internal CL: 40300624
>
>
> Review URL: https://chromiumcodereview.appspot.com/12326029
TBR=rtenneti@chromium.org
Review URL: https://codereview.chromium.org/12330079
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184146 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
Merge internal CL: 40300624
Review URL: https://chromiumcodereview.appspot.com/12326029
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184133 0039d316-1c4b-4281-b951-d872f2087c98
|
