xref: /aosp_15_r20/external/cronet/net/third_party/quiche/src/quiche/quic/core/crypto/curve25519_key_exchange.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "quiche/quic/core/crypto/curve25519_key_exchange.h"
6 
7 #include <cstdint>
8 #include <cstring>
9 #include <string>
10 
11 #include "absl/memory/memory.h"
12 #include "absl/strings/string_view.h"
13 #include "openssl/curve25519.h"
14 #include "quiche/quic/core/crypto/quic_random.h"
15 #include "quiche/quic/platform/api/quic_bug_tracker.h"
16 
17 namespace quic {
18 
Curve25519KeyExchange()19 Curve25519KeyExchange::Curve25519KeyExchange() {}
20 
~Curve25519KeyExchange()21 Curve25519KeyExchange::~Curve25519KeyExchange() {}
22 
23 // static
New(QuicRandom * rand)24 std::unique_ptr<Curve25519KeyExchange> Curve25519KeyExchange::New(
25     QuicRandom* rand) {
26   std::unique_ptr<Curve25519KeyExchange> result =
27       New(Curve25519KeyExchange::NewPrivateKey(rand));
28   QUIC_BUG_IF(quic_bug_12891_1, result == nullptr);
29   return result;
30 }
31 
32 // static
New(absl::string_view private_key)33 std::unique_ptr<Curve25519KeyExchange> Curve25519KeyExchange::New(
34     absl::string_view private_key) {
35   // We don't want to #include the BoringSSL headers in the public header file,
36   // so we use literals for the sizes of private_key_ and public_key_. Here we
37   // assert that those values are equal to the values from the BoringSSL
38   // header.
39   static_assert(
40       sizeof(Curve25519KeyExchange::private_key_) == X25519_PRIVATE_KEY_LEN,
41       "header out of sync");
42   static_assert(
43       sizeof(Curve25519KeyExchange::public_key_) == X25519_PUBLIC_VALUE_LEN,
44       "header out of sync");
45 
46   if (private_key.size() != X25519_PRIVATE_KEY_LEN) {
47     return nullptr;
48   }
49 
50   // Use absl::WrapUnique(new) instead of std::make_unique because
51   // Curve25519KeyExchange has a private constructor.
52   auto ka = absl::WrapUnique(new Curve25519KeyExchange);
53   memcpy(ka->private_key_, private_key.data(), X25519_PRIVATE_KEY_LEN);
54   X25519_public_from_private(ka->public_key_, ka->private_key_);
55   return ka;
56 }
57 
58 // static
NewPrivateKey(QuicRandom * rand)59 std::string Curve25519KeyExchange::NewPrivateKey(QuicRandom* rand) {
60   uint8_t private_key[X25519_PRIVATE_KEY_LEN];
61   rand->RandBytes(private_key, sizeof(private_key));
62   return std::string(reinterpret_cast<char*>(private_key), sizeof(private_key));
63 }
64 
CalculateSharedKeySync(absl::string_view peer_public_value,std::string * shared_key) const65 bool Curve25519KeyExchange::CalculateSharedKeySync(
66     absl::string_view peer_public_value, std::string* shared_key) const {
67   if (peer_public_value.size() != X25519_PUBLIC_VALUE_LEN) {
68     return false;
69   }
70 
71   uint8_t result[X25519_PUBLIC_VALUE_LEN];
72   if (!X25519(result, private_key_,
73               reinterpret_cast<const uint8_t*>(peer_public_value.data()))) {
74     return false;
75   }
76 
77   shared_key->assign(reinterpret_cast<char*>(result), sizeof(result));
78   return true;
79 }
80 
public_value() const81 absl::string_view Curve25519KeyExchange::public_value() const {
82   return absl::string_view(reinterpret_cast<const char*>(public_key_),
83                            sizeof(public_key_));
84 }
85 
86 }  // namespace quic
87