commit 2fe8b630617b48ec4590b04dccf70b87db0a84a0
author wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Thu Jul 31 11:36:37 2014
committer wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Thu Jul 31 11:36:37 2014
tree 8299aa8c9ffebd0de620e7fe73c3c779ec91bd10
parent cc405e47896d2b031f8f42a93337538e162ab1e4

Implement QUIC key extraction.

Added a new subkey_secret output to crypto::HKDF which is
saved by the forward-secure key derivation and used for a new
ExportKeyingMaterial method on QuicCryptoStream. This will be used
in Chromium for WebRTC on QUIC.

Generated some tests by making a straightforward alternative
implementation in Python.

Written by Daniel Ziegler.

Merge internal CL: 72073257

R=agl@chromium.org,dmziegler@chromium.org
BUG=

Review URL: https://codereview.chromium.org/423333002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286738 0039d316-1c4b-4281-b951-d872f2087c98

net/quic/test_tools/crypto_test_utils.cc

diff --git a/net/quic/test_tools/crypto_test_utils.cc b/net/quic/test_tools/crypto_test_utils.cc
index ca0681a..0e3a8151 100644
--- a/net/quic/test_tools/crypto_test_utils.cc
+++ b/net/quic/test_tools/crypto_test_utils.cc
@@ -452,6 +452,26 @@
   StringPiece server_forward_secure_decrypter_iv =
       server_forward_secure_decrypter->GetNoncePrefix();
 
+  StringPiece client_subkey_secret =
+      client->crypto_negotiated_params().subkey_secret;
+  StringPiece server_subkey_secret =
+      server->crypto_negotiated_params().subkey_secret;
+
+
+  const char kSampleLabel[] = "label";
+  const char kSampleContext[] = "context";
+  const size_t kSampleOutputLength = 32;
+  string client_key_extraction;
+  string server_key_extraction;
+  EXPECT_TRUE(client->ExportKeyingMaterial(kSampleLabel,
+                                           kSampleContext,
+                                           kSampleOutputLength,
+                                           &client_key_extraction));
+  EXPECT_TRUE(server->ExportKeyingMaterial(kSampleLabel,
+                                           kSampleContext,
+                                           kSampleOutputLength,
+                                           &server_key_extraction));
+
   CompareCharArraysWithHexError("client write key",
                                 client_encrypter_key.data(),
                                 client_encrypter_key.length(),
@@ -492,6 +512,16 @@
                                 server_forward_secure_encrypter_iv.length(),
                                 client_forward_secure_decrypter_iv.data(),
                                 client_forward_secure_decrypter_iv.length());
+  CompareCharArraysWithHexError("subkey secret",
+                                client_subkey_secret.data(),
+                                client_subkey_secret.length(),
+                                server_subkey_secret.data(),
+                                server_subkey_secret.length());
+  CompareCharArraysWithHexError("sample key extraction",
+                                client_key_extraction.data(),
+                                client_key_extraction.length(),
+                                server_key_extraction.data(),
+                                server_key_extraction.length());
 }
 
 // static