Remove HKDF implementation from WebRTC.

We no longer have a need for a HKDF implementation in WebRTC. To keep code quality high it makes sense to delete this dead code path. Bug: webrtc:9600 Change-Id: Ibe6ee9150acd9dbf59452372242d857c5ffa65c4 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/132802 Reviewed-by: Peter Slatala <psla@webrtc.org> Reviewed-by: Qingsi Wang <qingsi@webrtc.org> Reviewed-by: Seth Hampson <shampson@webrtc.org> Commit-Queue: Benjamin Wright <benwright@webrtc.org> Cr-Commit-Position: refs/heads/master@{#27604}
2019-04-12 14:35:13 -07:00 · 2019-04-12 14:35:13 -07:00 · 0006a625b1
commit 0006a625b1
parent 16f8648df8
7 changed files with 0 additions and 379 deletions
--- a/pc/jsep_transport_controller.cc
+++ b/pc/jsep_transport_controller.cc
@ -21,7 +21,6 @@
 #include "pc/srtp_filter.h"
 #include "rtc_base/bind.h"
 #include "rtc_base/checks.h"
-#include "rtc_base/key_derivation.h"
 #include "rtc_base/thread.h"

 using webrtc::SdpType;
--- a/rtc_base/BUILD.gn
+++ b/rtc_base/BUILD.gn
@ -825,8 +825,6 @@ rtc_static_library("rtc_base") {
    "ip_address.cc",
    "ip_address.h",
    "keep_ref_until_done.h",
-    "key_derivation.cc",
-    "key_derivation.h",
    "mdns_responder_interface.h",
    "message_digest.cc",
    "message_digest.h",
@ -855,8 +853,6 @@ rtc_static_library("rtc_base") {
    "openssl_digest.h",
    "openssl_identity.cc",
    "openssl_identity.h",
-    "openssl_key_derivation_hkdf.cc",
-    "openssl_key_derivation_hkdf.h",
    "openssl_session_cache.cc",
    "openssl_session_cache.h",
    "openssl_stream_adapter.cc",
@ -1363,7 +1359,6 @@ if (rtc_include_tests) {
    if (is_posix || is_fuchsia) {
      sources += [
        "openssl_adapter_unittest.cc",
-        "openssl_key_derivation_hkdf_unittest.cc",
        "openssl_session_cache_unittest.cc",
        "openssl_utility_unittest.cc",
        "ssl_adapter_unittest.cc",
--- a/rtc_base/key_derivation.cc
+++ b/rtc_base/key_derivation.cc
@ -1,32 +0,0 @@
-/*
- *  Copyright 2018 The WebRTC Project Authors. All rights reserved.
- *
- *  Use of this source code is governed by a BSD-style license
- *  that can be found in the LICENSE file in the root of the source
- *  tree. An additional intellectual property rights grant can be found
- *  in the file PATENTS.  All contributing project authors may
- *  be found in the AUTHORS file in the root of the source tree.
- */
-
-#include "rtc_base/key_derivation.h"
-
-#include "absl/memory/memory.h"
-#include "rtc_base/checks.h"
-#include "rtc_base/openssl_key_derivation_hkdf.h"
-
-namespace rtc {
-
-KeyDerivation::KeyDerivation() = default;
-KeyDerivation::~KeyDerivation() = default;
-
-// static
-std::unique_ptr<KeyDerivation> KeyDerivation::Create(
-    KeyDerivationAlgorithm key_derivation_algorithm) {
-  switch (key_derivation_algorithm) {
-    case KeyDerivationAlgorithm::HKDF_SHA256:
-      return absl::make_unique<OpenSSLKeyDerivationHKDF>();
-  }
-  RTC_NOTREACHED();
-}
-
-}  // namespace rtc
--- a/rtc_base/key_derivation.h
+++ b/rtc_base/key_derivation.h
@ -1,72 +0,0 @@
-/*
- *  Copyright 2018 The WebRTC Project Authors. All rights reserved.
- *
- *  Use of this source code is governed by a BSD-style license
- *  that can be found in the LICENSE file in the root of the source
- *  tree. An additional intellectual property rights grant can be found
- *  in the file PATENTS.  All contributing project authors may
- *  be found in the AUTHORS file in the root of the source tree.
- */
-
-#ifndef RTC_BASE_KEY_DERIVATION_H_
-#define RTC_BASE_KEY_DERIVATION_H_
-
-#include <stddef.h>
-#include <stdint.h>
-#include <memory>
-
-#include "absl/types/optional.h"
-#include "api/array_view.h"
-#include "rtc_base/buffer.h"
-#include "rtc_base/constructor_magic.h"
-
-namespace rtc {
-
-// Defines the set of key derivation algorithms that are supported. It is ideal
-// to keep this list as small as possible.
-enum class KeyDerivationAlgorithm {
-  // This algorithm is not suitable to generate a key from a password. Please
-  // only use with a cryptographically random master secret.
-  HKDF_SHA256
-};
-
-// KeyDerivation provides a generic interface for deriving keys in WebRTC. This
-// class should be used over directly accessing openssl or boringssl primitives
-// so that we can maintain seperate implementations.
-// Example:
-//   auto kd = KeyDerivation::Create(KeyDerivationAlgorithm::HDKF_SHA526);
-//   if (kd == nullptr) return;
-//   auto derived_key_or = kd->DeriveKey(secret, salt, label);
-//   if (!derived_key_or.ok()) return;
-//   DoSomethingWithKey(derived_key_or.value());
-class KeyDerivation {
- public:
-  KeyDerivation();
-  virtual ~KeyDerivation();
-
-  // Derives a new key from existing key material.
-  // secret - The random secret value you wish to derive a key from.
-  // salt - Optional but recommended (non secret) cryptographically random.
-  // label - A non secret but unique label value to determine the derivation.
-  // derived_key_byte_size - This must be at least 128 bits.
-  // return - An optional ZeroOnFreeBuffer containing the derived key or
-  // absl::nullopt. Nullopt indicates a failure in derivation.
-  virtual absl::optional<ZeroOnFreeBuffer<uint8_t>> DeriveKey(
-      rtc::ArrayView<const uint8_t> secret,
-      rtc::ArrayView<const uint8_t> salt,
-      rtc::ArrayView<const uint8_t> label,
-      size_t derived_key_byte_size) = 0;
-
-  // Static factory that will return an implementation that is capable of
-  // handling the key derivation with the requested algorithm. If no
-  // implementation is available nullptr will be returned.
-  static std::unique_ptr<KeyDerivation> Create(
-      KeyDerivationAlgorithm key_derivation_algorithm);
-
- private:
-  RTC_DISALLOW_COPY_AND_ASSIGN(KeyDerivation);
-};
-
-}  // namespace rtc
-
-#endif  // RTC_BASE_KEY_DERIVATION_H_
--- a/rtc_base/openssl_key_derivation_hkdf.cc
+++ b/rtc_base/openssl_key_derivation_hkdf.cc
@ -1,108 +0,0 @@
-/*
- *  Copyright 2018 The WebRTC Project Authors. All rights reserved.
- *
- *  Use of this source code is governed by a BSD-style license
- *  that can be found in the LICENSE file in the root of the source
- *  tree. An additional intellectual property rights grant can be found
- *  in the file PATENTS.  All contributing project authors may
- *  be found in the AUTHORS file in the root of the source tree.
- */
-
-#include "rtc_base/openssl_key_derivation_hkdf.h"
-
-#include <utility>
-
-#include <openssl/ossl_typ.h>
-#ifdef OPENSSL_IS_BORINGSSL
-#include <openssl/digest.h>
-#include <openssl/hkdf.h>
-#else
-#include <openssl/evp.h>
-#include <openssl/kdf.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/sha.h>
-
-#include "absl/algorithm/container.h"
-#include "rtc_base/buffer.h"
-#include "rtc_base/openssl.h"
-
-namespace rtc {
-
-#ifndef OPENSSL_IS_BORINGSSL
-namespace {
-
-// HKDF is static within OpenSSL and hence not accessible to the caller.
-// This internal implementation allows for compatibility with BoringSSL.
-static int HKDF(uint8_t* out_key,
-                size_t out_len,
-                const EVP_MD* digest,
-                const uint8_t* secret,
-                size_t secret_len,
-                const uint8_t* salt,
-                size_t salt_len,
-                const uint8_t* info,
-                size_t info_len) {
-  EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
-
-  if (EVP_PKEY_derive_init(pctx) <= 0 ||
-      EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0 ||
-      EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0 ||
-      EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0 ||
-      EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0 ||
-      EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) {
-    EVP_PKEY_CTX_free(pctx);
-    return 0;
-  }
-  EVP_PKEY_CTX_free(pctx);
-  return 1;
-}
-
-}  // namespace
-#endif
-
-OpenSSLKeyDerivationHKDF::OpenSSLKeyDerivationHKDF() = default;
-OpenSSLKeyDerivationHKDF::~OpenSSLKeyDerivationHKDF() = default;
-
-const size_t OpenSSLKeyDerivationHKDF::kMinKeyByteSize = 16;
-const size_t OpenSSLKeyDerivationHKDF::kMaxKeyByteSize =
-    255 * SHA256_DIGEST_LENGTH;
-const size_t OpenSSLKeyDerivationHKDF::kMinSecretByteSize = 16;
-
-absl::optional<ZeroOnFreeBuffer<uint8_t>> OpenSSLKeyDerivationHKDF::DeriveKey(
-    rtc::ArrayView<const uint8_t> secret,
-    rtc::ArrayView<const uint8_t> salt,
-    rtc::ArrayView<const uint8_t> label,
-    size_t derived_key_byte_size) {
-  // Prevent deriving less than 128 bits of key material or more than the max.
-  if (derived_key_byte_size < kMinKeyByteSize ||
-      derived_key_byte_size > kMaxKeyByteSize) {
-    return absl::nullopt;
-  }
-  // The secret must reach the minimum number of bits to be secure.
-  if (secret.data() == nullptr || secret.size() < kMinSecretByteSize) {
-    return absl::nullopt;
-  }
-  // Empty labels are always invalid in derivation.
-  if (label.data() == nullptr || label.size() == 0) {
-    return absl::nullopt;
-  }
-  // If a random salt is not provided use all zeros.
-  rtc::Buffer salt_buffer;
-  if (salt.data() == nullptr || salt.size() == 0) {
-    salt_buffer.SetSize(SHA256_DIGEST_LENGTH);
-    absl::c_fill(salt_buffer, 0);
-    salt = salt_buffer;
-  }
-  // This buffer will erase itself on release.
-  ZeroOnFreeBuffer<uint8_t> derived_key_buffer(derived_key_byte_size, 0);
-  if (!HKDF(derived_key_buffer.data(), derived_key_buffer.size(), EVP_sha256(),
-            secret.data(), secret.size(), salt.data(), salt.size(),
-            label.data(), label.size())) {
-    return absl::nullopt;
-  }
-  return absl::optional<ZeroOnFreeBuffer<uint8_t>>(
-      std::move(derived_key_buffer));
-}
-
-}  // namespace rtc
--- a/rtc_base/openssl_key_derivation_hkdf.h
+++ b/rtc_base/openssl_key_derivation_hkdf.h
@ -1,54 +0,0 @@
-/*
- *  Copyright 2018 The WebRTC Project Authors. All rights reserved.
- *
- *  Use of this source code is governed by a BSD-style license
- *  that can be found in the LICENSE file in the root of the source
- *  tree. An additional intellectual property rights grant can be found
- *  in the file PATENTS.  All contributing project authors may
- *  be found in the AUTHORS file in the root of the source tree.
- */
-
-#ifndef RTC_BASE_OPENSSL_KEY_DERIVATION_HKDF_H_
-#define RTC_BASE_OPENSSL_KEY_DERIVATION_HKDF_H_
-
-#include "rtc_base/constructor_magic.h"
-#include "rtc_base/key_derivation.h"
-
-namespace rtc {
-
-// OpenSSLKeyDerivationHKDF provides a concrete implementation of the
-// KeyDerivation interface to support the HKDF algorithm using the
-// OpenSSL/BoringSSL internal implementation.
-class OpenSSLKeyDerivationHKDF final : public KeyDerivation {
- public:
-  OpenSSLKeyDerivationHKDF();
-  ~OpenSSLKeyDerivationHKDF() override;
-
-  // General users shouldn't be generating keys smaller than 128 bits.
-  static const size_t kMinKeyByteSize;
-  // The maximum available derivation size 255*DIGEST_LENGTH
-  static const size_t kMaxKeyByteSize;
-  // The minimum acceptable secret size.
-  static const size_t kMinSecretByteSize;
-
-  // Derives a new key from existing key material using HKDF.
-  // secret - The random secret value you wish to derive a key from.
-  // salt - Optional (non secret) cryptographically random value.
-  // label - A non secret but unique label value to determine the derivation.
-  // derived_key_byte_size - The size of the derived key.
-  // return - A ZeroOnFreeBuffer containing the derived key or an error
-  // condition. Checking error codes is explicit in the API and error should
-  // never be ignored.
-  absl::optional<ZeroOnFreeBuffer<uint8_t>> DeriveKey(
-      rtc::ArrayView<const uint8_t> secret,
-      rtc::ArrayView<const uint8_t> salt,
-      rtc::ArrayView<const uint8_t> label,
-      size_t derived_key_byte_size) override;
-
- private:
-  RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyDerivationHKDF);
-};
-
-}  // namespace rtc
-
-#endif  // RTC_BASE_OPENSSL_KEY_DERIVATION_HKDF_H_
--- a/rtc_base/openssl_key_derivation_hkdf_unittest.cc
+++ b/rtc_base/openssl_key_derivation_hkdf_unittest.cc
@ -1,107 +0,0 @@
-/*
- *  Copyright 2018 The WebRTC Project Authors. All rights reserved.
- *
- *  Use of this source code is governed by a BSD-style license
- *  that can be found in the LICENSE file in the root of the source
- *  tree. An additional intellectual property rights grant can be found
- *  in the file PATENTS.  All contributing project authors may
- *  be found in the AUTHORS file in the root of the source tree.
- */
-
-#include "rtc_base/openssl_key_derivation_hkdf.h"
-
-#include <utility>
-
-#include "test/gmock.h"
-
-namespace rtc {
-namespace {
-
-// Validates that a basic valid call works correctly.
-TEST(OpenSSLKeyDerivationHKDF, DerivationBasicTest) {
-  rtc::Buffer secret(32);
-  rtc::Buffer salt(32);
-  rtc::Buffer label(32);
-  const size_t derived_key_byte_size = 16;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
-  EXPECT_TRUE(key_or.has_value());
-  ZeroOnFreeBuffer<uint8_t> key = std::move(key_or.value());
-  EXPECT_EQ(derived_key_byte_size, key.size());
-}
-
-// Derivation fails if output is too small.
-TEST(OpenSSLKeyDerivationHKDF, DerivationFailsIfOutputIsTooSmall) {
-  rtc::Buffer secret(32);
-  rtc::Buffer salt(32);
-  rtc::Buffer label(32);
-  const size_t derived_key_byte_size = 15;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
-  EXPECT_FALSE(key_or.has_value());
-}
-
-// Derivation fails if output is too large.
-TEST(OpenSSLKeyDerivationHKDF, DerivationFailsIfOutputIsTooLarge) {
-  rtc::Buffer secret(32);
-  rtc::Buffer salt(32);
-  rtc::Buffer label(32);
-  const size_t derived_key_byte_size = 256 * 32;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
-  EXPECT_FALSE(key_or.has_value());
-}
-
-// Validates that too little key material causes a failure.
-TEST(OpenSSLKeyDerivationHKDF, DerivationFailsWithInvalidSecret) {
-  rtc::Buffer secret(15);
-  rtc::Buffer salt(32);
-  rtc::Buffer label(32);
-  const size_t derived_key_byte_size = 16;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or_0 = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
-  EXPECT_FALSE(key_or_0.has_value());
-
-  auto key_or_1 = hkdf.DeriveKey(nullptr, salt, label, derived_key_byte_size);
-  EXPECT_FALSE(key_or_1.has_value());
-
-  rtc::Buffer secret_empty;
-  auto key_or_2 =
-      hkdf.DeriveKey(secret_empty, salt, label, derived_key_byte_size);
-  EXPECT_FALSE(key_or_2.has_value());
-}
-
-// Validates that HKDF works without a salt being set.
-TEST(OpenSSLKeyDerivationHKDF, DerivationWorksWithNoSalt) {
-  rtc::Buffer secret(32);
-  rtc::Buffer label(32);
-  const size_t derived_key_byte_size = 16;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or = hkdf.DeriveKey(secret, nullptr, label, derived_key_byte_size);
-  EXPECT_TRUE(key_or.has_value());
-}
-
-// Validates that a label is required to work correctly.
-TEST(OpenSSLKeyDerivationHKDF, DerivationRequiresLabel) {
-  rtc::Buffer secret(32);
-  rtc::Buffer salt(32);
-  rtc::Buffer label(1);
-  const size_t derived_key_byte_size = 16;
-
-  OpenSSLKeyDerivationHKDF hkdf;
-  auto key_or_0 = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
-  EXPECT_TRUE(key_or_0.has_value());
-  ZeroOnFreeBuffer<uint8_t> key = std::move(key_or_0.value());
-  EXPECT_EQ(key.size(), derived_key_byte_size);
-
-  auto key_or_1 = hkdf.DeriveKey(secret, salt, nullptr, derived_key_byte_size);
-  EXPECT_FALSE(key_or_1.has_value());
-}
-
-}  // namespace
-}  // namespace rtc