Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(271)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_encrypter_openssl.cc

Issue 12623017: Add Aes128GcmEncrypter and Aes128GcmDecrypter (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Rename the .cc files to _openssl.cc Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/quic/crypto/aes_128_gcm_decrypter_openssl.cc ('K') | « net/quic/crypto/aes_128_gcm_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_encrypter_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/crypto/aes_128_gcm_encrypter.h"
6
7 #include <openssl/evp.h>
8 #include <string.h>
9
10 #include "base/memory/scoped_ptr.h"
11 #include "net/quic/crypto/scoped_evp_cipher_ctx.h"
12
13 using base::StringPiece;
14
15 namespace net {
16
17 namespace {
18
19 const size_t kKeySize = 16;
20 const size_t kNoncePrefixSize = 4;
21 const size_t kAuthTagSize = 16;
22
23 } // namespace
24
25 bool Aes128GcmEncrypter::SetKey(StringPiece key) {
26 if (key.size() != sizeof(key_)) {
27 return false;
28 }
29 memcpy(key_, key.data(), key.size());
30 return true;
31 }
32
33 bool Aes128GcmEncrypter::SetNoncePrefix(StringPiece nonce_prefix) {
34 if (nonce_prefix.size() != kNoncePrefixSize) {
35 return false;
36 }
37 memcpy(nonce_, nonce_prefix.data(), nonce_prefix.size());
38 return true;
39 }
40
41 QuicData* Aes128GcmEncrypter::Encrypt(QuicPacketSequenceNumber sequence_number,
42 StringPiece associated_data,
43 StringPiece plaintext) {
44 COMPILE_ASSERT(sizeof(nonce_) == kNoncePrefixSize + sizeof(sequence_number),
45 incorrect_nonce_size);
46 memcpy(nonce_ + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
47 return EncryptWithNonce(StringPiece(reinterpret_cast<char*>(nonce_),
48 sizeof(nonce_)),
49 associated_data, plaintext);
50 }
51
52 size_t Aes128GcmEncrypter::GetKeySize() const {
53 return kKeySize;
54 }
55
56 size_t Aes128GcmEncrypter::GetNoncePrefixSize() const {
57 return kNoncePrefixSize;
58 }
59
60 size_t Aes128GcmEncrypter::GetMaxPlaintextSize(size_t ciphertext_size) const {
61 return ciphertext_size - kAuthTagSize;
62 }
63
64 // An AEAD_AES_128_GCM ciphertext is exactly 16 bytes longer than its
65 // corresponding plaintext.
66 size_t Aes128GcmEncrypter::GetCiphertextSize(size_t plaintext_size) const {
67 return plaintext_size + kAuthTagSize;
68 }
69
70 QuicData* Aes128GcmEncrypter::EncryptWithNonce(StringPiece nonce,
71 StringPiece associated_data,
72 StringPiece plaintext) {
73 size_t ciphertext_size = GetCiphertextSize(plaintext.length());
74 scoped_ptr<char[]> ciphertext(new char[ciphertext_size]);
75
76 // |output| points to the position in the |ciphertext| buffer to receive
77 // the next output.
78 unsigned char* output = reinterpret_cast<unsigned char*>(ciphertext.get());
79 // |output_len| is passed to an OpenSSL function to receive the output
80 // length.
81 int output_len;
82
83 ScopedEVPCipherCtx ctx;
84
85 // Set the cipher type and the key. The IV (nonce) is set below.
86 if (EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_gcm(), NULL, key_,
87 NULL) == 0) {
88 return NULL;
89 }
90
91 // Set the IV (nonce) length.
92 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_IVLEN, nonce.size(),
93 NULL) == 0) {
94 return NULL;
95 }
96 // Set the IV (nonce).
97 if (EVP_EncryptInit_ex(ctx.get(), NULL, NULL, NULL,
98 reinterpret_cast<const unsigned char*>(
99 nonce.data())) == 0) {
100 return NULL;
101 }
102
103 // Set the associated data. The second argument (output buffer) must be
104 // NULL.
105 if (EVP_EncryptUpdate(ctx.get(), NULL, &output_len,
106 reinterpret_cast<const unsigned char*>(
107 associated_data.data()),
108 associated_data.size()) == 0) {
109 return NULL;
110 }
111
112 if (EVP_EncryptUpdate(ctx.get(), output, &output_len,
113 reinterpret_cast<const unsigned char*>(
114 plaintext.data()),
115 plaintext.size()) == 0) {
116 return NULL;
117 }
118 output += output_len;
119
120 if (EVP_EncryptFinal_ex(ctx.get(), output, &output_len) == 0) {
121 return NULL;
122 }
123 output += output_len;
124
125 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_GET_TAG, kAuthTagSize,
126 output) == 0) {
127 return NULL;
128 }
129
130 return new QuicData(ciphertext.release(), ciphertext_size, true);
131 }
132
133 } // namespace net
OLDNEW
« net/quic/crypto/aes_128_gcm_decrypter_openssl.cc ('K') | « net/quic/crypto/aes_128_gcm_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_encrypter_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698