OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/crypto/aead_base_decrypter.h" | 5 #include "net/quic/crypto/aead_base_decrypter.h" |
6 | 6 |
7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
8 | 8 |
9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
10 #include "crypto/scoped_nss_types.h" | 10 #include "crypto/scoped_nss_types.h" |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
48 bool AeadBaseDecrypter::DecryptPacket(QuicPacketNumber packet_number, | 48 bool AeadBaseDecrypter::DecryptPacket(QuicPacketNumber packet_number, |
49 const StringPiece& associated_data, | 49 const StringPiece& associated_data, |
50 const StringPiece& ciphertext, | 50 const StringPiece& ciphertext, |
51 char* output, | 51 char* output, |
52 size_t* output_length, | 52 size_t* output_length, |
53 size_t max_output_length) { | 53 size_t max_output_length) { |
54 if (ciphertext.length() < auth_tag_size_) { | 54 if (ciphertext.length() < auth_tag_size_) { |
55 return false; | 55 return false; |
56 } | 56 } |
57 | 57 |
58 uint8 nonce[sizeof(nonce_prefix_) + sizeof(packet_number)]; | 58 uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)]; |
59 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number); | 59 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number); |
60 DCHECK_LE(nonce_size, sizeof(nonce)); | 60 DCHECK_LE(nonce_size, sizeof(nonce)); |
61 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); | 61 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); |
62 memcpy(nonce + nonce_prefix_size_, &packet_number, sizeof(packet_number)); | 62 memcpy(nonce + nonce_prefix_size_, &packet_number, sizeof(packet_number)); |
63 | 63 |
64 // NSS 3.14.x incorrectly requires an output buffer at least as long as | 64 // NSS 3.14.x incorrectly requires an output buffer at least as long as |
65 // the ciphertext (NSS bug | 65 // the ciphertext (NSS bug |
66 // https://bugzilla.mozilla.org/show_bug.cgi?id= 853674). Fortunately | 66 // https://bugzilla.mozilla.org/show_bug.cgi?id= 853674). Fortunately |
67 // QuicDecrypter::Decrypt() specifies that |output| must be as long as | 67 // QuicDecrypter::Decrypt() specifies that |output| must be as long as |
68 // |ciphertext| on entry. | 68 // |ciphertext| on entry. |
(...skipping 23 matching lines...) Expand all Loading... |
92 FillAeadParams(StringPiece(reinterpret_cast<char*>(nonce), nonce_size), | 92 FillAeadParams(StringPiece(reinterpret_cast<char*>(nonce), nonce_size), |
93 associated_data, auth_tag_size_, &aead_params); | 93 associated_data, auth_tag_size_, &aead_params); |
94 | 94 |
95 SECItem param; | 95 SECItem param; |
96 param.type = siBuffer; | 96 param.type = siBuffer; |
97 param.data = reinterpret_cast<unsigned char*>(&aead_params.data); | 97 param.data = reinterpret_cast<unsigned char*>(&aead_params.data); |
98 param.len = aead_params.len; | 98 param.len = aead_params.len; |
99 | 99 |
100 unsigned int output_len; | 100 unsigned int output_len; |
101 if (PK11_Decrypt(aead_key.get(), aead_mechanism_, ¶m, | 101 if (PK11_Decrypt(aead_key.get(), aead_mechanism_, ¶m, |
102 reinterpret_cast<uint8*>(output), &output_len, | 102 reinterpret_cast<uint8_t*>(output), &output_len, |
103 max_output_length, | 103 max_output_length, |
104 reinterpret_cast<const unsigned char*>(ciphertext.data()), | 104 reinterpret_cast<const unsigned char*>(ciphertext.data()), |
105 ciphertext.length()) != SECSuccess) { | 105 ciphertext.length()) != SECSuccess) { |
106 return false; | 106 return false; |
107 } | 107 } |
108 | 108 |
109 if (output_len != plaintext_size) { | 109 if (output_len != plaintext_size) { |
110 DVLOG(1) << "Wrong output length"; | 110 DVLOG(1) << "Wrong output length"; |
111 return false; | 111 return false; |
112 } | 112 } |
113 *output_length = output_len; | 113 *output_length = output_len; |
114 return true; | 114 return true; |
115 } | 115 } |
116 | 116 |
117 StringPiece AeadBaseDecrypter::GetKey() const { | 117 StringPiece AeadBaseDecrypter::GetKey() const { |
118 return StringPiece(reinterpret_cast<const char*>(key_), key_size_); | 118 return StringPiece(reinterpret_cast<const char*>(key_), key_size_); |
119 } | 119 } |
120 | 120 |
121 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { | 121 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { |
122 if (nonce_prefix_size_ == 0) { | 122 if (nonce_prefix_size_ == 0) { |
123 return StringPiece(); | 123 return StringPiece(); |
124 } | 124 } |
125 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), | 125 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), |
126 nonce_prefix_size_); | 126 nonce_prefix_size_); |
127 } | 127 } |
128 | 128 |
129 } // namespace net | 129 } // namespace net |
OLD | NEW |