Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(702)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_12_decrypter_openssl.cc

Issue 189893002: Add ChaCha20Poly1305Encrypter, based on (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Move GCM-specific code back to the Aes128Gcm12En/Decrypter classes Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/quic/crypto/aead_base_encrypter.h ('K') | « net/quic/crypto/aes_128_gcm_12_decrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_12_decrypter_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" 5 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h"
6 6
7 #include <openssl/err.h>
8 #include <openssl/evp.h> 7 #include <openssl/evp.h>
9 8
10 #include "base/memory/scoped_ptr.h"
11
12 using base::StringPiece;
13
14 namespace net { 9 namespace net {
15 10
16 namespace { 11 namespace {
17 12
13 const size_t kKeySize = 16;
18 const size_t kNoncePrefixSize = 4; 14 const size_t kNoncePrefixSize = 4;
19 const size_t kAESNonceSize = 12;
20 15
21 } // namespace 16 } // namespace
22 17
23 Aes128Gcm12Decrypter::Aes128Gcm12Decrypter() {} 18 Aes128Gcm12Decrypter::Aes128Gcm12Decrypter()
19 : AeadBaseDecrypter(EVP_aead_aes_128_gcm(), kKeySize, kAuthTagSize,
20 kNoncePrefixSize) {
21 COMPILE_ASSERT(kKeySize <= kMaxKeySize, key_size_too_big);
22 COMPILE_ASSERT(kNoncePrefixSize <= kMaxNoncePrefixSize,
23 nonce_prefix_size_too_big);
24 }
24 25
25 Aes128Gcm12Decrypter::~Aes128Gcm12Decrypter() {} 26 Aes128Gcm12Decrypter::~Aes128Gcm12Decrypter() {}
26 27
27 // static
28 bool Aes128Gcm12Decrypter::IsSupported() { return true; }
29
30 bool Aes128Gcm12Decrypter::SetKey(StringPiece key) {
31 DCHECK_EQ(key.size(), sizeof(key_));
32 if (key.size() != sizeof(key_)) {
33 return false;
34 }
35 memcpy(key_, key.data(), key.size());
36
37 EVP_AEAD_CTX_cleanup(ctx_.get());
38 if (!EVP_AEAD_CTX_init(ctx_.get(), EVP_aead_aes_128_gcm(), key_,
39 sizeof(key_), kAuthTagSize, NULL)) {
40 // Clear OpenSSL error stack.
41 while (ERR_get_error()) {}
42 return false;
43 }
44
45 return true;
46 }
47
48 bool Aes128Gcm12Decrypter::SetNoncePrefix(StringPiece nonce_prefix) {
49 DCHECK_EQ(nonce_prefix.size(), kNoncePrefixSize);
50 if (nonce_prefix.size() != kNoncePrefixSize) {
51 return false;
52 }
53 COMPILE_ASSERT(sizeof(nonce_prefix_) == kNoncePrefixSize, bad_nonce_length);
54 memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size());
55 return true;
56 }
57
58 bool Aes128Gcm12Decrypter::Decrypt(StringPiece nonce,
59 StringPiece associated_data,
60 StringPiece ciphertext,
61 uint8* output,
62 size_t* output_length) {
63 if (ciphertext.length() < kAuthTagSize ||
64 nonce.size() != kNoncePrefixSize + sizeof(QuicPacketSequenceNumber)) {
65 return false;
66 }
67
68 ssize_t len = EVP_AEAD_CTX_open(
69 ctx_.get(), output, ciphertext.size(),
70 reinterpret_cast<const uint8_t*>(nonce.data()), nonce.size(),
71 reinterpret_cast<const uint8_t*>(ciphertext.data()), ciphertext.size(),
72 reinterpret_cast<const uint8_t*>(associated_data.data()),
73 associated_data.size());
74
75 if (len < 0) {
76 // Clear OpenSSL error stack.
77 while (ERR_get_error()) {}
78 return false;
79 }
80
81 *output_length = len;
82 return true;
83 }
84
85 QuicData* Aes128Gcm12Decrypter::DecryptPacket(
86 QuicPacketSequenceNumber sequence_number,
87 StringPiece associated_data,
88 StringPiece ciphertext) {
89 if (ciphertext.length() < kAuthTagSize) {
90 return NULL;
91 }
92 size_t plaintext_size = ciphertext.length();
93 scoped_ptr<char[]> plaintext(new char[plaintext_size]);
94
95 uint8 nonce[kNoncePrefixSize + sizeof(sequence_number)];
96 COMPILE_ASSERT(sizeof(nonce) == kAESNonceSize, bad_sequence_number_size);
97 memcpy(nonce, nonce_prefix_, kNoncePrefixSize);
98 memcpy(nonce + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
99 if (!Decrypt(StringPiece(reinterpret_cast<char*>(nonce), sizeof(nonce)),
100 associated_data, ciphertext,
101 reinterpret_cast<uint8*>(plaintext.get()),
102 &plaintext_size)) {
103 return NULL;
104 }
105 return new QuicData(plaintext.release(), plaintext_size, true);
106 }
107
108 StringPiece Aes128Gcm12Decrypter::GetKey() const {
109 return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));
110 }
111
112 StringPiece Aes128Gcm12Decrypter::GetNoncePrefix() const {
113 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
114 kNoncePrefixSize);
115 }
116
117 } // namespace net 28 } // namespace net
OLDNEW
« net/quic/crypto/aead_base_encrypter.h ('K') | « net/quic/crypto/aes_128_gcm_12_decrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_12_decrypter_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698