| Index: net/quic/crypto/aead_base_encrypter_openssl.cc
|
| ===================================================================
|
| --- net/quic/crypto/aead_base_encrypter_openssl.cc (revision 255481)
|
| +++ net/quic/crypto/aead_base_encrypter_openssl.cc (working copy)
|
| @@ -2,7 +2,7 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
|
| +#include "net/quic/crypto/aead_base_encrypter.h"
|
|
|
| #include <openssl/err.h>
|
| #include <openssl/evp.h>
|
| @@ -16,15 +16,12 @@
|
|
|
| namespace {
|
|
|
| -const size_t kKeySize = 16;
|
| -const size_t kNoncePrefixSize = 4;
|
| -const size_t kAESNonceSize = 12;
|
| -
|
| +// Clear OpenSSL error stack.
|
| void ClearOpenSslErrors() {
|
| #ifdef NDEBUG
|
| while (ERR_get_error()) {}
|
| #else
|
| - while (long error = ERR_get_error()) {
|
| + while (unsigned long error = ERR_get_error()) {
|
| char buf[120];
|
| ERR_error_string_n(error, buf, arraysize(buf));
|
| DLOG(ERROR) << "OpenSSL error: " << buf;
|
| @@ -34,21 +31,31 @@
|
|
|
| } // namespace
|
|
|
| -Aes128Gcm12Encrypter::Aes128Gcm12Encrypter() {}
|
| +AeadBaseEncrypter::AeadBaseEncrypter(const EVP_AEAD* aead_alg,
|
| + size_t key_size,
|
| + size_t auth_tag_size,
|
| + size_t nonce_prefix_size)
|
| + : aead_alg_(aead_alg),
|
| + key_size_(key_size),
|
| + auth_tag_size_(auth_tag_size),
|
| + nonce_prefix_size_(nonce_prefix_size) {
|
| + DCHECK_LE(key_size_, sizeof(key_));
|
| + DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_));
|
| +}
|
|
|
| -Aes128Gcm12Encrypter::~Aes128Gcm12Encrypter() {}
|
| +AeadBaseEncrypter::~AeadBaseEncrypter() {}
|
|
|
| -bool Aes128Gcm12Encrypter::SetKey(StringPiece key) {
|
| - DCHECK_EQ(key.size(), sizeof(key_));
|
| - if (key.size() != sizeof(key_)) {
|
| +bool AeadBaseEncrypter::SetKey(StringPiece key) {
|
| + DCHECK_EQ(key.size(), key_size_);
|
| + if (key.size() != key_size_) {
|
| return false;
|
| }
|
| memcpy(key_, key.data(), key.size());
|
|
|
| EVP_AEAD_CTX_cleanup(ctx_.get());
|
|
|
| - if (!EVP_AEAD_CTX_init(ctx_.get(), EVP_aead_aes_128_gcm(), key_,
|
| - sizeof(key_), kAuthTagSize, NULL)) {
|
| + if (!EVP_AEAD_CTX_init(ctx_.get(), aead_alg_, key_, key_size_,
|
| + auth_tag_size_, NULL)) {
|
| ClearOpenSslErrors();
|
| return false;
|
| }
|
| @@ -56,26 +63,25 @@
|
| return true;
|
| }
|
|
|
| -bool Aes128Gcm12Encrypter::SetNoncePrefix(StringPiece nonce_prefix) {
|
| - DCHECK_EQ(nonce_prefix.size(), kNoncePrefixSize);
|
| - if (nonce_prefix.size() != kNoncePrefixSize) {
|
| +bool AeadBaseEncrypter::SetNoncePrefix(StringPiece nonce_prefix) {
|
| + DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_);
|
| + if (nonce_prefix.size() != nonce_prefix_size_) {
|
| return false;
|
| }
|
| - COMPILE_ASSERT(sizeof(nonce_prefix_) == kNoncePrefixSize, bad_nonce_length);
|
| memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size());
|
| return true;
|
| }
|
|
|
| -bool Aes128Gcm12Encrypter::Encrypt(StringPiece nonce,
|
| - StringPiece associated_data,
|
| - StringPiece plaintext,
|
| - unsigned char* output) {
|
| - if (nonce.size() != kNoncePrefixSize + sizeof(QuicPacketSequenceNumber)) {
|
| +bool AeadBaseEncrypter::Encrypt(StringPiece nonce,
|
| + StringPiece associated_data,
|
| + StringPiece plaintext,
|
| + unsigned char* output) {
|
| + if (nonce.size() != nonce_prefix_size_ + sizeof(QuicPacketSequenceNumber)) {
|
| return false;
|
| }
|
|
|
| ssize_t len = EVP_AEAD_CTX_seal(
|
| - ctx_.get(), output, plaintext.size() + kAuthTagSize,
|
| + ctx_.get(), output, plaintext.size() + auth_tag_size_,
|
| reinterpret_cast<const uint8_t*>(nonce.data()), nonce.size(),
|
| reinterpret_cast<const uint8_t*>(plaintext.data()), plaintext.size(),
|
| reinterpret_cast<const uint8_t*>(associated_data.data()),
|
| @@ -89,7 +95,7 @@
|
| return true;
|
| }
|
|
|
| -QuicData* Aes128Gcm12Encrypter::EncryptPacket(
|
| +QuicData* AeadBaseEncrypter::EncryptPacket(
|
| QuicPacketSequenceNumber sequence_number,
|
| StringPiece associated_data,
|
| StringPiece plaintext) {
|
| @@ -98,11 +104,12 @@
|
|
|
| // TODO(ianswett): Introduce a check to ensure that we don't encrypt with the
|
| // same sequence number twice.
|
| - uint8 nonce[kNoncePrefixSize + sizeof(sequence_number)];
|
| - COMPILE_ASSERT(sizeof(nonce) == kAESNonceSize, bad_sequence_number_size);
|
| - memcpy(nonce, nonce_prefix_, kNoncePrefixSize);
|
| - memcpy(nonce + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
|
| - if (!Encrypt(StringPiece(reinterpret_cast<char*>(nonce), sizeof(nonce)),
|
| + uint8 nonce[sizeof(nonce_prefix_) + sizeof(sequence_number)];
|
| + const size_t nonce_size = nonce_prefix_size_ + sizeof(sequence_number);
|
| + DCHECK_LE(nonce_size, sizeof(nonce));
|
| + memcpy(nonce, nonce_prefix_, nonce_prefix_size_);
|
| + memcpy(nonce + nonce_prefix_size_, &sequence_number, sizeof(sequence_number));
|
| + if (!Encrypt(StringPiece(reinterpret_cast<char*>(nonce), nonce_size),
|
| associated_data, plaintext,
|
| reinterpret_cast<unsigned char*>(ciphertext.get()))) {
|
| return NULL;
|
| @@ -111,29 +118,30 @@
|
| return new QuicData(ciphertext.release(), ciphertext_size, true);
|
| }
|
|
|
| -size_t Aes128Gcm12Encrypter::GetKeySize() const { return kKeySize; }
|
| +size_t AeadBaseEncrypter::GetKeySize() const { return key_size_; }
|
|
|
| -size_t Aes128Gcm12Encrypter::GetNoncePrefixSize() const {
|
| - return kNoncePrefixSize;
|
| +size_t AeadBaseEncrypter::GetNoncePrefixSize() const {
|
| + return nonce_prefix_size_;
|
| }
|
|
|
| -size_t Aes128Gcm12Encrypter::GetMaxPlaintextSize(size_t ciphertext_size) const {
|
| - return ciphertext_size - kAuthTagSize;
|
| +size_t AeadBaseEncrypter::GetMaxPlaintextSize(size_t ciphertext_size) const {
|
| + return ciphertext_size - auth_tag_size_;
|
| }
|
|
|
| -// An AEAD_AES_128_GCM_12 ciphertext is exactly 12 bytes longer than its
|
| -// corresponding plaintext.
|
| -size_t Aes128Gcm12Encrypter::GetCiphertextSize(size_t plaintext_size) const {
|
| - return plaintext_size + kAuthTagSize;
|
| +size_t AeadBaseEncrypter::GetCiphertextSize(size_t plaintext_size) const {
|
| + return plaintext_size + auth_tag_size_;
|
| }
|
|
|
| -StringPiece Aes128Gcm12Encrypter::GetKey() const {
|
| - return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));
|
| +StringPiece AeadBaseEncrypter::GetKey() const {
|
| + return StringPiece(reinterpret_cast<const char*>(key_), key_size_);
|
| }
|
|
|
| -StringPiece Aes128Gcm12Encrypter::GetNoncePrefix() const {
|
| +StringPiece AeadBaseEncrypter::GetNoncePrefix() const {
|
| + if (nonce_prefix_size_ == 0) {
|
| + return StringPiece();
|
| + }
|
| return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
|
| - kNoncePrefixSize);
|
| + nonce_prefix_size_);
|
| }
|
|
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 189893002:
Add ChaCha20Poly1305Encrypter, based on (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/