net/quic/crypto/quic_decrypter.h - Issue 1904213002: QUIC: support diversified keys with version 33.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/quic/crypto/quic_decrypter.h

Issue 1904213002: QUIC: support diversified keys with version 33. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@hkdf

Patch Set: Rebase Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/crypto/quic_decrypter.h

diff --git a/net/quic/crypto/quic_decrypter.h b/net/quic/crypto/quic_decrypter.h

index 4f2be96ff192f1646685d4c5dc086a38a5362dc8..993e3dadcb84c4582f6a36c16f374e48094c20e7 100644

--- a/net/quic/crypto/quic_decrypter.h

+++ b/net/quic/crypto/quic_decrypter.h

@@ -42,6 +42,22 @@ class NET_EXPORT_PRIVATE QuicDecrypter {

// packet number, even when retransmitting a lost packet.

virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0;

+ // Sets the encryption key. Returns true on success, false on failure.

+ // |DecryptPacket| may not be called until |SetDiversificationNonce| is

+ // called and the preliminary keying material will be combined with that

+ // nonce in order to create the actual key and nonce-prefix.

+ //

+ // If this function is called, neither |SetKey| nor |SetNoncePrefix| may be

+ // called.

+ virtual bool SetPreliminaryKey(base::StringPiece key) = 0;

+ // SetDiversificationNonce uses |nonce| to derive final keys based on the

+ // input keying material given by calling |SetPreliminaryKey|.

+ //

+ // Calling this function is a no-op if |SetPreliminaryKey| hasn't been

+ // called.

+ virtual bool SetDiversificationNonce(DiversificationNonce nonce) = 0;

// Populates |output| with the decrypted |ciphertext| and populates

// |output_length| with the length. Returns 0 if there is an error.

// |output| size is specified by |max_output_length| and must be

@@ -67,6 +83,14 @@ class NET_EXPORT_PRIVATE QuicDecrypter {

// For use by unit tests only.

virtual base::StringPiece GetKey() const = 0;

virtual base::StringPiece GetNoncePrefix() const = 0;

+ static void DiversifyPreliminaryKey(base::StringPiece preliminary_key,

+ base::StringPiece nonce_prefix,

+ DiversificationNonce nonce,

+ size_t key_size,

+ size_t nonce_prefix_size,

+ std::string* out_key,

+ std::string* out_nonce_prefix);

};

} // namespace net

« no previous file with comments | « net/quic/crypto/quic_crypto_server_config.cc ('k') | net/quic/crypto/quic_decrypter.cc » ('j') | no next file with comments »