net/quic/crypto/aead_base_decrypter_openssl.cc - Issue 196743005: Add the files created with "svn copy" first.

Unified Diff: net/quic/crypto/aead_base_decrypter_openssl.cc

Issue 196743005: Add the files created with "svn copy" first. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/crypto/aead_base_decrypter_openssl.cc

===================================================================

--- net/quic/crypto/aead_base_decrypter_openssl.cc (revision 255481)

+++ net/quic/crypto/aead_base_decrypter_openssl.cc (working copy)

@@ -2,7 +2,7 @@

// Use of this source code is governed by a BSD-style license that can be

// found in the LICENSE file.

-#include "net/quic/crypto/aes_128_gcm_12_decrypter.h"

+#include "net/quic/crypto/aead_base_decrypter.h"

#include <openssl/err.h>

#include <openssl/evp.h>

@@ -15,53 +15,68 @@

namespace {

-const size_t kNoncePrefixSize = 4;

-const size_t kAESNonceSize = 12;

+// Clear OpenSSL error stack.

+void ClearOpenSslErrors() {

+#ifdef NDEBUG

+ while (ERR_get_error()) {}

+#else

+ while (unsigned long error = ERR_get_error()) {

+ char buf[120];

+ ERR_error_string_n(error, buf, arraysize(buf));

+ DLOG(ERROR) << "OpenSSL error: " << buf;

+ }

+#endif

} // namespace

-Aes128Gcm12Decrypter::Aes128Gcm12Decrypter() {}

+AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* aead_alg,

+ size_t key_size,

+ size_t auth_tag_size,

+ size_t nonce_prefix_size)

+ : aead_alg_(aead_alg),

+ key_size_(key_size),

+ auth_tag_size_(auth_tag_size),

+ nonce_prefix_size_(nonce_prefix_size) {

+ DCHECK_LE(key_size_, sizeof(key_));

+ DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_));

-Aes128Gcm12Decrypter::~Aes128Gcm12Decrypter() {}

+AeadBaseDecrypter::~AeadBaseDecrypter() {}

-// static

-bool Aes128Gcm12Decrypter::IsSupported() { return true; }

-bool Aes128Gcm12Decrypter::SetKey(StringPiece key) {

- DCHECK_EQ(key.size(), sizeof(key_));

- if (key.size() != sizeof(key_)) {

+bool AeadBaseDecrypter::SetKey(StringPiece key) {

+ DCHECK_EQ(key.size(), key_size_);

+ if (key.size() != key_size_) {

return false;

}

memcpy(key_, key.data(), key.size());

EVP_AEAD_CTX_cleanup(ctx_.get());

- if (!EVP_AEAD_CTX_init(ctx_.get(), EVP_aead_aes_128_gcm(), key_,

- sizeof(key_), kAuthTagSize, NULL)) {

- // Clear OpenSSL error stack.

- while (ERR_get_error()) {}

+ if (!EVP_AEAD_CTX_init(ctx_.get(), aead_alg_, key_, key_size_,

+ auth_tag_size_, NULL)) {

+ ClearOpenSslErrors();

return false;

}

return true;

}

-bool Aes128Gcm12Decrypter::SetNoncePrefix(StringPiece nonce_prefix) {

- DCHECK_EQ(nonce_prefix.size(), kNoncePrefixSize);

- if (nonce_prefix.size() != kNoncePrefixSize) {

+bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) {

+ DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_);

+ if (nonce_prefix.size() != nonce_prefix_size_) {

return false;

}

- COMPILE_ASSERT(sizeof(nonce_prefix_) == kNoncePrefixSize, bad_nonce_length);

memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size());

return true;

}

-bool Aes128Gcm12Decrypter::Decrypt(StringPiece nonce,

- StringPiece associated_data,

- StringPiece ciphertext,

- uint8* output,

- size_t* output_length) {

- if (ciphertext.length() < kAuthTagSize ||

- nonce.size() != kNoncePrefixSize + sizeof(QuicPacketSequenceNumber)) {

+bool AeadBaseDecrypter::Decrypt(StringPiece nonce,

+ StringPiece associated_data,

+ StringPiece ciphertext,

+ uint8* output,

+ size_t* output_length) {

+ if (ciphertext.length() < auth_tag_size_ ||

+ nonce.size() != nonce_prefix_size_ + sizeof(QuicPacketSequenceNumber)) {

return false;

}

@@ -73,8 +88,7 @@

associated_data.size());

if (len < 0) {

- // Clear OpenSSL error stack.

- while (ERR_get_error()) {}

+ ClearOpenSslErrors();

return false;

}

@@ -82,21 +96,22 @@

return true;

}

-QuicData* Aes128Gcm12Decrypter::DecryptPacket(

+QuicData* AeadBaseDecrypter::DecryptPacket(

QuicPacketSequenceNumber sequence_number,

StringPiece associated_data,

StringPiece ciphertext) {

- if (ciphertext.length() < kAuthTagSize) {

+ if (ciphertext.length() < auth_tag_size_) {

return NULL;

}

size_t plaintext_size = ciphertext.length();

scoped_ptr<char[]> plaintext(new char[plaintext_size]);

- uint8 nonce[kNoncePrefixSize + sizeof(sequence_number)];

- COMPILE_ASSERT(sizeof(nonce) == kAESNonceSize, bad_sequence_number_size);

- memcpy(nonce, nonce_prefix_, kNoncePrefixSize);

- memcpy(nonce + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));

- if (!Decrypt(StringPiece(reinterpret_cast<char*>(nonce), sizeof(nonce)),

+ uint8 nonce[sizeof(nonce_prefix_) + sizeof(sequence_number)];

+ const size_t nonce_size = nonce_prefix_size_ + sizeof(sequence_number);

+ DCHECK_LE(nonce_size, sizeof(nonce));

+ memcpy(nonce, nonce_prefix_, nonce_prefix_size_);

+ memcpy(nonce + nonce_prefix_size_, &sequence_number, sizeof(sequence_number));

+ if (!Decrypt(StringPiece(reinterpret_cast<char*>(nonce), nonce_size),

associated_data, ciphertext,

reinterpret_cast<uint8*>(plaintext.get()),

&plaintext_size)) {

@@ -105,13 +120,16 @@

return new QuicData(plaintext.release(), plaintext_size, true);

}

-StringPiece Aes128Gcm12Decrypter::GetKey() const {

- return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));

+StringPiece AeadBaseDecrypter::GetKey() const {

+ return StringPiece(reinterpret_cast<const char*>(key_), key_size_);

}

-StringPiece Aes128Gcm12Decrypter::GetNoncePrefix() const {

+StringPiece AeadBaseDecrypter::GetNoncePrefix() const {

+ if (nonce_prefix_size_ == 0) {

+ return StringPiece();

+ }

return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),

- kNoncePrefixSize);

+ nonce_prefix_size_);

}

} // namespace net

« no previous file with comments | « net/quic/crypto/aead_base_decrypter_nss.cc ('k') | net/quic/crypto/aead_base_encrypter.h » ('j') | no next file with comments »