Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(23)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/quic_decrypter.h

Issue 2193073003: Move shared files in net/quic/ into net/quic/core/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: io_thread_unittest.cc Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/quic_crypto_server_config_test.cc ('k') | net/quic/crypto/quic_decrypter.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
6 #define NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
7
8 #include <stddef.h>
9 #include <stdint.h>
10
11 #include "net/base/net_export.h"
12 #include "net/quic/quic_protocol.h"
13
14 namespace net {
15
16 class NET_EXPORT_PRIVATE QuicDecrypter {
17 public:
18 virtual ~QuicDecrypter() {}
19
20 static QuicDecrypter* Create(QuicTag algorithm);
21
22 // Sets the encryption key. Returns true on success, false on failure.
23 //
24 // NOTE: The key is the client_write_key or server_write_key derived from
25 // the master secret.
26 virtual bool SetKey(base::StringPiece key) = 0;
27
28 // Sets the fixed initial bytes of the nonce. Returns true on success,
29 // false on failure.
30 //
31 // NOTE: The nonce prefix is the client_write_iv or server_write_iv
32 // derived from the master secret. A 64-bit packet number will
33 // be appended to form the nonce.
34 //
35 // <------------ 64 bits ----------->
36 // +---------------------+----------------------------------+
37 // | Fixed prefix | packet number |
38 // +---------------------+----------------------------------+
39 // Nonce format
40 //
41 // The security of the nonce format requires that QUIC never reuse a
42 // packet number, even when retransmitting a lost packet.
43 virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0;
44
45 // Sets the encryption key. Returns true on success, false on failure.
46 // |DecryptPacket| may not be called until |SetDiversificationNonce| is
47 // called and the preliminary keying material will be combined with that
48 // nonce in order to create the actual key and nonce-prefix.
49 //
50 // If this function is called, neither |SetKey| nor |SetNoncePrefix| may be
51 // called.
52 virtual bool SetPreliminaryKey(base::StringPiece key) = 0;
53
54 // SetDiversificationNonce uses |nonce| to derive final keys based on the
55 // input keying material given by calling |SetPreliminaryKey|.
56 //
57 // Calling this function is a no-op if |SetPreliminaryKey| hasn't been
58 // called.
59 virtual bool SetDiversificationNonce(DiversificationNonce nonce) = 0;
60
61 // Populates |output| with the decrypted |ciphertext| and populates
62 // |output_length| with the length. Returns 0 if there is an error.
63 // |output| size is specified by |max_output_length| and must be
64 // at least as large as the ciphertext. |packet_number| is
65 // appended to the |nonce_prefix| value provided in SetNoncePrefix()
66 // to form the nonce.
67 // TODO(wtc): add a way for DecryptPacket to report decryption failure due
68 // to non-authentic inputs, as opposed to other reasons for failure.
69 virtual bool DecryptPacket(QuicPathId path_id,
70 QuicPacketNumber packet_number,
71 base::StringPiece associated_data,
72 base::StringPiece ciphertext,
73 char* output,
74 size_t* output_length,
75 size_t max_output_length) = 0;
76
77 // The name of the cipher.
78 virtual const char* cipher_name() const = 0;
79 // The ID of the cipher. Return 0x03000000 ORed with the 'cryptographic suite
80 // selector'.
81 virtual uint32_t cipher_id() const = 0;
82
83 // For use by unit tests only.
84 virtual base::StringPiece GetKey() const = 0;
85 virtual base::StringPiece GetNoncePrefix() const = 0;
86
87 static void DiversifyPreliminaryKey(base::StringPiece preliminary_key,
88 base::StringPiece nonce_prefix,
89 DiversificationNonce nonce,
90 size_t key_size,
91 size_t nonce_prefix_size,
92 std::string* out_key,
93 std::string* out_nonce_prefix);
94 };
95
96 } // namespace net
97
98 #endif // NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
OLDNEW
« no previous file with comments | « net/quic/crypto/quic_crypto_server_config_test.cc ('k') | net/quic/crypto/quic_decrypter.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698