Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(401)

Unified Diff: net/quic/crypto/aead_base_decrypter.cc

Issue 2193073003: Move shared files in net/quic/ into net/quic/core/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: io_thread_unittest.cc Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/quic/crypto/aead_base_decrypter.h ('k') | net/quic/crypto/aead_base_encrypter.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/quic/crypto/aead_base_decrypter.cc
diff --git a/net/quic/crypto/aead_base_decrypter.cc b/net/quic/crypto/aead_base_decrypter.cc
deleted file mode 100644
index 8b6661a9ba9c1f9e7f56fbe789170b8c7451cfc6..0000000000000000000000000000000000000000
--- a/net/quic/crypto/aead_base_decrypter.cc
+++ /dev/null
@@ -1,167 +0,0 @@
-// Copyright (c) 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-#include <memory>
-
-#include "net/quic/crypto/aead_base_decrypter.h"
-#include "net/quic/quic_bug_tracker.h"
-#include "net/quic/quic_flags.h"
-#include "net/quic/quic_utils.h"
-
-using base::StringPiece;
-using std::string;
-
-namespace net {
-
-namespace {
-
-// Clear OpenSSL error stack.
-void ClearOpenSslErrors() {
- while (ERR_get_error()) {
- }
-}
-
-// In debug builds only, log OpenSSL error stack. Then clear OpenSSL error
-// stack.
-void DLogOpenSslErrors() {
-#ifdef NDEBUG
- ClearOpenSslErrors();
-#else
- while (uint32_t error = ERR_get_error()) {
- char buf[120];
- ERR_error_string_n(error, buf, arraysize(buf));
- DLOG(ERROR) << "OpenSSL error: " << buf;
- }
-#endif
-}
-
-} // namespace
-
-AeadBaseDecrypter::AeadBaseDecrypter(const EVP_AEAD* aead_alg,
- size_t key_size,
- size_t auth_tag_size,
- size_t nonce_prefix_size)
- : aead_alg_(aead_alg),
- key_size_(key_size),
- auth_tag_size_(auth_tag_size),
- nonce_prefix_size_(nonce_prefix_size),
- have_preliminary_key_(false) {
- DCHECK_GT(256u, key_size);
- DCHECK_GT(256u, auth_tag_size);
- DCHECK_GT(256u, nonce_prefix_size);
- DCHECK_LE(key_size_, sizeof(key_));
- DCHECK_LE(nonce_prefix_size_, sizeof(nonce_prefix_));
-}
-
-AeadBaseDecrypter::~AeadBaseDecrypter() {}
-
-bool AeadBaseDecrypter::SetKey(StringPiece key) {
- DCHECK_EQ(key.size(), key_size_);
- if (key.size() != key_size_) {
- return false;
- }
- memcpy(key_, key.data(), key.size());
-
- EVP_AEAD_CTX_cleanup(ctx_.get());
- if (!EVP_AEAD_CTX_init(ctx_.get(), aead_alg_, key_, key_size_, auth_tag_size_,
- nullptr)) {
- DLogOpenSslErrors();
- return false;
- }
-
- return true;
-}
-
-bool AeadBaseDecrypter::SetNoncePrefix(StringPiece nonce_prefix) {
- DCHECK_EQ(nonce_prefix.size(), nonce_prefix_size_);
- if (nonce_prefix.size() != nonce_prefix_size_) {
- return false;
- }
- memcpy(nonce_prefix_, nonce_prefix.data(), nonce_prefix.size());
- return true;
-}
-
-bool AeadBaseDecrypter::SetPreliminaryKey(StringPiece key) {
- DCHECK(!have_preliminary_key_);
- SetKey(key);
- have_preliminary_key_ = true;
-
- return true;
-}
-
-bool AeadBaseDecrypter::SetDiversificationNonce(DiversificationNonce nonce) {
- if (!have_preliminary_key_) {
- return true;
- }
-
- string key, nonce_prefix;
- DiversifyPreliminaryKey(
- StringPiece(reinterpret_cast<const char*>(key_), key_size_),
- StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
- nonce_prefix_size_),
- nonce, key_size_, nonce_prefix_size_, &key, &nonce_prefix);
-
- if (!SetKey(key) || !SetNoncePrefix(nonce_prefix)) {
- DCHECK(false);
- return false;
- }
-
- have_preliminary_key_ = false;
- return true;
-}
-
-bool AeadBaseDecrypter::DecryptPacket(QuicPathId path_id,
- QuicPacketNumber packet_number,
- StringPiece associated_data,
- StringPiece ciphertext,
- char* output,
- size_t* output_length,
- size_t max_output_length) {
- if (ciphertext.length() < auth_tag_size_) {
- return false;
- }
-
- if (have_preliminary_key_) {
- QUIC_BUG << "Unable to decrypt while key diversification is pending";
- return false;
- }
-
- uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)];
- const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number);
- memcpy(nonce, nonce_prefix_, nonce_prefix_size_);
- uint64_t path_id_packet_number =
- QuicUtils::PackPathIdAndPacketNumber(path_id, packet_number);
- memcpy(nonce + nonce_prefix_size_, &path_id_packet_number,
- sizeof(path_id_packet_number));
- if (!EVP_AEAD_CTX_open(
- ctx_.get(), reinterpret_cast<uint8_t*>(output), output_length,
- max_output_length, reinterpret_cast<const uint8_t*>(nonce),
- nonce_size, reinterpret_cast<const uint8_t*>(ciphertext.data()),
- ciphertext.size(),
- reinterpret_cast<const uint8_t*>(associated_data.data()),
- associated_data.size())) {
- // Because QuicFramer does trial decryption, decryption errors are expected
- // when encryption level changes. So we don't log decryption errors.
- ClearOpenSslErrors();
- return false;
- }
- return true;
-}
-
-StringPiece AeadBaseDecrypter::GetKey() const {
- return StringPiece(reinterpret_cast<const char*>(key_), key_size_);
-}
-
-StringPiece AeadBaseDecrypter::GetNoncePrefix() const {
- if (nonce_prefix_size_ == 0) {
- return StringPiece();
- }
- return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
- nonce_prefix_size_);
-}
-
-} // namespace net
« no previous file with comments | « net/quic/crypto/aead_base_decrypter.h ('k') | net/quic/crypto/aead_base_encrypter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698