Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(358)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/core/crypto/aead_base_decrypter.cc

Issue 2679673005: Remove path id from IV in QUIC encrytion algorithms. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/core/crypto/aead_base_decrypter.h ('k') | net/quic/core/crypto/aead_base_encrypter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/core/crypto/aead_base_decrypter.h" 5 #include "net/quic/core/crypto/aead_base_decrypter.h"
6 6
7 #include <cstdint> 7 #include <cstdint>
8 8
9 #include "net/quic/core/quic_utils.h" 9 #include "net/quic/core/quic_utils.h"
10 #include "net/quic/platform/api/quic_bug_tracker.h" 10 #include "net/quic/platform/api/quic_bug_tracker.h"
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after
109 if (!SetKey(key) || !SetNoncePrefix(nonce_prefix)) { 109 if (!SetKey(key) || !SetNoncePrefix(nonce_prefix)) {
110 DCHECK(false); 110 DCHECK(false);
111 return false; 111 return false;
112 } 112 }
113 113
114 have_preliminary_key_ = false; 114 have_preliminary_key_ = false;
115 return true; 115 return true;
116 } 116 }
117 117
118 bool AeadBaseDecrypter::DecryptPacket(QuicVersion /*version*/, 118 bool AeadBaseDecrypter::DecryptPacket(QuicVersion /*version*/,
119 QuicPathId path_id,
120 QuicPacketNumber packet_number, 119 QuicPacketNumber packet_number,
121 StringPiece associated_data, 120 StringPiece associated_data,
122 StringPiece ciphertext, 121 StringPiece ciphertext,
123 char* output, 122 char* output,
124 size_t* output_length, 123 size_t* output_length,
125 size_t max_output_length) { 124 size_t max_output_length) {
126 if (ciphertext.length() < auth_tag_size_) { 125 if (ciphertext.length() < auth_tag_size_) {
127 return false; 126 return false;
128 } 127 }
129 128
130 if (have_preliminary_key_) { 129 if (have_preliminary_key_) {
131 QUIC_BUG << "Unable to decrypt while key diversification is pending"; 130 QUIC_BUG << "Unable to decrypt while key diversification is pending";
132 return false; 131 return false;
133 } 132 }
134 133
135 uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)]; 134 uint8_t nonce[sizeof(nonce_prefix_) + sizeof(packet_number)];
136 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number); 135 const size_t nonce_size = nonce_prefix_size_ + sizeof(packet_number);
137 memcpy(nonce, nonce_prefix_, nonce_prefix_size_); 136 memcpy(nonce, nonce_prefix_, nonce_prefix_size_);
138 uint64_t path_id_packet_number = 137 memcpy(nonce + nonce_prefix_size_, &packet_number, sizeof(packet_number));
139 QuicUtils::PackPathIdAndPacketNumber(path_id, packet_number);
140 memcpy(nonce + nonce_prefix_size_, &path_id_packet_number,
141 sizeof(path_id_packet_number));
142 if (!EVP_AEAD_CTX_open( 138 if (!EVP_AEAD_CTX_open(
143 ctx_.get(), reinterpret_cast<uint8_t*>(output), output_length, 139 ctx_.get(), reinterpret_cast<uint8_t*>(output), output_length,
144 max_output_length, reinterpret_cast<const uint8_t*>(nonce), 140 max_output_length, reinterpret_cast<const uint8_t*>(nonce),
145 nonce_size, reinterpret_cast<const uint8_t*>(ciphertext.data()), 141 nonce_size, reinterpret_cast<const uint8_t*>(ciphertext.data()),
146 ciphertext.size(), 142 ciphertext.size(),
147 reinterpret_cast<const uint8_t*>(associated_data.data()), 143 reinterpret_cast<const uint8_t*>(associated_data.data()),
148 associated_data.size())) { 144 associated_data.size())) {
149 // Because QuicFramer does trial decryption, decryption errors are expected 145 // Because QuicFramer does trial decryption, decryption errors are expected
150 // when encryption level changes. So we don't log decryption errors. 146 // when encryption level changes. So we don't log decryption errors.
151 ClearOpenSslErrors(); 147 ClearOpenSslErrors();
152 return false; 148 return false;
153 } 149 }
154 return true; 150 return true;
155 } 151 }
156 152
157 StringPiece AeadBaseDecrypter::GetKey() const { 153 StringPiece AeadBaseDecrypter::GetKey() const {
158 return StringPiece(reinterpret_cast<const char*>(key_), key_size_); 154 return StringPiece(reinterpret_cast<const char*>(key_), key_size_);
159 } 155 }
160 156
161 StringPiece AeadBaseDecrypter::GetNoncePrefix() const { 157 StringPiece AeadBaseDecrypter::GetNoncePrefix() const {
162 if (nonce_prefix_size_ == 0) { 158 if (nonce_prefix_size_ == 0) {
163 return StringPiece(); 159 return StringPiece();
164 } 160 }
165 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), 161 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
166 nonce_prefix_size_); 162 nonce_prefix_size_);
167 } 163 }
168 164
169 } // namespace net 165 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/core/crypto/aead_base_decrypter.h ('k') | net/quic/core/crypto/aead_base_encrypter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698