| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/quic_framer.h" | 5 #include "net/quic/core/quic_framer.h" |
| 6 | 6 |
| 7 #include <cstdint> | 7 #include <cstdint> |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| (...skipping 1555 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1566 | 1566 |
| 1567 size_t QuicFramer::EncryptInPlace(EncryptionLevel level, | 1567 size_t QuicFramer::EncryptInPlace(EncryptionLevel level, |
| 1568 QuicPathId path_id, | 1568 QuicPathId path_id, |
| 1569 QuicPacketNumber packet_number, | 1569 QuicPacketNumber packet_number, |
| 1570 size_t ad_len, | 1570 size_t ad_len, |
| 1571 size_t total_len, | 1571 size_t total_len, |
| 1572 size_t buffer_len, | 1572 size_t buffer_len, |
| 1573 char* buffer) { | 1573 char* buffer) { |
| 1574 size_t output_length = 0; | 1574 size_t output_length = 0; |
| 1575 if (!encrypter_[level]->EncryptPacket( | 1575 if (!encrypter_[level]->EncryptPacket( |
| 1576 quic_version_, path_id, packet_number, | 1576 quic_version_, packet_number, |
| 1577 StringPiece(buffer, ad_len), // Associated data | 1577 StringPiece(buffer, ad_len), // Associated data |
| 1578 StringPiece(buffer + ad_len, total_len - ad_len), // Plaintext | 1578 StringPiece(buffer + ad_len, total_len - ad_len), // Plaintext |
| 1579 buffer + ad_len, // Destination buffer | 1579 buffer + ad_len, // Destination buffer |
| 1580 &output_length, buffer_len - ad_len)) { | 1580 &output_length, buffer_len - ad_len)) { |
| 1581 RaiseError(QUIC_ENCRYPTION_FAILURE); | 1581 RaiseError(QUIC_ENCRYPTION_FAILURE); |
| 1582 return 0; | 1582 return 0; |
| 1583 } | 1583 } |
| 1584 | 1584 |
| 1585 return ad_len + output_length; | 1585 return ad_len + output_length; |
| 1586 } | 1586 } |
| 1587 | 1587 |
| 1588 size_t QuicFramer::EncryptPayload(EncryptionLevel level, | 1588 size_t QuicFramer::EncryptPayload(EncryptionLevel level, |
| 1589 QuicPathId path_id, | |
| 1590 QuicPacketNumber packet_number, | 1589 QuicPacketNumber packet_number, |
| 1591 const QuicPacket& packet, | 1590 const QuicPacket& packet, |
| 1592 char* buffer, | 1591 char* buffer, |
| 1593 size_t buffer_len) { | 1592 size_t buffer_len) { |
| 1594 DCHECK(encrypter_[level].get() != nullptr); | 1593 DCHECK(encrypter_[level].get() != nullptr); |
| 1595 | 1594 |
| 1596 StringPiece associated_data = packet.AssociatedData(quic_version_); | 1595 StringPiece associated_data = packet.AssociatedData(quic_version_); |
| 1597 // Copy in the header, because the encrypter only populates the encrypted | 1596 // Copy in the header, because the encrypter only populates the encrypted |
| 1598 // plaintext content. | 1597 // plaintext content. |
| 1599 const size_t ad_len = associated_data.length(); | 1598 const size_t ad_len = associated_data.length(); |
| 1600 memmove(buffer, associated_data.data(), ad_len); | 1599 memmove(buffer, associated_data.data(), ad_len); |
| 1601 // Encrypt the plaintext into the buffer. | 1600 // Encrypt the plaintext into the buffer. |
| 1602 size_t output_length = 0; | 1601 size_t output_length = 0; |
| 1603 if (!encrypter_[level]->EncryptPacket( | 1602 if (!encrypter_[level]->EncryptPacket( |
| 1604 quic_version_, path_id, packet_number, associated_data, | 1603 quic_version_, packet_number, associated_data, |
| 1605 packet.Plaintext(quic_version_), buffer + ad_len, &output_length, | 1604 packet.Plaintext(quic_version_), buffer + ad_len, &output_length, |
| 1606 buffer_len - ad_len)) { | 1605 buffer_len - ad_len)) { |
| 1607 RaiseError(QUIC_ENCRYPTION_FAILURE); | 1606 RaiseError(QUIC_ENCRYPTION_FAILURE); |
| 1608 return 0; | 1607 return 0; |
| 1609 } | 1608 } |
| 1610 | 1609 |
| 1611 return ad_len + output_length; | 1610 return ad_len + output_length; |
| 1612 } | 1611 } |
| 1613 | 1612 |
| 1614 size_t QuicFramer::GetMaxPlaintextSize(size_t ciphertext_size) { | 1613 size_t QuicFramer::GetMaxPlaintextSize(size_t ciphertext_size) { |
| (...skipping 21 matching lines...) Expand all Loading... |
| 1636 size_t* decrypted_length) { | 1635 size_t* decrypted_length) { |
| 1637 StringPiece encrypted = encrypted_reader->ReadRemainingPayload(); | 1636 StringPiece encrypted = encrypted_reader->ReadRemainingPayload(); |
| 1638 DCHECK(decrypter_.get() != nullptr); | 1637 DCHECK(decrypter_.get() != nullptr); |
| 1639 StringPiece associated_data = GetAssociatedDataFromEncryptedPacket( | 1638 StringPiece associated_data = GetAssociatedDataFromEncryptedPacket( |
| 1640 quic_version_, packet, header.public_header.connection_id_length, | 1639 quic_version_, packet, header.public_header.connection_id_length, |
| 1641 header.public_header.version_flag, header.public_header.multipath_flag, | 1640 header.public_header.version_flag, header.public_header.multipath_flag, |
| 1642 header.public_header.nonce != nullptr, | 1641 header.public_header.nonce != nullptr, |
| 1643 header.public_header.packet_number_length); | 1642 header.public_header.packet_number_length); |
| 1644 | 1643 |
| 1645 bool success = decrypter_->DecryptPacket( | 1644 bool success = decrypter_->DecryptPacket( |
| 1646 quic_version_, header.path_id, header.packet_number, associated_data, | 1645 quic_version_, header.packet_number, associated_data, encrypted, |
| 1647 encrypted, decrypted_buffer, decrypted_length, buffer_length); | 1646 decrypted_buffer, decrypted_length, buffer_length); |
| 1648 if (success) { | 1647 if (success) { |
| 1649 visitor_->OnDecryptedPacket(decrypter_level_); | 1648 visitor_->OnDecryptedPacket(decrypter_level_); |
| 1650 } else if (alternative_decrypter_.get() != nullptr) { | 1649 } else if (alternative_decrypter_.get() != nullptr) { |
| 1651 if (header.public_header.nonce != nullptr) { | 1650 if (header.public_header.nonce != nullptr) { |
| 1652 DCHECK_EQ(perspective_, Perspective::IS_CLIENT); | 1651 DCHECK_EQ(perspective_, Perspective::IS_CLIENT); |
| 1653 alternative_decrypter_->SetDiversificationNonce( | 1652 alternative_decrypter_->SetDiversificationNonce( |
| 1654 *header.public_header.nonce); | 1653 *header.public_header.nonce); |
| 1655 } | 1654 } |
| 1656 bool try_alternative_decryption = true; | 1655 bool try_alternative_decryption = true; |
| 1657 if (alternative_decrypter_level_ == ENCRYPTION_INITIAL) { | 1656 if (alternative_decrypter_level_ == ENCRYPTION_INITIAL) { |
| 1658 if (perspective_ == Perspective::IS_CLIENT) { | 1657 if (perspective_ == Perspective::IS_CLIENT) { |
| 1659 if (header.public_header.nonce == nullptr) { | 1658 if (header.public_header.nonce == nullptr) { |
| 1660 // Can not use INITIAL decryption without a diversification nonce. | 1659 // Can not use INITIAL decryption without a diversification nonce. |
| 1661 try_alternative_decryption = false; | 1660 try_alternative_decryption = false; |
| 1662 } | 1661 } |
| 1663 } else { | 1662 } else { |
| 1664 DCHECK(header.public_header.nonce == nullptr); | 1663 DCHECK(header.public_header.nonce == nullptr); |
| 1665 } | 1664 } |
| 1666 } | 1665 } |
| 1667 | 1666 |
| 1668 if (try_alternative_decryption) { | 1667 if (try_alternative_decryption) { |
| 1669 success = alternative_decrypter_->DecryptPacket( | 1668 success = alternative_decrypter_->DecryptPacket( |
| 1670 quic_version_, header.path_id, header.packet_number, associated_data, | 1669 quic_version_, header.packet_number, associated_data, encrypted, |
| 1671 encrypted, decrypted_buffer, decrypted_length, buffer_length); | 1670 decrypted_buffer, decrypted_length, buffer_length); |
| 1672 } | 1671 } |
| 1673 if (success) { | 1672 if (success) { |
| 1674 visitor_->OnDecryptedPacket(alternative_decrypter_level_); | 1673 visitor_->OnDecryptedPacket(alternative_decrypter_level_); |
| 1675 if (alternative_decrypter_latch_) { | 1674 if (alternative_decrypter_latch_) { |
| 1676 // Switch to the alternative decrypter and latch so that we cannot | 1675 // Switch to the alternative decrypter and latch so that we cannot |
| 1677 // switch back. | 1676 // switch back. |
| 1678 decrypter_ = std::move(alternative_decrypter_); | 1677 decrypter_ = std::move(alternative_decrypter_); |
| 1679 decrypter_level_ = alternative_decrypter_level_; | 1678 decrypter_level_ = alternative_decrypter_level_; |
| 1680 alternative_decrypter_level_ = ENCRYPTION_NONE; | 1679 alternative_decrypter_level_ = ENCRYPTION_NONE; |
| 1681 } else { | 1680 } else { |
| (...skipping 526 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2208 | 2207 |
| 2209 bool QuicFramer::RaiseError(QuicErrorCode error) { | 2208 bool QuicFramer::RaiseError(QuicErrorCode error) { |
| 2210 QUIC_DLOG(INFO) << ENDPOINT << "Error: " << QuicErrorCodeToString(error) | 2209 QUIC_DLOG(INFO) << ENDPOINT << "Error: " << QuicErrorCodeToString(error) |
| 2211 << " detail: " << detailed_error_; | 2210 << " detail: " << detailed_error_; |
| 2212 set_error(error); | 2211 set_error(error); |
| 2213 visitor_->OnError(this); | 2212 visitor_->OnError(this); |
| 2214 return false; | 2213 return false; |
| 2215 } | 2214 } |
| 2216 | 2215 |
| 2217 } // namespace net | 2216 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2679673005:
Remove path id from IV in QUIC encrytion algorithms. (Closed)
