Index: net/quic/crypto/null_decrypter.cc |
diff --git a/net/quic/crypto/null_decrypter.cc b/net/quic/crypto/null_decrypter.cc |
index 4411b7c0ba1fe460a51f82bf05933041c4c02b7c..8a18172a5c299ded7443f1cbfae583fe8fbd18e2 100644 |
--- a/net/quic/crypto/null_decrypter.cc |
+++ b/net/quic/crypto/null_decrypter.cc |
@@ -19,28 +19,31 @@ bool NullDecrypter::SetNoncePrefix(StringPiece nonce_prefix) { |
return nonce_prefix.empty(); |
} |
-QuicData* NullDecrypter::DecryptPacket(QuicPacketSequenceNumber /*seq_number*/, |
- StringPiece associated_data, |
- StringPiece ciphertext) { |
- // It's worth duplicating |Decrypt|, above, in order to save a copy by using |
- // the shared-data QuicData constructor directly. |
+bool NullDecrypter::DecryptPacket(QuicPacketSequenceNumber /*seq_number*/, |
+ const StringPiece& associated_data, |
+ const StringPiece& ciphertext, |
+ char* output, |
+ size_t* output_length, |
+ size_t max_output_length) { |
QuicDataReader reader(ciphertext.data(), ciphertext.length()); |
- |
uint128 hash; |
+ |
if (!ReadHash(&reader, &hash)) { |
- return nullptr; |
+ return false; |
} |
StringPiece plaintext = reader.ReadRemainingPayload(); |
- |
- // TODO(rch): avoid buffer copy here |
- string buffer = associated_data.as_string(); |
- plaintext.AppendToString(&buffer); |
- |
- if (hash != ComputeHash(buffer)) { |
- return nullptr; |
+ if (plaintext.length() > max_output_length) { |
+ LOG(DFATAL) << "Output buffer must be larger than the plaintext."; |
+ return false; |
+ } |
+ if (hash != ComputeHash(associated_data, plaintext)) { |
+ return false; |
} |
- return new QuicData(plaintext.data(), plaintext.length()); |
+ // Copy the plaintext to output. |
+ memcpy(output, plaintext.data(), plaintext.length()); |
+ *output_length = plaintext.length(); |
+ return true; |
} |
StringPiece NullDecrypter::GetKey() const { return StringPiece(); } |
@@ -60,8 +63,10 @@ bool NullDecrypter::ReadHash(QuicDataReader* reader, uint128* hash) { |
return true; |
} |
-uint128 NullDecrypter::ComputeHash(const string& data) const { |
- uint128 correct_hash = QuicUtils::FNV1a_128_Hash(data.data(), data.length()); |
+uint128 NullDecrypter::ComputeHash(const StringPiece& data1, |
+ const StringPiece& data2) const { |
+ uint128 correct_hash = QuicUtils::FNV1a_128_Hash_Two( |
+ data1.data(), data1.length(), data2.data(), data2.length()); |
uint128 mask(GG_UINT64_C(0x0), GG_UINT64_C(0xffffffff)); |
mask <<= 96; |
correct_hash &= ~mask; |