blob: cf7e412f890189c131ef33518eea27ef8aeab99d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_QUIC_CRYPTO_AES_128_GCM_DECRYPTER_H_
#define NET_QUIC_CRYPTO_AES_128_GCM_DECRYPTER_H_
#include <string>
#include "base/compiler_specific.h"
#include "net/quic/crypto/quic_decrypter.h"
namespace net {
namespace test {
class Aes128GcmDecrypterPeer;
} // namespace test
// An Aes128GcmDecrypter is a QuicDecrypter that implements the
// AEAD_AES_128_GCM algorithm specified in RFC 5116. Create an instance by
// calling QuicDecrypter::Create(kAESG).
//
// It uses an authentication tag of 16 bytes (128 bits). The fixed prefix
// of the nonce is four bytes.
class NET_EXPORT_PRIVATE Aes128GcmDecrypter : public QuicDecrypter {
public:
Aes128GcmDecrypter();
virtual ~Aes128GcmDecrypter() {}
// Returns true if the underlying crypto library supports AES GCM.
static bool IsSupported();
// QuicDecrypter implementation
virtual bool SetKey(base::StringPiece key) OVERRIDE;
virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) OVERRIDE;
virtual bool Decrypt(base::StringPiece nonce,
base::StringPiece associated_data,
base::StringPiece ciphertext,
unsigned char* output,
size_t* output_length) OVERRIDE;
virtual QuicData* DecryptPacket(QuicPacketSequenceNumber sequence_number,
base::StringPiece associated_data,
base::StringPiece ciphertext) OVERRIDE;
virtual base::StringPiece GetKey() const OVERRIDE;
virtual base::StringPiece GetNoncePrefix() const OVERRIDE;
private:
// The 128-bit AES key.
unsigned char key_[16];
// The nonce, a concatenation of a four-byte fixed prefix and a 8-byte
// packet sequence number.
unsigned char nonce_[12];
};
} // namespace net
#endif // NET_QUIC_CRYPTO_AES_128_GCM_DECRYPTER_H_
|
