| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ | 5 #ifndef NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ |
| 6 #define NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ | 6 #define NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ |
| 7 | 7 |
| 8 #include "net/base/net_export.h" | 8 #include "net/base/net_export.h" |
| 9 #include "net/quic/crypto/crypto_protocol.h" | 9 #include "net/quic/crypto/crypto_protocol.h" |
| 10 #include "net/quic/quic_protocol.h" | 10 #include "net/quic/quic_protocol.h" |
| 11 | 11 |
| 12 namespace net { | 12 namespace net { |
| 13 | 13 |
| 14 class NET_EXPORT_PRIVATE QuicDecrypter { | 14 class NET_EXPORT_PRIVATE QuicDecrypter { |
| 15 public: | 15 public: |
| 16 virtual ~QuicDecrypter() {} | 16 virtual ~QuicDecrypter() {} |
| 17 | 17 |
| 18 static QuicDecrypter* Create(CryptoTag algorithm); | 18 static QuicDecrypter* Create(CryptoTag algorithm); |
| 19 | 19 |
| 20 // Sets the encryption key. Returns true on success, false on failure. |
| 21 // |
| 22 // NOTE: The key is the client_write_key or server_write_key derived from |
| 23 // the master secret. |
| 24 virtual bool SetKey(base::StringPiece key) = 0; |
| 25 |
| 26 // Sets the fixed initial bytes of the nonce. Returns true on success, |
| 27 // false on failure. |
| 28 // |
| 29 // NOTE: The nonce prefix is the client_write_iv or server_write_iv |
| 30 // derived from the master secret. A 64-bit packet sequence number will |
| 31 // be appended to form the nonce. |
| 32 // |
| 33 // <------------ 64 bits -----------> |
| 34 // +---------------------+----------------------------------+ |
| 35 // | Fixed prefix | Packet sequence number | |
| 36 // +---------------------+----------------------------------+ |
| 37 // Nonce format |
| 38 // |
| 39 // The security of the nonce format requires that QUIC never reuse a |
| 40 // packet sequence number, even when retransmitting a lost packet. |
| 41 virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0; |
| 42 |
| 20 // Returns a newly created QuicData object containing the decrypted | 43 // Returns a newly created QuicData object containing the decrypted |
| 21 // |ciphertext| or NULL if there is an error. | 44 // |ciphertext| or NULL if there is an error. |sequence_number| is |
| 22 virtual QuicData* Decrypt(base::StringPiece associated_data, | 45 // appended to the |nonce_prefix| value provided in SetNoncePrefix() |
| 46 // to form the nonce. |
| 47 // TODO(wtc): add a way for Decrypt to report decryption failure due |
| 48 // to non-authentic inputs, as opposed to other reasons for failure. |
| 49 virtual QuicData* Decrypt(QuicPacketSequenceNumber sequence_number, |
| 50 base::StringPiece associated_data, |
| 23 base::StringPiece ciphertext) = 0; | 51 base::StringPiece ciphertext) = 0; |
| 24 }; | 52 }; |
| 25 | 53 |
| 26 } // namespace net | 54 } // namespace net |
| 27 | 55 |
| 28 #endif // NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ | 56 #endif // NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12334063:
Land recent QUIC changes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src