Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(314)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_decrypter_openssl.cc

Issue 12623017: Add Aes128GcmEncrypter and Aes128GcmDecrypter (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Fix build errors. Add GetKey and GetNoncePrefix. Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/quic/crypto/aes_128_gcm_decrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_decrypter_test.cc » ('j') | net/quic/crypto/aes_128_gcm_decrypter_test.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/crypto/aes_128_gcm_decrypter.h"
6
7 #include <openssl/evp.h>
8
9 #include "base/memory/scoped_ptr.h"
10 #include "net/quic/crypto/scoped_evp_cipher_ctx.h"
11
12 using base::StringPiece;
13
14 namespace net {
15
16 namespace {
17
18 const size_t kKeySize = 16;
19 const size_t kNoncePrefixSize = 4;
20 const size_t kAuthTagSize = 16;
21
22 } // namespace
23
24 bool Aes128GcmDecrypter::SetKey(StringPiece key) {
25 DCHECK_EQ(key.size(), sizeof(key_));
26 if (key.size() != sizeof(key_)) {
27 return false;
28 }
29 memcpy(key_, key.data(), key.size());
30 return true;
31 }
32
33 bool Aes128GcmDecrypter::SetNoncePrefix(StringPiece nonce_prefix) {
34 DCHECK_EQ(nonce_prefix.size(), kNoncePrefixSize);
35 if (nonce_prefix.size() != kNoncePrefixSize) {
36 return false;
37 }
38 memcpy(nonce_, nonce_prefix.data(), nonce_prefix.size());
39 return true;
40 }
41
42 QuicData* Aes128GcmDecrypter::Decrypt(QuicPacketSequenceNumber sequence_number,
43 StringPiece associated_data,
44 StringPiece ciphertext) {
45 COMPILE_ASSERT(sizeof(nonce_) == kNoncePrefixSize + sizeof(sequence_number),
46 incorrect_nonce_size);
47 memcpy(nonce_ + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
48 return DecryptWithNonce(StringPiece(reinterpret_cast<char*>(nonce_),
49 sizeof(nonce_)),
50 associated_data, ciphertext);
51 }
52
53 StringPiece Aes128GcmDecrypter::GetKey() const {
54 return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));
55 }
56
57 StringPiece Aes128GcmDecrypter::GetNoncePrefix() const {
58 return StringPiece(reinterpret_cast<const char*>(nonce_), kNoncePrefixSize);
59 }
60
61 QuicData* Aes128GcmDecrypter::DecryptWithNonce(StringPiece nonce,
62 StringPiece associated_data,
63 StringPiece ciphertext) {
64 if (ciphertext.length() < kAuthTagSize) {
65 return NULL;
66 }
67 size_t plaintext_size = ciphertext.length() - kAuthTagSize;
68 scoped_ptr<char[]> plaintext(new char[plaintext_size]);
69
70 // |output| points to the position in the |plaintext| buffer to receive
71 // the next output.
72 unsigned char* output = reinterpret_cast<unsigned char*>(plaintext.get());
73 // |output_len| is passed to an OpenSSL function to receive the output
74 // length.
75 int output_len;
76
77 ScopedEVPCipherCtx ctx;
78
79 // Set the cipher type and the key. The IV (nonce) is set below.
80 if (EVP_DecryptInit_ex(ctx.get(), EVP_aes_128_gcm(), NULL, key_,
81 NULL) == 0) {
82 return NULL;
83 }
84
85 // Set the IV (nonce) length.
86 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_IVLEN, nonce.size(),
87 NULL) == 0) {
88 return NULL;
89 }
90 // Set the IV (nonce).
91 if (EVP_DecryptInit_ex(ctx.get(), NULL, NULL, NULL,
92 reinterpret_cast<const unsigned char*>(
93 nonce.data())) == 0) {
94 return NULL;
95 }
96
97 // Set the authentication tag.
98 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_TAG, kAuthTagSize,
99 const_cast<char*>(ciphertext.data()) +
100 plaintext_size) == 0) {
101 return NULL;
102 }
103
104 // Set the associated data. The second argument (output buffer) must be
105 // NULL.
106 if (EVP_DecryptUpdate(ctx.get(), NULL, &output_len,
107 reinterpret_cast<const unsigned char*>(
108 associated_data.data()),
109 associated_data.size()) == 0) {
110 return NULL;
111 }
112
113 if (EVP_DecryptUpdate(ctx.get(), output, &output_len,
114 reinterpret_cast<const unsigned char*>(
115 ciphertext.data()),
116 plaintext_size) == 0) {
117 return NULL;
118 }
119 output += output_len;
120
121 if (EVP_DecryptFinal_ex(ctx.get(), output, &output_len) == 0) {
122 return NULL;
123 }
124 output += output_len;
125
126 return new QuicData(plaintext.release(), plaintext_size, true);
127 }
128
129 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/aes_128_gcm_decrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_decrypter_test.cc » ('j') | net/quic/crypto/aes_128_gcm_decrypter_test.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698