| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef NET_QUIC_CRYPTO_AES_128_GCM_ENCRYPTER_H_ |
| 6 #define NET_QUIC_CRYPTO_AES_128_GCM_ENCRYPTER_H_ |
| 7 |
| 8 #include <string> |
| 9 |
| 10 #include "base/compiler_specific.h" |
| 11 #include "net/quic/crypto/quic_encrypter.h" |
| 12 |
| 13 namespace net { |
| 14 |
| 15 namespace test { |
| 16 class Aes128GcmEncrypterPeer; |
| 17 } // namespace test |
| 18 |
| 19 // An Aes128GcmEncrypter is a QuicEncrypter that implements the |
| 20 // AEAD_AES_128_GCM algorithm specified in RFC 5116. Create an instance by |
| 21 // calling QuicEncrypter::Create(kAESG). |
| 22 // |
| 23 // It uses an authentication tag of 16 bytes (128 bits). The fixed prefix |
| 24 // of the nonce is four bytes. |
| 25 class NET_EXPORT_PRIVATE Aes128GcmEncrypter : public QuicEncrypter { |
| 26 public: |
| 27 virtual ~Aes128GcmEncrypter() {} |
| 28 |
| 29 // Returns true if the underlying crypto library supports AES GCM. |
| 30 #if defined(USE_OPENSSL) |
| 31 static bool IsSupported() { return true; } |
| 32 #else |
| 33 static bool IsSupported(); |
| 34 #endif |
| 35 |
| 36 // QuicEncrypter implementation |
| 37 virtual bool SetKey(base::StringPiece key) OVERRIDE; |
| 38 virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) OVERRIDE; |
| 39 virtual QuicData* Encrypt(QuicPacketSequenceNumber sequence_number, |
| 40 base::StringPiece associated_data, |
| 41 base::StringPiece plaintext) OVERRIDE; |
| 42 virtual size_t GetKeySize() const OVERRIDE; |
| 43 virtual size_t GetNoncePrefixSize() const OVERRIDE; |
| 44 virtual size_t GetMaxPlaintextSize(size_t ciphertext_size) const OVERRIDE; |
| 45 virtual size_t GetCiphertextSize(size_t plaintext_size) const OVERRIDE; |
| 46 virtual base::StringPiece GetKey() const OVERRIDE; |
| 47 virtual base::StringPiece GetNoncePrefix() const OVERRIDE; |
| 48 |
| 49 private: |
| 50 friend class test::Aes128GcmEncrypterPeer; |
| 51 |
| 52 // The same as Encrypt(), except that the supplied |nonce| argument rather |
| 53 // than the |nonce_| member is used as the nonce. This method is useful |
| 54 // for testing the underlying AES GCM implementation. |
| 55 QuicData* EncryptWithNonce(base::StringPiece nonce, |
| 56 base::StringPiece associated_data, |
| 57 base::StringPiece plaintext); |
| 58 |
| 59 // The 128-bit AES key. |
| 60 unsigned char key_[16]; |
| 61 // The nonce, a concatenation of a four-byte fixed prefix and a 8-byte |
| 62 // packet sequence number. |
| 63 unsigned char nonce_[12]; |
| 64 }; |
| 65 |
| 66 } // namespace net |
| 67 |
| 68 #endif // NET_QUIC_CRYPTO_AES_128_GCM_ENCRYPTER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12623017:
Add Aes128GcmEncrypter and Aes128GcmDecrypter (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/