Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(107)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_encrypter_openssl.cc

Issue 12623017: Add Aes128GcmEncrypter and Aes128GcmDecrypter (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Fix build errors. Add GetKey and GetNoncePrefix. Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/quic/crypto/aes_128_gcm_decrypter_test.cc ('K') | « net/quic/crypto/aes_128_gcm_encrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_encrypter_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/crypto/aes_128_gcm_encrypter.h"
6
7 #include <openssl/evp.h>
8 #include <string.h>
9
10 #include "base/memory/scoped_ptr.h"
11 #include "net/quic/crypto/scoped_evp_cipher_ctx.h"
12
13 using base::StringPiece;
14
15 namespace net {
16
17 namespace {
18
19 const size_t kKeySize = 16;
20 const size_t kNoncePrefixSize = 4;
21 const size_t kAuthTagSize = 16;
22
23 } // namespace
24
25 bool Aes128GcmEncrypter::SetKey(StringPiece key) {
26 DCHECK_EQ(key.size(), sizeof(key_));
27 if (key.size() != sizeof(key_)) {
28 return false;
29 }
30 memcpy(key_, key.data(), key.size());
31 return true;
32 }
33
34 bool Aes128GcmEncrypter::SetNoncePrefix(StringPiece nonce_prefix) {
35 DCHECK_EQ(nonce_prefix.size(), kNoncePrefixSize);
36 if (nonce_prefix.size() != kNoncePrefixSize) {
37 return false;
38 }
39 memcpy(nonce_, nonce_prefix.data(), nonce_prefix.size());
40 return true;
41 }
42
43 QuicData* Aes128GcmEncrypter::Encrypt(QuicPacketSequenceNumber sequence_number,
44 StringPiece associated_data,
45 StringPiece plaintext) {
46 COMPILE_ASSERT(sizeof(nonce_) == kNoncePrefixSize + sizeof(sequence_number),
47 incorrect_nonce_size);
48 memcpy(nonce_ + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
49 return EncryptWithNonce(StringPiece(reinterpret_cast<char*>(nonce_),
50 sizeof(nonce_)),
51 associated_data, plaintext);
52 }
53
54 size_t Aes128GcmEncrypter::GetKeySize() const {
55 return kKeySize;
56 }
57
58 size_t Aes128GcmEncrypter::GetNoncePrefixSize() const {
59 return kNoncePrefixSize;
60 }
61
62 size_t Aes128GcmEncrypter::GetMaxPlaintextSize(size_t ciphertext_size) const {
63 return ciphertext_size - kAuthTagSize;
64 }
65
66 // An AEAD_AES_128_GCM ciphertext is exactly 16 bytes longer than its
67 // corresponding plaintext.
68 size_t Aes128GcmEncrypter::GetCiphertextSize(size_t plaintext_size) const {
69 return plaintext_size + kAuthTagSize;
70 }
71
72 QuicData* Aes128GcmEncrypter::EncryptWithNonce(StringPiece nonce,
73 StringPiece associated_data,
74 StringPiece plaintext) {
75 size_t ciphertext_size = GetCiphertextSize(plaintext.length());
76 scoped_ptr<char[]> ciphertext(new char[ciphertext_size]);
77
78 // |output| points to the position in the |ciphertext| buffer to receive
79 // the next output.
80 unsigned char* output = reinterpret_cast<unsigned char*>(ciphertext.get());
81 // |output_len| is passed to an OpenSSL function to receive the output
82 // length.
83 int output_len;
84
85 ScopedEVPCipherCtx ctx;
86
87 // Set the cipher type and the key. The IV (nonce) is set below.
88 if (EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_gcm(), NULL, key_,
89 NULL) == 0) {
90 return NULL;
91 }
92
93 // Set the IV (nonce) length.
94 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_IVLEN, nonce.size(),
95 NULL) == 0) {
96 return NULL;
97 }
98 // Set the IV (nonce).
99 if (EVP_EncryptInit_ex(ctx.get(), NULL, NULL, NULL,
100 reinterpret_cast<const unsigned char*>(
101 nonce.data())) == 0) {
102 return NULL;
103 }
104
105 // Set the associated data. The second argument (output buffer) must be
106 // NULL.
107 if (EVP_EncryptUpdate(ctx.get(), NULL, &output_len,
108 reinterpret_cast<const unsigned char*>(
109 associated_data.data()),
110 associated_data.size()) == 0) {
111 return NULL;
112 }
113
114 if (EVP_EncryptUpdate(ctx.get(), output, &output_len,
115 reinterpret_cast<const unsigned char*>(
116 plaintext.data()),
117 plaintext.size()) == 0) {
118 return NULL;
119 }
120 output += output_len;
121
122 if (EVP_EncryptFinal_ex(ctx.get(), output, &output_len) == 0) {
123 return NULL;
124 }
125 output += output_len;
126
127 if (EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_GET_TAG, kAuthTagSize,
128 output) == 0) {
129 return NULL;
130 }
131
132 return new QuicData(ciphertext.release(), ciphertext_size, true);
133 }
134
135 StringPiece Aes128GcmEncrypter::GetKey() const {
136 return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));
137 }
138
139 StringPiece Aes128GcmEncrypter::GetNoncePrefix() const {
140 return StringPiece(reinterpret_cast<const char*>(nonce_), kNoncePrefixSize);
141 }
142
143 } // namespace net
OLDNEW
« net/quic/crypto/aes_128_gcm_decrypter_test.cc ('K') | « net/quic/crypto/aes_128_gcm_encrypter_nss.cc ('k') | net/quic/crypto/aes_128_gcm_encrypter_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698