Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(162)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_12_encrypter_nss.cc

Issue 20227003: Land Recent QUIC changes. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Land Recent QUIC changes Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/quic/crypto/aes_128_gcm_12_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_12_encrypter_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" 5 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
6 6
7 #include <nss.h> 7 #include <nss.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 #include <secerr.h> 9 #include <secerr.h>
10 10
(...skipping 232 matching lines...) Expand 10 before | Expand all | Expand 10 after
243 for (unsigned int i = 0; i < Aes128Gcm12Encrypter::kAuthTagSize; i++) { 243 for (unsigned int i = 0; i < Aes128Gcm12Encrypter::kAuthTagSize; i++) {
244 out[output_len + i] ^= tag_mask[i]; 244 out[output_len + i] ^= tag_mask[i];
245 } 245 }
246 246
247 *out_len = output_len + Aes128Gcm12Encrypter::kAuthTagSize; 247 *out_len = output_len + Aes128Gcm12Encrypter::kAuthTagSize;
248 return SECSuccess; 248 return SECSuccess;
249 } 249 }
250 250
251 } // namespace 251 } // namespace
252 252
253 Aes128Gcm12Encrypter::Aes128Gcm12Encrypter() { 253 Aes128Gcm12Encrypter::Aes128Gcm12Encrypter() : last_seq_num_(0) {
254 ignore_result(g_gcm_support_checker.Get()); 254 ignore_result(g_gcm_support_checker.Get());
255 } 255 }
256 256
257 Aes128Gcm12Encrypter::~Aes128Gcm12Encrypter() {} 257 Aes128Gcm12Encrypter::~Aes128Gcm12Encrypter() {}
258 258
259 // static 259 // static
260 bool Aes128Gcm12Encrypter::IsSupported() { 260 bool Aes128Gcm12Encrypter::IsSupported() {
261 // NSS 3.15 supports CKM_AES_GCM directly. 261 // NSS 3.15 supports CKM_AES_GCM directly.
262 // NSS 3.14 supports CKM_AES_CTR, which can be used to emulate CKM_AES_GCM. 262 // NSS 3.14 supports CKM_AES_CTR, which can be used to emulate CKM_AES_GCM.
263 // Versions earlier than NSS 3.14 are not supported. 263 // Versions earlier than NSS 3.14 are not supported.
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
343 return true; 343 return true;
344 } 344 }
345 345
346 QuicData* Aes128Gcm12Encrypter::EncryptPacket( 346 QuicData* Aes128Gcm12Encrypter::EncryptPacket(
347 QuicPacketSequenceNumber sequence_number, 347 QuicPacketSequenceNumber sequence_number,
348 StringPiece associated_data, 348 StringPiece associated_data,
349 StringPiece plaintext) { 349 StringPiece plaintext) {
350 size_t ciphertext_size = GetCiphertextSize(plaintext.length()); 350 size_t ciphertext_size = GetCiphertextSize(plaintext.length());
351 scoped_ptr<char[]> ciphertext(new char[ciphertext_size]); 351 scoped_ptr<char[]> ciphertext(new char[ciphertext_size]);
352 352
353 if (last_seq_num_ != 0 && sequence_number <= last_seq_num_) {
354 DLOG(FATAL) << "Sequence numbers regressed";
355 return NULL;
356 }
357 last_seq_num_ = sequence_number;
358
353 uint8 nonce[kNoncePrefixSize + sizeof(sequence_number)]; 359 uint8 nonce[kNoncePrefixSize + sizeof(sequence_number)];
354 COMPILE_ASSERT(sizeof(nonce) == kAESNonceSize, bad_sequence_number_size); 360 COMPILE_ASSERT(sizeof(nonce) == kAESNonceSize, bad_sequence_number_size);
355 memcpy(nonce, nonce_prefix_, kNoncePrefixSize); 361 memcpy(nonce, nonce_prefix_, kNoncePrefixSize);
356 memcpy(nonce + kNoncePrefixSize, &sequence_number, sizeof(sequence_number)); 362 memcpy(nonce + kNoncePrefixSize, &sequence_number, sizeof(sequence_number));
357 if (!Encrypt(StringPiece(reinterpret_cast<char*>(nonce), sizeof(nonce)), 363 if (!Encrypt(StringPiece(reinterpret_cast<char*>(nonce), sizeof(nonce)),
358 associated_data, plaintext, 364 associated_data, plaintext,
359 reinterpret_cast<unsigned char*>(ciphertext.get()))) { 365 reinterpret_cast<unsigned char*>(ciphertext.get()))) {
360 return NULL; 366 return NULL;
361 } 367 }
362 368
(...skipping 19 matching lines...) Expand all
382 StringPiece Aes128Gcm12Encrypter::GetKey() const { 388 StringPiece Aes128Gcm12Encrypter::GetKey() const {
383 return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_)); 389 return StringPiece(reinterpret_cast<const char*>(key_), sizeof(key_));
384 } 390 }
385 391
386 StringPiece Aes128Gcm12Encrypter::GetNoncePrefix() const { 392 StringPiece Aes128Gcm12Encrypter::GetNoncePrefix() const {
387 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_), 393 return StringPiece(reinterpret_cast<const char*>(nonce_prefix_),
388 kNoncePrefixSize); 394 kNoncePrefixSize);
389 } 395 }
390 396
391 } // namespace net 397 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/aes_128_gcm_12_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_12_encrypter_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698