xref: /aosp_15_r20/external/cronet/net/third_party/quiche/src/quiche/quic/core/crypto/chacha20_poly1305_decrypter.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "quiche/quic/core/crypto/chacha20_poly1305_decrypter.h"
6 
7 #include "openssl/aead.h"
8 #include "openssl/tls1.h"
9 
10 namespace quic {
11 
12 namespace {
13 
14 const size_t kKeySize = 32;
15 const size_t kNonceSize = 12;
16 
17 }  // namespace
18 
ChaCha20Poly1305Decrypter()19 ChaCha20Poly1305Decrypter::ChaCha20Poly1305Decrypter()
20     : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305, kKeySize, kAuthTagSize,
21                           kNonceSize,
22                           /* use_ietf_nonce_construction */ false) {
23   static_assert(kKeySize <= kMaxKeySize, "key size too big");
24   static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big");
25 }
26 
~ChaCha20Poly1305Decrypter()27 ChaCha20Poly1305Decrypter::~ChaCha20Poly1305Decrypter() {}
28 
cipher_id() const29 uint32_t ChaCha20Poly1305Decrypter::cipher_id() const {
30   return TLS1_CK_CHACHA20_POLY1305_SHA256;
31 }
32 
GetIntegrityLimit() const33 QuicPacketCount ChaCha20Poly1305Decrypter::GetIntegrityLimit() const {
34   // For AEAD_CHACHA20_POLY1305, the integrity limit is 2^36 invalid packets.
35   // https://quicwg.org/base-drafts/draft-ietf-quic-tls.html#name-limits-on-aead-usage
36   static_assert(kMaxIncomingPacketSize < 16384,
37                 "This key limit requires limits on decryption payload sizes");
38   return 68719476736U;
39 }
40 
41 }  // namespace quic
42