1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_CRYPTO_QUIC_DECRYPTER_H_ 6 #define QUICHE_QUIC_CORE_CRYPTO_QUIC_DECRYPTER_H_ 7 8 #include <cstddef> 9 #include <cstdint> 10 #include <memory> 11 #include <string> 12 13 #include "absl/strings/string_view.h" 14 #include "quiche/quic/core/crypto/quic_crypter.h" 15 #include "quiche/quic/core/quic_data_reader.h" 16 #include "quiche/quic/core/quic_packets.h" 17 #include "quiche/quic/platform/api/quic_export.h" 18 19 namespace quic { 20 21 class QUICHE_EXPORT QuicDecrypter : public QuicCrypter { 22 public: ~QuicDecrypter()23 virtual ~QuicDecrypter() {} 24 25 static std::unique_ptr<QuicDecrypter> Create(const ParsedQuicVersion& version, 26 QuicTag algorithm); 27 28 // Creates an IETF QuicDecrypter based on |cipher_suite| which must be an id 29 // returned by SSL_CIPHER_get_id. The caller is responsible for taking 30 // ownership of the new QuicDecrypter. 31 static std::unique_ptr<QuicDecrypter> CreateFromCipherSuite( 32 uint32_t cipher_suite); 33 34 // Sets the encryption key. Returns true on success, false on failure. 35 // |DecryptPacket| may not be called until |SetDiversificationNonce| is 36 // called and the preliminary keying material will be combined with that 37 // nonce in order to create the actual key and nonce-prefix. 38 // 39 // If this function is called, neither |SetKey| nor |SetNoncePrefix| may be 40 // called. 41 virtual bool SetPreliminaryKey(absl::string_view key) = 0; 42 43 // SetDiversificationNonce uses |nonce| to derive final keys based on the 44 // input keying material given by calling |SetPreliminaryKey|. 45 // 46 // Calling this function is a no-op if |SetPreliminaryKey| hasn't been 47 // called. 48 virtual bool SetDiversificationNonce(const DiversificationNonce& nonce) = 0; 49 50 // Populates |output| with the decrypted |ciphertext| and populates 51 // |output_length| with the length. Returns 0 if there is an error. 52 // |output| size is specified by |max_output_length| and must be 53 // at least as large as the ciphertext. |packet_number| is 54 // appended to the |nonce_prefix| value provided in SetNoncePrefix() 55 // to form the nonce. 56 // TODO(wtc): add a way for DecryptPacket to report decryption failure due 57 // to non-authentic inputs, as opposed to other reasons for failure. 58 virtual bool DecryptPacket(uint64_t packet_number, 59 absl::string_view associated_data, 60 absl::string_view ciphertext, char* output, 61 size_t* output_length, 62 size_t max_output_length) = 0; 63 64 // Reads a sample of ciphertext from |sample_reader| and uses the header 65 // protection key to generate a mask to use for header protection. If 66 // successful, this function returns this mask, which is at least 5 bytes 67 // long. Callers can detect failure by checking if the output string is empty. 68 virtual std::string GenerateHeaderProtectionMask( 69 QuicDataReader* sample_reader) = 0; 70 71 // The ID of the cipher. Return 0x03000000 ORed with the 'cryptographic suite 72 // selector'. 73 virtual uint32_t cipher_id() const = 0; 74 75 // Returns the maximum number of packets that can safely fail decryption with 76 // this decrypter. 77 virtual QuicPacketCount GetIntegrityLimit() const = 0; 78 79 // For use by unit tests only. 80 virtual absl::string_view GetKey() const = 0; 81 virtual absl::string_view GetNoncePrefix() const = 0; 82 83 static void DiversifyPreliminaryKey(absl::string_view preliminary_key, 84 absl::string_view nonce_prefix, 85 const DiversificationNonce& nonce, 86 size_t key_size, size_t nonce_prefix_size, 87 std::string* out_key, 88 std::string* out_nonce_prefix); 89 }; 90 91 } // namespace quic 92 93 #endif // QUICHE_QUIC_CORE_CRYPTO_QUIC_DECRYPTER_H_ 94