xref: /aosp_15_r20/external/cronet/net/third_party/quiche/src/quiche/quic/core/crypto/quic_encrypter.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_
6 #define QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_
7 
8 #include <cstddef>
9 #include <memory>
10 
11 #include "absl/strings/string_view.h"
12 #include "quiche/quic/core/crypto/quic_crypter.h"
13 #include "quiche/quic/core/quic_packets.h"
14 #include "quiche/quic/platform/api/quic_export.h"
15 
16 namespace quic {
17 
18 class QUICHE_EXPORT QuicEncrypter : public QuicCrypter {
19  public:
~QuicEncrypter()20   virtual ~QuicEncrypter() {}
21 
22   static std::unique_ptr<QuicEncrypter> Create(const ParsedQuicVersion& version,
23                                                QuicTag algorithm);
24 
25   // Creates an IETF QuicEncrypter based on |cipher_suite| which must be an id
26   // returned by SSL_CIPHER_get_id. The caller is responsible for taking
27   // ownership of the new QuicEncrypter.
28   static std::unique_ptr<QuicEncrypter> CreateFromCipherSuite(
29       uint32_t cipher_suite);
30 
31   // Writes encrypted |plaintext| and a MAC over |plaintext| and
32   // |associated_data| into output. Sets |output_length| to the number of
33   // bytes written. Returns true on success or false if there was an error.
34   // |packet_number| is appended to the |nonce_prefix| value provided in
35   // SetNoncePrefix() to form the nonce. |output| must not overlap with
36   // |associated_data|. If |output| overlaps with |plaintext| then
37   // |plaintext| must be <= |output|.
38   virtual bool EncryptPacket(uint64_t packet_number,
39                              absl::string_view associated_data,
40                              absl::string_view plaintext, char* output,
41                              size_t* output_length,
42                              size_t max_output_length) = 0;
43 
44   // Takes a |sample| of ciphertext and uses the header protection key to
45   // generate a mask to use for header protection, and returns that mask. On
46   // success, the mask will be at least 5 bytes long; on failure the string will
47   // be empty.
48   virtual std::string GenerateHeaderProtectionMask(
49       absl::string_view sample) = 0;
50 
51   // Returns the maximum length of plaintext that can be encrypted
52   // to ciphertext no larger than |ciphertext_size|.
53   virtual size_t GetMaxPlaintextSize(size_t ciphertext_size) const = 0;
54 
55   // Returns the length of the ciphertext that would be generated by encrypting
56   // to plaintext of size |plaintext_size|.
57   virtual size_t GetCiphertextSize(size_t plaintext_size) const = 0;
58 
59   // Returns the maximum number of packets that can be safely encrypted with
60   // this encrypter.
61   virtual QuicPacketCount GetConfidentialityLimit() const = 0;
62 
63   // For use by unit tests only.
64   virtual absl::string_view GetKey() const = 0;
65   virtual absl::string_view GetNoncePrefix() const = 0;
66 };
67 
68 }  // namespace quic
69 
70 #endif  // QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_
71