1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_CRYPTO_AEAD_BASE_ENCRYPTER_H_ 6 #define QUICHE_QUIC_CORE_CRYPTO_AEAD_BASE_ENCRYPTER_H_ 7 8 #include <cstddef> 9 10 #include "absl/strings/string_view.h" 11 #include "openssl/aead.h" 12 #include "quiche/quic/core/crypto/quic_encrypter.h" 13 #include "quiche/quic/platform/api/quic_export.h" 14 15 namespace quic { 16 17 // AeadBaseEncrypter is the base class of AEAD QuicEncrypter subclasses. 18 class QUICHE_EXPORT AeadBaseEncrypter : public QuicEncrypter { 19 public: 20 // This takes the function pointer rather than the EVP_AEAD itself so 21 // subclasses do not need to call CRYPTO_library_init. 22 AeadBaseEncrypter(const EVP_AEAD* (*aead_getter)(), size_t key_size, 23 size_t auth_tag_size, size_t nonce_size, 24 bool use_ietf_nonce_construction); 25 AeadBaseEncrypter(const AeadBaseEncrypter&) = delete; 26 AeadBaseEncrypter& operator=(const AeadBaseEncrypter&) = delete; 27 ~AeadBaseEncrypter() override; 28 29 // QuicEncrypter implementation 30 bool SetKey(absl::string_view key) override; 31 bool SetNoncePrefix(absl::string_view nonce_prefix) override; 32 bool SetIV(absl::string_view iv) override; 33 bool EncryptPacket(uint64_t packet_number, absl::string_view associated_data, 34 absl::string_view plaintext, char* output, 35 size_t* output_length, size_t max_output_length) override; 36 size_t GetKeySize() const override; 37 size_t GetNoncePrefixSize() const override; 38 size_t GetIVSize() const override; 39 size_t GetMaxPlaintextSize(size_t ciphertext_size) const override; 40 size_t GetCiphertextSize(size_t plaintext_size) const override; 41 absl::string_view GetKey() const override; 42 absl::string_view GetNoncePrefix() const override; 43 44 // Necessary so unit tests can explicitly specify a nonce, instead of an IV 45 // (or nonce prefix) and packet number. 46 bool Encrypt(absl::string_view nonce, absl::string_view associated_data, 47 absl::string_view plaintext, unsigned char* output); 48 49 protected: 50 // Make these constants available to the subclasses so that the subclasses 51 // can assert at compile time their key_size_ and nonce_size_ do not 52 // exceed the maximum. 53 static const size_t kMaxKeySize = 32; 54 enum : size_t { kMaxNonceSize = 12 }; 55 56 private: 57 const EVP_AEAD* const aead_alg_; 58 const size_t key_size_; 59 const size_t auth_tag_size_; 60 const size_t nonce_size_; 61 const bool use_ietf_nonce_construction_; 62 63 // The key. 64 unsigned char key_[kMaxKeySize]; 65 // The IV used to construct the nonce. 66 unsigned char iv_[kMaxNonceSize]; 67 68 bssl::ScopedEVP_AEAD_CTX ctx_; 69 }; 70 71 } // namespace quic 72 73 #endif // QUICHE_QUIC_CORE_CRYPTO_AEAD_BASE_ENCRYPTER_H_ 74