xref: /aosp_15_r20/external/cronet/net/third_party/quiche/src/quiche/quic/core/crypto/crypto_secret_boxer.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef QUICHE_QUIC_CORE_CRYPTO_CRYPTO_SECRET_BOXER_H_
6 #define QUICHE_QUIC_CORE_CRYPTO_CRYPTO_SECRET_BOXER_H_
7 
8 #include <cstddef>
9 #include <memory>
10 #include <string>
11 #include <vector>
12 
13 #include "absl/strings/string_view.h"
14 #include "quiche/quic/core/crypto/quic_random.h"
15 #include "quiche/quic/platform/api/quic_export.h"
16 #include "quiche/quic/platform/api/quic_mutex.h"
17 
18 namespace quic {
19 
20 // CryptoSecretBoxer encrypts small chunks of plaintext (called 'boxing') and
21 // then, later, can authenticate+decrypt the resulting boxes. This object is
22 // thread-safe.
23 class QUICHE_EXPORT CryptoSecretBoxer {
24  public:
25   CryptoSecretBoxer();
26   CryptoSecretBoxer(const CryptoSecretBoxer&) = delete;
27   CryptoSecretBoxer& operator=(const CryptoSecretBoxer&) = delete;
28   ~CryptoSecretBoxer();
29 
30   // GetKeySize returns the number of bytes in a key.
31   static size_t GetKeySize();
32 
33   // SetKeys sets a list of encryption keys. The first key in the list will be
34   // used by |Box|, but all supplied keys will be tried by |Unbox|, to handle
35   // key skew across the fleet. This must be called before |Box| or |Unbox|.
36   // Keys must be |GetKeySize()| bytes long. No change is made if any key is
37   // invalid, or if there are no keys supplied.
38   bool SetKeys(const std::vector<std::string>& keys);
39 
40   // Box encrypts |plaintext| using a random nonce generated from |rand| and
41   // returns the resulting ciphertext. Since an authenticator and nonce are
42   // included, the result will be slightly larger than |plaintext|. The first
43   // key in the vector supplied to |SetKeys| will be used. |SetKeys| must be
44   // called before calling this method.
45   std::string Box(QuicRandom* rand, absl::string_view plaintext) const;
46 
47   // Unbox takes the result of a previous call to |Box| in |ciphertext| and
48   // authenticates+decrypts it. If |ciphertext| cannot be decrypted with any of
49   // the supplied keys, the function returns false. Otherwise, |out_storage| is
50   // used to store the result and |out| is set to point into |out_storage| and
51   // contains the original plaintext.
52   bool Unbox(absl::string_view ciphertext, std::string* out_storage,
53              absl::string_view* out) const;
54 
55  private:
56   struct State;
57 
58   mutable QuicMutex lock_;
59 
60   // state_ is an opaque pointer to whatever additional state the concrete
61   // implementation of CryptoSecretBoxer requires.
62   std::unique_ptr<State> state_ QUIC_GUARDED_BY(lock_);
63 };
64 
65 }  // namespace quic
66 
67 #endif  // QUICHE_QUIC_CORE_CRYPTO_CRYPTO_SECRET_BOXER_H_
68