Home | History | Annotate | Download | only in crypto 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
      6 #define NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
      7 
      8 #include "net/base/net_export.h"
      9 #include "net/quic/crypto/crypto_protocol.h"
     10 #include "net/quic/quic_protocol.h"
     11 
     12 namespace net {
     13 
     14 class NET_EXPORT_PRIVATE QuicDecrypter {
     15  public:
     16   virtual ~QuicDecrypter() {}
     17 
     18   static QuicDecrypter* Create(QuicTag algorithm);
     19 
     20   // Sets the encryption key. Returns true on success, false on failure.
     21   //
     22   // NOTE: The key is the client_write_key or server_write_key derived from
     23   // the master secret.
     24   virtual bool SetKey(base::StringPiece key) = 0;
     25 
     26   // Sets the fixed initial bytes of the nonce. Returns true on success,
     27   // false on failure.
     28   //
     29   // NOTE: The nonce prefix is the client_write_iv or server_write_iv
     30   // derived from the master secret. A 64-bit packet sequence number will
     31   // be appended to form the nonce.
     32   //
     33   //                          <------------ 64 bits ----------->
     34   //   +---------------------+----------------------------------+
     35   //   |    Fixed prefix     |      Packet sequence number      |
     36   //   +---------------------+----------------------------------+
     37   //                          Nonce format
     38   //
     39   // The security of the nonce format requires that QUIC never reuse a
     40   // packet sequence number, even when retransmitting a lost packet.
     41   virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0;
     42 
     43   // Decrypt authenticates |associated_data| and |ciphertext| and then decrypts
     44   // |ciphertext| into |output|, using |nonce|. |nonce| must be 8 bytes longer
     45   // than the nonce prefix length returned by GetNoncePrefixSize() (of the
     46   // encrypter). |output| must be as long as |ciphertext| on entry and, on
     47   // successful return, the true length of the plaintext will be written to
     48   // |*output_length|.
     49   virtual bool Decrypt(base::StringPiece nonce,
     50                        base::StringPiece associated_data,
     51                        base::StringPiece ciphertext,
     52                        unsigned char* output,
     53                        size_t* output_length) = 0;
     54 
     55   // Returns a newly created QuicData object containing the decrypted
     56   // |ciphertext| or NULL if there is an error. |sequence_number| is
     57   // appended to the |nonce_prefix| value provided in SetNoncePrefix()
     58   // to form the nonce.
     59   // TODO(wtc): add a way for DecryptPacket to report decryption failure due
     60   // to non-authentic inputs, as opposed to other reasons for failure.
     61   virtual QuicData* DecryptPacket(QuicPacketSequenceNumber sequence_number,
     62                                   base::StringPiece associated_data,
     63                                   base::StringPiece ciphertext) = 0;
     64 
     65   // For use by unit tests only.
     66   virtual base::StringPiece GetKey() const = 0;
     67   virtual base::StringPiece GetNoncePrefix() const = 0;
     68 };
     69 
     70 }  // namespace net
     71 
     72 #endif  // NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
     73