Home | History | Annotate | Download | only in crypto 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
      6 #define NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
      7 
      8 #include "net/base/net_export.h"
      9 #include "net/quic/quic_protocol.h"
     10 
     11 namespace net {
     12 
     13 class NET_EXPORT_PRIVATE QuicDecrypter {
     14  public:
     15   virtual ~QuicDecrypter() {}
     16 
     17   static QuicDecrypter* Create(QuicTag algorithm);
     18 
     19   // Sets the encryption key. Returns true on success, false on failure.
     20   //
     21   // NOTE: The key is the client_write_key or server_write_key derived from
     22   // the master secret.
     23   virtual bool SetKey(base::StringPiece key) = 0;
     24 
     25   // Sets the fixed initial bytes of the nonce. Returns true on success,
     26   // false on failure.
     27   //
     28   // NOTE: The nonce prefix is the client_write_iv or server_write_iv
     29   // derived from the master secret. A 64-bit packet sequence number will
     30   // be appended to form the nonce.
     31   //
     32   //                          <------------ 64 bits ----------->
     33   //   +---------------------+----------------------------------+
     34   //   |    Fixed prefix     |      Packet sequence number      |
     35   //   +---------------------+----------------------------------+
     36   //                          Nonce format
     37   //
     38   // The security of the nonce format requires that QUIC never reuse a
     39   // packet sequence number, even when retransmitting a lost packet.
     40   virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0;
     41 
     42   // Decrypt authenticates |associated_data| and |ciphertext| and then decrypts
     43   // |ciphertext| into |output|, using |nonce|. |nonce| must be 8 bytes longer
     44   // than the nonce prefix length returned by GetNoncePrefixSize() (of the
     45   // encrypter). |output| must be as long as |ciphertext| on entry and, on
     46   // successful return, the true length of the plaintext will be written to
     47   // |*output_length|.
     48   virtual bool Decrypt(base::StringPiece nonce,
     49                        base::StringPiece associated_data,
     50                        base::StringPiece ciphertext,
     51                        unsigned char* output,
     52                        size_t* output_length) = 0;
     53 
     54   // Returns a newly created QuicData object containing the decrypted
     55   // |ciphertext| or NULL if there is an error. |sequence_number| is
     56   // appended to the |nonce_prefix| value provided in SetNoncePrefix()
     57   // to form the nonce.
     58   // TODO(wtc): add a way for DecryptPacket to report decryption failure due
     59   // to non-authentic inputs, as opposed to other reasons for failure.
     60   virtual QuicData* DecryptPacket(QuicPacketSequenceNumber sequence_number,
     61                                   base::StringPiece associated_data,
     62                                   base::StringPiece ciphertext) = 0;
     63 
     64   // For use by unit tests only.
     65   virtual base::StringPiece GetKey() const = 0;
     66   virtual base::StringPiece GetNoncePrefix() const = 0;
     67 };
     68 
     69 }  // namespace net
     70 
     71 #endif  // NET_QUIC_CRYPTO_QUIC_DECRYPTER_H_
     72