Add support for Header Protection to QuicCrypter classes gfe-relnote: no behavior change (adds unused methods to QuicCrypter classes) PiperOrigin-RevId: 239293044 Change-Id: I0365ad92962102714787b44d346f5c698900ead9
diff --git a/quic/core/crypto/aes_128_gcm_12_decrypter.cc b/quic/core/crypto/aes_128_gcm_12_decrypter.cc index f76246b..3442807 100644 --- a/quic/core/crypto/aes_128_gcm_12_decrypter.cc +++ b/quic/core/crypto/aes_128_gcm_12_decrypter.cc
@@ -17,11 +17,11 @@ } // namespace Aes128Gcm12Decrypter::Aes128Gcm12Decrypter() - : AeadBaseDecrypter(EVP_aead_aes_128_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ false) { + : AesBaseDecrypter(EVP_aead_aes_128_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ false) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_128_gcm_12_decrypter.h b/quic/core/crypto/aes_128_gcm_12_decrypter.h index 7844f00..d5686e8 100644 --- a/quic/core/crypto/aes_128_gcm_12_decrypter.h +++ b/quic/core/crypto/aes_128_gcm_12_decrypter.h
@@ -7,7 +7,7 @@ #include <cstdint> -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_decrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -18,7 +18,7 @@ // // It uses an authentication tag of 12 bytes (96 bits). The fixed prefix // of the nonce is four bytes. -class QUIC_EXPORT_PRIVATE Aes128Gcm12Decrypter : public AeadBaseDecrypter { +class QUIC_EXPORT_PRIVATE Aes128Gcm12Decrypter : public AesBaseDecrypter { public: enum { // Authentication tags are truncated to 96 bits.
diff --git a/quic/core/crypto/aes_128_gcm_12_encrypter.cc b/quic/core/crypto/aes_128_gcm_12_encrypter.cc index d488463..d48d5a5 100644 --- a/quic/core/crypto/aes_128_gcm_12_encrypter.cc +++ b/quic/core/crypto/aes_128_gcm_12_encrypter.cc
@@ -16,11 +16,11 @@ } // namespace Aes128Gcm12Encrypter::Aes128Gcm12Encrypter() - : AeadBaseEncrypter(EVP_aead_aes_128_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ false) { + : AesBaseEncrypter(EVP_aead_aes_128_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ false) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_128_gcm_12_encrypter.h b/quic/core/crypto/aes_128_gcm_12_encrypter.h index 5eb4e8e..cd80fbf 100644 --- a/quic/core/crypto/aes_128_gcm_12_encrypter.h +++ b/quic/core/crypto/aes_128_gcm_12_encrypter.h
@@ -5,7 +5,7 @@ #ifndef QUICHE_QUIC_CORE_CRYPTO_AES_128_GCM_12_ENCRYPTER_H_ #define QUICHE_QUIC_CORE_CRYPTO_AES_128_GCM_12_ENCRYPTER_H_ -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_encrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -16,7 +16,7 @@ // // It uses an authentication tag of 12 bytes (96 bits). The fixed prefix // of the nonce is four bytes. -class QUIC_EXPORT_PRIVATE Aes128Gcm12Encrypter : public AeadBaseEncrypter { +class QUIC_EXPORT_PRIVATE Aes128Gcm12Encrypter : public AesBaseEncrypter { public: enum { // Authentication tags are truncated to 96 bits.
diff --git a/quic/core/crypto/aes_128_gcm_decrypter.cc b/quic/core/crypto/aes_128_gcm_decrypter.cc index 43616ad..650b245 100644 --- a/quic/core/crypto/aes_128_gcm_decrypter.cc +++ b/quic/core/crypto/aes_128_gcm_decrypter.cc
@@ -19,11 +19,11 @@ } // namespace Aes128GcmDecrypter::Aes128GcmDecrypter() - : AeadBaseDecrypter(EVP_aead_aes_128_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : AesBaseDecrypter(EVP_aead_aes_128_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_128_gcm_decrypter.h b/quic/core/crypto/aes_128_gcm_decrypter.h index 4b90d83..6ddbe01 100644 --- a/quic/core/crypto/aes_128_gcm_decrypter.h +++ b/quic/core/crypto/aes_128_gcm_decrypter.h
@@ -7,7 +7,7 @@ #include <cstdint> -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_decrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -17,7 +17,7 @@ // // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 byte IV // that is XOR'd with the packet number to compute the nonce. -class QUIC_EXPORT_PRIVATE Aes128GcmDecrypter : public AeadBaseDecrypter { +class QUIC_EXPORT_PRIVATE Aes128GcmDecrypter : public AesBaseDecrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/aes_128_gcm_decrypter_test.cc b/quic/core/crypto/aes_128_gcm_decrypter_test.cc index 9e3d84d..13c6827 100644 --- a/quic/core/crypto/aes_128_gcm_decrypter_test.cc +++ b/quic/core/crypto/aes_128_gcm_decrypter_test.cc
@@ -271,5 +271,21 @@ } } +TEST_F(Aes128GcmDecrypterTest, GenerateHeaderProtectionMask) { + Aes128GcmDecrypter decrypter; + std::string key = + QuicTextUtils::HexDecode("d9132370cb18476ab833649cf080d970"); + std::string sample = + QuicTextUtils::HexDecode("d1d7998068517adb769b48b924a32c47"); + QuicDataReader sample_reader(sample.data(), sample.size()); + ASSERT_TRUE(decrypter.SetHeaderProtectionKey(key)); + std::string mask = decrypter.GenerateHeaderProtectionMask(&sample_reader); + std::string expected_mask = + QuicTextUtils::HexDecode("b132c37d6164da4ea4dc9b763aceec27"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/aes_128_gcm_encrypter.cc b/quic/core/crypto/aes_128_gcm_encrypter.cc index ed08a41..7126578 100644 --- a/quic/core/crypto/aes_128_gcm_encrypter.cc +++ b/quic/core/crypto/aes_128_gcm_encrypter.cc
@@ -16,11 +16,11 @@ } // namespace Aes128GcmEncrypter::Aes128GcmEncrypter() - : AeadBaseEncrypter(EVP_aead_aes_128_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : AesBaseEncrypter(EVP_aead_aes_128_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_128_gcm_encrypter.h b/quic/core/crypto/aes_128_gcm_encrypter.h index c64c47a..0610eac 100644 --- a/quic/core/crypto/aes_128_gcm_encrypter.h +++ b/quic/core/crypto/aes_128_gcm_encrypter.h
@@ -5,7 +5,7 @@ #ifndef QUICHE_QUIC_CORE_CRYPTO_AES_128_GCM_ENCRYPTER_H_ #define QUICHE_QUIC_CORE_CRYPTO_AES_128_GCM_ENCRYPTER_H_ -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_encrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -15,7 +15,7 @@ // // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 byte IV // that is XOR'd with the packet number to compute the nonce. -class QUIC_EXPORT_PRIVATE Aes128GcmEncrypter : public AeadBaseEncrypter { +class QUIC_EXPORT_PRIVATE Aes128GcmEncrypter : public AesBaseEncrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/aes_128_gcm_encrypter_test.cc b/quic/core/crypto/aes_128_gcm_encrypter_test.cc index 8ad6e20..3efe529 100644 --- a/quic/core/crypto/aes_128_gcm_encrypter_test.cc +++ b/quic/core/crypto/aes_128_gcm_encrypter_test.cc
@@ -255,5 +255,20 @@ EXPECT_EQ(26u, encrypter.GetCiphertextSize(10)); } +TEST_F(Aes128GcmEncrypterTest, GenerateHeaderProtectionMask) { + Aes128GcmEncrypter encrypter; + std::string key = + QuicTextUtils::HexDecode("d9132370cb18476ab833649cf080d970"); + std::string sample = + QuicTextUtils::HexDecode("d1d7998068517adb769b48b924a32c47"); + ASSERT_TRUE(encrypter.SetHeaderProtectionKey(key)); + std::string mask = encrypter.GenerateHeaderProtectionMask(sample); + std::string expected_mask = + QuicTextUtils::HexDecode("b132c37d6164da4ea4dc9b763aceec27"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/aes_256_gcm_decrypter.cc b/quic/core/crypto/aes_256_gcm_decrypter.cc index 08087a7..a5f09e5 100644 --- a/quic/core/crypto/aes_256_gcm_decrypter.cc +++ b/quic/core/crypto/aes_256_gcm_decrypter.cc
@@ -19,11 +19,11 @@ } // namespace Aes256GcmDecrypter::Aes256GcmDecrypter() - : AeadBaseDecrypter(EVP_aead_aes_256_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : AesBaseDecrypter(EVP_aead_aes_256_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_256_gcm_decrypter.h b/quic/core/crypto/aes_256_gcm_decrypter.h index bb398f1..260fece 100644 --- a/quic/core/crypto/aes_256_gcm_decrypter.h +++ b/quic/core/crypto/aes_256_gcm_decrypter.h
@@ -7,7 +7,7 @@ #include <cstdint> -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_decrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -17,7 +17,7 @@ // // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 byte IV // that is XOR'd with the packet number to compute the nonce. -class QUIC_EXPORT_PRIVATE Aes256GcmDecrypter : public AeadBaseDecrypter { +class QUIC_EXPORT_PRIVATE Aes256GcmDecrypter : public AesBaseDecrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/aes_256_gcm_decrypter_test.cc b/quic/core/crypto/aes_256_gcm_decrypter_test.cc index 6929ed0..4e7e05b 100644 --- a/quic/core/crypto/aes_256_gcm_decrypter_test.cc +++ b/quic/core/crypto/aes_256_gcm_decrypter_test.cc
@@ -275,5 +275,21 @@ } } +TEST_F(Aes256GcmDecrypterTest, GenerateHeaderProtectionMask) { + Aes256GcmDecrypter decrypter; + std::string key = QuicTextUtils::HexDecode( + "ed23ecbf54d426def5c52c3dcfc84434e62e57781d3125bb21ed91b7d3e07788"); + std::string sample = + QuicTextUtils::HexDecode("4d190c474be2b8babafb49ec4e38e810"); + QuicDataReader sample_reader(sample.data(), sample.size()); + ASSERT_TRUE(decrypter.SetHeaderProtectionKey(key)); + std::string mask = decrypter.GenerateHeaderProtectionMask(&sample_reader); + std::string expected_mask = + QuicTextUtils::HexDecode("db9ed4e6ccd033af2eae01407199c56e"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/aes_256_gcm_encrypter.cc b/quic/core/crypto/aes_256_gcm_encrypter.cc index b329f8e..146e3de 100644 --- a/quic/core/crypto/aes_256_gcm_encrypter.cc +++ b/quic/core/crypto/aes_256_gcm_encrypter.cc
@@ -16,11 +16,11 @@ } // namespace Aes256GcmEncrypter::Aes256GcmEncrypter() - : AeadBaseEncrypter(EVP_aead_aes_256_gcm, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : AesBaseEncrypter(EVP_aead_aes_256_gcm, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/aes_256_gcm_encrypter.h b/quic/core/crypto/aes_256_gcm_encrypter.h index 0d93ac8..0e45822 100644 --- a/quic/core/crypto/aes_256_gcm_encrypter.h +++ b/quic/core/crypto/aes_256_gcm_encrypter.h
@@ -5,7 +5,7 @@ #ifndef QUICHE_QUIC_CORE_CRYPTO_AES_256_GCM_ENCRYPTER_H_ #define QUICHE_QUIC_CORE_CRYPTO_AES_256_GCM_ENCRYPTER_H_ -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_encrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -15,7 +15,7 @@ // // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 byte IV // that is XOR'd with the packet number to compute the nonce. -class QUIC_EXPORT_PRIVATE Aes256GcmEncrypter : public AeadBaseEncrypter { +class QUIC_EXPORT_PRIVATE Aes256GcmEncrypter : public AesBaseEncrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/aes_256_gcm_encrypter_test.cc b/quic/core/crypto/aes_256_gcm_encrypter_test.cc index 71e6a53..86bf0c4 100644 --- a/quic/core/crypto/aes_256_gcm_encrypter_test.cc +++ b/quic/core/crypto/aes_256_gcm_encrypter_test.cc
@@ -238,5 +238,20 @@ EXPECT_EQ(26u, encrypter.GetCiphertextSize(10)); } +TEST_F(Aes256GcmEncrypterTest, GenerateHeaderProtectionMask) { + Aes256GcmEncrypter encrypter; + std::string key = QuicTextUtils::HexDecode( + "ed23ecbf54d426def5c52c3dcfc84434e62e57781d3125bb21ed91b7d3e07788"); + std::string sample = + QuicTextUtils::HexDecode("4d190c474be2b8babafb49ec4e38e810"); + ASSERT_TRUE(encrypter.SetHeaderProtectionKey(key)); + std::string mask = encrypter.GenerateHeaderProtectionMask(sample); + std::string expected_mask = + QuicTextUtils::HexDecode("db9ed4e6ccd033af2eae01407199c56e"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/aes_base_decrypter.cc b/quic/core/crypto/aes_base_decrypter.cc new file mode 100644 index 0000000..6888ab2 --- /dev/null +++ b/quic/core/crypto/aes_base_decrypter.cc
@@ -0,0 +1,38 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_decrypter.h" + +#include "third_party/boringssl/src/include/openssl/aes.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h" + +namespace quic { + +bool AesBaseDecrypter::SetHeaderProtectionKey(QuicStringPiece key) { + if (key.size() != GetKeySize()) { + QUIC_BUG << "Invalid key size for header protection"; + return false; + } + if (AES_set_encrypt_key(reinterpret_cast<const uint8_t*>(key.data()), + key.size() * 8, &pne_key_) != 0) { + QUIC_BUG << "Unexpected failure of AES_set_encrypt_key"; + return false; + } + return true; +} + +std::string AesBaseDecrypter::GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) { + QuicStringPiece sample; + if (!sample_reader->ReadStringPiece(&sample, AES_BLOCK_SIZE)) { + return std::string(); + } + std::string out(AES_BLOCK_SIZE, 0); + AES_encrypt(reinterpret_cast<const uint8_t*>(sample.data()), + reinterpret_cast<uint8_t*>(const_cast<char*>(out.data())), + &pne_key_); + return out; +} + +} // namespace quic
diff --git a/quic/core/crypto/aes_base_decrypter.h b/quic/core/crypto/aes_base_decrypter.h new file mode 100644 index 0000000..e8e1cc8 --- /dev/null +++ b/quic/core/crypto/aes_base_decrypter.h
@@ -0,0 +1,32 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef QUICHE_QUIC_CORE_CRYPTO_AES_BASE_DECRYPTER_H_ +#define QUICHE_QUIC_CORE_CRYPTO_AES_BASE_DECRYPTER_H_ + +#include <cstddef> + +#include "third_party/boringssl/src/include/openssl/aes.h" +#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_export.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h" + +namespace quic { + +class QUIC_EXPORT_PRIVATE AesBaseDecrypter : public AeadBaseDecrypter { + public: + using AeadBaseDecrypter::AeadBaseDecrypter; + + bool SetHeaderProtectionKey(QuicStringPiece key) override; + std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) override; + + private: + // The key used for packet number encryption. + AES_KEY pne_key_; +}; + +} // namespace quic + +#endif // QUICHE_QUIC_CORE_CRYPTO_AES_BASE_DECRYPTER_H_
diff --git a/quic/core/crypto/aes_base_encrypter.cc b/quic/core/crypto/aes_base_encrypter.cc new file mode 100644 index 0000000..49fc71d --- /dev/null +++ b/quic/core/crypto/aes_base_encrypter.cc
@@ -0,0 +1,37 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/third_party/quiche/src/quic/core/crypto/aes_base_encrypter.h" + +#include "third_party/boringssl/src/include/openssl/aes.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h" + +namespace quic { + +bool AesBaseEncrypter::SetHeaderProtectionKey(QuicStringPiece key) { + if (key.size() != GetKeySize()) { + QUIC_BUG << "Invalid key size for header protection"; + return false; + } + if (AES_set_encrypt_key(reinterpret_cast<const uint8_t*>(key.data()), + key.size() * 8, &pne_key_) != 0) { + QUIC_BUG << "Unexpected failure of AES_set_encrypt_key"; + return false; + } + return true; +} + +std::string AesBaseEncrypter::GenerateHeaderProtectionMask( + QuicStringPiece sample) { + if (sample.size() != AES_BLOCK_SIZE) { + return std::string(); + } + std::string out(AES_BLOCK_SIZE, 0); + AES_encrypt(reinterpret_cast<const uint8_t*>(sample.data()), + reinterpret_cast<uint8_t*>(const_cast<char*>(out.data())), + &pne_key_); + return out; +} + +} // namespace quic
diff --git a/quic/core/crypto/aes_base_encrypter.h b/quic/core/crypto/aes_base_encrypter.h new file mode 100644 index 0000000..e115eba --- /dev/null +++ b/quic/core/crypto/aes_base_encrypter.h
@@ -0,0 +1,31 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef QUICHE_QUIC_CORE_CRYPTO_AES_BASE_ENCRYPTER_H_ +#define QUICHE_QUIC_CORE_CRYPTO_AES_BASE_ENCRYPTER_H_ + +#include <cstddef> + +#include "third_party/boringssl/src/include/openssl/aes.h" +#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_export.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h" + +namespace quic { + +class QUIC_EXPORT_PRIVATE AesBaseEncrypter : public AeadBaseEncrypter { + public: + using AeadBaseEncrypter::AeadBaseEncrypter; + + bool SetHeaderProtectionKey(QuicStringPiece key) override; + std::string GenerateHeaderProtectionMask(QuicStringPiece sample) override; + + private: + // The key used for packet number encryption. + AES_KEY pne_key_; +}; + +} // namespace quic + +#endif // QUICHE_QUIC_CORE_CRYPTO_AES_BASE_ENCRYPTER_H_
diff --git a/quic/core/crypto/chacha20_poly1305_decrypter.cc b/quic/core/crypto/chacha20_poly1305_decrypter.cc index 83fd15e..e2f55aa 100644 --- a/quic/core/crypto/chacha20_poly1305_decrypter.cc +++ b/quic/core/crypto/chacha20_poly1305_decrypter.cc
@@ -17,11 +17,11 @@ } // namespace ChaCha20Poly1305Decrypter::ChaCha20Poly1305Decrypter() - : AeadBaseDecrypter(EVP_aead_chacha20_poly1305, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ false) { + : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ false) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/chacha20_poly1305_decrypter.h b/quic/core/crypto/chacha20_poly1305_decrypter.h index 6e42556..50bb348 100644 --- a/quic/core/crypto/chacha20_poly1305_decrypter.h +++ b/quic/core/crypto/chacha20_poly1305_decrypter.h
@@ -7,7 +7,7 @@ #include <cstdint> -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_decrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -19,7 +19,8 @@ // // It uses an authentication tag of 12 bytes (96 bits). The fixed prefix of the // nonce is four bytes. -class QUIC_EXPORT_PRIVATE ChaCha20Poly1305Decrypter : public AeadBaseDecrypter { +class QUIC_EXPORT_PRIVATE ChaCha20Poly1305Decrypter + : public ChaChaBaseDecrypter { public: enum { kAuthTagSize = 12,
diff --git a/quic/core/crypto/chacha20_poly1305_encrypter.cc b/quic/core/crypto/chacha20_poly1305_encrypter.cc index eb51d83..37b899f 100644 --- a/quic/core/crypto/chacha20_poly1305_encrypter.cc +++ b/quic/core/crypto/chacha20_poly1305_encrypter.cc
@@ -16,11 +16,11 @@ } // namespace ChaCha20Poly1305Encrypter::ChaCha20Poly1305Encrypter() - : AeadBaseEncrypter(EVP_aead_chacha20_poly1305, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ false) { + : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ false) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/chacha20_poly1305_encrypter.h b/quic/core/crypto/chacha20_poly1305_encrypter.h index e660bae..7200788 100644 --- a/quic/core/crypto/chacha20_poly1305_encrypter.h +++ b/quic/core/crypto/chacha20_poly1305_encrypter.h
@@ -5,7 +5,7 @@ #ifndef QUICHE_QUIC_CORE_CRYPTO_CHACHA20_POLY1305_ENCRYPTER_H_ #define QUICHE_QUIC_CORE_CRYPTO_CHACHA20_POLY1305_ENCRYPTER_H_ -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_encrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -17,7 +17,8 @@ // // It uses an authentication tag of 12 bytes (96 bits). The fixed prefix of the // nonce is four bytes. -class QUIC_EXPORT_PRIVATE ChaCha20Poly1305Encrypter : public AeadBaseEncrypter { +class QUIC_EXPORT_PRIVATE ChaCha20Poly1305Encrypter + : public ChaChaBaseEncrypter { public: enum { kAuthTagSize = 12,
diff --git a/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc b/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc index 4c10a53..8d98da8 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc +++ b/quic/core/crypto/chacha20_poly1305_tls_decrypter.cc
@@ -19,11 +19,11 @@ } // namespace ChaCha20Poly1305TlsDecrypter::ChaCha20Poly1305TlsDecrypter() - : AeadBaseDecrypter(EVP_aead_chacha20_poly1305, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : ChaChaBaseDecrypter(EVP_aead_chacha20_poly1305, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/chacha20_poly1305_tls_decrypter.h b/quic/core/crypto/chacha20_poly1305_tls_decrypter.h index bffe8a2..702fb8c 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_decrypter.h +++ b/quic/core/crypto/chacha20_poly1305_tls_decrypter.h
@@ -7,7 +7,7 @@ #include <cstdint> -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_decrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -18,7 +18,7 @@ // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 bytes IV // that is XOR'd with the packet number to compute the nonce. class QUIC_EXPORT_PRIVATE ChaCha20Poly1305TlsDecrypter - : public AeadBaseDecrypter { + : public ChaChaBaseDecrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/chacha20_poly1305_tls_decrypter_test.cc b/quic/core/crypto/chacha20_poly1305_tls_decrypter_test.cc index 71b60e6..02ecc73 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_decrypter_test.cc +++ b/quic/core/crypto/chacha20_poly1305_tls_decrypter_test.cc
@@ -167,5 +167,20 @@ } } +TEST_F(ChaCha20Poly1305TlsDecrypterTest, GenerateHeaderProtectionMask) { + ChaCha20Poly1305TlsDecrypter decrypter; + std::string key = QuicTextUtils::HexDecode( + "6a067f432787bd6034dd3f08f07fc9703a27e58c70e2d88d948b7f6489923cc7"); + std::string sample = + QuicTextUtils::HexDecode("1210d91cceb45c716b023f492c29e612"); + QuicDataReader sample_reader(sample.data(), sample.size()); + ASSERT_TRUE(decrypter.SetHeaderProtectionKey(key)); + std::string mask = decrypter.GenerateHeaderProtectionMask(&sample_reader); + std::string expected_mask = QuicTextUtils::HexDecode("1cc2cd98dc"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc b/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc index c023ecb..c650b27 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc +++ b/quic/core/crypto/chacha20_poly1305_tls_encrypter.cc
@@ -16,11 +16,11 @@ } // namespace ChaCha20Poly1305TlsEncrypter::ChaCha20Poly1305TlsEncrypter() - : AeadBaseEncrypter(EVP_aead_chacha20_poly1305, - kKeySize, - kAuthTagSize, - kNonceSize, - /* use_ietf_nonce_construction */ true) { + : ChaChaBaseEncrypter(EVP_aead_chacha20_poly1305, + kKeySize, + kAuthTagSize, + kNonceSize, + /* use_ietf_nonce_construction */ true) { static_assert(kKeySize <= kMaxKeySize, "key size too big"); static_assert(kNonceSize <= kMaxNonceSize, "nonce size too big"); }
diff --git a/quic/core/crypto/chacha20_poly1305_tls_encrypter.h b/quic/core/crypto/chacha20_poly1305_tls_encrypter.h index 5bfcb5a..0ef7ae8 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_encrypter.h +++ b/quic/core/crypto/chacha20_poly1305_tls_encrypter.h
@@ -5,7 +5,7 @@ #ifndef QUICHE_QUIC_CORE_CRYPTO_CHACHA20_POLY1305_TLS_ENCRYPTER_H_ #define QUICHE_QUIC_CORE_CRYPTO_CHACHA20_POLY1305_TLS_ENCRYPTER_H_ -#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_encrypter.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" namespace quic { @@ -16,7 +16,7 @@ // It uses an authentication tag of 16 bytes (128 bits). It uses a 12 byte IV // that is XOR'd with the packet number to compute the nonce. class QUIC_EXPORT_PRIVATE ChaCha20Poly1305TlsEncrypter - : public AeadBaseEncrypter { + : public ChaChaBaseEncrypter { public: enum { kAuthTagSize = 16,
diff --git a/quic/core/crypto/chacha20_poly1305_tls_encrypter_test.cc b/quic/core/crypto/chacha20_poly1305_tls_encrypter_test.cc index 9c2a6ba..32fde50 100644 --- a/quic/core/crypto/chacha20_poly1305_tls_encrypter_test.cc +++ b/quic/core/crypto/chacha20_poly1305_tls_encrypter_test.cc
@@ -152,5 +152,19 @@ EXPECT_EQ(26u, encrypter.GetCiphertextSize(10)); } +TEST_F(ChaCha20Poly1305TlsEncrypterTest, GenerateHeaderProtectionMask) { + ChaCha20Poly1305TlsEncrypter encrypter; + std::string key = QuicTextUtils::HexDecode( + "6a067f432787bd6034dd3f08f07fc9703a27e58c70e2d88d948b7f6489923cc7"); + std::string sample = + QuicTextUtils::HexDecode("1210d91cceb45c716b023f492c29e612"); + ASSERT_TRUE(encrypter.SetHeaderProtectionKey(key)); + std::string mask = encrypter.GenerateHeaderProtectionMask(sample); + std::string expected_mask = QuicTextUtils::HexDecode("1cc2cd98dc"); + test::CompareCharArraysWithHexError("header protection mask", mask.data(), + mask.size(), expected_mask.data(), + expected_mask.size()); +} + } // namespace test } // namespace quic
diff --git a/quic/core/crypto/chacha_base_decrypter.cc b/quic/core/crypto/chacha_base_decrypter.cc new file mode 100644 index 0000000..e58fb1e --- /dev/null +++ b/quic/core/crypto/chacha_base_decrypter.cc
@@ -0,0 +1,41 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_decrypter.h" + +#include <cstdint> + +#include "third_party/boringssl/src/include/openssl/chacha.h" +#include "net/third_party/quiche/src/quic/core/quic_data_reader.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h" + +namespace quic { + +bool ChaChaBaseDecrypter::SetHeaderProtectionKey(QuicStringPiece key) { + if (key.size() != GetKeySize()) { + QUIC_BUG << "Invalid key size for header protection"; + return false; + } + memcpy(pne_key_, key.data(), key.size()); + return true; +} + +std::string ChaChaBaseDecrypter::GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) { + QuicStringPiece sample; + if (!sample_reader->ReadStringPiece(&sample, 16)) { + return std::string(); + } + const uint8_t* nonce = reinterpret_cast<const uint8_t*>(sample.data()) + 4; + uint32_t counter; + QuicDataReader(sample.data(), 4, Endianness::HOST_BYTE_ORDER) + .ReadUInt32(&counter); + const uint8_t zeroes[] = {0, 0, 0, 0, 0}; + std::string out(arraysize(zeroes), 0); + CRYPTO_chacha_20(reinterpret_cast<uint8_t*>(const_cast<char*>(out.data())), + zeroes, arraysize(zeroes), pne_key_, nonce, counter); + return out; +} + +} // namespace quic
diff --git a/quic/core/crypto/chacha_base_decrypter.h b/quic/core/crypto/chacha_base_decrypter.h new file mode 100644 index 0000000..d7ad741 --- /dev/null +++ b/quic/core/crypto/chacha_base_decrypter.h
@@ -0,0 +1,31 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_DECRYPTER_H_ +#define QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_DECRYPTER_H_ + +#include <cstddef> + +#include "net/third_party/quiche/src/quic/core/crypto/aead_base_decrypter.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_export.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h" + +namespace quic { + +class QUIC_EXPORT_PRIVATE ChaChaBaseDecrypter : public AeadBaseDecrypter { + public: + using AeadBaseDecrypter::AeadBaseDecrypter; + + bool SetHeaderProtectionKey(QuicStringPiece key) override; + std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) override; + + private: + // The key used for packet number encryption. + unsigned char pne_key_[kMaxKeySize]; +}; + +} // namespace quic + +#endif // QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_DECRYPTER_H_
diff --git a/quic/core/crypto/chacha_base_encrypter.cc b/quic/core/crypto/chacha_base_encrypter.cc new file mode 100644 index 0000000..24d79d5 --- /dev/null +++ b/quic/core/crypto/chacha_base_encrypter.cc
@@ -0,0 +1,38 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/third_party/quiche/src/quic/core/crypto/chacha_base_encrypter.h" + +#include "third_party/boringssl/src/include/openssl/chacha.h" +#include "net/third_party/quiche/src/quic/core/quic_data_reader.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h" + +namespace quic { + +bool ChaChaBaseEncrypter::SetHeaderProtectionKey(QuicStringPiece key) { + if (key.size() != GetKeySize()) { + QUIC_BUG << "Invalid key size for header protection"; + return false; + } + memcpy(pne_key_, key.data(), key.size()); + return true; +} + +std::string ChaChaBaseEncrypter::GenerateHeaderProtectionMask( + QuicStringPiece sample) { + if (sample.size() != 16) { + return std::string(); + } + const uint8_t* nonce = reinterpret_cast<const uint8_t*>(sample.data()) + 4; + uint32_t counter; + QuicDataReader(sample.data(), 4, Endianness::HOST_BYTE_ORDER) + .ReadUInt32(&counter); + const uint8_t zeroes[] = {0, 0, 0, 0, 0}; + std::string out(arraysize(zeroes), 0); + CRYPTO_chacha_20(reinterpret_cast<uint8_t*>(const_cast<char*>(out.data())), + zeroes, arraysize(zeroes), pne_key_, nonce, counter); + return out; +} + +} // namespace quic
diff --git a/quic/core/crypto/chacha_base_encrypter.h b/quic/core/crypto/chacha_base_encrypter.h new file mode 100644 index 0000000..7c086ac --- /dev/null +++ b/quic/core/crypto/chacha_base_encrypter.h
@@ -0,0 +1,30 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_ENCRYPTER_H_ +#define QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_ENCRYPTER_H_ + +#include <cstddef> + +#include "net/third_party/quiche/src/quic/core/crypto/aead_base_encrypter.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_export.h" +#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h" + +namespace quic { + +class QUIC_EXPORT_PRIVATE ChaChaBaseEncrypter : public AeadBaseEncrypter { + public: + using AeadBaseEncrypter::AeadBaseEncrypter; + + bool SetHeaderProtectionKey(QuicStringPiece key) override; + std::string GenerateHeaderProtectionMask(QuicStringPiece sample) override; + + private: + // The key used for packet number encryption. + unsigned char pne_key_[kMaxKeySize]; +}; + +} // namespace quic + +#endif // QUICHE_QUIC_CORE_CRYPTO_CHACHA_BASE_ENCRYPTER_H_
diff --git a/quic/core/crypto/null_decrypter.cc b/quic/core/crypto/null_decrypter.cc index 288d3c4..4934f62 100644 --- a/quic/core/crypto/null_decrypter.cc +++ b/quic/core/crypto/null_decrypter.cc
@@ -28,6 +28,10 @@ return iv.empty(); } +bool NullDecrypter::SetHeaderProtectionKey(QuicStringPiece key) { + return key.empty(); +} + bool NullDecrypter::SetPreliminaryKey(QuicStringPiece key) { QUIC_BUG << "Should not be called"; return false; @@ -66,6 +70,11 @@ return true; } +std::string NullDecrypter::GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) { + return std::string(5, 0); +} + size_t NullDecrypter::GetKeySize() const { return 0; }
diff --git a/quic/core/crypto/null_decrypter.h b/quic/core/crypto/null_decrypter.h index 433c959..06c361d 100644 --- a/quic/core/crypto/null_decrypter.h +++ b/quic/core/crypto/null_decrypter.h
@@ -32,6 +32,7 @@ bool SetKey(QuicStringPiece key) override; bool SetNoncePrefix(QuicStringPiece nonce_prefix) override; bool SetIV(QuicStringPiece iv) override; + bool SetHeaderProtectionKey(QuicStringPiece key) override; bool SetPreliminaryKey(QuicStringPiece key) override; bool SetDiversificationNonce(const DiversificationNonce& nonce) override; bool DecryptPacket(uint64_t packet_number, @@ -40,6 +41,8 @@ char* output, size_t* output_length, size_t max_output_length) override; + std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) override; size_t GetKeySize() const override; size_t GetIVSize() const override; QuicStringPiece GetKey() const override;
diff --git a/quic/core/crypto/null_encrypter.cc b/quic/core/crypto/null_encrypter.cc index 9819a31..69db96d 100644 --- a/quic/core/crypto/null_encrypter.cc +++ b/quic/core/crypto/null_encrypter.cc
@@ -26,6 +26,10 @@ return iv.empty(); } +bool NullEncrypter::SetHeaderProtectionKey(QuicStringPiece key) { + return key.empty(); +} + bool NullEncrypter::EncryptPacket(uint64_t /*packet_number*/, QuicStringPiece associated_data, QuicStringPiece plaintext, @@ -53,6 +57,11 @@ return true; } +std::string NullEncrypter::GenerateHeaderProtectionMask( + QuicStringPiece sample) { + return std::string(5, 0); +} + size_t NullEncrypter::GetKeySize() const { return 0; }
diff --git a/quic/core/crypto/null_encrypter.h b/quic/core/crypto/null_encrypter.h index 773cfdd..efd6e23 100644 --- a/quic/core/crypto/null_encrypter.h +++ b/quic/core/crypto/null_encrypter.h
@@ -28,12 +28,14 @@ bool SetKey(QuicStringPiece key) override; bool SetNoncePrefix(QuicStringPiece nonce_prefix) override; bool SetIV(QuicStringPiece iv) override; + bool SetHeaderProtectionKey(QuicStringPiece key) override; bool EncryptPacket(uint64_t packet_number, QuicStringPiece associated_data, QuicStringPiece plaintext, char* output, size_t* output_length, size_t max_output_length) override; + std::string GenerateHeaderProtectionMask(QuicStringPiece sample) override; size_t GetKeySize() const override; size_t GetNoncePrefixSize() const override; size_t GetIVSize() const override;
diff --git a/quic/core/crypto/quic_crypter.h b/quic/core/crypto/quic_crypter.h index c413c4c..c698dfb 100644 --- a/quic/core/crypto/quic_crypter.h +++ b/quic/core/crypto/quic_crypter.h
@@ -69,6 +69,9 @@ // packet number, even when retransmitting a lost packet. virtual bool SetIV(QuicStringPiece iv) = 0; + // Sets the key to use for header protection. + virtual bool SetHeaderProtectionKey(QuicStringPiece key) = 0; + // Returns the size in bytes of a key for the algorithm. virtual size_t GetKeySize() const = 0; // Returns the size in bytes of an IV to use with the algorithm.
diff --git a/quic/core/crypto/quic_decrypter.h b/quic/core/crypto/quic_decrypter.h index a2b104c..559420c 100644 --- a/quic/core/crypto/quic_decrypter.h +++ b/quic/core/crypto/quic_decrypter.h
@@ -11,6 +11,7 @@ #include <string> #include "net/third_party/quiche/src/quic/core/crypto/quic_crypter.h" +#include "net/third_party/quiche/src/quic/core/quic_data_reader.h" #include "net/third_party/quiche/src/quic/core/quic_packets.h" #include "net/third_party/quiche/src/quic/platform/api/quic_export.h" #include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h" @@ -60,6 +61,13 @@ size_t* output_length, size_t max_output_length) = 0; + // Reads a sample of ciphertext from |sample_reader| and uses the header + // protection key to generate a mask to use for header protection. If + // successful, this function returns this mask, which is at least 5 bytes + // long. Callers can detect failure by checking if the output string is empty. + virtual std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) = 0; + // The ID of the cipher. Return 0x03000000 ORed with the 'cryptographic suite // selector'. virtual uint32_t cipher_id() const = 0;
diff --git a/quic/core/crypto/quic_encrypter.h b/quic/core/crypto/quic_encrypter.h index cb53e33..6a69fcc 100644 --- a/quic/core/crypto/quic_encrypter.h +++ b/quic/core/crypto/quic_encrypter.h
@@ -41,6 +41,12 @@ size_t* output_length, size_t max_output_length) = 0; + // Takes a |sample| of ciphertext and uses the header protection key to + // generate a mask to use for header protection, and returns that mask. On + // success, the mask will be at least 5 bytes long; on failure the string will + // be empty. + virtual std::string GenerateHeaderProtectionMask(QuicStringPiece sample) = 0; + // GetKeySize() and GetNoncePrefixSize() tell the HKDF class how many bytes // of key material needs to be derived from the master secret. // NOTE: the sizes returned by GetKeySize() and GetNoncePrefixSize() are
diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc index 00a966d..d2b559a 100644 --- a/quic/core/quic_connection_test.cc +++ b/quic/core/quic_connection_test.cc
@@ -127,6 +127,8 @@ bool SetIV(QuicStringPiece iv) override { return true; } + bool SetHeaderProtectionKey(QuicStringPiece key) override { return true; } + bool EncryptPacket(uint64_t packet_number, QuicStringPiece associated_data, QuicStringPiece plaintext, @@ -145,6 +147,10 @@ return true; } + std::string GenerateHeaderProtectionMask(QuicStringPiece sample) override { + return std::string(5, 0); + } + size_t GetKeySize() const override { return 0; } size_t GetNoncePrefixSize() const override { return 0; } size_t GetIVSize() const override { return 0; } @@ -182,6 +188,8 @@ bool SetIV(QuicStringPiece iv) override { return true; } + bool SetHeaderProtectionKey(QuicStringPiece key) override { return true; } + bool SetPreliminaryKey(QuicStringPiece key) override { QUIC_BUG << "should not be called"; return false; @@ -208,6 +216,11 @@ return true; } + std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) override { + return std::string(5, 0); + } + size_t GetKeySize() const override { return 0; } size_t GetIVSize() const override { return 0; } QuicStringPiece GetKey() const override { return QuicStringPiece(); }
diff --git a/quic/core/quic_framer_test.cc b/quic/core/quic_framer_test.cc index 360aa47..8519510 100644 --- a/quic/core/quic_framer_test.cc +++ b/quic/core/quic_framer_test.cc
@@ -91,6 +91,7 @@ bool SetKey(QuicStringPiece key) override { return true; } bool SetNoncePrefix(QuicStringPiece nonce_prefix) override { return true; } bool SetIV(QuicStringPiece iv) override { return true; } + bool SetHeaderProtectionKey(QuicStringPiece key) override { return true; } bool EncryptPacket(uint64_t packet_number, QuicStringPiece associated_data, QuicStringPiece plaintext, @@ -104,6 +105,9 @@ *output_length = plaintext.length(); return true; } + std::string GenerateHeaderProtectionMask(QuicStringPiece sample) override { + return std::string(5, 0); + } size_t GetKeySize() const override { return 0; } size_t GetNoncePrefixSize() const override { return 0; } size_t GetIVSize() const override { return 0; } @@ -127,6 +131,7 @@ bool SetKey(QuicStringPiece key) override { return true; } bool SetNoncePrefix(QuicStringPiece nonce_prefix) override { return true; } bool SetIV(QuicStringPiece iv) override { return true; } + bool SetHeaderProtectionKey(QuicStringPiece key) override { return true; } bool SetPreliminaryKey(QuicStringPiece key) override { QUIC_BUG << "should not be called"; return false; @@ -147,6 +152,10 @@ *output_length = ciphertext.length(); return true; } + std::string GenerateHeaderProtectionMask( + QuicDataReader* sample_reader) override { + return std::string(5, 0); + } size_t GetKeySize() const override { return 0; } size_t GetIVSize() const override { return 0; } QuicStringPiece GetKey() const override { return QuicStringPiece(); }