Use 16-byte auth tags when initial obfuscators are used
QuicFramer assumes that the auth tag is the same length for all encryption
levels. In Google QUIC crypto versions where initial obfuscators are used,
we should use IETF style crypters (different nonce/IV construction and 16
byte instead of 12 byte auth tags).
gfe-relnote: Change encryption used in QUIC. Protected by quic_enable_version_99
PiperOrigin-RevId: 271674606
Change-Id: Ic7736908068eeee8077bd3a17ec4f8b4112254f9
diff --git a/quic/core/crypto/quic_crypter.h b/quic/core/crypto/quic_crypter.h
index 5f07836..25a91e4 100644
--- a/quic/core/crypto/quic_crypter.h
+++ b/quic/core/crypto/quic_crypter.h
@@ -5,6 +5,7 @@
#ifndef QUICHE_QUIC_CORE_CRYPTO_QUIC_CRYPTER_H_
#define QUICHE_QUIC_CORE_CRYPTO_QUIC_CRYPTER_H_
+#include "net/third_party/quiche/src/quic/core/quic_versions.h"
#include "net/third_party/quiche/src/quic/platform/api/quic_export.h"
#include "net/third_party/quiche/src/quic/platform/api/quic_string_piece.h"
@@ -69,6 +70,11 @@
// packet number, even when retransmitting a lost packet.
virtual bool SetIV(QuicStringPiece iv) = 0;
+ // Calls SetNoncePrefix or SetIV depending on whether |version| uses the
+ // Google QUIC crypto or IETF QUIC nonce construction.
+ virtual bool SetNoncePrefixOrIV(const ParsedQuicVersion& version,
+ QuicStringPiece nonce_prefix_or_iv);
+
// Sets the key to use for header protection.
virtual bool SetHeaderProtectionKey(QuicStringPiece key) = 0;
