| Bence Béky | bac0405 | 2022-04-07 15:44:29 -0400 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_ |
| 6 | #define QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_ |
| 7 | |
| 8 | #include <cstddef> |
| 9 | #include <memory> |
| 10 | |
| 11 | #include "absl/strings/string_view.h" |
| 12 | #include "quiche/quic/core/crypto/quic_crypter.h" |
| 13 | #include "quiche/quic/core/quic_packets.h" |
| 14 | #include "quiche/quic/platform/api/quic_export.h" |
| 15 | |
| 16 | namespace quic { |
| 17 | |
| 18 | class QUIC_EXPORT_PRIVATE QuicEncrypter : public QuicCrypter { |
| 19 | public: |
| 20 | virtual ~QuicEncrypter() {} |
| 21 | |
| 22 | static std::unique_ptr<QuicEncrypter> Create(const ParsedQuicVersion& version, |
| 23 | QuicTag algorithm); |
| 24 | |
| 25 | // Creates an IETF QuicEncrypter based on |cipher_suite| which must be an id |
| 26 | // returned by SSL_CIPHER_get_id. The caller is responsible for taking |
| 27 | // ownership of the new QuicEncrypter. |
| 28 | static std::unique_ptr<QuicEncrypter> CreateFromCipherSuite( |
| 29 | uint32_t cipher_suite); |
| 30 | |
| 31 | // Writes encrypted |plaintext| and a MAC over |plaintext| and |
| 32 | // |associated_data| into output. Sets |output_length| to the number of |
| 33 | // bytes written. Returns true on success or false if there was an error. |
| 34 | // |packet_number| is appended to the |nonce_prefix| value provided in |
| 35 | // SetNoncePrefix() to form the nonce. |output| must not overlap with |
| 36 | // |associated_data|. If |output| overlaps with |plaintext| then |
| 37 | // |plaintext| must be <= |output|. |
| 38 | virtual bool EncryptPacket(uint64_t packet_number, |
| 39 | absl::string_view associated_data, |
| bnc | b91850e | 2022-04-13 08:34:05 -0700 | [diff] [blame] | 40 | absl::string_view plaintext, char* output, |
| Bence Béky | bac0405 | 2022-04-07 15:44:29 -0400 | [diff] [blame] | 41 | size_t* output_length, |
| 42 | size_t max_output_length) = 0; |
| 43 | |
| 44 | // Takes a |sample| of ciphertext and uses the header protection key to |
| 45 | // generate a mask to use for header protection, and returns that mask. On |
| 46 | // success, the mask will be at least 5 bytes long; on failure the string will |
| 47 | // be empty. |
| 48 | virtual std::string GenerateHeaderProtectionMask( |
| 49 | absl::string_view sample) = 0; |
| 50 | |
| 51 | // Returns the maximum length of plaintext that can be encrypted |
| 52 | // to ciphertext no larger than |ciphertext_size|. |
| 53 | virtual size_t GetMaxPlaintextSize(size_t ciphertext_size) const = 0; |
| 54 | |
| 55 | // Returns the length of the ciphertext that would be generated by encrypting |
| 56 | // to plaintext of size |plaintext_size|. |
| 57 | virtual size_t GetCiphertextSize(size_t plaintext_size) const = 0; |
| 58 | |
| 59 | // Returns the maximum number of packets that can be safely encrypted with |
| 60 | // this encrypter. |
| 61 | virtual QuicPacketCount GetConfidentialityLimit() const = 0; |
| 62 | |
| 63 | // For use by unit tests only. |
| 64 | virtual absl::string_view GetKey() const = 0; |
| 65 | virtual absl::string_view GetNoncePrefix() const = 0; |
| 66 | }; |
| 67 | |
| 68 | } // namespace quic |
| 69 | |
| 70 | #endif // QUICHE_QUIC_CORE_CRYPTO_QUIC_ENCRYPTER_H_ |
