quic/tools/simple_ticket_crypter.h

// Copyright 2020 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef QUICHE_QUIC_TOOLS_SIMPLE_TICKET_CRYPTER_H_
#define QUICHE_QUIC_TOOLS_SIMPLE_TICKET_CRYPTER_H_

#include "third_party/boringssl/src/include/openssl/aead.h"
#include "quic/core/crypto/proof_source.h"
#include "quic/core/quic_clock.h"
#include "quic/core/quic_time.h"

namespace quic {

// SimpleTicketCrypter implements the QUIC ProofSource::TicketCrypter interface.
// It generates a random key at startup and every 7 days it rotates the key,
// keeping track of the previous key used to facilitate decrypting older
// tickets. This implementation is not suitable for server setups where multiple
// servers need to share keys.
class QUIC_NO_EXPORT SimpleTicketCrypter
    : public quic::ProofSource::TicketCrypter {
 public:
  explicit SimpleTicketCrypter(QuicClock* clock);
  ~SimpleTicketCrypter() override;

  size_t MaxOverhead() override;
  std::vector<uint8_t> Encrypt(absl::string_view in) override;
  void Decrypt(
      absl::string_view in,
      std::unique_ptr<quic::ProofSource::DecryptCallback> callback) override;

 private:
  std::vector<uint8_t> Decrypt(absl::string_view in);

  void MaybeRotateKeys();

  static constexpr size_t kKeySize = 16;

  struct Key {
    uint8_t key[kKeySize];
    bssl::ScopedEVP_AEAD_CTX aead_ctx;
    QuicTime expiration = QuicTime::Zero();
  };

  std::unique_ptr<Key> NewKey();

  std::unique_ptr<Key> current_key_;
  std::unique_ptr<Key> previous_key_;
  uint8_t key_epoch_ = 0;
  QuicClock* clock_;
};

}  // namespace quic

#endif  // QUICHE_QUIC_TOOLS_SIMPLE_TICKET_CRYPTER_H_