1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_CRYPTO_AEAD_BASE_ENCRYPTER_H_
6 #define NET_QUIC_CRYPTO_AEAD_BASE_ENCRYPTER_H_
8 #include "base/compiler_specific.h"
9 #include "net/quic/crypto/quic_encrypter.h"
11 #if defined(USE_OPENSSL)
12 #include "net/quic/crypto/scoped_evp_aead_ctx.h"
16 typedef struct PK11SymKeyStr PK11SymKey
;
17 typedef SECStatus (*PK11_EncryptFunction
)(
18 PK11SymKey
* symKey
, CK_MECHANISM_TYPE mechanism
, SECItem
* param
,
19 unsigned char* out
, unsigned int* outLen
, unsigned int maxLen
,
20 const unsigned char* data
, unsigned int dataLen
);
25 // AeadBaseEncrypter is the base class of AEAD QuicEncrypter subclasses.
26 class NET_EXPORT_PRIVATE AeadBaseEncrypter
: public QuicEncrypter
{
28 #if defined(USE_OPENSSL)
29 AeadBaseEncrypter(const EVP_AEAD
* aead_alg
,
32 size_t nonce_prefix_size
);
34 AeadBaseEncrypter(CK_MECHANISM_TYPE aead_mechanism
,
35 PK11_EncryptFunction pk11_encrypt
,
38 size_t nonce_prefix_size
);
40 ~AeadBaseEncrypter() override
;
42 // QuicEncrypter implementation
43 bool SetKey(base::StringPiece key
) override
;
44 bool SetNoncePrefix(base::StringPiece nonce_prefix
) override
;
45 bool Encrypt(base::StringPiece nonce
,
46 base::StringPiece associated_data
,
47 base::StringPiece plaintext
,
48 unsigned char* output
) override
;
49 bool EncryptPacket(QuicPacketSequenceNumber sequence_number
,
50 base::StringPiece associated_data
,
51 base::StringPiece plaintext
,
53 size_t* output_length
,
54 size_t max_output_length
) override
;
55 size_t GetKeySize() const override
;
56 size_t GetNoncePrefixSize() const override
;
57 size_t GetMaxPlaintextSize(size_t ciphertext_size
) const override
;
58 size_t GetCiphertextSize(size_t plaintext_size
) const override
;
59 base::StringPiece
GetKey() const override
;
60 base::StringPiece
GetNoncePrefix() const override
;
63 // Make these constants available to the subclasses so that the subclasses
64 // can assert at compile time their key_size_ and nonce_prefix_size_ do not
65 // exceed the maximum.
66 static const size_t kMaxKeySize
= 32;
67 static const size_t kMaxNoncePrefixSize
= 4;
69 #if !defined(USE_OPENSSL)
73 CK_GCM_PARAMS gcm_params
;
75 // USE_NSS means we are using system NSS rather than our copy of NSS.
76 // The system NSS <pkcs11n.h> header doesn't define this type yet.
77 CK_NSS_AEAD_PARAMS nss_aead_params
;
82 virtual void FillAeadParams(base::StringPiece nonce
,
83 base::StringPiece associated_data
,
85 AeadParams
* aead_params
) const = 0;
89 #if defined(USE_OPENSSL)
90 const EVP_AEAD
* const aead_alg_
;
92 const CK_MECHANISM_TYPE aead_mechanism_
;
93 const PK11_EncryptFunction pk11_encrypt_
;
95 const size_t key_size_
;
96 const size_t auth_tag_size_
;
97 const size_t nonce_prefix_size_
;
100 unsigned char key_
[kMaxKeySize
];
102 unsigned char nonce_prefix_
[kMaxNoncePrefixSize
];
104 #if defined(USE_OPENSSL)
105 ScopedEVPAEADCtx ctx_
;
108 DISALLOW_COPY_AND_ASSIGN(AeadBaseEncrypter
);
113 #endif // NET_QUIC_CRYPTO_AEAD_BASE_ENCRYPTER_H_