We started redesigning GpuMemoryBuffer interface to handle multiple buffers [0].
[chromium-blink-merge.git] / net / quic / crypto / crypto_secret_boxer.h
blob38b8fb339ece4160ee2523493e05eafd58edc225
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_SECRET_BOXER_H_
6 #define NET_QUIC_CRYPTO_CRYPTO_SECRET_BOXER_H_
8 #include <string>
10 #include "base/strings/string_piece.h"
11 #include "net/base/net_export.h"
13 namespace net {
15 class QuicRandom;
17 // CryptoSecretBoxer encrypts small chunks of plaintext (called 'boxing') and
18 // then, later, can authenticate+decrypt the resulting boxes. This object is
19 // thread-safe.
20 class NET_EXPORT_PRIVATE CryptoSecretBoxer {
21 public:
22 CryptoSecretBoxer() {}
24 // GetKeySize returns the number of bytes in a key.
25 static size_t GetKeySize();
27 // SetKey sets the key for this object. This must be done before |Box| or
28 // |Unbox| are called. |key| must be |GetKeySize()| bytes long.
29 void SetKey(base::StringPiece key);
31 // Box encrypts |plaintext| using a random nonce generated from |rand| and
32 // returns the resulting ciphertext. Since an authenticator and nonce are
33 // included, the result will be slightly larger than |plaintext|.
34 std::string Box(QuicRandom* rand, base::StringPiece plaintext) const;
36 // Unbox takes the result of a previous call to |Box| in |ciphertext| and
37 // authenticates+decrypts it. If |ciphertext| is not authentic then it
38 // returns false. Otherwise, |out_storage| is used to store the result and
39 // |out| is set to point into |out_storage| and contains the original
40 // plaintext.
41 bool Unbox(base::StringPiece ciphertext,
42 std::string* out_storage,
43 base::StringPiece* out) const;
45 private:
46 std::string key_;
48 DISALLOW_COPY_AND_ASSIGN(CryptoSecretBoxer);
51 } // namespace net
53 #endif // NET_QUIC_CRYPTO_CRYPTO_SECRET_BOXER_H_