quic_encrypter.h revision b2df76ea8fec9e32f6f3718986dba0d95315b29c 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_QUIC_CRYPTO_QUIC_ENCRYPTER_H_
6#define NET_QUIC_CRYPTO_QUIC_ENCRYPTER_H_
7
8#include "net/base/net_export.h"
9#include "net/quic/crypto/crypto_protocol.h"
10#include "net/quic/quic_protocol.h"
11
12namespace net {
13
14class NET_EXPORT_PRIVATE QuicEncrypter {
15 public:
16  virtual ~QuicEncrypter() {}
17
18  static QuicEncrypter* Create(QuicTag algorithm);
19
20  // Sets the encryption key. Returns true on success, false on failure.
21  //
22  // NOTE: The key is the client_write_key or server_write_key derived from
23  // the master secret.
24  virtual bool SetKey(base::StringPiece key) = 0;
25
26  // Sets the fixed initial bytes of the nonce. Returns true on success,
27  // false on failure.
28  //
29  // NOTE: The nonce prefix is the client_write_iv or server_write_iv
30  // derived from the master secret. A 64-bit packet sequence number will
31  // be appended to form the nonce.
32  //
33  //                          <------------ 64 bits ----------->
34  //   +---------------------+----------------------------------+
35  //   |    Fixed prefix     |      Packet sequence number      |
36  //   +---------------------+----------------------------------+
37  //                          Nonce format
38  //
39  // The security of the nonce format requires that QUIC never reuse a
40  // packet sequence number, even when retransmitting a lost packet.
41  virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) = 0;
42
43  // Encrypt encrypts |plaintext| and writes the ciphertext, plus a MAC over
44  // both |associated_data| and |plaintext| to |output|, using |nonce| as the
45  // nonce. |nonce| must be |8+GetNoncePrefixSize()| bytes long and |output|
46  // must point to a buffer that is at least
47  // |GetCiphertextSize(plaintext.size()| bytes long.
48  virtual bool Encrypt(base::StringPiece nonce,
49                       base::StringPiece associated_data,
50                       base::StringPiece plaintext,
51                       unsigned char* output) = 0;
52
53  // Returns a newly created QuicData object containing the encrypted
54  // |plaintext| as well as a MAC over both |plaintext| and |associated_data|,
55  // or NULL if there is an error. |sequence_number| is appended to the
56  // |nonce_prefix| value provided in SetNoncePrefix() to form the nonce.
57  virtual QuicData* EncryptPacket(QuicPacketSequenceNumber sequence_number,
58                                  base::StringPiece associated_data,
59                                  base::StringPiece plaintext) = 0;
60
61  // GetKeySize() and GetNoncePrefixSize() tell the HKDF class how many bytes
62  // of key material needs to be derived from the master secret.
63  // NOTE: the sizes returned by GetKeySize() and GetNoncePrefixSize() are
64  // also correct for the QuicDecrypter of the same algorithm. So only
65  // QuicEncrypter has these two methods.
66
67  // Returns the size in bytes of a key for the algorithm.
68  virtual size_t GetKeySize() const = 0;
69  // Returns the size in bytes of the fixed initial part of the nonce.
70  virtual size_t GetNoncePrefixSize() const = 0;
71
72  // Returns the maximum length of plaintext that can be encrypted
73  // to ciphertext no larger than |ciphertext_size|.
74  virtual size_t GetMaxPlaintextSize(size_t ciphertext_size) const = 0;
75
76  // Returns the length of the ciphertext that would be generated by encrypting
77  // to plaintext of size |plaintext_size|.
78  virtual size_t GetCiphertextSize(size_t plaintext_size) const = 0;
79
80  // For use by unit tests only.
81  virtual base::StringPiece GetKey() const = 0;
82  virtual base::StringPiece GetNoncePrefix() const = 0;
83};
84
85}  // namespace net
86
87#endif  // NET_QUIC_CRYPTO_QUIC_ENCRYPTER_H_
88