1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_QUIC_CRYPTO_AES_128_GCM_12_ENCRYPTER_H_
6 #define NET_QUIC_CRYPTO_AES_128_GCM_12_ENCRYPTER_H_
10 #include "base/compiler_specific.h"
11 #include "net/quic/crypto/quic_encrypter.h"
13 #if defined(USE_OPENSSL)
14 #include "net/quic/crypto/scoped_evp_cipher_ctx.h"
20 class Aes128Gcm12EncrypterPeer;
23 // An Aes128Gcm12Encrypter is a QuicEncrypter that implements the
24 // AEAD_AES_128_GCM_12 algorithm specified in RFC 5282. Create an instance by
25 // calling QuicEncrypter::Create(kAESG).
27 // It uses an authentication tag of 12 bytes (96 bits). The fixed prefix
28 // of the nonce is four bytes.
29 class NET_EXPORT_PRIVATE Aes128Gcm12Encrypter : public QuicEncrypter {
32 // Authentication tags are truncated to 96 bits.
36 Aes128Gcm12Encrypter();
37 virtual ~Aes128Gcm12Encrypter();
39 // QuicEncrypter implementation
40 virtual bool SetKey(base::StringPiece key) OVERRIDE;
41 virtual bool SetNoncePrefix(base::StringPiece nonce_prefix) OVERRIDE;
42 virtual bool Encrypt(base::StringPiece nonce,
43 base::StringPiece associated_data,
44 base::StringPiece plaintext,
45 unsigned char* output) OVERRIDE;
46 virtual QuicData* EncryptPacket(QuicPacketSequenceNumber sequence_number,
47 base::StringPiece associated_data,
48 base::StringPiece plaintext) OVERRIDE;
49 virtual size_t GetKeySize() const OVERRIDE;
50 virtual size_t GetNoncePrefixSize() const OVERRIDE;
51 virtual size_t GetMaxPlaintextSize(size_t ciphertext_size) const OVERRIDE;
52 virtual size_t GetCiphertextSize(size_t plaintext_size) const OVERRIDE;
53 virtual base::StringPiece GetKey() const OVERRIDE;
54 virtual base::StringPiece GetNoncePrefix() const OVERRIDE;
57 // The 128-bit AES key.
58 unsigned char key_[16];
60 unsigned char nonce_prefix_[4];
62 #if defined(USE_OPENSSL)
63 // TODO(rtenneti): when Chromium's version of OpenSSL has EVP_AEAD_CTX, merge
64 // internal CL 53267501.
65 ScopedEVPCipherCtx ctx_;
71 #endif // NET_QUIC_CRYPTO_AES_128_GCM_12_ENCRYPTER_H_