// Copyright (c) 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "quiche/quic/core/crypto/crypto_secret_boxer.h" #include <cstdint> #include <memory> #include <string> #include <utility> #include <vector> #include "absl/strings/string_view.h" #include "openssl/aead.h" #include "openssl/err.h" #include "quiche/quic/core/crypto/quic_random.h" #include "quiche/quic/platform/api/quic_logging.h" #include "quiche/common/platform/api/quiche_mutex.h" namespace quic { // kSIVNonceSize contains the number of bytes of nonce in each AES-GCM-SIV box. // AES-GCM-SIV takes a 12-byte nonce and, since the messages are so small, each // key is good for more than 2^64 source-address tokens. See table 1 of // https://eprint.iacr.org/2017/168.pdf static const size_t kSIVNonceSize = …; // AES-GCM-SIV comes in AES-128 and AES-256 flavours. The AES-256 version is // used here so that the key size matches the 256-bit XSalsa20 keys that we // used to use. static const size_t kBoxKeySize = …; struct CryptoSecretBoxer::State { … }; CryptoSecretBoxer::CryptoSecretBoxer() { … } CryptoSecretBoxer::~CryptoSecretBoxer() { … } // static size_t CryptoSecretBoxer::GetKeySize() { … } // kAEAD is the AEAD used for boxing: AES-256-GCM-SIV. static const EVP_AEAD* (*const kAEAD)() = …; bool CryptoSecretBoxer::SetKeys(const std::vector<std::string>& keys) { … } std::string CryptoSecretBoxer::Box(QuicRandom* rand, absl::string_view plaintext) const { … } bool CryptoSecretBoxer::Unbox(absl::string_view in_ciphertext, std::string* out_storage, absl::string_view* out) const { … } } // namespace quic
Codebase Browser
chromium