• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CRYPTO_AEAD_H_
6 #define CRYPTO_AEAD_H_
7 
8 #include <stddef.h>
9 #include <stdint.h>
10 
11 #include <string>
12 #include <vector>
13 
14 #include "base/containers/span.h"
15 #include "base/memory/raw_ptr.h"
16 #include "base/strings/string_piece.h"
17 #include "crypto/crypto_export.h"
18 #include "third_party/abseil-cpp/absl/types/optional.h"
19 
20 struct evp_aead_st;
21 
22 namespace crypto {
23 
24 // This class exposes the AES-128-CTR-HMAC-SHA256 and AES_256_GCM AEAD. Note
25 // that there are two versions of most methods: an historical version based
26 // around |StringPiece| and a more modern version that takes |base::span|.
27 // Prefer the latter in new code.
28 class CRYPTO_EXPORT Aead {
29  public:
30   enum AeadAlgorithm {
31     AES_128_CTR_HMAC_SHA256,
32     AES_256_GCM,
33     AES_256_GCM_SIV,
34     CHACHA20_POLY1305
35   };
36 
37   explicit Aead(AeadAlgorithm algorithm);
38   Aead(const Aead&) = delete;
39   Aead& operator=(const Aead&) = delete;
40   ~Aead();
41 
42   // Note that Init keeps a reference to the data pointed to by |key| thus that
43   // data must outlive this object.
44   void Init(base::span<const uint8_t> key);
45 
46   // Note that Init keeps a reference to the data pointed to by |key| thus that
47   // data must outlive this object.
48   void Init(const std::string* key);
49 
50   std::vector<uint8_t> Seal(base::span<const uint8_t> plaintext,
51                             base::span<const uint8_t> nonce,
52                             base::span<const uint8_t> additional_data) const;
53 
54   bool Seal(base::StringPiece plaintext,
55             base::StringPiece nonce,
56             base::StringPiece additional_data,
57             std::string* ciphertext) const;
58 
59   absl::optional<std::vector<uint8_t>> Open(
60       base::span<const uint8_t> ciphertext,
61       base::span<const uint8_t> nonce,
62       base::span<const uint8_t> additional_data) const;
63 
64   bool Open(base::StringPiece ciphertext,
65             base::StringPiece nonce,
66             base::StringPiece additional_data,
67             std::string* plaintext) const;
68 
69   size_t KeyLength() const;
70 
71   size_t NonceLength() const;
72 
73  private:
74   bool Seal(base::span<const uint8_t> plaintext,
75             base::span<const uint8_t> nonce,
76             base::span<const uint8_t> additional_data,
77             uint8_t* out,
78             size_t* output_length,
79             size_t max_output_length) const;
80 
81   bool Open(base::span<const uint8_t> ciphertext,
82             base::span<const uint8_t> nonce,
83             base::span<const uint8_t> additional_data,
84             uint8_t* out,
85             size_t* output_length,
86             size_t max_output_length) const;
87 
88   absl::optional<base::span<const uint8_t>> key_;
89   raw_ptr<const evp_aead_st> aead_;
90 };
91 
92 }  // namespace crypto
93 
94 #endif  // CRYPTO_AEAD_H_
95