blob: 7a855fd71ec90d2a2b7e34d5ff9c29cc143772db [file] [log] [blame]
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CRYPTO_AEAD_H_
#define CRYPTO_AEAD_H_
#include <stddef.h>
#include <stdint.h>
#include <string>
#include <vector>
#include "base/containers/span.h"
#include "base/optional.h"
#include "base/strings/string_piece.h"
#include "crypto/crypto_export.h"
struct evp_aead_st;
namespace crypto {
// This class exposes the AES-128-CTR-HMAC-SHA256 and AES_256_GCM AEAD. Note
// that there are two versions of most methods: an historical version based
// around |StringPiece| and a more modern version that takes |base::span|.
// Prefer the latter in new code.
class CRYPTO_EXPORT Aead {
public:
enum AeadAlgorithm { AES_128_CTR_HMAC_SHA256, AES_256_GCM, AES_256_GCM_SIV };
explicit Aead(AeadAlgorithm algorithm);
Aead(const Aead&) = delete;
Aead& operator=(const Aead&) = delete;
~Aead();
// Note that Init keeps a reference to the data pointed to by |key| thus that
// data must outlive this object.
void Init(base::span<const uint8_t> key);
// Note that Init keeps a reference to the data pointed to by |key| thus that
// data must outlive this object.
void Init(const std::string* key);
std::vector<uint8_t> Seal(base::span<const uint8_t> plaintext,
base::span<const uint8_t> nonce,
base::span<const uint8_t> additional_data) const;
bool Seal(base::StringPiece plaintext,
base::StringPiece nonce,
base::StringPiece additional_data,
std::string* ciphertext) const;
base::Optional<std::vector<uint8_t>> Open(
base::span<const uint8_t> ciphertext,
base::span<const uint8_t> nonce,
base::span<const uint8_t> additional_data) const;
bool Open(base::StringPiece ciphertext,
base::StringPiece nonce,
base::StringPiece additional_data,
std::string* plaintext) const;
size_t KeyLength() const;
size_t NonceLength() const;
private:
bool Seal(base::span<const uint8_t> plaintext,
base::span<const uint8_t> nonce,
base::span<const uint8_t> additional_data,
uint8_t* out,
size_t* output_length,
size_t max_output_length) const;
bool Open(base::span<const uint8_t> ciphertext,
base::span<const uint8_t> nonce,
base::span<const uint8_t> additional_data,
uint8_t* out,
size_t* output_length,
size_t max_output_length) const;
base::Optional<base::span<const uint8_t>> key_;
const evp_aead_st* aead_;
};
} // namespace crypto
#endif // CRYPTO_AEAD_H_