android-cuttlefish/cvd/aes__128__gcm_8h_source.html

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */


#pragma once


#include <stdint.h>


#include <optional>

#include <vector>


#include <openssl/aead.h>


namespace adb {

namespace pairing {


class Aes128Gcm {

  public:

    explicit Aes128Gcm(const uint8_t* key_material, size_t key_material_len);


    // Encrypt a block of data in |in| of length |in_len|, this consumes all data

    // in |in| and places the encrypted data in |out| if |out_len| indicates that

    // there is enough space. The data contains information needed for

    // decryption that is specific to this implementation and is therefore only

    // suitable for decryption with this class.

    // The method returns the number of bytes placed in |out| on success and a

    // negative value if an error occurs.

    std::optional<size_t> Encrypt(const uint8_t* in, size_t in_len, uint8_t* out, size_t out_len);

    // Decrypt a block of data in |in| of length |in_len|, this consumes all data

    // in |in_len| bytes of data. The decrypted output is placed in the |out|

    // buffer of length |out_len|. On successful decryption the number of bytes in

    // |out| will be placed in |out_len|.

    // The method returns the number of bytes consumed from the |in| buffer. If

    // there is not enough data available in |in| the method returns zero. If

    // an error occurs the method returns a negative value.

    std::optional<size_t> Decrypt(const uint8_t* in, size_t in_len, uint8_t* out, size_t out_len);


    // Return a safe amount of buffer storage needed to encrypt |size| bytes.

    size_t EncryptedSize(size_t size);

    // Return a safe amount of buffer storage needed to decrypt |size| bytes.

    size_t DecryptedSize(size_t size);


  private:

    bssl::ScopedEVP_AEAD_CTX context_;

    // Sequence numbers to use as nonces in the encryption scheme

    uint64_t dec_sequence_ = 0;

    uint64_t enc_sequence_ = 0;

};


}  // namespace pairing

}  // namespace adb

adb::pairing::Aes128Gcm
Definition: aes_128_gcm.h:29

adb::pairing::Aes128Gcm::dec_sequence_
uint64_t dec_sequence_
Definition: aes_128_gcm.h:58

adb::pairing::Aes128Gcm::DecryptedSize
size_t DecryptedSize(size_t size)
Definition: aes_128_gcm.cpp:87

adb::pairing::Aes128Gcm::context_
bssl::ScopedEVP_AEAD_CTX context_
Definition: aes_128_gcm.h:56

adb::pairing::Aes128Gcm::EncryptedSize
size_t EncryptedSize(size_t size)
Definition: aes_128_gcm.cpp:82

adb::pairing::Aes128Gcm::Decrypt
std::optional< size_t > Decrypt(const uint8_t *in, size_t in_len, uint8_t *out, size_t out_len)
Definition: aes_128_gcm.cpp:66

adb::pairing::Aes128Gcm::Aes128Gcm
Aes128Gcm(const uint8_t *key_material, size_t key_material_len)
Definition: aes_128_gcm.cpp:37

adb::pairing::Aes128Gcm::enc_sequence_
uint64_t enc_sequence_
Definition: aes_128_gcm.h:59

adb::pairing::Aes128Gcm::Encrypt
std::optional< size_t > Encrypt(const uint8_t *in, size_t in_len, uint8_t *out, size_t out_len)
Definition: aes_128_gcm.cpp:50

size
uint32_t size
Definition: io.h:2

adb
Definition: key.h:25