Skip to content

Commit

Permalink
MbedAead::decrypt()
Browse files Browse the repository at this point in the history 
Summary: - implements ::decrypt, however doesn't support inplace encryption for now

Reviewed By: kvtsoy

Differential Revision: D49326635

fbshipit-source-id: fe52f347567b3cbafb62e2629e276ac4947adaab
  • Loading branch information
@hanidamlaj @facebook-github-bot
hanidamlaj authored and facebook-github-bot committed Sep 22, 2023
1 parent 58d44aa commit 83913c5
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 5 deletions.
34 changes: 34 additions & 0 deletions quic/mbed/MbedAead.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,40 @@ std::unique_ptr<folly::IOBuf> MbedAead::inplaceEncrypt(
return ciphertext_buf;
}

folly::Optional<std::unique_ptr<folly::IOBuf>> MbedAead::tryDecrypt(
std::unique_ptr<folly::IOBuf>&& ciphertext,
const folly::IOBuf* assocData,
uint64_t seqNum) const {
// support only unchained iobufs for now
CHECK(!ciphertext->isChained());
CHECK(assocData == nullptr || !assocData->isChained());

setCipherKey(MBEDTLS_DECRYPT);

// create IOBuf of size len(plaintext) - getCipherOverhead()
const size_t tag_len = getCipherOverhead();
auto plaintext_buf = folly::IOBuf::create(ciphertext->length());
auto iv = getIV(seqNum);
size_t write_size{0};

if (mbedtls_cipher_auth_decrypt_ext(
/*ctx=*/&cipher_ctx,
/*iv=*/iv.data(),
/*iv_len=*/std::min<size_t>(iv.size(), key_.iv->length()),
/*ad=*/assocData ? assocData->data() : nullptr,
/*ad_len=*/assocData ? assocData->length() : 0,
/*input=*/ciphertext->data(),
/*ilen=*/ciphertext->length(),
/*output=*/plaintext_buf->writableData(),
/*output_len=*/plaintext_buf->capacity(),
/*olen=*/&write_size,
/*tag_len=*/tag_len) != 0) {
return folly::none;
}
plaintext_buf->append(write_size);
return plaintext_buf;
}

size_t MbedAead::getCipherOverhead() const {
return TAG_LENGTH;
}
Expand Down
9 changes: 4 additions & 5 deletions quic/mbed/MbedAead.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,11 @@ class MbedAead : public Aead {
const folly::IOBuf* assocData,
uint64_t seqNum) const override;

// does not support inplace decryption just yet
folly::Optional<std::unique_ptr<folly::IOBuf>> tryDecrypt(
std::unique_ptr<folly::IOBuf>&& /*ciphertext*/,
const folly::IOBuf* /*associatedData*/,
uint64_t /*seqNum*/) const override {
return folly::none;
}
std::unique_ptr<folly::IOBuf>&& ciphertext,
const folly::IOBuf* assocData,
uint64_t seqNum) const override;

// returns tag length
size_t getCipherOverhead() const override;
Expand Down

0 comments on commit 83913c5

Please sign in to comment.