PacketKey

compio::tls::rustls::quic

Trait PacketKey 

pub trait PacketKey: Send + Sync {
    // Required methods
    fn encrypt_in_place(
        &self,
        packet_number: u64,
        header: &[u8],
        payload: &mut [u8],
    ) -> Result<Tag, Error>;
    fn decrypt_in_place<'a>(
        &self,
        packet_number: u64,
        header: &[u8],
        payload: &'a mut [u8],
    ) -> Result<&'a [u8], Error>;
    fn tag_len(&self) -> usize;
    fn confidentiality_limit(&self) -> u64;
    fn integrity_limit(&self) -> u64;

    // Provided methods
    fn encrypt_in_place_for_path(
        &self,
        _path_id: u32,
        _packet_number: u64,
        _header: &[u8],
        _payload: &mut [u8],
    ) -> Result<Tag, Error> { ... }
    fn decrypt_in_place_for_path<'a>(
        &self,
        _path_id: u32,
        _packet_number: u64,
        _header: &[u8],
        _payload: &'a mut [u8],
    ) -> Result<&'a [u8], Error> { ... }
}
Available on crate feature tls only.
Expand description

Keys to encrypt or decrypt the payload of a packet

Required Methods§

fn encrypt_in_place( &self, packet_number: u64, header: &[u8], payload: &mut [u8], ) -> Result<Tag, Error>

Encrypt a QUIC packet

Takes a packet_number, used to derive the nonce; the packet header, which is used as the additional authenticated data; and the payload. The authentication tag is returned if encryption succeeds.

Fails if and only if the payload is longer than allowed by the cipher suite’s AEAD algorithm.

fn decrypt_in_place<'a>( &self, packet_number: u64, header: &[u8], payload: &'a mut [u8], ) -> Result<&'a [u8], Error>

Decrypt a QUIC packet

Takes the packet header, which is used as the additional authenticated data, and the payload, which includes the authentication tag.

If the return value is Ok, the decrypted payload can be found in payload, up to the length found in the return value.

fn tag_len(&self) -> usize

Tag length for the underlying AEAD algorithm

fn confidentiality_limit(&self) -> u64

Number of QUIC messages that can be safely encrypted with a single key of this type.

Once a MessageEncrypter produced for this suite has encrypted more than confidentiality_limit messages, an attacker gains an advantage in distinguishing it from an ideal pseudorandom permutation (PRP).

This is to be set on the assumption that messages are maximally sized – 2 ** 16. For non-QUIC TCP connections see CipherSuiteCommon::confidentiality_limit.

fn integrity_limit(&self) -> u64

Number of QUIC messages that can be safely decrypted with a single key of this type

Once a MessageDecrypter produced for this suite has failed to decrypt integrity_limit messages, an attacker gains an advantage in forging messages.

This is not relevant for TLS over TCP (which is also implemented in this crate) because a single failed decryption is fatal to the connection. However, this quantity is used by QUIC.

Provided Methods§

fn encrypt_in_place_for_path( &self, _path_id: u32, _packet_number: u64, _header: &[u8], _payload: &mut [u8], ) -> Result<Tag, Error>

Encrypts a multipath QUIC packet

Takes a path_id and packet_number, used to derive the nonce; the packet header, which is used as the additional authenticated data; and the payload. The authentication tag is returned if encryption succeeds.

Fails if and only if the payload is longer than allowed by the cipher suite’s AEAD algorithm.

See https://www.ietf.org/archive/id/draft-ietf-quic-multipath-11.html#name-nonce-calculation.

fn decrypt_in_place_for_path<'a>( &self, _path_id: u32, _packet_number: u64, _header: &[u8], _payload: &'a mut [u8], ) -> Result<&'a [u8], Error>

Decrypt a multipath QUIC packet

Takes a path_id and packet_number, used to derive the nonce; the packet header, which is used as the additional authenticated data; and the payload. The authentication tag is returned if encryption succeeds.

If the return value is Ok, the decrypted payload can be found in payload, up to the length found in the return value.

See https://www.ietf.org/archive/id/draft-ietf-quic-multipath-11.html#name-nonce-calculation.

Trait Implementations§

§

impl PacketKey for Box<dyn PacketKey>

§

fn encrypt(&self, packet: u64, buf: &mut [u8], header_len: usize)

Encrypt the packet payload with the given packet number
§

fn decrypt( &self, packet: u64, header: &[u8], payload: &mut BytesMut, ) -> Result<(), CryptoError>

Decrypt the packet payload with the given packet number
§

fn tag_len(&self) -> usize

The length of the AEAD tag appended to packets on encryption
§

fn confidentiality_limit(&self) -> u64

Maximum number of packets that may be sent using a single key
§

fn integrity_limit(&self) -> u64

Maximum number of incoming packets that may fail decryption before the connection must be abandoned

Implementors§