pub trait PacketKey: Send + Sync {
// Required methods
fn encrypt_in_place(
&self,
packet_number: u64,
header: &[u8],
payload: &mut [u8],
) -> Result<Tag, Error>;
fn decrypt_in_place<'a>(
&self,
packet_number: u64,
header: &[u8],
payload: &'a mut [u8],
) -> Result<&'a [u8], Error>;
fn tag_len(&self) -> usize;
fn confidentiality_limit(&self) -> u64;
fn integrity_limit(&self) -> u64;
}
Expand description
Keys to encrypt or decrypt the payload of a packet
Required Methods§
sourcefn encrypt_in_place(
&self,
packet_number: u64,
header: &[u8],
payload: &mut [u8],
) -> Result<Tag, Error>
fn encrypt_in_place( &self, packet_number: u64, header: &[u8], payload: &mut [u8], ) -> Result<Tag, Error>
Encrypt a QUIC packet
Takes a packet_number
, used to derive the nonce; the packet header
, which is used as
the additional authenticated data; and the payload
. The authentication tag is returned if
encryption succeeds.
Fails if and only if the payload is longer than allowed by the cipher suite’s AEAD algorithm.
sourcefn decrypt_in_place<'a>(
&self,
packet_number: u64,
header: &[u8],
payload: &'a mut [u8],
) -> Result<&'a [u8], Error>
fn decrypt_in_place<'a>( &self, packet_number: u64, header: &[u8], payload: &'a mut [u8], ) -> Result<&'a [u8], Error>
Decrypt a QUIC packet
Takes the packet header
, which is used as the additional authenticated data, and the
payload
, which includes the authentication tag.
If the return value is Ok
, the decrypted payload can be found in payload
, up to the
length found in the return value.
sourcefn confidentiality_limit(&self) -> u64
fn confidentiality_limit(&self) -> u64
Number of QUIC messages that can be safely encrypted with a single key of this type.
Once a MessageEncrypter
produced for this suite has encrypted more than
confidentiality_limit
messages, an attacker gains an advantage in distinguishing it
from an ideal pseudorandom permutation (PRP).
This is to be set on the assumption that messages are maximally sized –
2 ** 16. For non-QUIC TCP connections see CipherSuiteCommon::confidentiality_limit
.
sourcefn integrity_limit(&self) -> u64
fn integrity_limit(&self) -> u64
Number of QUIC messages that can be safely decrypted with a single key of this type
Once a MessageDecrypter
produced for this suite has failed to decrypt integrity_limit
messages, an attacker gains an advantage in forging messages.
This is not relevant for TLS over TCP (which is also implemented in this crate) because a single failed decryption is fatal to the connection. However, this quantity is used by QUIC.