xref: /aosp_15_r20/external/tink/cc/subtle/streaming_aead_encrypting_stream.h (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2019 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #ifndef TINK_SUBTLE_STREAMING_AEAD_ENCRYPTING_STREAM_H_
18 #define TINK_SUBTLE_STREAMING_AEAD_ENCRYPTING_STREAM_H_
19 
20 #include <memory>
21 #include <vector>
22 
23 #include "tink/output_stream.h"
24 #include "tink/subtle/stream_segment_encrypter.h"
25 #include "tink/util/statusor.h"
26 
27 namespace crypto {
28 namespace tink {
29 namespace subtle {
30 
31 class StreamingAeadEncryptingStream : public OutputStream {
32  public:
33   // A factory that produces encrypting streams.
34   // The returned stream is a wrapper around 'ciphertext_destination',
35   // such that any bytes written via the wrapper are AEAD-encrypted
36   // by 'segment_encrypter' using 'associated_data' as associated
37   // authenticated data.
38   static
39   crypto::tink::util::StatusOr<std::unique_ptr<crypto::tink::OutputStream>>
40       New(std::unique_ptr<StreamSegmentEncrypter> segment_encrypter,
41           std::unique_ptr<crypto::tink::OutputStream> ciphertext_destination);
42 
43   // -----------------------
44   // Methods of OutputStream-interface implemented by this class.
45   crypto::tink::util::StatusOr<int> Next(void** data) override;
46   void BackUp(int count) override;
47   crypto::tink::util::Status Close() override;
48   int64_t Position() const override;
49 
50  private:
StreamingAeadEncryptingStream()51   StreamingAeadEncryptingStream() {}
52   std::unique_ptr<StreamSegmentEncrypter> segment_encrypter_;
53   std::unique_ptr<crypto::tink::OutputStream> ct_destination_;
54   std::vector<uint8_t> pt_buffer_;  // plaintext buffer
55   std::vector<uint8_t> ct_buffer_;  // ciphertext buffer
56   std::vector<uint8_t> pt_to_encrypt_;  // plaintext to be encrypted
57   int64_t position_;  // number of plaintext bytes written to this stream
58   crypto::tink::util::Status status_;  // status of the stream
59 
60   // Counters that describe the state of the data in pt_buffer_.
61   int count_backedup_;    // # bytes in pt_buffer_ that were backed up
62   int pt_buffer_offset_;  // offset at which *data starts in pt_buffer_
63 
64   // Flag that indicates whether the user has obtained a buffer to write
65   // the data of the first segment.
66   // If true, Next() was not called yet, which implies that neither
67   // header has been written to ct_destination_, nor the user had
68   // a chance to write any data to this stream.
69   bool is_first_segment_;
70 };
71 
72 }  // namespace subtle
73 }  // namespace tink
74 }  // namespace crypto
75 
76 #endif  // TINK_SUBTLE_STREAMING_AEAD_ENCRYPTING_STREAM_H_
77