OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/crypto/encryptor.h" | 5 #include "base/crypto/encryptor.h" |
6 | 6 |
| 7 #include <vector> |
| 8 |
| 9 #include "base/crypto/symmetric_key.h" |
| 10 |
7 namespace base { | 11 namespace base { |
8 | 12 |
9 // TODO(albertb): Implement on Windows. | 13 namespace { |
| 14 |
| 15 // On success, returns the block size (in bytes) for the algorithm that |key| |
| 16 // is for. On failure, returns 0. |
| 17 DWORD GetCipherBlockSize(HCRYPTKEY key) { |
| 18 DWORD block_size_in_bits = 0; |
| 19 DWORD param_size = sizeof(block_size_in_bits); |
| 20 BOOL ok = CryptGetKeyParam(key, KP_BLOCKLEN, |
| 21 reinterpret_cast<BYTE*>(&block_size_in_bits), |
| 22 ¶m_size, 0); |
| 23 if (!ok) |
| 24 return 0; |
| 25 |
| 26 return block_size_in_bits / 8; |
| 27 } |
| 28 |
| 29 } // namespace |
10 | 30 |
11 Encryptor::Encryptor() { | 31 Encryptor::Encryptor() { |
12 } | 32 } |
13 | 33 |
14 Encryptor::~Encryptor() { | 34 Encryptor::~Encryptor() { |
15 } | 35 } |
16 | 36 |
17 bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) { | 37 bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) { |
18 return false; | 38 DCHECK(key); |
| 39 DCHECK_EQ(CBC, mode) << "Unsupported mode of operation"; |
| 40 |
| 41 // In CryptoAPI, the IV, padding mode, and feedback register (for a chaining |
| 42 // mode) are properties of a key, so we have to create a copy of the key for |
| 43 // the Encryptor. See the Remarks section of the CryptEncrypt MSDN page. |
| 44 BOOL ok = CryptDuplicateKey(key->key(), NULL, 0, capi_key_.receive()); |
| 45 if (!ok) |
| 46 return false; |
| 47 |
| 48 // CRYPT_MODE_CBC is the default for Microsoft Base Cryptographic Provider, |
| 49 // but we set it anyway to be safe. |
| 50 DWORD cipher_mode = CRYPT_MODE_CBC; |
| 51 ok = CryptSetKeyParam(capi_key_.get(), KP_MODE, |
| 52 reinterpret_cast<BYTE*>(&cipher_mode), 0); |
| 53 if (!ok) |
| 54 return false; |
| 55 |
| 56 block_size_ = GetCipherBlockSize(capi_key_.get()); |
| 57 if (block_size_ == 0) |
| 58 return false; |
| 59 |
| 60 if (iv.size() != block_size_) |
| 61 return false; |
| 62 |
| 63 ok = CryptSetKeyParam(capi_key_.get(), KP_IV, |
| 64 reinterpret_cast<const BYTE*>(iv.data()), 0); |
| 65 if (!ok) |
| 66 return false; |
| 67 |
| 68 DWORD padding_method = PKCS5_PADDING; |
| 69 ok = CryptSetKeyParam(capi_key_.get(), KP_PADDING, |
| 70 reinterpret_cast<BYTE*>(&padding_method), 0); |
| 71 if (!ok) |
| 72 return false; |
| 73 |
| 74 return true; |
19 } | 75 } |
20 | 76 |
21 bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) { | 77 bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) { |
22 return false; | 78 DWORD data_len = plaintext.size(); |
| 79 DWORD total_len = data_len + block_size_; |
| 80 |
| 81 // CryptoAPI encrypts/decrypts in place. |
| 82 std::vector<BYTE> tmp(total_len); |
| 83 memcpy(&tmp[0], plaintext.data(), data_len); |
| 84 |
| 85 BOOL ok = CryptEncrypt(capi_key_.get(), NULL, TRUE, 0, &tmp[0], |
| 86 &data_len, total_len); |
| 87 if (!ok) |
| 88 return false; |
| 89 |
| 90 ciphertext->assign(reinterpret_cast<char*>(&tmp[0]), data_len); |
| 91 return true; |
23 } | 92 } |
24 | 93 |
25 bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { | 94 bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { |
26 return false; | 95 DWORD data_len = ciphertext.size(); |
| 96 |
| 97 std::vector<BYTE> tmp(data_len); |
| 98 memcpy(&tmp[0], ciphertext.data(), data_len); |
| 99 |
| 100 BOOL ok = CryptDecrypt(capi_key_.get(), NULL, TRUE, 0, &tmp[0], &data_len); |
| 101 if (!ok) |
| 102 return false; |
| 103 |
| 104 DCHECK_GT(tmp.size(), data_len); |
| 105 |
| 106 plaintext->assign(reinterpret_cast<char*>(&tmp[0]), data_len); |
| 107 return true; |
27 } | 108 } |
28 | 109 |
29 } // namespace base | 110 } // namespace base |
OLD | NEW |