Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(292)

Unified Diff: base/crypto/encryptor_openssl.cc

Issue 4777001: Implements encryptor_openssl.cc (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: moar witesps Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: base/crypto/encryptor_openssl.cc
diff --git a/base/crypto/encryptor_openssl.cc b/base/crypto/encryptor_openssl.cc
index 71a84be710dcf5dc31e08063bd5b8f2dbe21fa8d..45f601ae9098a46cedead1c98abd6e3c1e47dea5 100644
--- a/base/crypto/encryptor_openssl.cc
+++ b/base/crypto/encryptor_openssl.cc
@@ -4,7 +4,12 @@
#include "base/crypto/encryptor.h"
+#include <openssl/aes.h>
+#include <openssl/evp.h>
+
+#include "base/crypto/symmetric_key.h"
#include "base/logging.h"
+#include "base/string_util.h"
namespace base {
@@ -15,18 +20,69 @@ Encryptor::~Encryptor() {
}
bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) {
- NOTIMPLEMENTED();
- return false;
+ DCHECK(key);
+ DCHECK_EQ(CBC, mode);
+
+ if (iv.size() != AES_BLOCK_SIZE) {
+ NOTREACHED();
+ return false;
+ }
+
+ key_ = key;
Ryan Sleevi 2010/11/10 23:46:58 Perhaps you should move the CHECKs from 52-54 here
joth 2010/11/11 17:35:58 Done.
+ mode_ = mode;
+ iv_ = iv;
+ return true;
}
bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) {
- NOTIMPLEMENTED();
- return false;
+ return Crypt(1, plaintext, ciphertext);
}
bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) {
- NOTIMPLEMENTED();
- return false;
+ return Crypt(0, ciphertext, plaintext);
+}
+
+bool Encryptor::Crypt(int do_encrypt,
+ const std::string& input,
+ std::string* output) {
+ if (input.size() == 0)
+ return false;
+ const EVP_CIPHER* cipher = EVP_aes_256_cbc();
wtc 2010/11/10 23:40:32 Why do you hardcode the AES key size to 256 bits?
joth 2010/11/11 17:35:58 The tests only cover the 256 bit case. OK if I add
+
+ const std::string& key = key_->key();
+ CHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length()));
+ CHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length()));
+
+ EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
+ EVP_CipherInit_ex(&ctx, cipher, NULL,
Ryan Sleevi 2010/11/10 23:46:58 Check the return value here. It can fail for a num
joth 2010/11/11 17:35:58 Done.
+ reinterpret_cast<const uint8*>(key.data()),
+ reinterpret_cast<const uint8*>(iv_.data()), do_encrypt);
+
+ const size_t output_size = input.size() + iv_.size();
wtc 2010/11/10 23:40:32 Nit: I believe that you only need to add iv_.size(
Ryan Sleevi 2010/11/10 23:46:58 Maybe a comment here explaining why adding the iv_
joth 2010/11/11 17:35:58 Done.
joth 2010/11/11 17:35:58 Done.
+ uint8* out_ptr = reinterpret_cast<uint8*>(WriteInto(output,
+ output_size + 1));
+ int out_len;
+ if (!EVP_CipherUpdate(&ctx, out_ptr, &out_len,
+ reinterpret_cast<const uint8*>(input.data()),
+ input.length())) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
Ryan Sleevi 2010/11/10 23:46:58 In the case of failure here and on line 77, you sh
joth 2010/11/11 17:35:58 Done.
+ return false;
+ }
+
+ // Buffer passed to EVP_EncryptFinal() must be after data just
wtc 2010/11/10 23:40:32 Nit: you're calling EVP_CipherFinal_ex, not EVP_En
joth 2010/11/11 17:35:58 Done.
+ // encrypted to avoid overwriting it.
Ryan Sleevi 2010/11/10 23:46:58 Maybe rephrase this, to indicate you're writing th
joth 2010/11/11 17:35:58 Done.
+ int pad_len;
+ if(!EVP_CipherFinal_ex(&ctx, out_ptr + out_len, &pad_len)) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return false;
+ }
+
+ out_len += pad_len;
+ DCHECK_LE(out_len, static_cast<int>(output_size));
+ output->resize(out_len);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return true;
}
} // namespace base

Powered by Google App Engine
This is Rietveld 408576698