| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "crypto/encryptor.h" |
| 6 |
| 7 #include <vector> |
| 8 |
| 9 #include "crypto/symmetric_key.h" |
| 10 |
| 11 namespace crypto { |
| 12 |
| 13 namespace { |
| 14 |
| 15 // On success, returns the block size (in bytes) for the algorithm that |key| |
| 16 // is for. On failure, returns 0. |
| 17 DWORD GetCipherBlockSize(HCRYPTKEY key) { |
| 18 DWORD block_size_in_bits = 0; |
| 19 DWORD param_size = sizeof(block_size_in_bits); |
| 20 BOOL ok = CryptGetKeyParam(key, KP_BLOCKLEN, |
| 21 reinterpret_cast<BYTE*>(&block_size_in_bits), |
| 22 ¶m_size, 0); |
| 23 if (!ok) |
| 24 return 0; |
| 25 |
| 26 return block_size_in_bits / 8; |
| 27 } |
| 28 |
| 29 } // namespace |
| 30 |
| 31 Encryptor::Encryptor() |
| 32 : key_(NULL), |
| 33 mode_(CBC), |
| 34 block_size_(0) { |
| 35 } |
| 36 |
| 37 Encryptor::~Encryptor() { |
| 38 } |
| 39 |
| 40 bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) { |
| 41 DCHECK(key); |
| 42 DCHECK_EQ(CBC, mode) << "Unsupported mode of operation"; |
| 43 |
| 44 // In CryptoAPI, the IV, padding mode, and feedback register (for a chaining |
| 45 // mode) are properties of a key, so we have to create a copy of the key for |
| 46 // the Encryptor. See the Remarks section of the CryptEncrypt MSDN page. |
| 47 BOOL ok = CryptDuplicateKey(key->key(), NULL, 0, capi_key_.receive()); |
| 48 if (!ok) |
| 49 return false; |
| 50 |
| 51 // CRYPT_MODE_CBC is the default for Microsoft Base Cryptographic Provider, |
| 52 // but we set it anyway to be safe. |
| 53 DWORD cipher_mode = CRYPT_MODE_CBC; |
| 54 ok = CryptSetKeyParam(capi_key_.get(), KP_MODE, |
| 55 reinterpret_cast<BYTE*>(&cipher_mode), 0); |
| 56 if (!ok) |
| 57 return false; |
| 58 |
| 59 block_size_ = GetCipherBlockSize(capi_key_.get()); |
| 60 if (block_size_ == 0) |
| 61 return false; |
| 62 |
| 63 if (iv.size() != block_size_) |
| 64 return false; |
| 65 |
| 66 ok = CryptSetKeyParam(capi_key_.get(), KP_IV, |
| 67 reinterpret_cast<const BYTE*>(iv.data()), 0); |
| 68 if (!ok) |
| 69 return false; |
| 70 |
| 71 DWORD padding_method = PKCS5_PADDING; |
| 72 ok = CryptSetKeyParam(capi_key_.get(), KP_PADDING, |
| 73 reinterpret_cast<BYTE*>(&padding_method), 0); |
| 74 if (!ok) |
| 75 return false; |
| 76 |
| 77 return true; |
| 78 } |
| 79 |
| 80 bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) { |
| 81 DWORD data_len = plaintext.size(); |
| 82 DWORD total_len = data_len + block_size_; |
| 83 |
| 84 // CryptoAPI encrypts/decrypts in place. |
| 85 std::vector<BYTE> tmp(total_len); |
| 86 memcpy(&tmp[0], plaintext.data(), data_len); |
| 87 |
| 88 BOOL ok = CryptEncrypt(capi_key_.get(), NULL, TRUE, 0, &tmp[0], |
| 89 &data_len, total_len); |
| 90 if (!ok) |
| 91 return false; |
| 92 |
| 93 ciphertext->assign(reinterpret_cast<char*>(&tmp[0]), data_len); |
| 94 return true; |
| 95 } |
| 96 |
| 97 bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { |
| 98 DWORD data_len = ciphertext.size(); |
| 99 if (data_len == 0) |
| 100 return false; |
| 101 |
| 102 std::vector<BYTE> tmp(data_len); |
| 103 memcpy(&tmp[0], ciphertext.data(), data_len); |
| 104 |
| 105 BOOL ok = CryptDecrypt(capi_key_.get(), NULL, TRUE, 0, &tmp[0], &data_len); |
| 106 if (!ok) |
| 107 return false; |
| 108 |
| 109 DCHECK_GT(tmp.size(), data_len); |
| 110 |
| 111 plaintext->assign(reinterpret_cast<char*>(&tmp[0]), data_len); |
| 112 return true; |
| 113 } |
| 114 |
| 115 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6805019:
Move crypto files out of base, to a top level directory. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/