| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_ENCRYPTOR_H_ | 5 #ifndef CRYPTO_ENCRYPTOR_H_ |
| 6 #define CRYPTO_ENCRYPTOR_H_ | 6 #define CRYPTO_ENCRYPTOR_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/basictypes.h" |
| 12 #include "base/scoped_ptr.h" |
| 11 #include "build/build_config.h" | 13 #include "build/build_config.h" |
| 12 | |
| 13 #if defined(USE_NSS) | 14 #if defined(USE_NSS) |
| 14 #include "crypto/scoped_nss_types.h" | 15 #include "crypto/scoped_nss_types.h" |
| 15 #elif defined(OS_WIN) | 16 #elif defined(OS_WIN) |
| 16 #include "crypto/scoped_capi_types.h" | 17 #include "crypto/scoped_capi_types.h" |
| 17 #endif | 18 #endif |
| 18 | 19 |
| 19 namespace crypto { | 20 namespace crypto { |
| 20 | 21 |
| 21 class SymmetricKey; | 22 class SymmetricKey; |
| 22 | 23 |
| 23 class Encryptor { | 24 class Encryptor { |
| 24 public: | 25 public: |
| 25 enum Mode { | 26 enum Mode { |
| 26 CBC | 27 CBC, |
| 28 CTR, |
| 27 }; | 29 }; |
| 30 |
| 31 // This class implements a 128-bits counter to be used in AES-CTR encryption. |
| 32 // Only 128-bits counter is supported in this class. |
| 33 class Counter { |
| 34 public: |
| 35 Counter(const std::string& counter); |
| 36 ~Counter(); |
| 37 |
| 38 // Increment the counter value. |
| 39 void Increment(); |
| 40 |
| 41 // Write the content of the counter to |buf|. |buf| should have enough |
| 42 // space for |GetLengthInBytes()|. |
| 43 void Write(void* buf); |
| 44 |
| 45 // Return the length of this counter. |
| 46 size_t GetLengthInBytes() const; |
| 47 |
| 48 private: |
| 49 uint64 high_num_; |
| 50 uint64 low_num_; |
| 51 }; |
| 52 |
| 28 Encryptor(); | 53 Encryptor(); |
| 29 virtual ~Encryptor(); | 54 virtual ~Encryptor(); |
| 30 | 55 |
| 31 // Initializes the encryptor using |key| and |iv|. Returns false if either the | 56 // Initializes the encryptor using |key| and |iv|. Returns false if either the |
| 32 // key or the initialization vector cannot be used. | 57 // key or the initialization vector cannot be used. |
| 58 // |
| 59 // When |mode| is CTR then |iv| should be empty. |
| 33 bool Init(SymmetricKey* key, Mode mode, const std::string& iv); | 60 bool Init(SymmetricKey* key, Mode mode, const std::string& iv); |
| 34 | 61 |
| 35 // Encrypts |plaintext| into |ciphertext|. | 62 // Encrypts |plaintext| into |ciphertext|. |
| 36 bool Encrypt(const std::string& plaintext, std::string* ciphertext); | 63 bool Encrypt(const std::string& plaintext, std::string* ciphertext); |
| 37 | 64 |
| 38 // Decrypts |ciphertext| into |plaintext|. | 65 // Decrypts |ciphertext| into |plaintext|. |
| 39 bool Decrypt(const std::string& ciphertext, std::string* plaintext); | 66 bool Decrypt(const std::string& ciphertext, std::string* plaintext); |
| 40 | 67 |
| 68 // Update the counter value when in CTR mode. Currently only 128-bits |
| 69 // counter value is supported. |
| 70 // |
| 71 // Return true only if update was successful. |
| 72 bool UpdateCounter(const std::string& counter); |
| 73 |
| 41 // TODO(albertb): Support streaming encryption. | 74 // TODO(albertb): Support streaming encryption. |
| 42 | 75 |
| 43 private: | 76 private: |
| 77 // Generate a mask using |counter_| to be used for encryption in CTR mode. |
| 78 // Resulting mask will be written to |mask| with |mask_len| bytes. |
| 79 // |
| 80 // The generated mask will always have at least |plaintext_len| bytes and |
| 81 // will be a multiple of the counter length. |
| 82 // |
| 83 // This method is used only in CTR mode. |
| 84 void GenerateCounterMask(size_t plaintext_len, |
| 85 scoped_array<uint8>* mask, |
| 86 size_t* mask_len); |
| 87 |
| 88 // Mask the |plaintext| message using |mask|. The output will be written to |
| 89 // |ciphertext|. |ciphertext| must have at least |plaintext_len| bytes. |
| 90 void MaskMessage(const void* plaintext, |
| 91 size_t plaintext_len, |
| 92 const void* mask, |
| 93 void* ciphertext) const; |
| 94 |
| 44 SymmetricKey* key_; | 95 SymmetricKey* key_; |
| 45 Mode mode_; | 96 Mode mode_; |
| 97 scoped_ptr<Counter> counter_; |
| 46 | 98 |
| 47 #if defined(USE_OPENSSL) | 99 #if defined(USE_OPENSSL) |
| 48 bool Crypt(bool encrypt, // Pass true to encrypt, false to decrypt. | 100 bool Crypt(bool encrypt, // Pass true to encrypt, false to decrypt. |
| 49 const std::string& input, | 101 const std::string& input, |
| 50 std::string* output); | 102 std::string* output); |
| 51 std::string iv_; | 103 std::string iv_; |
| 52 #elif defined(USE_NSS) | 104 #elif defined(USE_NSS) |
| 105 bool Crypt(PK11Context* context, |
| 106 const std::string& input, |
| 107 std::string* output); |
| 108 bool CryptCTR(PK11Context* context, |
| 109 const std::string& input, |
| 110 std::string* output); |
| 53 ScopedPK11Slot slot_; | 111 ScopedPK11Slot slot_; |
| 54 ScopedSECItem param_; | 112 ScopedSECItem param_; |
| 55 #elif defined(OS_MACOSX) | 113 #elif defined(OS_MACOSX) |
| 56 bool Crypt(int /*CCOperation*/ op, | 114 bool Crypt(int /*CCOperation*/ op, |
| 57 const std::string& input, | 115 const std::string& input, |
| 58 std::string* output); | 116 std::string* output); |
| 59 | 117 |
| 60 std::string iv_; | 118 std::string iv_; |
| 61 #elif defined(OS_WIN) | 119 #elif defined(OS_WIN) |
| 62 ScopedHCRYPTKEY capi_key_; | 120 ScopedHCRYPTKEY capi_key_; |
| 63 DWORD block_size_; | 121 DWORD block_size_; |
| 64 #endif | 122 #endif |
| 65 }; | 123 }; |
| 66 | 124 |
| 67 } // namespace crypto | 125 } // namespace crypto |
| 68 | 126 |
| 69 #endif // CRYPTO_ENCRYPTOR_H_ | 127 #endif // CRYPTO_ENCRYPTOR_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7056026:
Implement AES-CTR for NSS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src