Chromium Code Reviews Chromium Code Reviews
Issue 7056026:
Implement AES-CTR for NSS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: crypto/encryptor_nss.cc |
| diff --git a/crypto/encryptor_nss.cc b/crypto/encryptor_nss.cc |
| index aaa66268341623e15c87ff7e9d63e1ebe4c0e7df..626e4c9df1c9cf4d58c5e8ef572641560a9cd9d1 100644 |
| --- a/crypto/encryptor_nss.cc |
| +++ b/crypto/encryptor_nss.cc |
| @@ -13,6 +13,23 @@ |
| namespace crypto { |
| +namespace { |
| + |
| +inline CK_MECHANISM_TYPE GetMechanism(Encryptor::Mode mode) { |
| + switch (mode) { |
| + case Encryptor::CBC: |
| + return CKM_AES_CBC_PAD; |
| + case Encryptor::CTR: |
| + return CKM_AES_ECB; |
| + default: |
| + NOTREACHED() << "Unsupported mode of operation"; |
| + break; |
| + } |
| + return 0; |
| +} |
| + |
| +} // namespace |
| + |
| Encryptor::Encryptor() |
| : key_(NULL), |
| mode_(CBC) { |
| @@ -24,53 +41,82 @@ Encryptor::~Encryptor() { |
| bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) { |
| DCHECK(key); |
| - DCHECK_EQ(CBC, mode); |
| + DCHECK(CBC == mode || CTR == mode) << "Unsupported mode of operation"; |
| key_ = key; |
| mode_ = mode; |
| - if (iv.size() != AES_BLOCK_SIZE) |
| + if (mode == CBC && iv.size() != AES_BLOCK_SIZE) |
| return false; |
| - slot_.reset(PK11_GetBestSlot(CKM_AES_CBC_PAD, NULL)); |
| + slot_.reset(PK11_GetBestSlot(GetMechanism(mode), NULL)); |
| if (!slot_.get()) |
| return false; |
| - SECItem iv_item; |
| - iv_item.type = siBuffer; |
| - iv_item.data = reinterpret_cast<unsigned char*>( |
| - const_cast<char *>(iv.data())); |
| - iv_item.len = iv.size(); |
| + if (mode == CBC) { |
| + SECItem iv_item; |
| + iv_item.type = siBuffer; |
| + iv_item.data = reinterpret_cast<unsigned char*>( |
| + const_cast<char *>(iv.data())); |
| + iv_item.len = iv.size(); |
| + |
| + param_.reset(PK11_ParamFromIV(GetMechanism(mode), &iv_item)); |
| + } else { |
| + param_.reset(PK11_ParamFromIV(GetMechanism(mode), NULL)); |
| + } |
| - param_.reset(PK11_ParamFromIV(CKM_AES_CBC_PAD, &iv_item)); |
| if (!param_.get()) |
| return false; |
| - |
| return true; |
| } |
| bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) { |
| - ScopedPK11Context context(PK11_CreateContextBySymKey(CKM_AES_CBC_PAD, |
| + ScopedPK11Context context(PK11_CreateContextBySymKey(GetMechanism(mode_), |
| CKA_ENCRYPT, |
| key_->key(), |
| param_.get())); |
| if (!context.get()) |
| return false; |
| + if (mode_ == CTR && !counter_.get()) { |
| + LOG(ERROR) << "Counter value not set in CTR mode."; |
| + return false; |
| + } |
| + |
| size_t ciphertext_len = plaintext.size() + AES_BLOCK_SIZE; |
| - std::vector<unsigned char> buffer(ciphertext_len); |
| + std::vector<uint8> buffer(ciphertext_len); |
| + |
| + uint8* plaintext_data = |
| + reinterpret_cast<uint8*>(const_cast<char*>(plaintext.data())); |
| + int plaintext_len = plaintext.size(); |
| + |
| + scoped_array<uint8> ctr_mask; |
| + if (mode_ == CTR) { |
| + GenerateCounterMask(plaintext_len, &ctr_mask, &plaintext_len); |
| + plaintext_data = ctr_mask.get(); |
| + } |
| int op_len; |
| SECStatus rv = PK11_CipherOp(context.get(), |
| &buffer[0], |
| &op_len, |
| ciphertext_len, |
| - reinterpret_cast<unsigned char*>( |
| - const_cast<char*>(plaintext.data())), |
| - plaintext.size()); |
| + plaintext_data, |
| + plaintext_len); |
| if (SECSuccess != rv) |
| return false; |
| + if (mode_ == CTR) { |
| + ciphertext->resize(plaintext.length()); |
| + |
| + // Use |buffer| to mask |plaintext|. |
| + MaskMessage( |
| + reinterpret_cast<uint8*>(const_cast<char*>(plaintext.data())), |
| + plaintext.length(), &buffer[0], |
| + reinterpret_cast<uint8*>(const_cast<char*>(ciphertext->data()))); |
| + return true; |
| + } |
| + |
| unsigned int digest_len; |
| rv = PK11_DigestFinal(context.get(), |
| &buffer[op_len], |
| @@ -88,27 +134,50 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { |
| if (ciphertext.empty()) |
| return false; |
| - ScopedPK11Context context(PK11_CreateContextBySymKey(CKM_AES_CBC_PAD, |
| - CKA_DECRYPT, |
| - key_->key(), |
| - param_.get())); |
| + if (mode_ == CTR && !counter_.get()) { |
| + LOG(ERROR) << "Count value not set in CTR mode."; |
| + return false; |
| + } |
|
Ryan Sleevi
2011/06/08 01:29:23
In CTR mode, why not just call Encrypt() with the
Alpha Left Google
2011/06/13 23:32:45
I make Encrypt and Decrypt to share the same code
|
| + |
| + ScopedPK11Context context(PK11_CreateContextBySymKey( |
| + GetMechanism(mode_), (mode_ == CTR ? CKA_ENCRYPT : CKA_DECRYPT), |
| + key_->key(), param_.get())); |
| if (!context.get()) |
| return false; |
| - size_t plaintext_len = ciphertext.size(); |
| - std::vector<unsigned char> buffer(plaintext_len); |
| + uint8* plaintext_data = |
| + reinterpret_cast<uint8*>(const_cast<char*>(ciphertext.data())); |
| + int plaintext_len = ciphertext.size(); |
|
Ryan Sleevi
2011/06/08 01:29:23
nit: ciphertext_data, ciphertext_len (also lines 1
Alpha Left Google
2011/06/13 23:32:45
See the new functions, they are just called input
|
| + |
| + scoped_array<uint8> ctr_mask; |
| + if (mode_ == CTR) { |
| + GenerateCounterMask(plaintext_len, &ctr_mask, &plaintext_len); |
| + plaintext_data = ctr_mask.get(); |
| + } |
| + |
| + std::vector<uint8> buffer(plaintext_len); |
| int op_len; |
| SECStatus rv = PK11_CipherOp(context.get(), |
| &buffer[0], |
| &op_len, |
| plaintext_len, |
| - reinterpret_cast<unsigned char*>( |
| - const_cast<char*>(ciphertext.data())), |
| - ciphertext.size()); |
| + plaintext_data, |
| + plaintext_len); |
| if (SECSuccess != rv) |
| return false; |
| + if (mode_ == CTR) { |
| + plaintext->resize(ciphertext.length()); |
| + |
| + // Use |buffer| to mask |ciphertext|. |
| + MaskMessage( |
| + reinterpret_cast<uint8*>(const_cast<char*>(ciphertext.data())), |
| + ciphertext.length(), &buffer[0], |
| + reinterpret_cast<uint8*>(const_cast<char*>(plaintext->data()))); |
| + return true; |
| + } |
| + |
| unsigned int digest_len; |
| rv = PK11_DigestFinal(context.get(), |
| &buffer[op_len], |
