Implement AES-CTR for NSS.

crypto/encryptor.h

Index: crypto/encryptor.h
diff --git a/crypto/encryptor.h b/crypto/encryptor.h
index 0fdf758953322c60ad9118893963cdd1af4d2c47..9d5096acc247818753598528b1df3709acf012c6 100644
--- a/crypto/encryptor.h
+++ b/crypto/encryptor.h
@@ -8,6 +8,8 @@
 
 #include <string>
 
+#include "base/basictypes.h"
+#include "base/scoped_ptr.h"
 #include "build/build_config.h"
 #include "crypto/crypto_api.h"
 
@@ -24,13 +26,43 @@ class SymmetricKey;
 class CRYPTO_API Encryptor {
  public:
   enum Mode {
-    CBC
+    CBC,
+    CTR,
   };
+
+  // This class implements a 128-bits counter to be used in AES-CTR encryption.
+  // Only 128-bits counter is supported in this class.
+  class Counter {
+   public:
+    Counter(const std::string& counter);
+    ~Counter();
+
+    // Increment the counter value.
+    void Increment();
+
+    // Write the content of the counter to |buf|. |buf| should have enough
+    // space for |GetLengthInBytes()|.
+    void Write(void* buf);
+
+    // Return the length of this counter.
+    size_t GetLengthInBytes() const;
+
+   private:
+    size_t counter_bits_;
+
+    union {
+      uint8 buf[16];
+      uint64 force_align[2];
+    } counter_;
+  };
+
   Encryptor();
   virtual ~Encryptor();
 
   // Initializes the encryptor using |key| and |iv|. Returns false if either the
   // key or the initialization vector cannot be used.
+  //
+  // When |mode| is CTR then |iv| should be empty.
   bool Init(SymmetricKey* key, Mode mode, const std::string& iv);
 
   // Encrypts |plaintext| into |ciphertext|.
@@ -39,11 +71,39 @@ class CRYPTO_API Encryptor {
   // Decrypts |ciphertext| into |plaintext|.
   bool Decrypt(const std::string& ciphertext, std::string* plaintext);
 
+  // Update the counter value when in CTR mode. Currently only 128-bits
+  // counter value is supported.
+  //
+  // Return true only if update was successful.
+  bool UpdateCounter(const std::string& counter);
+
   // TODO(albertb): Support streaming encryption.
 
  private:
+  // Generate a mask using |counter_| to be used for encryption in CTR mode.
+  // Resulting mask will be written to |mask| with |mask_len| bytes.
+  //
+  // Make sure there's enough space in mask when calling this method.
+  // Reserve at least |plaintext_len| + 16 bytes for |mask|.
+  //
+  // The generated mask will always have at least |plaintext_len| bytes and
+  // will be a multiple of the counter length.
+  //
+  // This method is used only in CTR mode.
+  void GenerateCounterMask(size_t plaintext_len,
+                           uint8* mask,
+                           size_t* mask_len);
+
+  // Mask the |plaintext| message using |mask|. The output will be written to
+  // |ciphertext|. |ciphertext| must have at least |plaintext_len| bytes.
+  void MaskMessage(const void* plaintext,
+                   size_t plaintext_len,
+                   const void* mask,
+                   void* ciphertext) const;
+
   SymmetricKey* key_;
   Mode mode_;
+  scoped_ptr<Counter> counter_;
 
 #if defined(USE_OPENSSL)
   bool Crypt(bool encrypt,  // Pass true to encrypt, false to decrypt.
@@ -51,6 +111,12 @@ class CRYPTO_API Encryptor {
              std::string* output);
   std::string iv_;
 #elif defined(USE_NSS)
+  bool Crypt(PK11Context* context,
+             const std::string& input,
+             std::string* output);
+  bool CryptCTR(PK11Context* context,
+                const std::string& input,
+                std::string* output);
   ScopedPK11Slot slot_;
   ScopedSECItem param_;
 #elif defined(OS_MACOSX)