Chromium Code Reviews Chromium Code Reviews
Issue 8418034:
Make string_util::WriteInto() DCHECK() that the supplied |length_with_null| > 1, meaning that the... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
| 6 | 6 |
| 7 #include <openssl/aes.h> | 7 #include <openssl/aes.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 66 return false; | 66 return false; |
| 67 | 67 |
| 68 key_ = key; | 68 key_ = key; |
| 69 mode_ = mode; | 69 mode_ = mode; |
| 70 iv.CopyToString(&iv_); | 70 iv.CopyToString(&iv_); |
| 71 return true; | 71 return true; |
| 72 } | 72 } |
| 73 | 73 |
| 74 bool Encryptor::Encrypt(const base::StringPiece& plaintext, | 74 bool Encryptor::Encrypt(const base::StringPiece& plaintext, |
| 75 std::string* ciphertext) { | 75 std::string* ciphertext) { |
| 76 DCHECK(!plaintext.empty() || (mode_ == CBC)); | |
| 76 return Crypt(true, plaintext, ciphertext); | 77 return Crypt(true, plaintext, ciphertext); |
| 77 } | 78 } |
| 78 | 79 |
| 79 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, | 80 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, |
| 80 std::string* plaintext) { | 81 std::string* plaintext) { |
| 82 DCHECK(!ciphertext.empty()); | |
| 81 return Crypt(false, ciphertext, plaintext); | 83 return Crypt(false, ciphertext, plaintext); |
| 82 } | 84 } |
| 83 | 85 |
| 84 bool Encryptor::Crypt(bool do_encrypt, | 86 bool Encryptor::Crypt(bool do_encrypt, |
| 85 const base::StringPiece& input, | 87 const base::StringPiece& input, |
| 86 std::string* output) { | 88 std::string* output) { |
| 87 DCHECK(key_); // Must call Init() before En/De-crypt. | 89 DCHECK(key_); // Must call Init() before En/De-crypt. |
| 88 // Work on the result in a local variable, and then only transfer it to | 90 // Work on the result in a local variable, and then only transfer it to |
| 89 // |output| on success to ensure no partial data is returned. | 91 // |output| on success to ensure no partial data is returned. |
| 90 std::string result; | 92 std::string result; |
| 91 output->swap(result); | 93 output->clear(); |
| 92 | 94 |
| 93 const EVP_CIPHER* cipher = GetCipherForKey(key_); | 95 const EVP_CIPHER* cipher = GetCipherForKey(key_); |
| 94 DCHECK(cipher); // Already handled in Init(); | 96 DCHECK(cipher); // Already handled in Init(); |
| 95 | 97 |
| 96 const std::string& key = key_->key(); | 98 const std::string& key = key_->key(); |
| 97 DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length())); | 99 DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length())); |
| 98 DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length())); | 100 DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length())); |
| 99 | 101 |
| 100 ScopedCipherCTX ctx; | 102 ScopedCipherCTX ctx; |
| 101 if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL, | 103 if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL, |
| 102 reinterpret_cast<const uint8*>(key.data()), | 104 reinterpret_cast<const uint8*>(key.data()), |
| 103 reinterpret_cast<const uint8*>(iv_.data()), | 105 reinterpret_cast<const uint8*>(iv_.data()), |
| 104 do_encrypt)) | 106 do_encrypt)) |
| 105 return false; | 107 return false; |
| 106 | 108 |
| 107 // When encrypting, add another block size of space to allow for any padding. | 109 // When encrypting, add another block size of space to allow for any padding. |
| 108 const size_t output_size = input.size() + (do_encrypt ? iv_.size() : 0); | 110 const size_t output_size = input.size() + (do_encrypt ? iv_.size() : 0); |
| 111 DCHECK_GT(output_size, 0u); | |
| 112 DCHECK_GT(output_size + 1, input.size()); | |
|
Ryan Sleevi
2011/11/01 23:08:59
Promote both of these to CHECK_GT
| |
| 109 uint8* out_ptr = reinterpret_cast<uint8*>(WriteInto(&result, | 113 uint8* out_ptr = reinterpret_cast<uint8*>(WriteInto(&result, |
| 110 output_size + 1)); | 114 output_size + 1)); |
| 111 int out_len; | 115 int out_len; |
| 112 if (!EVP_CipherUpdate(ctx.get(), out_ptr, &out_len, | 116 if (!EVP_CipherUpdate(ctx.get(), out_ptr, &out_len, |
| 113 reinterpret_cast<const uint8*>(input.data()), | 117 reinterpret_cast<const uint8*>(input.data()), |
| 114 input.length())) | 118 input.length())) |
| 115 return false; | 119 return false; |
| 116 | 120 |
| 117 // Write out the final block plus padding (if any) to the end of the data | 121 // Write out the final block plus padding (if any) to the end of the data |
| 118 // just written. | 122 // just written. |
| 119 int tail_len; | 123 int tail_len; |
| 120 if (!EVP_CipherFinal_ex(ctx.get(), out_ptr + out_len, &tail_len)) | 124 if (!EVP_CipherFinal_ex(ctx.get(), out_ptr + out_len, &tail_len)) |
| 121 return false; | 125 return false; |
| 122 | 126 |
| 123 out_len += tail_len; | 127 out_len += tail_len; |
| 124 DCHECK_LE(out_len, static_cast<int>(output_size)); | 128 DCHECK_LE(out_len, static_cast<int>(output_size)); |
| 125 result.resize(out_len); | 129 result.resize(out_len); |
| 126 | 130 |
| 127 output->swap(result); | 131 output->swap(result); |
| 128 return true; | 132 return true; |
| 129 } | 133 } |
| 130 | 134 |
| 131 } // namespace crypto | 135 } // namespace crypto |
| OLD | NEW |
