| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 65 const_cast<char *>(iv.data())); | 65 const_cast<char *>(iv.data())); |
| 66 iv_item.len = iv.size(); | 66 iv_item.len = iv.size(); |
| 67 | 67 |
| 68 param_.reset(PK11_ParamFromIV(GetMechanism(mode), &iv_item)); | 68 param_.reset(PK11_ParamFromIV(GetMechanism(mode), &iv_item)); |
| 69 break; | 69 break; |
| 70 case CTR: | 70 case CTR: |
| 71 param_.reset(PK11_ParamFromIV(GetMechanism(mode), NULL)); | 71 param_.reset(PK11_ParamFromIV(GetMechanism(mode), NULL)); |
| 72 break; | 72 break; |
| 73 } | 73 } |
| 74 | 74 |
| 75 if (!param_.get()) | 75 return param_ != NULL; |
| 76 return false; | |
| 77 return true; | |
| 78 } | 76 } |
| 79 | 77 |
| 80 bool Encryptor::Encrypt(const base::StringPiece& plaintext, | 78 bool Encryptor::Encrypt(const base::StringPiece& plaintext, |
| 81 std::string* ciphertext) { | 79 std::string* ciphertext) { |
| 80 CHECK(!plaintext.empty() || (mode_ == CBC)); |
| 82 ScopedPK11Context context(PK11_CreateContextBySymKey(GetMechanism(mode_), | 81 ScopedPK11Context context(PK11_CreateContextBySymKey(GetMechanism(mode_), |
| 83 CKA_ENCRYPT, | 82 CKA_ENCRYPT, |
| 84 key_->key(), | 83 key_->key(), |
| 85 param_.get())); | 84 param_.get())); |
| 86 if (!context.get()) | 85 if (!context.get()) |
| 87 return false; | 86 return false; |
| 88 | 87 |
| 89 if (mode_ == CTR) | 88 return (mode_ == CTR) ? |
| 90 return CryptCTR(context.get(), plaintext, ciphertext); | 89 CryptCTR(context.get(), plaintext, ciphertext) : |
| 91 else | 90 Crypt(context.get(), plaintext, ciphertext); |
| 92 return Crypt(context.get(), plaintext, ciphertext); | |
| 93 } | 91 } |
| 94 | 92 |
| 95 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, | 93 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, |
| 96 std::string* plaintext) { | 94 std::string* plaintext) { |
| 97 if (ciphertext.empty()) | 95 CHECK(!ciphertext.empty()); |
| 98 return false; | |
| 99 | |
| 100 ScopedPK11Context context(PK11_CreateContextBySymKey( | 96 ScopedPK11Context context(PK11_CreateContextBySymKey( |
| 101 GetMechanism(mode_), (mode_ == CTR ? CKA_ENCRYPT : CKA_DECRYPT), | 97 GetMechanism(mode_), (mode_ == CTR ? CKA_ENCRYPT : CKA_DECRYPT), |
| 102 key_->key(), param_.get())); | 98 key_->key(), param_.get())); |
| 103 if (!context.get()) | 99 if (!context.get()) |
| 104 return false; | 100 return false; |
| 105 | 101 |
| 106 if (mode_ == CTR) | 102 return (mode_ == CTR) ? |
| 107 return CryptCTR(context.get(), ciphertext, plaintext); | 103 CryptCTR(context.get(), ciphertext, plaintext) : |
| 108 else | 104 Crypt(context.get(), ciphertext, plaintext); |
| 109 return Crypt(context.get(), ciphertext, plaintext); | |
| 110 } | 105 } |
| 111 | 106 |
| 112 bool Encryptor::Crypt(PK11Context* context, | 107 bool Encryptor::Crypt(PK11Context* context, |
| 113 const base::StringPiece& input, | 108 const base::StringPiece& input, |
| 114 std::string* output) { | 109 std::string* output) { |
| 115 size_t output_len = input.size() + AES_BLOCK_SIZE; | 110 size_t output_len = input.size() + AES_BLOCK_SIZE; |
| 116 CHECK(output_len > input.size()) << "Output size overflow"; | 111 CHECK_GT(output_len, input.size()); |
| 117 | 112 |
| 118 output->resize(output_len); | 113 output->resize(output_len); |
| 119 uint8* output_data = | 114 uint8* output_data = |
| 120 reinterpret_cast<uint8*>(const_cast<char*>(output->data())); | 115 reinterpret_cast<uint8*>(const_cast<char*>(output->data())); |
| 121 | 116 |
| 122 int input_len = input.size(); | 117 int input_len = input.size(); |
| 123 uint8* input_data = | 118 uint8* input_data = |
| 124 reinterpret_cast<uint8*>(const_cast<char*>(input.data())); | 119 reinterpret_cast<uint8*>(const_cast<char*>(input.data())); |
| 125 | 120 |
| 126 int op_len; | 121 int op_len; |
| (...skipping 26 matching lines...) Expand all Loading... |
| 153 bool Encryptor::CryptCTR(PK11Context* context, | 148 bool Encryptor::CryptCTR(PK11Context* context, |
| 154 const base::StringPiece& input, | 149 const base::StringPiece& input, |
| 155 std::string* output) { | 150 std::string* output) { |
| 156 if (!counter_.get()) { | 151 if (!counter_.get()) { |
| 157 LOG(ERROR) << "Counter value not set in CTR mode."; | 152 LOG(ERROR) << "Counter value not set in CTR mode."; |
| 158 return false; | 153 return false; |
| 159 } | 154 } |
| 160 | 155 |
| 161 size_t output_len = ((input.size() + AES_BLOCK_SIZE - 1) / AES_BLOCK_SIZE) * | 156 size_t output_len = ((input.size() + AES_BLOCK_SIZE - 1) / AES_BLOCK_SIZE) * |
| 162 AES_BLOCK_SIZE; | 157 AES_BLOCK_SIZE; |
| 163 CHECK(output_len >= input.size()) << "Output size overflow"; | 158 CHECK_GE(output_len, input.size()); |
| 164 output->resize(output_len); | 159 output->resize(output_len); |
| 165 uint8* output_data = | 160 uint8* output_data = |
| 166 reinterpret_cast<uint8*>(const_cast<char*>(output->data())); | 161 reinterpret_cast<uint8*>(const_cast<char*>(output->data())); |
| 167 | 162 |
| 168 size_t mask_len; | 163 size_t mask_len; |
| 169 bool ret = GenerateCounterMask(input.size(), output_data, &mask_len); | 164 bool ret = GenerateCounterMask(input.size(), output_data, &mask_len); |
| 170 if (!ret) | 165 if (!ret) |
| 171 return false; | 166 return false; |
| 172 | 167 |
| 173 CHECK_EQ(mask_len, output_len); | 168 CHECK_EQ(mask_len, output_len); |
| 174 int op_len; | 169 int op_len; |
| 175 SECStatus rv = PK11_CipherOp(context, | 170 SECStatus rv = PK11_CipherOp(context, |
| 176 output_data, | 171 output_data, |
| 177 &op_len, | 172 &op_len, |
| 178 output_len, | 173 output_len, |
| 179 output_data, | 174 output_data, |
| 180 mask_len); | 175 mask_len); |
| 181 if (SECSuccess != rv) | 176 if (SECSuccess != rv) |
| 182 return false; | 177 return false; |
| 183 CHECK(op_len == static_cast<int>(mask_len)); | 178 CHECK_EQ(static_cast<int>(mask_len), op_len); |
| 184 | 179 |
| 185 unsigned int digest_len; | 180 unsigned int digest_len; |
| 186 rv = PK11_DigestFinal(context, | 181 rv = PK11_DigestFinal(context, |
| 187 NULL, | 182 NULL, |
| 188 &digest_len, | 183 &digest_len, |
| 189 0); | 184 0); |
| 190 if (SECSuccess != rv) | 185 if (SECSuccess != rv) |
| 191 return false; | 186 return false; |
| 192 CHECK(!digest_len); | 187 CHECK(!digest_len); |
| 193 | 188 |
| 194 // Use |output_data| to mask |input|. | 189 // Use |output_data| to mask |input|. |
| 195 MaskMessage( | 190 MaskMessage( |
| 196 reinterpret_cast<uint8*>(const_cast<char*>(input.data())), | 191 reinterpret_cast<uint8*>(const_cast<char*>(input.data())), |
| 197 input.length(), output_data, output_data); | 192 input.length(), output_data, output_data); |
| 198 output->resize(input.length()); | 193 output->resize(input.length()); |
| 199 return true; | 194 return true; |
| 200 } | 195 } |
| 201 | 196 |
| 202 } // namespace crypto | 197 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8418034:
Make string_util::WriteInto() DCHECK() that the supplied |length_with_null| > 1, meaning that the... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/