| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
| 6 | 6 |
| 7 #include <string.h> | 7 #include <string.h> |
| 8 | 8 |
| 9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
| 10 #include "crypto/symmetric_key.h" | 10 #include "crypto/symmetric_key.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 mode_(CBC), | 34 mode_(CBC), |
| 35 block_size_(0) { | 35 block_size_(0) { |
| 36 } | 36 } |
| 37 | 37 |
| 38 Encryptor::~Encryptor() { | 38 Encryptor::~Encryptor() { |
| 39 } | 39 } |
| 40 | 40 |
| 41 bool Encryptor::Init(SymmetricKey* key, | 41 bool Encryptor::Init(SymmetricKey* key, |
| 42 Mode mode, | 42 Mode mode, |
| 43 const base::StringPiece& iv) { | 43 const base::StringPiece& iv) { |
| 44 DCHECK(key); | 44 DCHECK_EQ(CBC, mode); |
| 45 DCHECK_EQ(CBC, mode) << "Unsupported mode of operation"; | 45 if (!key) |
| 46 return false; |
| 46 | 47 |
| 47 // In CryptoAPI, the IV, padding mode, and feedback register (for a chaining | 48 // In CryptoAPI, the IV, padding mode, and feedback register (for a chaining |
| 48 // mode) are properties of a key, so we have to create a copy of the key for | 49 // mode) are properties of a key, so we have to create a copy of the key for |
| 49 // the Encryptor. See the Remarks section of the CryptEncrypt MSDN page. | 50 // the Encryptor. See the Remarks section of the CryptEncrypt MSDN page. |
| 50 BOOL ok = CryptDuplicateKey(key->key(), NULL, 0, capi_key_.receive()); | 51 BOOL ok = CryptDuplicateKey(key->key(), NULL, 0, capi_key_.receive()); |
| 51 if (!ok) | 52 if (!ok) |
| 52 return false; | 53 return false; |
| 53 | 54 |
| 54 // CRYPT_MODE_CBC is the default for Microsoft Base Cryptographic Provider, | 55 // CRYPT_MODE_CBC is the default for Microsoft Base Cryptographic Provider, |
| 55 // but we set it anyway to be safe. | 56 // but we set it anyway to be safe. |
| (...skipping 19 matching lines...) Expand all Loading... |
| 75 ok = CryptSetKeyParam(capi_key_.get(), KP_PADDING, | 76 ok = CryptSetKeyParam(capi_key_.get(), KP_PADDING, |
| 76 reinterpret_cast<BYTE*>(&padding_method), 0); | 77 reinterpret_cast<BYTE*>(&padding_method), 0); |
| 77 if (!ok) | 78 if (!ok) |
| 78 return false; | 79 return false; |
| 79 | 80 |
| 80 return true; | 81 return true; |
| 81 } | 82 } |
| 82 | 83 |
| 83 bool Encryptor::Encrypt(const base::StringPiece& plaintext, | 84 bool Encryptor::Encrypt(const base::StringPiece& plaintext, |
| 84 std::string* ciphertext) { | 85 std::string* ciphertext) { |
| 86 if (plaintext.empty() && mode_ != CBC) |
| 87 return false; |
| 88 |
| 85 DWORD data_len = plaintext.size(); | 89 DWORD data_len = plaintext.size(); |
| 86 CHECK((data_len > 0u) || (mode_ == CBC)); | |
| 87 DWORD total_len = data_len + block_size_; | 90 DWORD total_len = data_len + block_size_; |
| 88 CHECK_GT(total_len, 0u); | 91 if (total_len == 0 || total_len + 1 < data_len) |
| 89 CHECK_GT(total_len + 1, data_len); | 92 return false; |
| 90 | 93 |
| 91 // CryptoAPI encrypts/decrypts in place. | 94 // CryptoAPI encrypts/decrypts in place. |
| 92 char* ciphertext_data = WriteInto(ciphertext, total_len + 1); | 95 char* output_data = WriteInto(ciphertext, total_len + 1); |
| 93 memcpy(ciphertext_data, plaintext.data(), data_len); | 96 memcpy(output_data, plaintext.data(), data_len); |
| 94 | 97 |
| 95 BOOL ok = CryptEncrypt(capi_key_.get(), NULL, TRUE, 0, | 98 BOOL ok = CryptEncrypt(capi_key_.get(), NULL, TRUE, 0, |
| 96 reinterpret_cast<BYTE*>(ciphertext_data), &data_len, | 99 reinterpret_cast<BYTE*>(output_data), &data_len, |
| 97 total_len); | 100 total_len); |
| 98 if (!ok) { | 101 if (!ok) |
| 99 ciphertext->clear(); | |
| 100 return false; | 102 return false; |
| 101 } | |
| 102 | 103 |
| 103 ciphertext->resize(data_len); | 104 ciphertext->resize(data_len); |
| 104 return true; | 105 return true; |
| 105 } | 106 } |
| 106 | 107 |
| 107 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, | 108 bool Encryptor::Decrypt(const base::StringPiece& ciphertext, |
| 108 std::string* plaintext) { | 109 std::string* plaintext) { |
| 109 DWORD data_len = ciphertext.size(); | 110 DWORD data_len = ciphertext.size(); |
| 110 CHECK_GT(data_len, 0u); | 111 if (data_len == 0 || data_len + 1 < data_len) |
| 111 CHECK_GT(data_len + 1, data_len); | 112 return false; |
| 112 | 113 |
| 113 // CryptoAPI encrypts/decrypts in place. | 114 // CryptoAPI encrypts/decrypts in place. |
| 114 char* plaintext_data = WriteInto(plaintext, data_len + 1); | 115 char* output_data = WriteInto(plaintext, data_len + 1); |
| 115 memcpy(plaintext_data, ciphertext.data(), data_len); | 116 memcpy(output_data, ciphertext.data(), data_len); |
| 116 | 117 |
| 117 BOOL ok = CryptDecrypt(capi_key_.get(), NULL, TRUE, 0, | 118 BOOL ok = CryptDecrypt(capi_key_.get(), NULL, TRUE, 0, |
| 118 reinterpret_cast<BYTE*>(plaintext_data), &data_len); | 119 reinterpret_cast<BYTE*>(output_data), &data_len); |
| 119 if (!ok) { | 120 if (!ok) |
| 120 plaintext->clear(); | |
| 121 return false; | 121 return false; |
| 122 } | |
| 123 | 122 |
| 124 plaintext->resize(data_len); | 123 plaintext->resize(data_len); |
| 125 return true; | 124 return true; |
| 126 } | 125 } |
| 127 | 126 |
| 128 } // namespace crypto | 127 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8511050:
Unify the error checking of crypto::Encryptor and add WARN_UNUSED_RESULT to prevent misuse. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src