OLD | NEW |
| (Empty) |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/gcm_driver/crypto/gcm_message_cryptographer.h" | |
6 | |
7 #include <pk11pub.h> | |
8 #include <secerr.h> | |
9 #include <stddef.h> | |
10 | |
11 #include "base/logging.h" | |
12 #include "base/numerics/safe_math.h" | |
13 #include "base/strings/string_util.h" | |
14 #include "crypto/scoped_nss_types.h" | |
15 | |
16 namespace gcm { | |
17 | |
18 bool GCMMessageCryptographer::EncryptDecryptRecordInternal( | |
19 Mode mode, | |
20 const base::StringPiece& input, | |
21 const base::StringPiece& key, | |
22 const base::StringPiece& nonce, | |
23 std::string* output) const { | |
24 DCHECK(output); | |
25 | |
26 SECItem key_item; | |
27 key_item.type = siBuffer; | |
28 key_item.data = const_cast<unsigned char*>( | |
29 reinterpret_cast<const unsigned char*>(key.data())); | |
30 key_item.len = key.size(); | |
31 | |
32 const CK_ATTRIBUTE_TYPE cka_mode = mode == ENCRYPT ? CKA_ENCRYPT | |
33 : CKA_DECRYPT; | |
34 | |
35 crypto::ScopedPK11Slot slot(PK11_GetInternalSlot()); | |
36 crypto::ScopedPK11SymKey aead_key( | |
37 PK11_ImportSymKey(slot.get(), CKM_AES_GCM, PK11_OriginUnwrap, cka_mode, | |
38 &key_item, nullptr)); | |
39 | |
40 CK_GCM_PARAMS gcm_params; | |
41 gcm_params.pIv = const_cast<unsigned char*>( | |
42 reinterpret_cast<const unsigned char*>(nonce.data())); | |
43 gcm_params.ulIvLen = nonce.size(); | |
44 | |
45 gcm_params.pAAD = nullptr; | |
46 gcm_params.ulAADLen = 0; | |
47 | |
48 gcm_params.ulTagBits = kAuthenticationTagBytes * 8; | |
49 | |
50 SECItem param; | |
51 param.type = siBuffer; | |
52 param.data = reinterpret_cast<unsigned char*>(&gcm_params); | |
53 param.len = sizeof(gcm_params); | |
54 | |
55 base::CheckedNumeric<size_t> maximum_output_length(input.size()); | |
56 if (mode == ENCRYPT) | |
57 maximum_output_length += kAuthenticationTagBytes; | |
58 | |
59 // WriteInto requires the buffer to finish with a NULL-byte. | |
60 maximum_output_length += 1; | |
61 | |
62 unsigned int output_length = 0; | |
63 unsigned char* raw_input = const_cast<unsigned char*>( | |
64 reinterpret_cast<const unsigned char*>(input.data())); | |
65 unsigned char* raw_output = reinterpret_cast<unsigned char*>( | |
66 base::WriteInto(output, maximum_output_length.ValueOrDie())); | |
67 | |
68 if (mode == ENCRYPT) { | |
69 if (PK11_Encrypt(aead_key.get(), CKM_AES_GCM, ¶m, raw_output, | |
70 &output_length, output->size(), raw_input, | |
71 input.size()) != SECSuccess) { | |
72 return false; | |
73 } | |
74 } else { | |
75 if (PK11_Decrypt(aead_key.get(), CKM_AES_GCM, ¶m, raw_output, | |
76 &output_length, output->size(), raw_input, | |
77 input.size()) != SECSuccess) { | |
78 return false; | |
79 } | |
80 } | |
81 | |
82 base::CheckedNumeric<size_t> expected_output_length(input.size()); | |
83 if (mode == ENCRYPT) | |
84 expected_output_length += kAuthenticationTagBytes; | |
85 else | |
86 expected_output_length -= kAuthenticationTagBytes; | |
87 | |
88 DCHECK_EQ(expected_output_length.ValueOrDie(), output_length); | |
89 | |
90 output->resize(output_length); | |
91 return true; | |
92 } | |
93 | |
94 } // namespace gcm | |
OLD | NEW |