| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
| 6 | 6 |
| 7 #include <openssl/aes.h> | 7 #include <openssl/aes.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 #include <stddef.h> | 9 #include <stddef.h> |
| 10 #include <stdint.h> | 10 #include <stdint.h> |
| 11 | 11 |
| 12 #include "base/logging.h" | 12 #include "base/logging.h" |
| 13 #include "base/strings/string_util.h" | 13 #include "base/strings/string_util.h" |
| 14 #include "base/sys_byteorder.h" | 14 #include "base/sys_byteorder.h" |
| 15 #include "crypto/openssl_util.h" | 15 #include "crypto/openssl_util.h" |
| 16 #include "crypto/symmetric_key.h" | 16 #include "crypto/symmetric_key.h" |
| 17 | 17 |
| 18 namespace crypto { | 18 namespace crypto { |
| 19 | 19 |
| 20 namespace { | 20 namespace { |
| 21 | 21 |
| 22 const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) { | 22 const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) { |
| 23 switch (key->key().length()) { | 23 switch (key->key().length()) { |
| 24 case 16: return EVP_aes_128_cbc(); | 24 case 16: return EVP_aes_128_cbc(); |
| 25 case 32: return EVP_aes_256_cbc(); | 25 case 32: return EVP_aes_256_cbc(); |
| 26 default: return NULL; | 26 default: |
| 27 return nullptr; |
| 27 } | 28 } |
| 28 } | 29 } |
| 29 | 30 |
| 30 // On destruction this class will cleanup the ctx, and also clear the OpenSSL | 31 // On destruction this class will cleanup the ctx, and also clear the OpenSSL |
| 31 // ERR stack as a convenience. | 32 // ERR stack as a convenience. |
| 32 class ScopedCipherCTX { | 33 class ScopedCipherCTX { |
| 33 public: | 34 public: |
| 34 explicit ScopedCipherCTX() { | 35 explicit ScopedCipherCTX() { |
| 35 EVP_CIPHER_CTX_init(&ctx_); | 36 EVP_CIPHER_CTX_init(&ctx_); |
| 36 } | 37 } |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 77 memcpy(buf_ptr, &counter_, sizeof(counter_)); | 78 memcpy(buf_ptr, &counter_, sizeof(counter_)); |
| 78 } | 79 } |
| 79 | 80 |
| 80 size_t Encryptor::Counter::GetLengthInBytes() const { | 81 size_t Encryptor::Counter::GetLengthInBytes() const { |
| 81 return sizeof(counter_); | 82 return sizeof(counter_); |
| 82 } | 83 } |
| 83 | 84 |
| 84 ///////////////////////////////////////////////////////////////////////////// | 85 ///////////////////////////////////////////////////////////////////////////// |
| 85 // Encryptor Implementation. | 86 // Encryptor Implementation. |
| 86 | 87 |
| 87 Encryptor::Encryptor() | 88 Encryptor::Encryptor() : key_(nullptr), mode_(CBC) {} |
| 88 : key_(NULL), | |
| 89 mode_(CBC) { | |
| 90 } | |
| 91 | 89 |
| 92 Encryptor::~Encryptor() { | 90 Encryptor::~Encryptor() { |
| 93 } | 91 } |
| 94 | 92 |
| 95 bool Encryptor::Init(SymmetricKey* key, | 93 bool Encryptor::Init(SymmetricKey* key, |
| 96 Mode mode, | 94 Mode mode, |
| 97 const base::StringPiece& iv) { | 95 const base::StringPiece& iv) { |
| 98 DCHECK(key); | 96 DCHECK(key); |
| 99 DCHECK(mode == CBC || mode == CTR); | 97 DCHECK(mode == CBC || mode == CTR); |
| 100 | 98 |
| 101 EnsureOpenSSLInit(); | 99 EnsureOpenSSLInit(); |
| 102 if (mode == CBC && iv.size() != AES_BLOCK_SIZE) | 100 if (mode == CBC && iv.size() != AES_BLOCK_SIZE) |
| 103 return false; | 101 return false; |
| 104 | 102 |
| 105 if (GetCipherForKey(key) == NULL) | 103 if (GetCipherForKey(key) == nullptr) |
| 106 return false; | 104 return false; |
| 107 | 105 |
| 108 key_ = key; | 106 key_ = key; |
| 109 mode_ = mode; | 107 mode_ = mode; |
| 110 iv.CopyToString(&iv_); | 108 iv.CopyToString(&iv_); |
| 111 return true; | 109 return true; |
| 112 } | 110 } |
| 113 | 111 |
| 114 bool Encryptor::Encrypt(const base::StringPiece& plaintext, | 112 bool Encryptor::Encrypt(const base::StringPiece& plaintext, |
| 115 std::string* ciphertext) { | 113 std::string* ciphertext) { |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 184 output->clear(); | 182 output->clear(); |
| 185 | 183 |
| 186 const EVP_CIPHER* cipher = GetCipherForKey(key_); | 184 const EVP_CIPHER* cipher = GetCipherForKey(key_); |
| 187 DCHECK(cipher); // Already handled in Init(); | 185 DCHECK(cipher); // Already handled in Init(); |
| 188 | 186 |
| 189 const std::string& key = key_->key(); | 187 const std::string& key = key_->key(); |
| 190 DCHECK_EQ(EVP_CIPHER_iv_length(cipher), iv_.length()); | 188 DCHECK_EQ(EVP_CIPHER_iv_length(cipher), iv_.length()); |
| 191 DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length()); | 189 DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length()); |
| 192 | 190 |
| 193 ScopedCipherCTX ctx; | 191 ScopedCipherCTX ctx; |
| 194 if (!EVP_CipherInit_ex( | 192 if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, |
| 195 ctx.get(), cipher, NULL, reinterpret_cast<const uint8_t*>(key.data()), | 193 reinterpret_cast<const uint8_t*>(key.data()), |
| 196 reinterpret_cast<const uint8_t*>(iv_.data()), do_encrypt)) | 194 reinterpret_cast<const uint8_t*>(iv_.data()), |
| 195 do_encrypt)) |
| 197 return false; | 196 return false; |
| 198 | 197 |
| 199 // When encrypting, add another block size of space to allow for any padding. | 198 // When encrypting, add another block size of space to allow for any padding. |
| 200 const size_t output_size = input.size() + (do_encrypt ? iv_.size() : 0); | 199 const size_t output_size = input.size() + (do_encrypt ? iv_.size() : 0); |
| 201 CHECK_GT(output_size, 0u); | 200 CHECK_GT(output_size, 0u); |
| 202 CHECK_GT(output_size + 1, input.size()); | 201 CHECK_GT(output_size + 1, input.size()); |
| 203 uint8_t* out_ptr = | 202 uint8_t* out_ptr = |
| 204 reinterpret_cast<uint8_t*>(base::WriteInto(&result, output_size + 1)); | 203 reinterpret_cast<uint8_t*>(base::WriteInto(&result, output_size + 1)); |
| 205 int out_len; | 204 int out_len; |
| 206 if (!EVP_CipherUpdate(ctx.get(), out_ptr, &out_len, | 205 if (!EVP_CipherUpdate(ctx.get(), out_ptr, &out_len, |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 255 | 254 |
| 256 // AES_ctr128_encrypt() updates |ivec|. Update the |counter_| here. | 255 // AES_ctr128_encrypt() updates |ivec|. Update the |counter_| here. |
| 257 SetCounter(base::StringPiece(reinterpret_cast<const char*>(ivec), | 256 SetCounter(base::StringPiece(reinterpret_cast<const char*>(ivec), |
| 258 AES_BLOCK_SIZE)); | 257 AES_BLOCK_SIZE)); |
| 259 | 258 |
| 260 output->swap(result); | 259 output->swap(result); |
| 261 return true; | 260 return true; |
| 262 } | 261 } |
| 263 | 262 |
| 264 } // namespace crypto | 263 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2095523002:
Make //crypto factories return std::unique_ptr<>s (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master