Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(299)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/webcrypto/algorithms/aes_cbc.cc

Issue 2528243002: Fix silent truncations when extracting values from CheckedNumeric (Closed)
Patch Set: compile fix Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/utility/safe_browsing/mac/udif.cc ('k') | components/webcrypto/algorithms/aes_ctr.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1
1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 3 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 4 // found in the LICENSE file.
4 5
5 #include <stddef.h> 6 #include <stddef.h>
6 #include <stdint.h> 7 #include <stdint.h>
7 8
8 #include "base/logging.h" 9 #include "base/logging.h"
9 #include "base/memory/ptr_util.h" 10 #include "base/memory/ptr_util.h"
10 #include "base/numerics/safe_math.h" 11 #include "base/numerics/safe_math.h"
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
48 return Status::ErrorIncorrectSizeAesCbcIv(); 49 return Status::ErrorIncorrectSizeAesCbcIv();
49 50
50 // According to the openssl docs, the amount of data written may be as large 51 // According to the openssl docs, the amount of data written may be as large
51 // as (data_size + cipher_block_size - 1), constrained to a multiple of 52 // as (data_size + cipher_block_size - 1), constrained to a multiple of
52 // cipher_block_size. 53 // cipher_block_size.
53 base::CheckedNumeric<int> output_max_len = data.byte_length(); 54 base::CheckedNumeric<int> output_max_len = data.byte_length();
54 output_max_len += AES_BLOCK_SIZE - 1; 55 output_max_len += AES_BLOCK_SIZE - 1;
55 if (!output_max_len.IsValid()) 56 if (!output_max_len.IsValid())
56 return Status::ErrorDataTooLarge(); 57 return Status::ErrorDataTooLarge();
57 58
58 const unsigned remainder = output_max_len.ValueOrDie() % AES_BLOCK_SIZE; 59 const unsigned remainder =
60 base::ValueOrDieForType<unsigned>(output_max_len % AES_BLOCK_SIZE);
59 if (remainder != 0) 61 if (remainder != 0)
60 output_max_len += AES_BLOCK_SIZE - remainder; 62 output_max_len += AES_BLOCK_SIZE - remainder;
61 if (!output_max_len.IsValid()) 63 if (!output_max_len.IsValid())
62 return Status::ErrorDataTooLarge(); 64 return Status::ErrorDataTooLarge();
63 65
64 // Note: PKCS padding is enabled by default 66 // Note: PKCS padding is enabled by default
65 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(raw_key.size()); 67 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(raw_key.size());
66 DCHECK(cipher); 68 DCHECK(cipher);
67 69
68 bssl::ScopedEVP_CIPHER_CTX context; 70 bssl::ScopedEVP_CIPHER_CTX context;
69 if (!EVP_CipherInit_ex(context.get(), cipher, NULL, &raw_key[0], 71 if (!EVP_CipherInit_ex(context.get(), cipher, NULL, &raw_key[0],
70 params->iv().data(), cipher_operation)) { 72 params->iv().data(), cipher_operation)) {
71 return Status::OperationError(); 73 return Status::OperationError();
72 } 74 }
73 75
74 buffer->resize(output_max_len.ValueOrDie()); 76 buffer->resize(base::ValueOrDieForType<size_t>(output_max_len));
75 77
76 int output_len = 0; 78 int output_len = 0;
77 if (!EVP_CipherUpdate(context.get(), buffer->data(), &output_len, 79 if (!EVP_CipherUpdate(context.get(), buffer->data(), &output_len,
78 data.bytes(), data.byte_length())) { 80 data.bytes(), data.byte_length())) {
79 return Status::OperationError(); 81 return Status::OperationError();
80 } 82 }
81 int final_output_chunk_len = 0; 83 int final_output_chunk_len = 0;
82 if (!EVP_CipherFinal_ex(context.get(), buffer->data() + output_len, 84 if (!EVP_CipherFinal_ex(context.get(), buffer->data() + output_len,
83 &final_output_chunk_len)) { 85 &final_output_chunk_len)) {
84 return Status::OperationError(); 86 return Status::OperationError();
(...skipping 27 matching lines...) Expand all
112 } 114 }
113 }; 115 };
114 116
115 } // namespace 117 } // namespace
116 118
117 std::unique_ptr<AlgorithmImplementation> CreateAesCbcImplementation() { 119 std::unique_ptr<AlgorithmImplementation> CreateAesCbcImplementation() {
118 return base::WrapUnique(new AesCbcImplementation); 120 return base::WrapUnique(new AesCbcImplementation);
119 } 121 }
120 122
121 } // namespace webcrypto 123 } // namespace webcrypto
OLDNEW
« no previous file with comments | « chrome/utility/safe_browsing/mac/udif.cc ('k') | components/webcrypto/algorithms/aes_ctr.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698