OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/platform_crypto.h" | 5 #include "content/child/webcrypto/platform_crypto.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 #include <openssl/aes.h> | 8 #include <openssl/aes.h> |
9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
10 #include <openssl/hmac.h> | 10 #include <openssl/hmac.h> |
11 #include <openssl/rand.h> | 11 #include <openssl/rand.h> |
12 #include <openssl/sha.h> | 12 #include <openssl/sha.h> |
13 | 13 |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
16 #include "content/child/webcrypto/crypto_data.h" | 16 #include "content/child/webcrypto/crypto_data.h" |
17 #include "content/child/webcrypto/status.h" | 17 #include "content/child/webcrypto/status.h" |
18 #include "content/child/webcrypto/webcrypto_util.h" | 18 #include "content/child/webcrypto/webcrypto_util.h" |
19 #include "crypto/openssl_util.h" | 19 #include "crypto/openssl_util.h" |
| 20 #include "crypto/scoped_openssl_types.h" |
20 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 21 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
21 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 22 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
22 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 23 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
23 | 24 |
24 namespace content { | 25 namespace content { |
25 | 26 |
26 namespace webcrypto { | 27 namespace webcrypto { |
27 | 28 |
28 namespace platform { | 29 namespace platform { |
29 | 30 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
92 (mode == ENCRYPT) ? kDoEncrypt : kDoDecrypt; | 93 (mode == ENCRYPT) ? kDoEncrypt : kDoDecrypt; |
93 | 94 |
94 if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) { | 95 if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) { |
95 // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right | 96 // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right |
96 // now it doesn't make much difference since the one-shot API would end up | 97 // now it doesn't make much difference since the one-shot API would end up |
97 // blowing out the memory and crashing anyway. | 98 // blowing out the memory and crashing anyway. |
98 return Status::ErrorDataTooLarge(); | 99 return Status::ErrorDataTooLarge(); |
99 } | 100 } |
100 | 101 |
101 // Note: PKCS padding is enabled by default | 102 // Note: PKCS padding is enabled by default |
102 crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> context( | 103 scoped_ptr<EVP_CIPHER_CTX, |
103 EVP_CIPHER_CTX_new()); | 104 crypto::OpenSSLDestroyer<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> > |
| 105 context(EVP_CIPHER_CTX_new()); |
104 | 106 |
105 if (!context.get()) | 107 if (!context.get()) |
106 return Status::OperationError(); | 108 return Status::OperationError(); |
107 | 109 |
108 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(key->key().size()); | 110 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(key->key().size()); |
109 DCHECK(cipher); | 111 DCHECK(cipher); |
110 | 112 |
111 if (!EVP_CipherInit_ex(context.get(), | 113 if (!EVP_CipherInit_ex(context.get(), |
112 cipher, | 114 cipher, |
113 NULL, | 115 NULL, |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
226 DCHECK_LE(hash_expected_size, EVP_MAX_MD_SIZE); | 228 DCHECK_LE(hash_expected_size, EVP_MAX_MD_SIZE); |
227 | 229 |
228 if (!EVP_DigestFinal_ex(digest_context_.get(), result, result_size) || | 230 if (!EVP_DigestFinal_ex(digest_context_.get(), result, result_size) || |
229 static_cast<int>(*result_size) != hash_expected_size) | 231 static_cast<int>(*result_size) != hash_expected_size) |
230 return Status::OperationError(); | 232 return Status::OperationError(); |
231 | 233 |
232 return Status::Success(); | 234 return Status::Success(); |
233 } | 235 } |
234 | 236 |
235 bool initialized_; | 237 bool initialized_; |
236 crypto::ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> digest_context_; | 238 crypto::ScopedEVP_MD_CTX digest_context_; |
237 blink::WebCryptoAlgorithmId algorithm_id_; | 239 blink::WebCryptoAlgorithmId algorithm_id_; |
238 unsigned char result_[EVP_MAX_MD_SIZE]; | 240 unsigned char result_[EVP_MAX_MD_SIZE]; |
239 }; | 241 }; |
240 | 242 |
241 Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer) { | 243 Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer) { |
242 *buffer = key->key(); | 244 *buffer = key->key(); |
243 return Status::Success(); | 245 return Status::Success(); |
244 } | 246 } |
245 | 247 |
246 void Init() { crypto::EnsureOpenSSLInit(); } | 248 void Init() { crypto::EnsureOpenSSLInit(); } |
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
428 | 430 |
429 if (!EVP_AEAD_CTX_init(&ctx, | 431 if (!EVP_AEAD_CTX_init(&ctx, |
430 aead_alg, | 432 aead_alg, |
431 Uint8VectorStart(key->key()), | 433 Uint8VectorStart(key->key()), |
432 key->key().size(), | 434 key->key().size(), |
433 tag_length_bytes, | 435 tag_length_bytes, |
434 NULL)) { | 436 NULL)) { |
435 return Status::OperationError(); | 437 return Status::OperationError(); |
436 } | 438 } |
437 | 439 |
438 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup> ctx_cleanup(&ctx); | 440 scoped_ptr<EVP_AEAD_CTX, |
| 441 crypto::OpenSSLDestroyer<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup> > |
| 442 ctx_cleanup(&ctx); |
439 | 443 |
440 ssize_t len; | 444 ssize_t len; |
441 | 445 |
442 if (mode == DECRYPT) { | 446 if (mode == DECRYPT) { |
443 if (data.byte_length() < tag_length_bytes) | 447 if (data.byte_length() < tag_length_bytes) |
444 return Status::ErrorDataTooSmall(); | 448 return Status::ErrorDataTooSmall(); |
445 | 449 |
446 buffer->resize(data.byte_length() - tag_length_bytes); | 450 buffer->resize(data.byte_length() - tag_length_bytes); |
447 | 451 |
448 len = EVP_AEAD_CTX_open(&ctx, | 452 len = EVP_AEAD_CTX_open(&ctx, |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
579 blink::WebCryptoKey* key) { | 583 blink::WebCryptoKey* key) { |
580 // TODO(eroman): http://crbug.com/267888 | 584 // TODO(eroman): http://crbug.com/267888 |
581 return false; | 585 return false; |
582 } | 586 } |
583 | 587 |
584 } // namespace platform | 588 } // namespace platform |
585 | 589 |
586 } // namespace webcrypto | 590 } // namespace webcrypto |
587 | 591 |
588 } // namespace content | 592 } // namespace content |
OLD | NEW |