OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/platform_crypto.h" | 5 #include "content/child/webcrypto/platform_crypto.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 #include <openssl/aes.h> | 8 #include <openssl/aes.h> |
9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
10 #include <openssl/hmac.h> | 10 #include <openssl/hmac.h> |
11 #include <openssl/rand.h> | 11 #include <openssl/rand.h> |
12 #include <openssl/sha.h> | 12 #include <openssl/sha.h> |
13 | 13 |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
16 #include "content/child/webcrypto/crypto_data.h" | 16 #include "content/child/webcrypto/crypto_data.h" |
17 #include "content/child/webcrypto/status.h" | 17 #include "content/child/webcrypto/status.h" |
18 #include "content/child/webcrypto/webcrypto_util.h" | 18 #include "content/child/webcrypto/webcrypto_util.h" |
19 #include "crypto/openssl_util.h" | 19 #include "crypto/openssl_util.h" |
| 20 #include "crypto/scoped_openssl_types.h" |
20 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 21 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
21 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 22 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
22 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 23 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
23 | 24 |
24 namespace content { | 25 namespace content { |
25 | 26 |
26 namespace webcrypto { | 27 namespace webcrypto { |
27 | 28 |
28 namespace platform { | 29 namespace platform { |
29 | 30 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
92 (mode == ENCRYPT) ? kDoEncrypt : kDoDecrypt; | 93 (mode == ENCRYPT) ? kDoEncrypt : kDoDecrypt; |
93 | 94 |
94 if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) { | 95 if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) { |
95 // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right | 96 // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right |
96 // now it doesn't make much difference since the one-shot API would end up | 97 // now it doesn't make much difference since the one-shot API would end up |
97 // blowing out the memory and crashing anyway. | 98 // blowing out the memory and crashing anyway. |
98 return Status::ErrorDataTooLarge(); | 99 return Status::ErrorDataTooLarge(); |
99 } | 100 } |
100 | 101 |
101 // Note: PKCS padding is enabled by default | 102 // Note: PKCS padding is enabled by default |
102 crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> context( | 103 crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>::Type context( |
103 EVP_CIPHER_CTX_new()); | 104 EVP_CIPHER_CTX_new()); |
104 | 105 |
105 if (!context.get()) | 106 if (!context.get()) |
106 return Status::OperationError(); | 107 return Status::OperationError(); |
107 | 108 |
108 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(key->key().size()); | 109 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(key->key().size()); |
109 DCHECK(cipher); | 110 DCHECK(cipher); |
110 | 111 |
111 if (!EVP_CipherInit_ex(context.get(), | 112 if (!EVP_CipherInit_ex(context.get(), |
112 cipher, | 113 cipher, |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
226 DCHECK_LE(hash_expected_size, EVP_MAX_MD_SIZE); | 227 DCHECK_LE(hash_expected_size, EVP_MAX_MD_SIZE); |
227 | 228 |
228 if (!EVP_DigestFinal_ex(digest_context_.get(), result, result_size) || | 229 if (!EVP_DigestFinal_ex(digest_context_.get(), result, result_size) || |
229 static_cast<int>(*result_size) != hash_expected_size) | 230 static_cast<int>(*result_size) != hash_expected_size) |
230 return Status::OperationError(); | 231 return Status::OperationError(); |
231 | 232 |
232 return Status::Success(); | 233 return Status::Success(); |
233 } | 234 } |
234 | 235 |
235 bool initialized_; | 236 bool initialized_; |
236 crypto::ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> digest_context_; | 237 crypto::ScopedEVP_MD_CTX digest_context_; |
237 blink::WebCryptoAlgorithmId algorithm_id_; | 238 blink::WebCryptoAlgorithmId algorithm_id_; |
238 unsigned char result_[EVP_MAX_MD_SIZE]; | 239 unsigned char result_[EVP_MAX_MD_SIZE]; |
239 }; | 240 }; |
240 | 241 |
241 Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer) { | 242 Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer) { |
242 *buffer = key->key(); | 243 *buffer = key->key(); |
243 return Status::Success(); | 244 return Status::Success(); |
244 } | 245 } |
245 | 246 |
246 void Init() { crypto::EnsureOpenSSLInit(); } | 247 void Init() { crypto::EnsureOpenSSLInit(); } |
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
428 | 429 |
429 if (!EVP_AEAD_CTX_init(&ctx, | 430 if (!EVP_AEAD_CTX_init(&ctx, |
430 aead_alg, | 431 aead_alg, |
431 Uint8VectorStart(key->key()), | 432 Uint8VectorStart(key->key()), |
432 key->key().size(), | 433 key->key().size(), |
433 tag_length_bytes, | 434 tag_length_bytes, |
434 NULL)) { | 435 NULL)) { |
435 return Status::OperationError(); | 436 return Status::OperationError(); |
436 } | 437 } |
437 | 438 |
438 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup> ctx_cleanup(&ctx); | 439 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup>::Type ctx_cleanup( |
| 440 &ctx); |
439 | 441 |
440 ssize_t len; | 442 ssize_t len; |
441 | 443 |
442 if (mode == DECRYPT) { | 444 if (mode == DECRYPT) { |
443 if (data.byte_length() < tag_length_bytes) | 445 if (data.byte_length() < tag_length_bytes) |
444 return Status::ErrorDataTooSmall(); | 446 return Status::ErrorDataTooSmall(); |
445 | 447 |
446 buffer->resize(data.byte_length() - tag_length_bytes); | 448 buffer->resize(data.byte_length() - tag_length_bytes); |
447 | 449 |
448 len = EVP_AEAD_CTX_open(&ctx, | 450 len = EVP_AEAD_CTX_open(&ctx, |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
579 blink::WebCryptoKey* key) { | 581 blink::WebCryptoKey* key) { |
580 // TODO(eroman): http://crbug.com/267888 | 582 // TODO(eroman): http://crbug.com/267888 |
581 return false; | 583 return false; |
582 } | 584 } |
583 | 585 |
584 } // namespace platform | 586 } // namespace platform |
585 | 587 |
586 } // namespace webcrypto | 588 } // namespace webcrypto |
587 | 589 |
588 } // namespace content | 590 } // namespace content |
OLD | NEW |