| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/platform_crypto.h" | 5 #include "content/child/webcrypto/platform_crypto.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 #include <openssl/aes.h> | 8 #include <openssl/aes.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 #include <openssl/hmac.h> | 10 #include <openssl/hmac.h> |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 46 | 46 |
| 47 private: | 47 private: |
| 48 const std::vector<unsigned char> key_; | 48 const std::vector<unsigned char> key_; |
| 49 | 49 |
| 50 DISALLOW_COPY_AND_ASSIGN(SymKey); | 50 DISALLOW_COPY_AND_ASSIGN(SymKey); |
| 51 }; | 51 }; |
| 52 | 52 |
| 53 namespace { | 53 namespace { |
| 54 | 54 |
| 55 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) { | 55 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) { |
| 56 // OpenSSL supports AES CBC ciphers for only 3 key lengths: 128, 192, 256 bits | 56 // OpenSSL supports AES CBC ciphers for only 2 key lengths: 128, 256 bits |
| 57 switch (key_length_bytes) { | 57 switch (key_length_bytes) { |
| 58 case 16: | 58 case 16: |
| 59 return EVP_aes_128_cbc(); | 59 return EVP_aes_128_cbc(); |
| 60 case 24: | |
| 61 return EVP_aes_192_cbc(); | |
| 62 case 32: | 60 case 32: |
| 63 return EVP_aes_256_cbc(); | 61 return EVP_aes_256_cbc(); |
| 64 default: | 62 default: |
| 65 return NULL; | 63 return NULL; |
| 66 } | 64 } |
| 67 } | 65 } |
| 68 | 66 |
| 69 const EVP_MD* GetDigest(blink::WebCryptoAlgorithmId id) { | 67 const EVP_MD* GetDigest(blink::WebCryptoAlgorithmId id) { |
| 70 switch (id) { | 68 switch (id) { |
| 71 case blink::WebCryptoAlgorithmIdSha1: | 69 case blink::WebCryptoAlgorithmIdSha1: |
| (...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 432 Uint8VectorStart(key->key()), | 430 Uint8VectorStart(key->key()), |
| 433 key->key().size(), | 431 key->key().size(), |
| 434 tag_length_bytes, | 432 tag_length_bytes, |
| 435 NULL)) { | 433 NULL)) { |
| 436 return Status::OperationError(); | 434 return Status::OperationError(); |
| 437 } | 435 } |
| 438 | 436 |
| 439 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup>::Type ctx_cleanup( | 437 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup>::Type ctx_cleanup( |
| 440 &ctx); | 438 &ctx); |
| 441 | 439 |
| 442 ssize_t len; | 440 size_t len; |
| 441 int ok; |
| 443 | 442 |
| 444 if (mode == DECRYPT) { | 443 if (mode == DECRYPT) { |
| 445 if (data.byte_length() < tag_length_bytes) | 444 if (data.byte_length() < tag_length_bytes) |
| 446 return Status::ErrorDataTooSmall(); | 445 return Status::ErrorDataTooSmall(); |
| 447 | 446 |
| 448 buffer->resize(data.byte_length() - tag_length_bytes); | 447 buffer->resize(data.byte_length() - tag_length_bytes); |
| 449 | 448 |
| 450 len = EVP_AEAD_CTX_open(&ctx, | 449 ok = EVP_AEAD_CTX_open(&ctx, |
| 451 Uint8VectorStart(buffer), | 450 Uint8VectorStart(buffer), |
| 452 buffer->size(), | 451 &len, |
| 453 iv.bytes(), | 452 buffer->size(), |
| 454 iv.byte_length(), | 453 iv.bytes(), |
| 455 data.bytes(), | 454 iv.byte_length(), |
| 456 data.byte_length(), | 455 data.bytes(), |
| 457 additional_data.bytes(), | 456 data.byte_length(), |
| 458 additional_data.byte_length()); | 457 additional_data.bytes(), |
| 458 additional_data.byte_length()); |
| 459 } else { | 459 } else { |
| 460 // No need to check for unsigned integer overflow here (seal fails if | 460 // No need to check for unsigned integer overflow here (seal fails if |
| 461 // the output buffer is too small). | 461 // the output buffer is too small). |
| 462 buffer->resize(data.byte_length() + tag_length_bytes); | 462 buffer->resize(data.byte_length() + tag_length_bytes); |
| 463 | 463 |
| 464 len = EVP_AEAD_CTX_seal(&ctx, | 464 ok = EVP_AEAD_CTX_seal(&ctx, |
| 465 Uint8VectorStart(buffer), | 465 Uint8VectorStart(buffer), |
| 466 buffer->size(), | 466 &len, |
| 467 iv.bytes(), | 467 buffer->size(), |
| 468 iv.byte_length(), | 468 iv.bytes(), |
| 469 data.bytes(), | 469 iv.byte_length(), |
| 470 data.byte_length(), | 470 data.bytes(), |
| 471 additional_data.bytes(), | 471 data.byte_length(), |
| 472 additional_data.byte_length()); | 472 additional_data.bytes(), |
| 473 additional_data.byte_length()); |
| 473 } | 474 } |
| 474 | 475 |
| 475 if (len < 0) | 476 if (!ok) |
| 476 return Status::OperationError(); | 477 return Status::OperationError(); |
| 477 buffer->resize(len); | 478 buffer->resize(len); |
| 478 return Status::Success(); | 479 return Status::Success(); |
| 479 } | 480 } |
| 480 | 481 |
| 481 Status EncryptRsaOaep(PublicKey* key, | 482 Status EncryptRsaOaep(PublicKey* key, |
| 482 const blink::WebCryptoAlgorithm& hash, | 483 const blink::WebCryptoAlgorithm& hash, |
| 483 const CryptoData& label, | 484 const CryptoData& label, |
| 484 const CryptoData& data, | 485 const CryptoData& data, |
| 485 std::vector<uint8>* buffer) { | 486 std::vector<uint8>* buffer) { |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 581 blink::WebCryptoKey* key) { | 582 blink::WebCryptoKey* key) { |
| 582 // TODO(eroman): http://crbug.com/267888 | 583 // TODO(eroman): http://crbug.com/267888 |
| 583 return false; | 584 return false; |
| 584 } | 585 } |
| 585 | 586 |
| 586 } // namespace platform | 587 } // namespace platform |
| 587 | 588 |
| 588 } // namespace webcrypto | 589 } // namespace webcrypto |
| 589 | 590 |
| 590 } // namespace content | 591 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
