| Index: content/child/webcrypto/nss/aes_cbc_nss.cc
|
| diff --git a/content/child/webcrypto/nss/aes_cbc_nss.cc b/content/child/webcrypto/nss/aes_cbc_nss.cc
|
| deleted file mode 100644
|
| index bac7c9643689f9ea52a495526f1016bb95ea4cd5..0000000000000000000000000000000000000000
|
| --- a/content/child/webcrypto/nss/aes_cbc_nss.cc
|
| +++ /dev/null
|
| @@ -1,126 +0,0 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include <cryptohi.h>
|
| -
|
| -#include "content/child/webcrypto/crypto_data.h"
|
| -#include "content/child/webcrypto/nss/aes_key_nss.h"
|
| -#include "content/child/webcrypto/nss/key_nss.h"
|
| -#include "content/child/webcrypto/nss/util_nss.h"
|
| -#include "content/child/webcrypto/status.h"
|
| -#include "content/child/webcrypto/webcrypto_util.h"
|
| -#include "crypto/scoped_nss_types.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
|
| -
|
| -namespace content {
|
| -
|
| -namespace webcrypto {
|
| -
|
| -namespace {
|
| -
|
| -Status AesCbcEncryptDecrypt(EncryptOrDecrypt mode,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| - CryptoData iv(params->iv().data(), params->iv().size());
|
| - if (iv.byte_length() != 16)
|
| - return Status::ErrorIncorrectSizeAesCbcIv();
|
| -
|
| - PK11SymKey* sym_key = SymKeyNss::Cast(key)->key();
|
| -
|
| - CK_ATTRIBUTE_TYPE operation = (mode == ENCRYPT) ? CKA_ENCRYPT : CKA_DECRYPT;
|
| -
|
| - SECItem iv_item = MakeSECItemForBuffer(iv);
|
| -
|
| - crypto::ScopedSECItem param(PK11_ParamFromIV(CKM_AES_CBC_PAD, &iv_item));
|
| - if (!param)
|
| - return Status::OperationError();
|
| -
|
| - crypto::ScopedPK11Context context(PK11_CreateContextBySymKey(
|
| - CKM_AES_CBC_PAD, operation, sym_key, param.get()));
|
| -
|
| - if (!context.get())
|
| - return Status::OperationError();
|
| -
|
| - // Oddly PK11_CipherOp takes input and output lengths as "int" rather than
|
| - // "unsigned int". Do some checks now to avoid integer overflowing.
|
| - if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) {
|
| - // TODO(eroman): Handle this by chunking the input fed into NSS. Right now
|
| - // it doesn't make much difference since the one-shot API would end up
|
| - // blowing out the memory and crashing anyway.
|
| - return Status::ErrorDataTooLarge();
|
| - }
|
| -
|
| - // PK11_CipherOp does an invalid memory access when given empty decryption
|
| - // input, or input which is not a multiple of the block size. See also
|
| - // https://bugzilla.mozilla.com/show_bug.cgi?id=921687.
|
| - if (operation == CKA_DECRYPT &&
|
| - (data.byte_length() == 0 || (data.byte_length() % AES_BLOCK_SIZE != 0))) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - // TODO(eroman): Refine the output buffer size. It can be computed exactly for
|
| - // encryption, and can be smaller for decryption.
|
| - unsigned int output_max_len = data.byte_length() + AES_BLOCK_SIZE;
|
| - CHECK_GT(output_max_len, data.byte_length());
|
| -
|
| - buffer->resize(output_max_len);
|
| -
|
| - unsigned char* buffer_data = Uint8VectorStart(buffer);
|
| -
|
| - int output_len;
|
| - if (SECSuccess != PK11_CipherOp(context.get(),
|
| - buffer_data,
|
| - &output_len,
|
| - buffer->size(),
|
| - data.bytes(),
|
| - data.byte_length())) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - unsigned int final_output_chunk_len;
|
| - if (SECSuccess != PK11_DigestFinal(context.get(),
|
| - buffer_data + output_len,
|
| - &final_output_chunk_len,
|
| - output_max_len - output_len)) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - buffer->resize(final_output_chunk_len + output_len);
|
| - return Status::Success();
|
| -}
|
| -
|
| -class AesCbcImplementation : public AesAlgorithm {
|
| - public:
|
| - AesCbcImplementation() : AesAlgorithm(CKM_AES_CBC, "CBC") {}
|
| -
|
| - virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) const OVERRIDE {
|
| - return AesCbcEncryptDecrypt(ENCRYPT, algorithm, key, data, buffer);
|
| - }
|
| -
|
| - virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) const OVERRIDE {
|
| - return AesCbcEncryptDecrypt(DECRYPT, algorithm, key, data, buffer);
|
| - }
|
| -};
|
| -
|
| -} // namespace
|
| -
|
| -AlgorithmImplementation* CreatePlatformAesCbcImplementation() {
|
| - return new AesCbcImplementation;
|
| -}
|
| -
|
| -} // namespace webcrypto
|
| -
|
| -} // namespace content
|
|
|
Chromium Code Reviews
Issue 401983002:
Revert 284192 due to a failing test. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src