| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/platform_crypto.h" | 5 #include "content/child/webcrypto/platform_crypto.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 #include <openssl/aes.h> | 8 #include <openssl/aes.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 #include <openssl/hmac.h> | 10 #include <openssl/hmac.h> |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 46 | 46 |
| 47 private: | 47 private: |
| 48 const std::vector<unsigned char> key_; | 48 const std::vector<unsigned char> key_; |
| 49 | 49 |
| 50 DISALLOW_COPY_AND_ASSIGN(SymKey); | 50 DISALLOW_COPY_AND_ASSIGN(SymKey); |
| 51 }; | 51 }; |
| 52 | 52 |
| 53 namespace { | 53 namespace { |
| 54 | 54 |
| 55 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) { | 55 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) { |
| 56 // OpenSSL supports AES CBC ciphers for only 2 key lengths: 128, 256 bits | 56 // OpenSSL supports AES CBC ciphers for only 3 key lengths: 128, 192, 256 bits |
| 57 switch (key_length_bytes) { | 57 switch (key_length_bytes) { |
| 58 case 16: | 58 case 16: |
| 59 return EVP_aes_128_cbc(); | 59 return EVP_aes_128_cbc(); |
| 60 case 24: |
| 61 return EVP_aes_192_cbc(); |
| 60 case 32: | 62 case 32: |
| 61 return EVP_aes_256_cbc(); | 63 return EVP_aes_256_cbc(); |
| 62 default: | 64 default: |
| 63 return NULL; | 65 return NULL; |
| 64 } | 66 } |
| 65 } | 67 } |
| 66 | 68 |
| 67 const EVP_MD* GetDigest(blink::WebCryptoAlgorithmId id) { | 69 const EVP_MD* GetDigest(blink::WebCryptoAlgorithmId id) { |
| 68 switch (id) { | 70 switch (id) { |
| 69 case blink::WebCryptoAlgorithmIdSha1: | 71 case blink::WebCryptoAlgorithmIdSha1: |
| (...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 430 Uint8VectorStart(key->key()), | 432 Uint8VectorStart(key->key()), |
| 431 key->key().size(), | 433 key->key().size(), |
| 432 tag_length_bytes, | 434 tag_length_bytes, |
| 433 NULL)) { | 435 NULL)) { |
| 434 return Status::OperationError(); | 436 return Status::OperationError(); |
| 435 } | 437 } |
| 436 | 438 |
| 437 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup>::Type ctx_cleanup( | 439 crypto::ScopedOpenSSL<EVP_AEAD_CTX, EVP_AEAD_CTX_cleanup>::Type ctx_cleanup( |
| 438 &ctx); | 440 &ctx); |
| 439 | 441 |
| 440 size_t len; | 442 ssize_t len; |
| 441 int ok; | |
| 442 | 443 |
| 443 if (mode == DECRYPT) { | 444 if (mode == DECRYPT) { |
| 444 if (data.byte_length() < tag_length_bytes) | 445 if (data.byte_length() < tag_length_bytes) |
| 445 return Status::ErrorDataTooSmall(); | 446 return Status::ErrorDataTooSmall(); |
| 446 | 447 |
| 447 buffer->resize(data.byte_length() - tag_length_bytes); | 448 buffer->resize(data.byte_length() - tag_length_bytes); |
| 448 | 449 |
| 449 ok = EVP_AEAD_CTX_open(&ctx, | 450 len = EVP_AEAD_CTX_open(&ctx, |
| 450 Uint8VectorStart(buffer), | 451 Uint8VectorStart(buffer), |
| 451 &len, | 452 buffer->size(), |
| 452 buffer->size(), | 453 iv.bytes(), |
| 453 iv.bytes(), | 454 iv.byte_length(), |
| 454 iv.byte_length(), | 455 data.bytes(), |
| 455 data.bytes(), | 456 data.byte_length(), |
| 456 data.byte_length(), | 457 additional_data.bytes(), |
| 457 additional_data.bytes(), | 458 additional_data.byte_length()); |
| 458 additional_data.byte_length()); | |
| 459 } else { | 459 } else { |
| 460 // No need to check for unsigned integer overflow here (seal fails if | 460 // No need to check for unsigned integer overflow here (seal fails if |
| 461 // the output buffer is too small). | 461 // the output buffer is too small). |
| 462 buffer->resize(data.byte_length() + tag_length_bytes); | 462 buffer->resize(data.byte_length() + tag_length_bytes); |
| 463 | 463 |
| 464 ok = EVP_AEAD_CTX_seal(&ctx, | 464 len = EVP_AEAD_CTX_seal(&ctx, |
| 465 Uint8VectorStart(buffer), | 465 Uint8VectorStart(buffer), |
| 466 &len, | 466 buffer->size(), |
| 467 buffer->size(), | 467 iv.bytes(), |
| 468 iv.bytes(), | 468 iv.byte_length(), |
| 469 iv.byte_length(), | 469 data.bytes(), |
| 470 data.bytes(), | 470 data.byte_length(), |
| 471 data.byte_length(), | 471 additional_data.bytes(), |
| 472 additional_data.bytes(), | 472 additional_data.byte_length()); |
| 473 additional_data.byte_length()); | |
| 474 } | 473 } |
| 475 | 474 |
| 476 if (!ok) | 475 if (len < 0) |
| 477 return Status::OperationError(); | 476 return Status::OperationError(); |
| 478 buffer->resize(len); | 477 buffer->resize(len); |
| 479 return Status::Success(); | 478 return Status::Success(); |
| 480 } | 479 } |
| 481 | 480 |
| 482 Status EncryptRsaOaep(PublicKey* key, | 481 Status EncryptRsaOaep(PublicKey* key, |
| 483 const blink::WebCryptoAlgorithm& hash, | 482 const blink::WebCryptoAlgorithm& hash, |
| 484 const CryptoData& label, | 483 const CryptoData& label, |
| 485 const CryptoData& data, | 484 const CryptoData& data, |
| 486 std::vector<uint8>* buffer) { | 485 std::vector<uint8>* buffer) { |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 582 blink::WebCryptoKey* key) { | 581 blink::WebCryptoKey* key) { |
| 583 // TODO(eroman): http://crbug.com/267888 | 582 // TODO(eroman): http://crbug.com/267888 |
| 584 return false; | 583 return false; |
| 585 } | 584 } |
| 586 | 585 |
| 587 } // namespace platform | 586 } // namespace platform |
| 588 | 587 |
| 589 } // namespace webcrypto | 588 } // namespace webcrypto |
| 590 | 589 |
| 591 } // namespace content | 590 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 405503002:
Revert 283813 "Switch to BoringSSL." (Closed)
Base URL: svn://svn.chromium.org/chrome/