Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / chromium_org / ba1358b4f36b4f9ab67310ac2dc3eae207e4e8a5 / . / crypto / encryptor_openssl.cc
blob: 0bf96b79df2df6da140a51e9ed73330e077b8273 [file] [log] [blame]
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "crypto/encryptor.h"
6
7#include <openssl/aes.h>
8#include <openssl/evp.h>
9
10#include "base/logging.h"
Torne (Richard Coles)868fa2f2013-06-11 10:57:03 +0100[diff] [blame]11#include "base/strings/string_util.h"
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]12#include "crypto/openssl_util.h"
13#include "crypto/symmetric_key.h"
14
15namespace crypto {
16
17namespace {
18
19const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) {
20 switch (key->key().length()) {
21 case 16: return EVP_aes_128_cbc();
22 case 24: return EVP_aes_192_cbc();
23 case 32: return EVP_aes_256_cbc();
24 default: return NULL;
25 }
26}
27
28// On destruction this class will cleanup the ctx, and also clear the OpenSSL
29// ERR stack as a convenience.
30class ScopedCipherCTX {
31 public:
32 explicit ScopedCipherCTX() {
33 EVP_CIPHER_CTX_init(&ctx_);
34 }
35 ~ScopedCipherCTX() {
36 EVP_CIPHER_CTX_cleanup(&ctx_);
37 ClearOpenSSLERRStack(FROM_HERE);
38 }
39 EVP_CIPHER_CTX* get() { return &ctx_; }
40
41 private:
42 EVP_CIPHER_CTX ctx_;
43};
44
45} // namespace
46
47Encryptor::Encryptor()
48 : key_(NULL),
49 mode_(CBC) {
50}
51
52Encryptor::~Encryptor() {
53}
54
55bool Encryptor::Init(SymmetricKey* key,
56 Mode mode,
57 const base::StringPiece& iv) {
58 DCHECK(key);
Torne (Richard Coles)7d4cd472013-06-19 11:58:07 +0100[diff] [blame]59 DCHECK(mode == CBC || mode == CTR);
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]60
61 EnsureOpenSSLInit();
Torne (Richard Coles)7d4cd472013-06-19 11:58:07 +0100[diff] [blame]62 if (mode == CBC && iv.size() != AES_BLOCK_SIZE)
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]63 return false;
64
65 if (GetCipherForKey(key) == NULL)
66 return false;
67
68 key_ = key;
69 mode_ = mode;
70 iv.CopyToString(&iv_);
71 return true;
72}
73
74bool Encryptor::Encrypt(const base::StringPiece& plaintext,
75 std::string* ciphertext) {
76 CHECK(!plaintext.empty() || (mode_ == CBC));
Torne (Richard Coles)7d4cd472013-06-19 11:58:07 +0100[diff] [blame]77 return (mode_ == CTR) ?
78 CryptCTR(true, plaintext, ciphertext) :
79 Crypt(true, plaintext, ciphertext);
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]80}
81
82bool Encryptor::Decrypt(const base::StringPiece& ciphertext,
83 std::string* plaintext) {
84 CHECK(!ciphertext.empty());
Torne (Richard Coles)7d4cd472013-06-19 11:58:07 +0100[diff] [blame]85 return (mode_ == CTR) ?
86 CryptCTR(false, ciphertext, plaintext) :
87 Crypt(false, ciphertext, plaintext);
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]88}
89
90bool Encryptor::Crypt(bool do_encrypt,
91 const base::StringPiece& input,
92 std::string* output) {
93 DCHECK(key_); // Must call Init() before En/De-crypt.
94 // Work on the result in a local variable, and then only transfer it to
95 // |output| on success to ensure no partial data is returned.
96 std::string result;
97 output->clear();
98
99 const EVP_CIPHER* cipher = GetCipherForKey(key_);
100 DCHECK(cipher); // Already handled in Init();
101
102 const std::string& key = key_->key();
103 DCHECK_EQ(EVP_CIPHER_iv_length(cipher), static_cast<int>(iv_.length()));
104 DCHECK_EQ(EVP_CIPHER_key_length(cipher), static_cast<int>(key.length()));
105
106 ScopedCipherCTX ctx;
107 if (!EVP_CipherInit_ex(ctx.get(), cipher, NULL,
108 reinterpret_cast<const uint8*>(key.data()),
109 reinterpret_cast<const uint8*>(iv_.data()),
110 do_encrypt))
111 return false;
112
113 // When encrypting, add another block size of space to allow for any padding.
114 const size_t output_size = input.size() + (do_encrypt ? iv_.size() : 0);
115 CHECK_GT(output_size, 0u);
116 CHECK_GT(output_size + 1, input.size());
117 uint8* out_ptr = reinterpret_cast<uint8*>(WriteInto(&result,
118 output_size + 1));
119 int out_len;
120 if (!EVP_CipherUpdate(ctx.get(), out_ptr, &out_len,
121 reinterpret_cast<const uint8*>(input.data()),
122 input.length()))
123 return false;
124
125 // Write out the final block plus padding (if any) to the end of the data
126 // just written.
127 int tail_len;
128 if (!EVP_CipherFinal_ex(ctx.get(), out_ptr + out_len, &tail_len))
129 return false;
130
131 out_len += tail_len;
132 DCHECK_LE(out_len, static_cast<int>(output_size));
133 result.resize(out_len);
134
135 output->swap(result);
136 return true;
137}
138
Torne (Richard Coles)7d4cd472013-06-19 11:58:07 +0100[diff] [blame]139bool Encryptor::CryptCTR(bool do_encrypt,
140 const base::StringPiece& input,
141 std::string* output) {
142 if (!counter_.get()) {
143 LOG(ERROR) << "Counter value not set in CTR mode.";
144 return false;
145 }
146
147 AES_KEY aes_key;
148 if (AES_set_encrypt_key(reinterpret_cast<const uint8*>(key_->key().data()),
149 key_->key().size() * 8, &aes_key) != 0) {
150 return false;
151 }
152
153 const size_t out_size = input.size();
154 CHECK_GT(out_size, 0u);
155 CHECK_GT(out_size + 1, input.size());
156
157 std::string result;
158 uint8* out_ptr = reinterpret_cast<uint8*>(WriteInto(&result, out_size + 1));
159
160 uint8_t ivec[AES_BLOCK_SIZE] = { 0 };
161 uint8_t ecount_buf[AES_BLOCK_SIZE] = { 0 };
162 unsigned int block_offset = 0;
163
164 counter_->Write(ivec);
165
166 AES_ctr128_encrypt(reinterpret_cast<const uint8*>(input.data()), out_ptr,
167 input.size(), &aes_key, ivec, ecount_buf, &block_offset);
168
169 // AES_ctr128_encrypt() updates |ivec|. Update the |counter_| here.
170 SetCounter(base::StringPiece(reinterpret_cast<const char*>(ivec),
171 AES_BLOCK_SIZE));
172
173 output->swap(result);
174 return true;
175}
176
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]177} // namespace crypto