• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include <cstring>  // memcpy
6 
7 #include <base/stl_util.h>
8 #include <base/strings/string_number_conversions.h>
9 
10 #include "brillo/secure_blob.h"
11 
12 namespace brillo {
13 
14 namespace {
15 
ConvertHexToBytes(char c,uint8_t * v)16 bool ConvertHexToBytes(char c, uint8_t* v) {
17   if (c >= '0' && c <='9')
18     *v = c - '0';
19   else if (c >= 'a' && c <= 'f')
20     *v = c - 'a' + 10;
21   else if (c >= 'A' && c <= 'F')
22     *v = c - 'A' + 10;
23   else
24     return false;
25 
26   return true;
27 }
28 
29 }  // namespace
30 
BlobToString(const Blob & blob)31 std::string BlobToString(const Blob& blob) {
32   return std::string(blob.begin(), blob.end());
33 }
34 
BlobFromString(const std::string & bytes)35 Blob BlobFromString(const std::string& bytes) {
36   return Blob(bytes.begin(), bytes.end());
37 }
38 
CombineBlobs(const std::initializer_list<Blob> & blobs)39 Blob CombineBlobs(const std::initializer_list<Blob>& blobs) {
40   size_t total_size = 0;
41   for (const auto& blob : blobs)
42     total_size += blob.size();
43   Blob concatenation;
44   concatenation.reserve(total_size);
45   for (const auto& blob : blobs)
46     concatenation.insert(concatenation.end(), blob.begin(), blob.end());
47   return concatenation;
48 }
49 
SecureBlob(const Blob & blob)50 SecureBlob::SecureBlob(const Blob& blob)
51     : SecureBlob(blob.begin(), blob.end()) {}
52 
SecureBlob(const std::string & data)53 SecureBlob::SecureBlob(const std::string& data)
54     : SecureBlob(data.begin(), data.end()) {}
55 
~SecureBlob()56 SecureBlob::~SecureBlob() {
57   clear();
58 }
59 
resize(size_type count)60 void SecureBlob::resize(size_type count) {
61   if (count < size()) {
62     SecureMemset(data() + count, 0, capacity() - count);
63   }
64   Blob::resize(count);
65 }
66 
resize(size_type count,const value_type & value)67 void SecureBlob::resize(size_type count, const value_type& value) {
68   if (count < size()) {
69     SecureMemset(data() + count, 0, capacity() - count);
70   }
71   Blob::resize(count, value);
72 }
73 
clear()74 void SecureBlob::clear() {
75   SecureMemset(data(), 0, capacity());
76   Blob::clear();
77 }
78 
to_string() const79 std::string SecureBlob::to_string() const {
80   return std::string(data(), data() + size());
81 }
82 
Combine(const SecureBlob & blob1,const SecureBlob & blob2)83 SecureBlob SecureBlob::Combine(const SecureBlob& blob1,
84                                const SecureBlob& blob2) {
85   SecureBlob result;
86   result.reserve(blob1.size() + blob2.size());
87   result.insert(result.end(), blob1.begin(), blob1.end());
88   result.insert(result.end(), blob2.begin(), blob2.end());
89   return result;
90 }
91 
HexStringToSecureBlob(const std::string & input,SecureBlob * output)92 bool SecureBlob::HexStringToSecureBlob(const std::string& input,
93                                        SecureBlob* output) {
94   // TODO(jorgelo,crbug.com/728047): Consider not using an intermediate
95   // std::vector here at all.
96   std::vector<uint8_t> temp;
97   if (!base::HexStringToBytes(input, &temp)) {
98     output->clear();
99     return false;
100   }
101   output->assign(temp.begin(), temp.end());
102   SecureMemset(temp.data(), 0, temp.capacity());
103   return true;
104 }
105 
SecureMemset(void * v,int c,size_t n)106 BRILLO_DISABLE_ASAN void* SecureMemset(void* v, int c, size_t n) {
107   volatile uint8_t* p = reinterpret_cast<volatile uint8_t*>(v);
108   while (n--)
109     *p++ = c;
110   return v;
111 }
112 
SecureMemcmp(const void * s1,const void * s2,size_t n)113 int SecureMemcmp(const void* s1, const void* s2, size_t n) {
114   const uint8_t* us1 = reinterpret_cast<const uint8_t*>(s1);
115   const uint8_t* us2 = reinterpret_cast<const uint8_t*>(s2);
116   int result = 0;
117 
118   if (0 == n)
119     return 1;
120 
121   /* Code snippet without data-dependent branch due to
122    * Nate Lawson (nate@root.org) of Root Labs. */
123   while (n--)
124     result |= *us1++ ^ *us2++;
125 
126   return result != 0;
127 }
128 
129 // base::HexEncode and base::HexStringToBytes use strings, which may leak
130 // contents. These functions are alternatives that keep all contents
131 // within secured memory.
SecureBlobToSecureHex(const SecureBlob & blob)132 SecureBlob SecureBlobToSecureHex(const SecureBlob& blob) {
133   std::string kHexChars("0123456789ABCDEF");
134   SecureBlob hex(blob.size() * 2, 0);
135   const char* blob_char_data = blob.char_data();
136 
137   // Each input byte creates two output hex characters.
138   for (size_t i = 0; i < blob.size(); ++i) {
139     hex[(i * 2)] = kHexChars[(blob_char_data[i] >> 4) & 0xf];
140     hex[(i * 2) + 1] = kHexChars[blob_char_data[i] & 0xf];
141   }
142   return hex;
143 }
144 
SecureHexToSecureBlob(const SecureBlob & hex)145 SecureBlob SecureHexToSecureBlob(const SecureBlob& hex) {
146   SecureBlob blob(hex.size()/2, 0);
147 
148   if (hex.size() == 0 || hex.size() % 2)
149     return SecureBlob();
150 
151   for (size_t i = 0; i < hex.size(); i++) {
152     uint8_t v;
153     // Check for invalid characters.
154     if (!ConvertHexToBytes(hex[i], &v))
155       return SecureBlob();
156 
157     blob[i/2] = (blob[i/2] << 4) | (v & 0xf);
158   }
159 
160   return blob;
161 }
162 
163 }  // namespace brillo
164