• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include <openssl/aes.h>
6 #include <openssl/evp.h>
7 
8 #include "base/logging.h"
9 #include "base/numerics/safe_math.h"
10 #include "base/stl_util.h"
11 #include "content/child/webcrypto/crypto_data.h"
12 #include "content/child/webcrypto/openssl/aes_key_openssl.h"
13 #include "content/child/webcrypto/openssl/key_openssl.h"
14 #include "content/child/webcrypto/openssl/util_openssl.h"
15 #include "content/child/webcrypto/status.h"
16 #include "content/child/webcrypto/webcrypto_util.h"
17 #include "crypto/openssl_util.h"
18 #include "crypto/scoped_openssl_types.h"
19 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
20 
21 namespace content {
22 
23 namespace webcrypto {
24 
25 namespace {
26 
GetAESCipherByKeyLength(unsigned int key_length_bytes)27 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) {
28   // BoringSSL does not support 192-bit AES keys.
29   switch (key_length_bytes) {
30     case 16:
31       return EVP_aes_128_cbc();
32     case 32:
33       return EVP_aes_256_cbc();
34     default:
35       return NULL;
36   }
37 }
38 
AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation,const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer)39 Status AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation,
40                             const blink::WebCryptoAlgorithm& algorithm,
41                             const blink::WebCryptoKey& key,
42                             const CryptoData& data,
43                             std::vector<uint8_t>* buffer) {
44   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
45 
46   const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams();
47   const std::vector<uint8_t>& raw_key =
48       SymKeyOpenSsl::Cast(key)->raw_key_data();
49 
50   if (params->iv().size() != 16)
51     return Status::ErrorIncorrectSizeAesCbcIv();
52 
53   // According to the openssl docs, the amount of data written may be as large
54   // as (data_size + cipher_block_size - 1), constrained to a multiple of
55   // cipher_block_size.
56   base::CheckedNumeric<int> output_max_len = data.byte_length();
57   output_max_len += AES_BLOCK_SIZE - 1;
58   if (!output_max_len.IsValid())
59     return Status::ErrorDataTooLarge();
60 
61   const unsigned remainder = output_max_len.ValueOrDie() % AES_BLOCK_SIZE;
62   if (remainder != 0)
63     output_max_len += AES_BLOCK_SIZE - remainder;
64   if (!output_max_len.IsValid())
65     return Status::ErrorDataTooLarge();
66 
67   // Note: PKCS padding is enabled by default
68   crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>::Type context(
69       EVP_CIPHER_CTX_new());
70 
71   if (!context.get())
72     return Status::OperationError();
73 
74   const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(raw_key.size());
75   DCHECK(cipher);
76 
77   if (!EVP_CipherInit_ex(context.get(),
78                          cipher,
79                          NULL,
80                          &raw_key[0],
81                          params->iv().data(),
82                          cipher_operation)) {
83     return Status::OperationError();
84   }
85 
86   buffer->resize(output_max_len.ValueOrDie());
87 
88   unsigned char* const buffer_data = vector_as_array(buffer);
89 
90   int output_len = 0;
91   if (!EVP_CipherUpdate(context.get(),
92                         buffer_data,
93                         &output_len,
94                         data.bytes(),
95                         data.byte_length()))
96     return Status::OperationError();
97   int final_output_chunk_len = 0;
98   if (!EVP_CipherFinal_ex(
99           context.get(), buffer_data + output_len, &final_output_chunk_len)) {
100     return Status::OperationError();
101   }
102 
103   const unsigned int final_output_len =
104       static_cast<unsigned int>(output_len) +
105       static_cast<unsigned int>(final_output_chunk_len);
106 
107   buffer->resize(final_output_len);
108 
109   return Status::Success();
110 }
111 
112 class AesCbcImplementation : public AesAlgorithm {
113  public:
AesCbcImplementation()114   AesCbcImplementation() : AesAlgorithm("CBC") {}
115 
Encrypt(const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer) const116   virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
117                          const blink::WebCryptoKey& key,
118                          const CryptoData& data,
119                          std::vector<uint8_t>* buffer) const OVERRIDE {
120     return AesCbcEncryptDecrypt(ENCRYPT, algorithm, key, data, buffer);
121   }
122 
Decrypt(const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer) const123   virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
124                          const blink::WebCryptoKey& key,
125                          const CryptoData& data,
126                          std::vector<uint8_t>* buffer) const OVERRIDE {
127     return AesCbcEncryptDecrypt(DECRYPT, algorithm, key, data, buffer);
128   }
129 };
130 
131 }  // namespace
132 
CreatePlatformAesCbcImplementation()133 AlgorithmImplementation* CreatePlatformAesCbcImplementation() {
134   return new AesCbcImplementation;
135 }
136 
137 }  // namespace webcrypto
138 
139 }  // namespace content
140