1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include <openssl/aes.h> 6#include <openssl/evp.h> 7 8#include "base/logging.h" 9#include "base/numerics/safe_math.h" 10#include "base/stl_util.h" 11#include "content/child/webcrypto/crypto_data.h" 12#include "content/child/webcrypto/openssl/aes_key_openssl.h" 13#include "content/child/webcrypto/openssl/key_openssl.h" 14#include "content/child/webcrypto/openssl/util_openssl.h" 15#include "content/child/webcrypto/status.h" 16#include "content/child/webcrypto/webcrypto_util.h" 17#include "crypto/openssl_util.h" 18#include "crypto/scoped_openssl_types.h" 19#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" 20 21namespace content { 22 23namespace webcrypto { 24 25namespace { 26 27const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) { 28 // BoringSSL does not support 192-bit AES keys. 29 switch (key_length_bytes) { 30 case 16: 31 return EVP_aes_128_cbc(); 32 case 32: 33 return EVP_aes_256_cbc(); 34 default: 35 return NULL; 36 } 37} 38 39Status AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation, 40 const blink::WebCryptoAlgorithm& algorithm, 41 const blink::WebCryptoKey& key, 42 const CryptoData& data, 43 std::vector<uint8_t>* buffer) { 44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 45 46 const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams(); 47 const std::vector<uint8_t>& raw_key = 48 SymKeyOpenSsl::Cast(key)->raw_key_data(); 49 50 if (params->iv().size() != 16) 51 return Status::ErrorIncorrectSizeAesCbcIv(); 52 53 // According to the openssl docs, the amount of data written may be as large 54 // as (data_size + cipher_block_size - 1), constrained to a multiple of 55 // cipher_block_size. 56 base::CheckedNumeric<int> output_max_len = data.byte_length(); 57 output_max_len += AES_BLOCK_SIZE - 1; 58 if (!output_max_len.IsValid()) 59 return Status::ErrorDataTooLarge(); 60 61 const unsigned remainder = output_max_len.ValueOrDie() % AES_BLOCK_SIZE; 62 if (remainder != 0) 63 output_max_len += AES_BLOCK_SIZE - remainder; 64 if (!output_max_len.IsValid()) 65 return Status::ErrorDataTooLarge(); 66 67 // Note: PKCS padding is enabled by default 68 crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>::Type context( 69 EVP_CIPHER_CTX_new()); 70 71 if (!context.get()) 72 return Status::OperationError(); 73 74 const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(raw_key.size()); 75 DCHECK(cipher); 76 77 if (!EVP_CipherInit_ex(context.get(), 78 cipher, 79 NULL, 80 &raw_key[0], 81 params->iv().data(), 82 cipher_operation)) { 83 return Status::OperationError(); 84 } 85 86 buffer->resize(output_max_len.ValueOrDie()); 87 88 unsigned char* const buffer_data = vector_as_array(buffer); 89 90 int output_len = 0; 91 if (!EVP_CipherUpdate(context.get(), 92 buffer_data, 93 &output_len, 94 data.bytes(), 95 data.byte_length())) 96 return Status::OperationError(); 97 int final_output_chunk_len = 0; 98 if (!EVP_CipherFinal_ex( 99 context.get(), buffer_data + output_len, &final_output_chunk_len)) { 100 return Status::OperationError(); 101 } 102 103 const unsigned int final_output_len = 104 static_cast<unsigned int>(output_len) + 105 static_cast<unsigned int>(final_output_chunk_len); 106 107 buffer->resize(final_output_len); 108 109 return Status::Success(); 110} 111 112class AesCbcImplementation : public AesAlgorithm { 113 public: 114 AesCbcImplementation() : AesAlgorithm("CBC") {} 115 116 virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm, 117 const blink::WebCryptoKey& key, 118 const CryptoData& data, 119 std::vector<uint8_t>* buffer) const OVERRIDE { 120 return AesCbcEncryptDecrypt(ENCRYPT, algorithm, key, data, buffer); 121 } 122 123 virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm, 124 const blink::WebCryptoKey& key, 125 const CryptoData& data, 126 std::vector<uint8_t>* buffer) const OVERRIDE { 127 return AesCbcEncryptDecrypt(DECRYPT, algorithm, key, data, buffer); 128 } 129}; 130 131} // namespace 132 133AlgorithmImplementation* CreatePlatformAesCbcImplementation() { 134 return new AesCbcImplementation; 135} 136 137} // namespace webcrypto 138 139} // namespace content 140