1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/encryptor.h"
7 #include <openssl/aes.h>
8 #include <openssl/evp.h>
10 #include "base/logging.h"
11 #include "base/string_util.h"
12 #include "crypto/openssl_util.h"
13 #include "crypto/symmetric_key.h"
19 const EVP_CIPHER
* GetCipherForKey(SymmetricKey
* key
) {
20 switch (key
->key().length()) {
21 case 16: return EVP_aes_128_cbc();
22 case 24: return EVP_aes_192_cbc();
23 case 32: return EVP_aes_256_cbc();
28 // On destruction this class will cleanup the ctx, and also clear the OpenSSL
29 // ERR stack as a convenience.
30 class ScopedCipherCTX
{
32 explicit ScopedCipherCTX() {
33 EVP_CIPHER_CTX_init(&ctx_
);
36 EVP_CIPHER_CTX_cleanup(&ctx_
);
37 ClearOpenSSLERRStack(FROM_HERE
);
39 EVP_CIPHER_CTX
* get() { return &ctx_
; }
47 Encryptor::Encryptor()
52 Encryptor::~Encryptor() {
55 bool Encryptor::Init(SymmetricKey
* key
,
57 const base::StringPiece
& iv
) {
62 if (iv
.size() != AES_BLOCK_SIZE
)
65 if (GetCipherForKey(key
) == NULL
)
70 iv
.CopyToString(&iv_
);
74 bool Encryptor::Encrypt(const base::StringPiece
& plaintext
,
75 std::string
* ciphertext
) {
76 CHECK(!plaintext
.empty() || (mode_
== CBC
));
77 return Crypt(true, plaintext
, ciphertext
);
80 bool Encryptor::Decrypt(const base::StringPiece
& ciphertext
,
81 std::string
* plaintext
) {
82 CHECK(!ciphertext
.empty());
83 return Crypt(false, ciphertext
, plaintext
);
86 bool Encryptor::Crypt(bool do_encrypt
,
87 const base::StringPiece
& input
,
88 std::string
* output
) {
89 DCHECK(key_
); // Must call Init() before En/De-crypt.
90 // Work on the result in a local variable, and then only transfer it to
91 // |output| on success to ensure no partial data is returned.
95 const EVP_CIPHER
* cipher
= GetCipherForKey(key_
);
96 DCHECK(cipher
); // Already handled in Init();
98 const std::string
& key
= key_
->key();
99 DCHECK_EQ(EVP_CIPHER_iv_length(cipher
), static_cast<int>(iv_
.length()));
100 DCHECK_EQ(EVP_CIPHER_key_length(cipher
), static_cast<int>(key
.length()));
103 if (!EVP_CipherInit_ex(ctx
.get(), cipher
, NULL
,
104 reinterpret_cast<const uint8
*>(key
.data()),
105 reinterpret_cast<const uint8
*>(iv_
.data()),
109 // When encrypting, add another block size of space to allow for any padding.
110 const size_t output_size
= input
.size() + (do_encrypt
? iv_
.size() : 0);
111 CHECK_GT(output_size
, 0u);
112 CHECK_GT(output_size
+ 1, input
.size());
113 uint8
* out_ptr
= reinterpret_cast<uint8
*>(WriteInto(&result
,
116 if (!EVP_CipherUpdate(ctx
.get(), out_ptr
, &out_len
,
117 reinterpret_cast<const uint8
*>(input
.data()),
121 // Write out the final block plus padding (if any) to the end of the data
124 if (!EVP_CipherFinal_ex(ctx
.get(), out_ptr
+ out_len
, &tail_len
))
128 DCHECK_LE(out_len
, static_cast<int>(output_size
));
129 result
.resize(out_len
);
131 output
->swap(result
);
135 } // namespace crypto