content/child/webcrypto/openssl/aes_cbc_openssl.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include <openssl/aes.h>
   6 #include <openssl/evp.h>
   7
   8 #include "base/logging.h"
   9 #include "base/numerics/safe_math.h"
  10 #include "base/stl_util.h"
  11 #include "content/child/webcrypto/crypto_data.h"
  12 #include "content/child/webcrypto/openssl/aes_key_openssl.h"
  13 #include "content/child/webcrypto/openssl/key_openssl.h"
  14 #include "content/child/webcrypto/openssl/util_openssl.h"
  15 #include "content/child/webcrypto/status.h"
  16 #include "content/child/webcrypto/webcrypto_util.h"
  17 #include "crypto/openssl_util.h"
  18 #include "crypto/scoped_openssl_types.h"
  19 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
  20
  21 namespace content {
  22
  23 namespace webcrypto {
  24
  25 namespace {
  26
  27 const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) {
  28   // BoringSSL does not support 192-bit AES keys.
  29   switch (key_length_bytes) {
  30     case 16:
  31       return EVP_aes_128_cbc();
  32     case 32:
  33       return EVP_aes_256_cbc();
  34     default:
  35       return NULL;
  36   }
  37 }
  38
  39 Status AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation,
  40                             const blink::WebCryptoAlgorithm& algorithm,
  41                             const blink::WebCryptoKey& key,
  42                             const CryptoData& data,
  43                             std::vector<uint8_t>* buffer) {
  44   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
  45
  46   const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams();
  47   const std::vector<uint8_t>& raw_key =
  48       SymKeyOpenSsl::Cast(key)->raw_key_data();
  49
  50   if (params->iv().size() != 16)
  51     return Status::ErrorIncorrectSizeAesCbcIv();
  52
  53   // According to the openssl docs, the amount of data written may be as large
  54   // as (data_size + cipher_block_size - 1), constrained to a multiple of
  55   // cipher_block_size.
  56   base::CheckedNumeric<int> output_max_len = data.byte_length();
  57   output_max_len += AES_BLOCK_SIZE - 1;
  58   if (!output_max_len.IsValid())
  59     return Status::ErrorDataTooLarge();
  60
  61   const unsigned remainder = output_max_len.ValueOrDie() % AES_BLOCK_SIZE;
  62   if (remainder != 0)
  63     output_max_len += AES_BLOCK_SIZE - remainder;
  64   if (!output_max_len.IsValid())
  65     return Status::ErrorDataTooLarge();
  66
  67   // Note: PKCS padding is enabled by default
  68   crypto::ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>::Type context(
  69       EVP_CIPHER_CTX_new());
  70
  71   if (!context.get())
  72     return Status::OperationError();
  73
  74   const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(raw_key.size());
  75   DCHECK(cipher);
  76
  77   if (!EVP_CipherInit_ex(context.get(),
  78                          cipher,
  79                          NULL,
  80                          &raw_key[0],
  81                          params->iv().data(),
  82                          cipher_operation)) {
  83     return Status::OperationError();
  84   }
  85
  86   buffer->resize(output_max_len.ValueOrDie());
  87
  88   unsigned char* const buffer_data = vector_as_array(buffer);
  89
  90   int output_len = 0;
  91   if (!EVP_CipherUpdate(context.get(),
  92                         buffer_data,
  93                         &output_len,
  94                         data.bytes(),
  95                         data.byte_length()))
  96     return Status::OperationError();
  97   int final_output_chunk_len = 0;
  98   if (!EVP_CipherFinal_ex(
  99           context.get(), buffer_data + output_len, &final_output_chunk_len)) {
 100     return Status::OperationError();
 101   }
 102
 103   const unsigned int final_output_len =
 104       static_cast<unsigned int>(output_len) +
 105       static_cast<unsigned int>(final_output_chunk_len);
 106
 107   buffer->resize(final_output_len);
 108
 109   return Status::Success();
 110 }
 111
 112 class AesCbcImplementation : public AesAlgorithm {
 113  public:
 114   AesCbcImplementation() : AesAlgorithm("CBC") {}
 115
 116   virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
 117                          const blink::WebCryptoKey& key,
 118                          const CryptoData& data,
 119                          std::vector<uint8_t>* buffer) const OVERRIDE {
 120     return AesCbcEncryptDecrypt(ENCRYPT, algorithm, key, data, buffer);
 121   }
 122
 123   virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
 124                          const blink::WebCryptoKey& key,
 125                          const CryptoData& data,
 126                          std::vector<uint8_t>* buffer) const OVERRIDE {
 127     return AesCbcEncryptDecrypt(DECRYPT, algorithm, key, data, buffer);
 128   }
 129 };
 130
 131 }  // namespace
 132
 133 AlgorithmImplementation* CreatePlatformAesCbcImplementation() {
 134   return new AesCbcImplementation;
 135 }
 136
 137 }  // namespace webcrypto
 138
 139 }  // namespace content