1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include <openssl/aes.h>
6 #include <openssl/evp.h>
8 #include "base/logging.h"
9 #include "base/numerics/safe_math.h"
10 #include "base/stl_util.h"
11 #include "content/child/webcrypto/crypto_data.h"
12 #include "content/child/webcrypto/openssl/aes_algorithm_openssl.h"
13 #include "content/child/webcrypto/openssl/key_openssl.h"
14 #include "content/child/webcrypto/openssl/util_openssl.h"
15 #include "content/child/webcrypto/status.h"
16 #include "content/child/webcrypto/webcrypto_util.h"
17 #include "crypto/openssl_util.h"
18 #include "crypto/scoped_openssl_types.h"
19 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
27 const EVP_CIPHER
* GetAESCipherByKeyLength(unsigned int key_length_bytes
) {
28 // BoringSSL does not support 192-bit AES keys.
29 switch (key_length_bytes
) {
31 return EVP_aes_128_cbc();
33 return EVP_aes_256_cbc();
39 Status
AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation
,
40 const blink::WebCryptoAlgorithm
& algorithm
,
41 const blink::WebCryptoKey
& key
,
42 const CryptoData
& data
,
43 std::vector
<uint8_t>* buffer
) {
44 crypto::OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
46 const blink::WebCryptoAesCbcParams
* params
= algorithm
.aesCbcParams();
47 const std::vector
<uint8_t>& raw_key
=
48 SymKeyOpenSsl::Cast(key
)->raw_key_data();
50 if (params
->iv().size() != 16)
51 return Status::ErrorIncorrectSizeAesCbcIv();
53 // According to the openssl docs, the amount of data written may be as large
54 // as (data_size + cipher_block_size - 1), constrained to a multiple of
56 base::CheckedNumeric
<int> output_max_len
= data
.byte_length();
57 output_max_len
+= AES_BLOCK_SIZE
- 1;
58 if (!output_max_len
.IsValid())
59 return Status::ErrorDataTooLarge();
61 const unsigned remainder
= output_max_len
.ValueOrDie() % AES_BLOCK_SIZE
;
63 output_max_len
+= AES_BLOCK_SIZE
- remainder
;
64 if (!output_max_len
.IsValid())
65 return Status::ErrorDataTooLarge();
67 // Note: PKCS padding is enabled by default
68 crypto::ScopedOpenSSL
<EVP_CIPHER_CTX
, EVP_CIPHER_CTX_free
> context(
69 EVP_CIPHER_CTX_new());
72 return Status::OperationError();
74 const EVP_CIPHER
* const cipher
= GetAESCipherByKeyLength(raw_key
.size());
77 if (!EVP_CipherInit_ex(context
.get(), cipher
, NULL
, &raw_key
[0],
78 params
->iv().data(), cipher_operation
)) {
79 return Status::OperationError();
82 buffer
->resize(output_max_len
.ValueOrDie());
84 unsigned char* const buffer_data
= vector_as_array(buffer
);
87 if (!EVP_CipherUpdate(context
.get(), buffer_data
, &output_len
, data
.bytes(),
88 data
.byte_length())) {
89 return Status::OperationError();
91 int final_output_chunk_len
= 0;
92 if (!EVP_CipherFinal_ex(context
.get(), buffer_data
+ output_len
,
93 &final_output_chunk_len
)) {
94 return Status::OperationError();
97 const unsigned int final_output_len
=
98 static_cast<unsigned int>(output_len
) +
99 static_cast<unsigned int>(final_output_chunk_len
);
101 buffer
->resize(final_output_len
);
103 return Status::Success();
106 class AesCbcImplementation
: public AesAlgorithm
{
108 AesCbcImplementation() : AesAlgorithm("CBC") {}
110 Status
Encrypt(const blink::WebCryptoAlgorithm
& algorithm
,
111 const blink::WebCryptoKey
& key
,
112 const CryptoData
& data
,
113 std::vector
<uint8_t>* buffer
) const override
{
114 return AesCbcEncryptDecrypt(ENCRYPT
, algorithm
, key
, data
, buffer
);
117 Status
Decrypt(const blink::WebCryptoAlgorithm
& algorithm
,
118 const blink::WebCryptoKey
& key
,
119 const CryptoData
& data
,
120 std::vector
<uint8_t>* buffer
) const override
{
121 return AesCbcEncryptDecrypt(DECRYPT
, algorithm
, key
, data
, buffer
);
127 AlgorithmImplementation
* CreatePlatformAesCbcImplementation() {
128 return new AesCbcImplementation
;
131 } // namespace webcrypto
133 } // namespace content
