crypto/encryptor.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CRYPTO_ENCRYPTOR_H_
   6 #define CRYPTO_ENCRYPTOR_H_
   7
   8 #include <string>
   9
  10 #include "base/basictypes.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/strings/string_piece.h"
  13 #include "build/build_config.h"
  14 #include "crypto/crypto_export.h"
  15
  16 #if defined(USE_NSS) || \
  17     (!defined(USE_OPENSSL) && (defined(OS_WIN) || defined(OS_MACOSX)))
  18 #include "crypto/scoped_nss_types.h"
  19 #endif
  20
  21 namespace crypto {
  22
  23 class SymmetricKey;
  24
  25 class CRYPTO_EXPORT Encryptor {
  26  public:
  27   enum Mode {
  28     CBC,
  29     CTR,
  30   };
  31
  32   // This class implements a 128-bits counter to be used in AES-CTR encryption.
  33   // Only 128-bits counter is supported in this class.
  34   class CRYPTO_EXPORT Counter {
  35    public:
  36     explicit Counter(const base::StringPiece& counter);
  37     ~Counter();
  38
  39     // Increment the counter value.
  40     bool Increment();
  41
  42     // Write the content of the counter to |buf|. |buf| should have enough
  43     // space for |GetLengthInBytes()|.
  44     void Write(void* buf);
  45
  46     // Return the length of this counter.
  47     size_t GetLengthInBytes() const;
  48
  49    private:
  50     union {
  51       uint32 components32[4];
  52       uint64 components64[2];
  53     } counter_;
  54   };
  55
  56   Encryptor();
  57   virtual ~Encryptor();
  58
  59   // Initializes the encryptor using |key| and |iv|. Returns false if either the
  60   // key or the initialization vector cannot be used.
  61   //
  62   // If |mode| is CBC, |iv| must not be empty; if it is CTR, then |iv| must be
  63   // empty.
  64   bool Init(SymmetricKey* key, Mode mode, const base::StringPiece& iv);
  65
  66   // Encrypts |plaintext| into |ciphertext|.  |plaintext| may only be empty if
  67   // the mode is CBC.
  68   bool Encrypt(const base::StringPiece& plaintext, std::string* ciphertext);
  69
  70   // Decrypts |ciphertext| into |plaintext|.  |ciphertext| must not be empty.
  71   //
  72   // WARNING: In CBC mode, Decrypt() returns false if it detects the padding
  73   // in the decrypted plaintext is wrong. Padding errors can result from
  74   // tampered ciphertext or a wrong decryption key. But successful decryption
  75   // does not imply the authenticity of the data. The caller of Decrypt()
  76   // must either authenticate the ciphertext before decrypting it, or take
  77   // care to not report decryption failure. Otherwise it could inadvertently
  78   // be used as a padding oracle to attack the cryptosystem.
  79   bool Decrypt(const base::StringPiece& ciphertext, std::string* plaintext);
  80
  81   // Sets the counter value when in CTR mode. Currently only 128-bits
  82   // counter value is supported.
  83   //
  84   // Returns true only if update was successful.
  85   bool SetCounter(const base::StringPiece& counter);
  86
  87   // TODO(albertb): Support streaming encryption.
  88
  89  private:
  90   // Generates a mask using |counter_| to be used for encryption in CTR mode.
  91   // Resulting mask will be written to |mask| with |mask_len| bytes.
  92   //
  93   // Make sure there's enough space in mask when calling this method.
  94   // Reserve at least |plaintext_len| + 16 bytes for |mask|.
  95   //
  96   // The generated mask will always have at least |plaintext_len| bytes and
  97   // will be a multiple of the counter length.
  98   //
  99   // This method is used only in CTR mode.
 100   //
 101   // Returns false if this call failed.
 102   bool GenerateCounterMask(size_t plaintext_len,
 103                            uint8* mask,
 104                            size_t* mask_len);
 105
 106   // Mask the |plaintext| message using |mask|. The output will be written to
 107   // |ciphertext|. |ciphertext| must have at least |plaintext_len| bytes.
 108   void MaskMessage(const void* plaintext,
 109                    size_t plaintext_len,
 110                    const void* mask,
 111                    void* ciphertext) const;
 112
 113   SymmetricKey* key_;
 114   Mode mode_;
 115   scoped_ptr<Counter> counter_;
 116
 117 #if defined(USE_OPENSSL)
 118   bool Crypt(bool do_encrypt,  // Pass true to encrypt, false to decrypt.
 119              const base::StringPiece& input,
 120              std::string* output);
 121   bool CryptCTR(bool do_encrypt,
 122                 const base::StringPiece& input,
 123                 std::string* output);
 124   std::string iv_;
 125 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX)
 126   bool Crypt(PK11Context* context,
 127              const base::StringPiece& input,
 128              std::string* output);
 129   bool CryptCTR(PK11Context* context,
 130                 const base::StringPiece& input,
 131                 std::string* output);
 132   ScopedSECItem param_;
 133 #endif
 134 };
 135
 136 }  // namespace crypto
 137
 138 #endif  // CRYPTO_ENCRYPTOR_H_