// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "crypto/encryptor.h" #include <CommonCrypto/CommonCryptor.h> #include "base/logging.h" #include "base/string_util.h" #include "crypto/symmetric_key.h" namespace crypto { Encryptor::Encryptor() : key_(NULL), mode_(CBC) { } Encryptor::~Encryptor() { } bool Encryptor::Init(SymmetricKey* key, Mode mode, const std::string& iv) { DCHECK(key); DCHECK_EQ(CBC, mode) << "Unsupported mode of operation"; CSSM_DATA raw_key = key->cssm_data(); if (raw_key.Length != kCCKeySizeAES128 && raw_key.Length != kCCKeySizeAES192 && raw_key.Length != kCCKeySizeAES256) return false; if (iv.size() != kCCBlockSizeAES128) return false; key_ = key; mode_ = mode; iv_ = iv; return true; } bool Encryptor::Crypt(int /*CCOperation*/ op, const std::string& input, std::string* output) { DCHECK(key_); CSSM_DATA raw_key = key_->cssm_data(); // CommonCryptor.h: "A general rule for the size of the output buffer which // must be provided by the caller is that for block ciphers, the output // length is never larger than the input length plus the block size." size_t output_size = input.size() + iv_.size(); CCCryptorStatus err = CCCrypt(op, kCCAlgorithmAES128, kCCOptionPKCS7Padding, raw_key.Data, raw_key.Length, iv_.data(), input.data(), input.size(), WriteInto(output, output_size+1), output_size, &output_size); if (err) { output->resize(0); LOG(ERROR) << "CCCrypt returned " << err; return false; } output->resize(output_size); return true; } bool Encryptor::Encrypt(const std::string& plaintext, std::string* ciphertext) { return Crypt(kCCEncrypt, plaintext, ciphertext); } bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { return Crypt(kCCDecrypt, ciphertext, plaintext); } } // namespace crypto