1*6777b538SAndroid Build Coastguard Worker // Copyright 2012 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef CRYPTO_ENCRYPTOR_H_ 6*6777b538SAndroid Build Coastguard Worker #define CRYPTO_ENCRYPTOR_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #include <stddef.h> 9*6777b538SAndroid Build Coastguard Worker #include <stdint.h> 10*6777b538SAndroid Build Coastguard Worker 11*6777b538SAndroid Build Coastguard Worker #include <memory> 12*6777b538SAndroid Build Coastguard Worker #include <optional> 13*6777b538SAndroid Build Coastguard Worker #include <string> 14*6777b538SAndroid Build Coastguard Worker #include <string_view> 15*6777b538SAndroid Build Coastguard Worker 16*6777b538SAndroid Build Coastguard Worker #include "base/containers/span.h" 17*6777b538SAndroid Build Coastguard Worker #include "base/memory/raw_ptr.h" 18*6777b538SAndroid Build Coastguard Worker #include "build/build_config.h" 19*6777b538SAndroid Build Coastguard Worker #include "crypto/crypto_export.h" 20*6777b538SAndroid Build Coastguard Worker 21*6777b538SAndroid Build Coastguard Worker namespace crypto { 22*6777b538SAndroid Build Coastguard Worker 23*6777b538SAndroid Build Coastguard Worker class SymmetricKey; 24*6777b538SAndroid Build Coastguard Worker 25*6777b538SAndroid Build Coastguard Worker // This class implements encryption without authentication, which is usually 26*6777b538SAndroid Build Coastguard Worker // unsafe. Prefer crypto::Aead for new code. If using this class, prefer the 27*6777b538SAndroid Build Coastguard Worker // base::span and std::vector overloads over the std::string_view and 28*6777b538SAndroid Build Coastguard Worker // std::string overloads. 29*6777b538SAndroid Build Coastguard Worker class CRYPTO_EXPORT Encryptor { 30*6777b538SAndroid Build Coastguard Worker public: 31*6777b538SAndroid Build Coastguard Worker enum Mode { 32*6777b538SAndroid Build Coastguard Worker CBC, 33*6777b538SAndroid Build Coastguard Worker CTR, 34*6777b538SAndroid Build Coastguard Worker }; 35*6777b538SAndroid Build Coastguard Worker 36*6777b538SAndroid Build Coastguard Worker Encryptor(); 37*6777b538SAndroid Build Coastguard Worker ~Encryptor(); 38*6777b538SAndroid Build Coastguard Worker 39*6777b538SAndroid Build Coastguard Worker // Initializes the encryptor using |key| and |iv|. Returns false if either the 40*6777b538SAndroid Build Coastguard Worker // key or the initialization vector cannot be used. 41*6777b538SAndroid Build Coastguard Worker // 42*6777b538SAndroid Build Coastguard Worker // If |mode| is CBC, |iv| must not be empty; if it is CTR, then |iv| must be 43*6777b538SAndroid Build Coastguard Worker // empty. 44*6777b538SAndroid Build Coastguard Worker bool Init(const SymmetricKey* key, Mode mode, std::string_view iv); 45*6777b538SAndroid Build Coastguard Worker bool Init(const SymmetricKey* key, Mode mode, base::span<const uint8_t> iv); 46*6777b538SAndroid Build Coastguard Worker 47*6777b538SAndroid Build Coastguard Worker // Encrypts |plaintext| into |ciphertext|. |plaintext| may only be empty if 48*6777b538SAndroid Build Coastguard Worker // the mode is CBC. 49*6777b538SAndroid Build Coastguard Worker bool Encrypt(std::string_view plaintext, std::string* ciphertext); 50*6777b538SAndroid Build Coastguard Worker bool Encrypt(base::span<const uint8_t> plaintext, 51*6777b538SAndroid Build Coastguard Worker std::vector<uint8_t>* ciphertext); 52*6777b538SAndroid Build Coastguard Worker 53*6777b538SAndroid Build Coastguard Worker // Decrypts |ciphertext| into |plaintext|. |ciphertext| must not be empty. 54*6777b538SAndroid Build Coastguard Worker // 55*6777b538SAndroid Build Coastguard Worker // WARNING: In CBC mode, Decrypt() returns false if it detects the padding 56*6777b538SAndroid Build Coastguard Worker // in the decrypted plaintext is wrong. Padding errors can result from 57*6777b538SAndroid Build Coastguard Worker // tampered ciphertext or a wrong decryption key. But successful decryption 58*6777b538SAndroid Build Coastguard Worker // does not imply the authenticity of the data. The caller of Decrypt() 59*6777b538SAndroid Build Coastguard Worker // must either authenticate the ciphertext before decrypting it, or take 60*6777b538SAndroid Build Coastguard Worker // care to not report decryption failure. Otherwise it could inadvertently 61*6777b538SAndroid Build Coastguard Worker // be used as a padding oracle to attack the cryptosystem. 62*6777b538SAndroid Build Coastguard Worker bool Decrypt(std::string_view ciphertext, std::string* plaintext); 63*6777b538SAndroid Build Coastguard Worker bool Decrypt(base::span<const uint8_t> ciphertext, 64*6777b538SAndroid Build Coastguard Worker std::vector<uint8_t>* plaintext); 65*6777b538SAndroid Build Coastguard Worker 66*6777b538SAndroid Build Coastguard Worker // Sets the counter value when in CTR mode. Currently only 128-bits 67*6777b538SAndroid Build Coastguard Worker // counter value is supported. 68*6777b538SAndroid Build Coastguard Worker // 69*6777b538SAndroid Build Coastguard Worker // Returns true only if update was successful. 70*6777b538SAndroid Build Coastguard Worker bool SetCounter(std::string_view counter); 71*6777b538SAndroid Build Coastguard Worker bool SetCounter(base::span<const uint8_t> counter); 72*6777b538SAndroid Build Coastguard Worker 73*6777b538SAndroid Build Coastguard Worker // TODO(albertb): Support streaming encryption. 74*6777b538SAndroid Build Coastguard Worker 75*6777b538SAndroid Build Coastguard Worker private: 76*6777b538SAndroid Build Coastguard Worker raw_ptr<const SymmetricKey, DanglingUntriaged> key_; 77*6777b538SAndroid Build Coastguard Worker Mode mode_; 78*6777b538SAndroid Build Coastguard Worker 79*6777b538SAndroid Build Coastguard Worker bool CryptString(bool do_encrypt, 80*6777b538SAndroid Build Coastguard Worker std::string_view input, 81*6777b538SAndroid Build Coastguard Worker std::string* output); 82*6777b538SAndroid Build Coastguard Worker bool CryptBytes(bool do_encrypt, 83*6777b538SAndroid Build Coastguard Worker base::span<const uint8_t> input, 84*6777b538SAndroid Build Coastguard Worker std::vector<uint8_t>* output); 85*6777b538SAndroid Build Coastguard Worker 86*6777b538SAndroid Build Coastguard Worker // On success, these helper functions return the number of bytes written to 87*6777b538SAndroid Build Coastguard Worker // |output|. 88*6777b538SAndroid Build Coastguard Worker size_t MaxOutput(bool do_encrypt, size_t length); 89*6777b538SAndroid Build Coastguard Worker std::optional<size_t> Crypt(bool do_encrypt, 90*6777b538SAndroid Build Coastguard Worker base::span<const uint8_t> input, 91*6777b538SAndroid Build Coastguard Worker base::span<uint8_t> output); 92*6777b538SAndroid Build Coastguard Worker std::optional<size_t> CryptCTR(bool do_encrypt, 93*6777b538SAndroid Build Coastguard Worker base::span<const uint8_t> input, 94*6777b538SAndroid Build Coastguard Worker base::span<uint8_t> output); 95*6777b538SAndroid Build Coastguard Worker 96*6777b538SAndroid Build Coastguard Worker // In CBC mode, the IV passed to Init(). In CTR mode, the counter value passed 97*6777b538SAndroid Build Coastguard Worker // to SetCounter(). 98*6777b538SAndroid Build Coastguard Worker std::vector<uint8_t> iv_; 99*6777b538SAndroid Build Coastguard Worker }; 100*6777b538SAndroid Build Coastguard Worker 101*6777b538SAndroid Build Coastguard Worker } // namespace crypto 102*6777b538SAndroid Build Coastguard Worker 103*6777b538SAndroid Build Coastguard Worker #endif // CRYPTO_ENCRYPTOR_H_ 104