1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CRYPTO_ENCRYPTOR_H_
6 #define CRYPTO_ENCRYPTOR_H_
14 #include "base/containers/span.h"
15 #include "base/optional.h"
16 #include "base/strings/string_piece.h"
17 #include "build/build_config.h"
18 #include "crypto/crypto_export.h"
24 // This class implements encryption without authentication, which is usually
25 // unsafe. Prefer crypto::Aead for new code. If using this class, prefer the
26 // base::span and std::vector overloads over the base::StringPiece and
27 // std::string overloads.
28 class CRYPTO_EXPORT Encryptor {
38 // Initializes the encryptor using |key| and |iv|. Returns false if either the
39 // key or the initialization vector cannot be used.
41 // If |mode| is CBC, |iv| must not be empty; if it is CTR, then |iv| must be
43 bool Init(const SymmetricKey* key, Mode mode, base::StringPiece iv);
44 bool Init(const SymmetricKey* key, Mode mode, base::span<const uint8_t> iv);
46 // Encrypts |plaintext| into |ciphertext|. |plaintext| may only be empty if
48 bool Encrypt(base::StringPiece plaintext, std::string* ciphertext);
49 bool Encrypt(base::span<const uint8_t> plaintext,
50 std::vector<uint8_t>* ciphertext);
52 // Decrypts |ciphertext| into |plaintext|. |ciphertext| must not be empty.
54 // WARNING: In CBC mode, Decrypt() returns false if it detects the padding
55 // in the decrypted plaintext is wrong. Padding errors can result from
56 // tampered ciphertext or a wrong decryption key. But successful decryption
57 // does not imply the authenticity of the data. The caller of Decrypt()
58 // must either authenticate the ciphertext before decrypting it, or take
59 // care to not report decryption failure. Otherwise it could inadvertently
60 // be used as a padding oracle to attack the cryptosystem.
61 bool Decrypt(base::StringPiece ciphertext, std::string* plaintext);
62 bool Decrypt(base::span<const uint8_t> ciphertext,
63 std::vector<uint8_t>* plaintext);
65 // Sets the counter value when in CTR mode. Currently only 128-bits
66 // counter value is supported.
68 // Returns true only if update was successful.
69 bool SetCounter(base::StringPiece counter);
70 bool SetCounter(base::span<const uint8_t> counter);
72 // TODO(albertb): Support streaming encryption.
75 const SymmetricKey* key_;
78 bool CryptString(bool do_encrypt,
79 base::StringPiece input,
81 bool CryptBytes(bool do_encrypt,
82 base::span<const uint8_t> input,
83 std::vector<uint8_t>* output);
85 // On success, these helper functions return the number of bytes written to
87 size_t MaxOutput(bool do_encrypt, size_t length);
88 base::Optional<size_t> Crypt(bool do_encrypt,
89 base::span<const uint8_t> input,
90 base::span<uint8_t> output);
91 base::Optional<size_t> CryptCTR(bool do_encrypt,
92 base::span<const uint8_t> input,
93 base::span<uint8_t> output);
95 // In CBC mode, the IV passed to Init(). In CTR mode, the counter value passed
97 std::vector<uint8_t> iv_;
100 } // namespace crypto
102 #endif // CRYPTO_ENCRYPTOR_H_