diff options
author | Tom Sepez <tsepez@chromium.org> | 2018-10-03 19:53:38 +0000 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2018-10-03 19:53:38 +0000 |
commit | bd8855b27b43de3587b2040fee64236bf53a4238 (patch) | |
tree | 7fbb689bf5cfe7374dfd7b2c3ce60a4e33c35f5c | |
parent | 2ff6cd661c0203dcdcc09135bce8bba141037574 (diff) | |
download | pdfium-bd8855b27b43de3587b2040fee64236bf53a4238.tar.xz |
Remove blocklen argument from CRYPT_AESSetKey()
We always pass it as 16. In turn, remove some unused code
to handle the non-16 cases.
Noticed while looking at coverage report.
Change-Id: I93f5f0342537284ce6a2b36a8b477425da3cc872
Reviewed-on: https://pdfium-review.googlesource.com/c/43450
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
-rw-r--r-- | core/fdrm/crypto/fx_crypt.h | 1 | ||||
-rw-r--r-- | core/fdrm/crypto/fx_crypt_aes.cpp | 197 | ||||
-rw-r--r-- | core/fpdfapi/parser/cpdf_crypto_handler.cpp | 6 | ||||
-rw-r--r-- | core/fpdfapi/parser/cpdf_security_handler.cpp | 10 |
4 files changed, 20 insertions, 194 deletions
diff --git a/core/fdrm/crypto/fx_crypt.h b/core/fdrm/crypto/fx_crypt.h index 4f6717fed8..0c7484c256 100644 --- a/core/fdrm/crypto/fx_crypt.h +++ b/core/fdrm/crypto/fx_crypt.h @@ -60,7 +60,6 @@ void CRYPT_ArcFourCrypt(CRYPT_rc4_context* context, uint32_t size); void CRYPT_AESSetKey(CRYPT_aes_context* context, - uint32_t blocklen, const uint8_t* key, uint32_t keylen, bool bEncrypt); diff --git a/core/fdrm/crypto/fx_crypt_aes.cpp b/core/fdrm/crypto/fx_crypt_aes.cpp index 94d66d0956..467cc97213 100644 --- a/core/fdrm/crypto/fx_crypt_aes.cpp +++ b/core/fdrm/crypto/fx_crypt_aes.cpp @@ -431,13 +431,6 @@ const unsigned int D3[256] = { #define ADD_ROUND_KEY_4 \ (block[0] ^= *keysched++, block[1] ^= *keysched++, block[2] ^= *keysched++, \ block[3] ^= *keysched++) -#define ADD_ROUND_KEY_6 \ - (block[0] ^= *keysched++, block[1] ^= *keysched++, block[2] ^= *keysched++, \ - block[3] ^= *keysched++, block[4] ^= *keysched++, block[5] ^= *keysched++) -#define ADD_ROUND_KEY_8 \ - (block[0] ^= *keysched++, block[1] ^= *keysched++, block[2] ^= *keysched++, \ - block[3] ^= *keysched++, block[4] ^= *keysched++, block[5] ^= *keysched++, \ - block[6] ^= *keysched++, block[7] ^= *keysched++) #define MOVEWORD(i) (block[i] = newstate[i]) #undef MAKEWORD #define MAKEWORD(i) \ @@ -478,88 +471,9 @@ void aes_encrypt_nb_4(CRYPT_aes_context* ctx, unsigned int* block) { MOVEWORD(3); ADD_ROUND_KEY_4; } - -void aes_encrypt_nb_6(CRYPT_aes_context* ctx, unsigned int* block) { - int i; - const int C1 = 1, C2 = 2, C3 = 3, Nb = 6; - unsigned int* keysched = ctx->keysched; - unsigned int newstate[6]; - for (i = 0; i < ctx->Nr - 1; i++) { - ADD_ROUND_KEY_6; - MAKEWORD(0); - MAKEWORD(1); - MAKEWORD(2); - MAKEWORD(3); - MAKEWORD(4); - MAKEWORD(5); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - } - ADD_ROUND_KEY_6; - LASTWORD(0); - LASTWORD(1); - LASTWORD(2); - LASTWORD(3); - LASTWORD(4); - LASTWORD(5); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - ADD_ROUND_KEY_6; -} - -void aes_encrypt_nb_8(CRYPT_aes_context* ctx, unsigned int* block) { - int i; - const int C1 = 1, C2 = 3, C3 = 4, Nb = 8; - unsigned int* keysched = ctx->keysched; - unsigned int newstate[8]; - for (i = 0; i < ctx->Nr - 1; i++) { - ADD_ROUND_KEY_8; - MAKEWORD(0); - MAKEWORD(1); - MAKEWORD(2); - MAKEWORD(3); - MAKEWORD(4); - MAKEWORD(5); - MAKEWORD(6); - MAKEWORD(7); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - MOVEWORD(6); - MOVEWORD(7); - } - ADD_ROUND_KEY_8; - LASTWORD(0); - LASTWORD(1); - LASTWORD(2); - LASTWORD(3); - LASTWORD(4); - LASTWORD(5); - LASTWORD(6); - LASTWORD(7); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - MOVEWORD(6); - MOVEWORD(7); - ADD_ROUND_KEY_8; -} #undef MAKEWORD #undef LASTWORD + #define MAKEWORD(i) \ (newstate[i] = (D0[(block[i] >> 24) & 0xFF] ^ \ D1[(block[(i + C1) % Nb] >> 16) & 0xFF] ^ \ @@ -598,107 +512,20 @@ void aes_decrypt_nb_4(CRYPT_aes_context* ctx, unsigned int* block) { MOVEWORD(3); ADD_ROUND_KEY_4; } - -void aes_decrypt_nb_6(CRYPT_aes_context* ctx, unsigned int* block) { - int i; - const int C1 = 6 - 1, C2 = 6 - 2, C3 = 6 - 3, Nb = 6; - unsigned int* keysched = ctx->invkeysched; - unsigned int newstate[6]; - for (i = 0; i < ctx->Nr - 1; i++) { - ADD_ROUND_KEY_6; - MAKEWORD(0); - MAKEWORD(1); - MAKEWORD(2); - MAKEWORD(3); - MAKEWORD(4); - MAKEWORD(5); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - } - ADD_ROUND_KEY_6; - LASTWORD(0); - LASTWORD(1); - LASTWORD(2); - LASTWORD(3); - LASTWORD(4); - LASTWORD(5); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - ADD_ROUND_KEY_6; -} - -void aes_decrypt_nb_8(CRYPT_aes_context* ctx, unsigned int* block) { - int i; - const int C1 = 8 - 1, C2 = 8 - 3, C3 = 8 - 4, Nb = 8; - unsigned int* keysched = ctx->invkeysched; - unsigned int newstate[8]; - for (i = 0; i < ctx->Nr - 1; i++) { - ADD_ROUND_KEY_8; - MAKEWORD(0); - MAKEWORD(1); - MAKEWORD(2); - MAKEWORD(3); - MAKEWORD(4); - MAKEWORD(5); - MAKEWORD(6); - MAKEWORD(7); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - MOVEWORD(6); - MOVEWORD(7); - } - ADD_ROUND_KEY_8; - LASTWORD(0); - LASTWORD(1); - LASTWORD(2); - LASTWORD(3); - LASTWORD(4); - LASTWORD(5); - LASTWORD(6); - LASTWORD(7); - MOVEWORD(0); - MOVEWORD(1); - MOVEWORD(2); - MOVEWORD(3); - MOVEWORD(4); - MOVEWORD(5); - MOVEWORD(6); - MOVEWORD(7); - ADD_ROUND_KEY_8; -} #undef MAKEWORD #undef LASTWORD + void aes_setup(CRYPT_aes_context* ctx, - int blocklen, const unsigned char* key, int keylen) { - int i, j, Nk, rconst; - ASSERT(blocklen == 16 || blocklen == 24 || blocklen == 32); ASSERT(keylen == 16 || keylen == 24 || keylen == 32); - Nk = keylen / 4; - ctx->Nb = blocklen / 4; + int Nk = keylen / 4; + ctx->Nb = 4; ctx->Nr = 6 + (ctx->Nb > Nk ? ctx->Nb : Nk); - if (ctx->Nb == 8) { - ctx->encrypt = aes_encrypt_nb_8, ctx->decrypt = aes_decrypt_nb_8; - } else if (ctx->Nb == 6) { - ctx->encrypt = aes_encrypt_nb_6, ctx->decrypt = aes_decrypt_nb_6; - } else if (ctx->Nb == 4) { - ctx->encrypt = aes_encrypt_nb_4, ctx->decrypt = aes_decrypt_nb_4; - } - rconst = 1; - for (i = 0; i < (ctx->Nr + 1) * ctx->Nb; i++) { + ctx->encrypt = aes_encrypt_nb_4; + ctx->decrypt = aes_decrypt_nb_4; + int rconst = 1; + for (int i = 0; i < (ctx->Nr + 1) * ctx->Nb; i++) { if (i < Nk) { ctx->keysched[i] = GET_32BIT_MSB_FIRST(key + 4 * i); } else { @@ -728,8 +555,8 @@ void aes_setup(CRYPT_aes_context* ctx, ctx->keysched[i] = ctx->keysched[i - Nk] ^ temp; } } - for (i = 0; i <= ctx->Nr; i++) { - for (j = 0; j < ctx->Nb; j++) { + for (int i = 0; i <= ctx->Nr; i++) { + for (int j = 0; j < ctx->Nb; j++) { unsigned int temp; temp = ctx->keysched[(ctx->Nr - i) * ctx->Nb + j]; if (i != 0 && i != ctx->Nr) { @@ -747,6 +574,7 @@ void aes_setup(CRYPT_aes_context* ctx, } } } + void aes_decrypt(CRYPT_aes_context* ctx, unsigned int* block) { ctx->decrypt(ctx, block); } @@ -804,11 +632,10 @@ void aes_encrypt_cbc(unsigned char* dest, } // namespace void CRYPT_AESSetKey(CRYPT_aes_context* context, - uint32_t blocklen, const uint8_t* key, uint32_t keylen, bool bEncrypt) { - aes_setup(context, blocklen, key, keylen); + aes_setup(context, key, keylen); } void CRYPT_AESSetIV(CRYPT_aes_context* context, const uint8_t* iv) { diff --git a/core/fpdfapi/parser/cpdf_crypto_handler.cpp b/core/fpdfapi/parser/cpdf_crypto_handler.cpp index 4f77bc903b..4e24c66a4f 100644 --- a/core/fpdfapi/parser/cpdf_crypto_handler.cpp +++ b/core/fpdfapi/parser/cpdf_crypto_handler.cpp @@ -72,7 +72,7 @@ void CPDF_CryptoHandler::CryptBlock(bool bEncrypt, } } if (m_Cipher == FXCIPHER_AES) { - CRYPT_AESSetKey(m_pAESContext.get(), 16, + CRYPT_AESSetKey(m_pAESContext.get(), m_KeyLen == 32 ? m_EncryptKey : realkey, m_KeyLen, bEncrypt); if (bEncrypt) { @@ -125,7 +125,7 @@ void* CPDF_CryptoHandler::CryptStart(uint32_t objnum, AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); pContext->m_bIV = true; pContext->m_BlockOffset = 0; - CRYPT_AESSetKey(&pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt); + CRYPT_AESSetKey(&pContext->m_Context, m_EncryptKey, 32, bEncrypt); if (bEncrypt) { for (int i = 0; i < 16; i++) { pContext->m_Block[i] = (uint8_t)rand(); @@ -151,7 +151,7 @@ void* CPDF_CryptoHandler::CryptStart(uint32_t objnum, AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); pContext->m_bIV = true; pContext->m_BlockOffset = 0; - CRYPT_AESSetKey(&pContext->m_Context, 16, realkey, 16, bEncrypt); + CRYPT_AESSetKey(&pContext->m_Context, realkey, 16, bEncrypt); if (bEncrypt) { for (int i = 0; i < 16; i++) { pContext->m_Block[i] = (uint8_t)rand(); diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp index f3d9201cbf..bb2296666a 100644 --- a/core/fpdfapi/parser/cpdf_security_handler.cpp +++ b/core/fpdfapi/parser/cpdf_security_handler.cpp @@ -278,7 +278,7 @@ void Revision6_Hash(const ByteString& password, content.insert(std::end(content), vector, vector + 48); } } - CRYPT_AESSetKey(&aes, 16, key, 16, true); + CRYPT_AESSetKey(&aes, key, 16, true); CRYPT_AESSetIV(&aes, iv); CRYPT_AESEncrypt(&aes, E, content.data(), iBufLen); int iHash = 0; @@ -365,12 +365,12 @@ bool CPDF_SecurityHandler::AES256_CheckPassword(const ByteString& password, CRYPT_aes_context aes; memset(&aes, 0, sizeof(aes)); - CRYPT_AESSetKey(&aes, 16, digest, 32, false); + CRYPT_AESSetKey(&aes, digest, 32, false); uint8_t iv[16]; memset(iv, 0, 16); CRYPT_AESSetIV(&aes, iv); CRYPT_AESDecrypt(&aes, key, ekey.raw_str(), 32); - CRYPT_AESSetKey(&aes, 16, key, 32, false); + CRYPT_AESSetKey(&aes, key, 32, false); CRYPT_AESSetIV(&aes, iv); ByteString perms = m_pEncryptDict->GetStringFor("Perms"); if (perms.IsEmpty()) @@ -676,7 +676,7 @@ void CPDF_SecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptDict, } CRYPT_aes_context aes; memset(&aes, 0, sizeof(aes)); - CRYPT_AESSetKey(&aes, 16, digest1, 32, true); + CRYPT_AESSetKey(&aes, digest1, 32, true); uint8_t iv[16]; memset(iv, 0, 16); CRYPT_AESSetIV(&aes, iv); @@ -705,7 +705,7 @@ void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict, CRYPT_aes_context aes; memset(&aes, 0, sizeof(aes)); - CRYPT_AESSetKey(&aes, 16, key, 32, true); + CRYPT_AESSetKey(&aes, key, 32, true); uint8_t iv[16]; memset(iv, 0, 16); |