summaryrefslogtreecommitdiff
path: root/core
diff options
context:
space:
mode:
authorTom Sepez <tsepez@chromium.org>2017-05-05 17:08:07 -0700
committerChromium commit bot <commit-bot@chromium.org>2017-05-06 00:23:07 +0000
commit332ef5423df9aa7a28166907f4a6ac8ac095163d (patch)
treeff0891147fb3cf505e337b3968bdd0c404530961 /core
parentf0ea70825a465ebb8979a7f6e70b0133be398f64 (diff)
downloadpdfium-332ef5423df9aa7a28166907f4a6ac8ac095163d.tar.xz
Remove type-unsafe void* / uint8_t* usage in fx_crypt.h
Consolidate all of the sha2 contexts while we're at it, the one with the largest buf is suitable for use by all the others. Change-Id: Iace6cd8ca4405f75f78842a1559c3a2478910218 Reviewed-on: https://pdfium-review.googlesource.com/4994 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org>
Diffstat (limited to 'core')
-rw-r--r--core/fdrm/crypto/fx_crypt.h49
-rw-r--r--core/fdrm/crypto/fx_crypt_aes.cpp65
-rw-r--r--core/fdrm/crypto/fx_crypt_sha.cpp39
-rw-r--r--core/fpdfapi/parser/cpdf_crypto_handler.cpp81
-rw-r--r--core/fpdfapi/parser/cpdf_crypto_handler.h6
-rw-r--r--core/fpdfapi/parser/cpdf_security_handler.cpp59
6 files changed, 158 insertions, 141 deletions
diff --git a/core/fdrm/crypto/fx_crypt.h b/core/fdrm/crypto/fx_crypt.h
index 2b127948f0..5416080af7 100644
--- a/core/fdrm/crypto/fx_crypt.h
+++ b/core/fdrm/crypto/fx_crypt.h
@@ -16,6 +16,19 @@ struct CRYPT_rc4_context {
int32_t m[kRC4ContextPermutationLength];
};
+#define MAX_NR 14
+#define MAX_NK 8
+#define MAX_NB 8
+struct CRYPT_aes_context {
+ void (*encrypt)(CRYPT_aes_context* ctx, unsigned int* block);
+ void (*decrypt)(CRYPT_aes_context* ctx, unsigned int* block);
+ int Nb;
+ int Nr;
+ unsigned int keysched[(MAX_NR + 1) * MAX_NB];
+ unsigned int invkeysched[(MAX_NR + 1) * MAX_NB];
+ unsigned int iv[MAX_NB];
+};
+
struct CRYPT_md5_context {
uint32_t total[2];
uint32_t state[4];
@@ -30,13 +43,7 @@ struct CRYPT_sha1_context {
unsigned int lenlo;
};
-struct CRYPT_sha256_context {
- uint32_t total[2];
- uint32_t state[8];
- uint8_t buffer[64];
-};
-
-struct CRYPT_sha384_context {
+struct CRYPT_sha2_context {
uint64_t total[2];
uint64_t state[8];
uint8_t buffer[128];
@@ -53,17 +60,17 @@ void CRYPT_ArcFourCrypt(CRYPT_rc4_context* context,
uint8_t* data,
uint32_t size);
-void CRYPT_AESSetKey(void* context,
+void CRYPT_AESSetKey(CRYPT_aes_context* context,
uint32_t blocklen,
const uint8_t* key,
uint32_t keylen,
bool bEncrypt);
-void CRYPT_AESSetIV(void* context, const uint8_t* iv);
-void CRYPT_AESDecrypt(void* context,
+void CRYPT_AESSetIV(CRYPT_aes_context* context, const uint8_t* iv);
+void CRYPT_AESDecrypt(CRYPT_aes_context* context,
uint8_t* dest,
const uint8_t* src,
uint32_t size);
-void CRYPT_AESEncrypt(void* context,
+void CRYPT_AESEncrypt(CRYPT_aes_context* context,
uint8_t* dest,
const uint8_t* src,
uint32_t size);
@@ -82,27 +89,29 @@ void CRYPT_SHA1Update(CRYPT_sha1_context* context,
void CRYPT_SHA1Finish(CRYPT_sha1_context* context, uint8_t digest[20]);
void CRYPT_SHA1Generate(const uint8_t* data, uint32_t size, uint8_t digest[20]);
-void CRYPT_SHA256Start(CRYPT_sha256_context* context);
-void CRYPT_SHA256Update(CRYPT_sha256_context* context,
+void CRYPT_SHA256Start(CRYPT_sha2_context* context);
+void CRYPT_SHA256Update(CRYPT_sha2_context* context,
const uint8_t* data,
uint32_t size);
-void CRYPT_SHA256Finish(CRYPT_sha256_context* context, uint8_t digest[32]);
+void CRYPT_SHA256Finish(CRYPT_sha2_context* context, uint8_t digest[32]);
void CRYPT_SHA256Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[32]);
-void CRYPT_SHA384Start(CRYPT_sha384_context* context);
-void CRYPT_SHA384Update(CRYPT_sha384_context* context,
+void CRYPT_SHA384Start(CRYPT_sha2_context* context);
+void CRYPT_SHA384Update(CRYPT_sha2_context* context,
const uint8_t* data,
uint32_t size);
-void CRYPT_SHA384Finish(CRYPT_sha384_context* context, uint8_t digest[48]);
+void CRYPT_SHA384Finish(CRYPT_sha2_context* context, uint8_t digest[48]);
void CRYPT_SHA384Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[48]);
-void CRYPT_SHA512Start(void* context);
-void CRYPT_SHA512Update(void* context, const uint8_t* data, uint32_t size);
-void CRYPT_SHA512Finish(void* context, uint8_t digest[64]);
+void CRYPT_SHA512Start(CRYPT_sha2_context* context);
+void CRYPT_SHA512Update(CRYPT_sha2_context* context,
+ const uint8_t* data,
+ uint32_t size);
+void CRYPT_SHA512Finish(CRYPT_sha2_context* context, uint8_t digest[64]);
void CRYPT_SHA512Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[64]);
diff --git a/core/fdrm/crypto/fx_crypt_aes.cpp b/core/fdrm/crypto/fx_crypt_aes.cpp
index 671dc65f31..94d66d0956 100644
--- a/core/fdrm/crypto/fx_crypt_aes.cpp
+++ b/core/fdrm/crypto/fx_crypt_aes.cpp
@@ -6,9 +6,6 @@
#include "core/fdrm/crypto/fx_crypt.h"
-#define MAX_NR 14
-#define MAX_NK 8
-#define MAX_NB 8
#define mulby2(x) (((x & 0x7F) << 1) ^ (x & 0x80 ? 0x1B : 0))
#define GET_32BIT_MSB_FIRST(cp) \
(((unsigned long)(unsigned char)(cp)[3]) | \
@@ -23,15 +20,6 @@
(cp)[0] = (value) >> 24; \
} while (0)
-struct AESContext {
- unsigned int keysched[(MAX_NR + 1) * MAX_NB];
- unsigned int invkeysched[(MAX_NR + 1) * MAX_NB];
- void (*encrypt)(AESContext* ctx, unsigned int* block);
- void (*decrypt)(AESContext* ctx, unsigned int* block);
- unsigned int iv[MAX_NB];
- int Nb, Nr;
-};
-
namespace {
const unsigned char Sbox[256] = {
@@ -462,7 +450,8 @@ const unsigned int D3[256] = {
(Sbox[(block[(i + C1) % Nb] >> 16) & 0xFF] << 16) | \
(Sbox[(block[(i + C2) % Nb] >> 8) & 0xFF] << 8) | \
(Sbox[(block[(i + C3) % Nb]) & 0xFF]))
-void aes_encrypt_nb_4(AESContext* ctx, unsigned int* block) {
+
+void aes_encrypt_nb_4(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 1, C2 = 2, C3 = 3, Nb = 4;
unsigned int* keysched = ctx->keysched;
@@ -489,7 +478,8 @@ void aes_encrypt_nb_4(AESContext* ctx, unsigned int* block) {
MOVEWORD(3);
ADD_ROUND_KEY_4;
}
-void aes_encrypt_nb_6(AESContext* ctx, unsigned int* block) {
+
+void aes_encrypt_nb_6(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 1, C2 = 2, C3 = 3, Nb = 6;
unsigned int* keysched = ctx->keysched;
@@ -524,7 +514,8 @@ void aes_encrypt_nb_6(AESContext* ctx, unsigned int* block) {
MOVEWORD(5);
ADD_ROUND_KEY_6;
}
-void aes_encrypt_nb_8(AESContext* ctx, unsigned int* block) {
+
+void aes_encrypt_nb_8(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 1, C2 = 3, C3 = 4, Nb = 8;
unsigned int* keysched = ctx->keysched;
@@ -579,7 +570,8 @@ void aes_encrypt_nb_8(AESContext* ctx, unsigned int* block) {
(Sboxinv[(block[(i + C1) % Nb] >> 16) & 0xFF] << 16) | \
(Sboxinv[(block[(i + C2) % Nb] >> 8) & 0xFF] << 8) | \
(Sboxinv[(block[(i + C3) % Nb]) & 0xFF]))
-void aes_decrypt_nb_4(AESContext* ctx, unsigned int* block) {
+
+void aes_decrypt_nb_4(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 4 - 1, C2 = 4 - 2, C3 = 4 - 3, Nb = 4;
unsigned int* keysched = ctx->invkeysched;
@@ -606,7 +598,8 @@ void aes_decrypt_nb_4(AESContext* ctx, unsigned int* block) {
MOVEWORD(3);
ADD_ROUND_KEY_4;
}
-void aes_decrypt_nb_6(AESContext* ctx, unsigned int* block) {
+
+void aes_decrypt_nb_6(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 6 - 1, C2 = 6 - 2, C3 = 6 - 3, Nb = 6;
unsigned int* keysched = ctx->invkeysched;
@@ -641,7 +634,8 @@ void aes_decrypt_nb_6(AESContext* ctx, unsigned int* block) {
MOVEWORD(5);
ADD_ROUND_KEY_6;
}
-void aes_decrypt_nb_8(AESContext* ctx, unsigned int* block) {
+
+void aes_decrypt_nb_8(CRYPT_aes_context* ctx, unsigned int* block) {
int i;
const int C1 = 8 - 1, C2 = 8 - 3, C3 = 8 - 4, Nb = 8;
unsigned int* keysched = ctx->invkeysched;
@@ -686,7 +680,7 @@ void aes_decrypt_nb_8(AESContext* ctx, unsigned int* block) {
}
#undef MAKEWORD
#undef LASTWORD
-void aes_setup(AESContext* ctx,
+void aes_setup(CRYPT_aes_context* ctx,
int blocklen,
const unsigned char* key,
int keylen) {
@@ -753,13 +747,13 @@ void aes_setup(AESContext* ctx,
}
}
}
-void aes_decrypt(AESContext* ctx, unsigned int* block) {
+void aes_decrypt(CRYPT_aes_context* ctx, unsigned int* block) {
ctx->decrypt(ctx, block);
}
void aes_decrypt_cbc(unsigned char* dest,
const unsigned char* src,
int len,
- AESContext* ctx) {
+ CRYPT_aes_context* ctx) {
unsigned int iv[4], x[4], ct[4];
int i;
ASSERT((len & 15) == 0);
@@ -779,13 +773,15 @@ void aes_decrypt_cbc(unsigned char* dest,
}
memcpy(ctx->iv, iv, sizeof(iv));
}
-void aes_encrypt(AESContext* ctx, unsigned int* block) {
+
+void aes_encrypt(CRYPT_aes_context* ctx, unsigned int* block) {
ctx->encrypt(ctx, block);
}
+
void aes_encrypt_cbc(unsigned char* dest,
const unsigned char* src,
int len,
- AESContext* ctx) {
+ CRYPT_aes_context* ctx) {
unsigned int iv[4];
int i;
ASSERT((len & 15) == 0);
@@ -807,28 +803,29 @@ void aes_encrypt_cbc(unsigned char* dest,
} // namespace
-void CRYPT_AESSetKey(void* context,
+void CRYPT_AESSetKey(CRYPT_aes_context* context,
uint32_t blocklen,
const uint8_t* key,
uint32_t keylen,
bool bEncrypt) {
- aes_setup((AESContext*)context, blocklen, key, keylen);
+ aes_setup(context, blocklen, key, keylen);
}
-void CRYPT_AESSetIV(void* context, const uint8_t* iv) {
- int i;
- for (i = 0; i < ((AESContext*)context)->Nb; i++) {
- ((AESContext*)context)->iv[i] = GET_32BIT_MSB_FIRST(iv + 4 * i);
- }
+
+void CRYPT_AESSetIV(CRYPT_aes_context* context, const uint8_t* iv) {
+ for (int i = 0; i < context->Nb; i++)
+ context->iv[i] = GET_32BIT_MSB_FIRST(iv + 4 * i);
}
-void CRYPT_AESDecrypt(void* context,
+
+void CRYPT_AESDecrypt(CRYPT_aes_context* context,
uint8_t* dest,
const uint8_t* src,
uint32_t len) {
- aes_decrypt_cbc(dest, src, len, (AESContext*)context);
+ aes_decrypt_cbc(dest, src, len, context);
}
-void CRYPT_AESEncrypt(void* context,
+
+void CRYPT_AESEncrypt(CRYPT_aes_context* context,
uint8_t* dest,
const uint8_t* src,
uint32_t len) {
- aes_encrypt_cbc(dest, src, len, (AESContext*)context);
+ aes_encrypt_cbc(dest, src, len, context);
}
diff --git a/core/fdrm/crypto/fx_crypt_sha.cpp b/core/fdrm/crypto/fx_crypt_sha.cpp
index 49f77558f0..7420a32d48 100644
--- a/core/fdrm/crypto/fx_crypt_sha.cpp
+++ b/core/fdrm/crypto/fx_crypt_sha.cpp
@@ -144,7 +144,7 @@ void SHATransform(unsigned int* digest, unsigned int* block) {
digest[4] += e;
}
-void sha256_process(CRYPT_sha256_context* ctx, const uint8_t data[64]) {
+void sha256_process(CRYPT_sha2_context* ctx, const uint8_t data[64]) {
uint32_t temp1, temp2, W[64];
uint32_t A, B, C, D, E, F, G, H;
GET_UINT32(W[0], data, 0);
@@ -289,7 +289,7 @@ uint64_t const constants[] = {
0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL,
};
-void sha384_process(CRYPT_sha384_context* ctx, const uint8_t data[128]) {
+void sha384_process(CRYPT_sha2_context* ctx, const uint8_t data[128]) {
uint64_t temp1, temp2;
uint64_t A, B, C, D, E, F, G, H;
uint64_t W[80];
@@ -436,7 +436,7 @@ void CRYPT_SHA1Generate(const uint8_t* data,
CRYPT_SHA1Update(&s, data, size);
CRYPT_SHA1Finish(&s, digest);
}
-void CRYPT_SHA256Start(CRYPT_sha256_context* ctx) {
+void CRYPT_SHA256Start(CRYPT_sha2_context* ctx) {
ctx->total[0] = 0;
ctx->total[1] = 0;
ctx->state[0] = 0x6A09E667;
@@ -449,7 +449,7 @@ void CRYPT_SHA256Start(CRYPT_sha256_context* ctx) {
ctx->state[7] = 0x5BE0CD19;
}
-void CRYPT_SHA256Update(CRYPT_sha256_context* ctx,
+void CRYPT_SHA256Update(CRYPT_sha2_context* ctx,
const uint8_t* input,
uint32_t length) {
if (!length)
@@ -478,7 +478,7 @@ void CRYPT_SHA256Update(CRYPT_sha256_context* ctx,
memcpy(ctx->buffer + left, input, length);
}
-void CRYPT_SHA256Finish(CRYPT_sha256_context* ctx, uint8_t digest[32]) {
+void CRYPT_SHA256Finish(CRYPT_sha2_context* ctx, uint8_t digest[32]) {
uint32_t last, padn;
uint32_t high, low;
uint8_t msglen[8];
@@ -503,17 +503,17 @@ void CRYPT_SHA256Finish(CRYPT_sha256_context* ctx, uint8_t digest[32]) {
void CRYPT_SHA256Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[32]) {
- CRYPT_sha256_context ctx;
+ CRYPT_sha2_context ctx;
CRYPT_SHA256Start(&ctx);
CRYPT_SHA256Update(&ctx, data, size);
CRYPT_SHA256Finish(&ctx, digest);
}
-void CRYPT_SHA384Start(CRYPT_sha384_context* ctx) {
+void CRYPT_SHA384Start(CRYPT_sha2_context* ctx) {
if (!ctx)
return;
- memset(ctx, 0, sizeof(CRYPT_sha384_context));
+ memset(ctx, 0, sizeof(CRYPT_sha2_context));
ctx->state[0] = 0xcbbb9d5dc1059ed8ULL;
ctx->state[1] = 0x629a292a367cd507ULL;
ctx->state[2] = 0x9159015a3070dd17ULL;
@@ -524,7 +524,7 @@ void CRYPT_SHA384Start(CRYPT_sha384_context* ctx) {
ctx->state[7] = 0x47b5481dbefa4fa4ULL;
}
-void CRYPT_SHA384Update(CRYPT_sha384_context* ctx,
+void CRYPT_SHA384Update(CRYPT_sha2_context* ctx,
const uint8_t* input,
uint32_t length) {
if (!length)
@@ -552,7 +552,7 @@ void CRYPT_SHA384Update(CRYPT_sha384_context* ctx,
memcpy(ctx->buffer + left, input, length);
}
-void CRYPT_SHA384Finish(CRYPT_sha384_context* ctx, uint8_t digest[48]) {
+void CRYPT_SHA384Finish(CRYPT_sha2_context* ctx, uint8_t digest[48]) {
uint32_t last, padn;
uint8_t msglen[16];
memset(msglen, 0, 16);
@@ -576,18 +576,17 @@ void CRYPT_SHA384Finish(CRYPT_sha384_context* ctx, uint8_t digest[48]) {
void CRYPT_SHA384Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[64]) {
- CRYPT_sha384_context context;
+ CRYPT_sha2_context context;
CRYPT_SHA384Start(&context);
CRYPT_SHA384Update(&context, data, size);
CRYPT_SHA384Finish(&context, digest);
}
-void CRYPT_SHA512Start(void* context) {
- if (!context)
+void CRYPT_SHA512Start(CRYPT_sha2_context* ctx) {
+ if (!ctx)
return;
- CRYPT_sha384_context* ctx = (CRYPT_sha384_context*)context;
- memset(ctx, 0, sizeof(CRYPT_sha384_context));
+ memset(ctx, 0, sizeof(CRYPT_sha2_context));
ctx->state[0] = 0xa09e667f3bcc908ULL;
ctx->state[1] = 0xb67ae8584caa73bULL;
ctx->state[2] = 0xc6ef372fe94f82bULL;
@@ -598,13 +597,13 @@ void CRYPT_SHA512Start(void* context) {
ctx->state[7] = 0xbe0cd19137e2179ULL;
}
-void CRYPT_SHA512Update(void* context, const uint8_t* data, uint32_t size) {
- CRYPT_sha384_context* ctx = (CRYPT_sha384_context*)context;
+void CRYPT_SHA512Update(CRYPT_sha2_context* ctx,
+ const uint8_t* data,
+ uint32_t size) {
CRYPT_SHA384Update(ctx, data, size);
}
-void CRYPT_SHA512Finish(void* context, uint8_t digest[64]) {
- CRYPT_sha384_context* ctx = (CRYPT_sha384_context*)context;
+void CRYPT_SHA512Finish(CRYPT_sha2_context* ctx, uint8_t digest[64]) {
uint32_t last, padn;
uint8_t msglen[16];
memset(msglen, 0, 16);
@@ -630,7 +629,7 @@ void CRYPT_SHA512Finish(void* context, uint8_t digest[64]) {
void CRYPT_SHA512Generate(const uint8_t* data,
uint32_t size,
uint8_t digest[64]) {
- CRYPT_sha384_context context;
+ CRYPT_sha2_context context;
CRYPT_SHA512Start(&context);
CRYPT_SHA512Update(&context, data, size);
CRYPT_SHA512Finish(&context, digest);
diff --git a/core/fpdfapi/parser/cpdf_crypto_handler.cpp b/core/fpdfapi/parser/cpdf_crypto_handler.cpp
index ea09601b30..ef84480c23 100644
--- a/core/fpdfapi/parser/cpdf_crypto_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_crypto_handler.cpp
@@ -41,26 +41,29 @@ void CPDF_CryptoHandler::CryptBlock(bool bEncrypt,
}
}
if (m_Cipher == FXCIPHER_AES) {
- CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey,
- m_KeyLen, bEncrypt);
+ CRYPT_AESSetKey(m_pAESContext.get(), 16,
+ m_KeyLen == 32 ? m_EncryptKey : realkey, m_KeyLen,
+ bEncrypt);
if (bEncrypt) {
uint8_t iv[16];
for (int i = 0; i < 16; i++) {
iv[i] = (uint8_t)rand();
}
- CRYPT_AESSetIV(m_pAESContext, iv);
+ CRYPT_AESSetIV(m_pAESContext.get(), iv);
memcpy(dest_buf, iv, 16);
int nblocks = src_size / 16;
- CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16);
+ CRYPT_AESEncrypt(m_pAESContext.get(), dest_buf + 16, src_buf,
+ nblocks * 16);
uint8_t padding[16];
memcpy(padding, src_buf + nblocks * 16, src_size % 16);
memset(padding + src_size % 16, 16 - src_size % 16, 16 - src_size % 16);
- CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding,
- 16);
+ CRYPT_AESEncrypt(m_pAESContext.get(), dest_buf + nblocks * 16 + 16,
+ padding, 16);
dest_size = 32 + nblocks * 16;
} else {
- CRYPT_AESSetIV(m_pAESContext, src_buf);
- CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16);
+ CRYPT_AESSetIV(m_pAESContext.get(), src_buf);
+ CRYPT_AESDecrypt(m_pAESContext.get(), dest_buf, src_buf + 16,
+ src_size - 16);
dest_size = src_size - 16;
dest_size -= dest_buf[dest_size - 1];
}
@@ -74,10 +77,10 @@ void CPDF_CryptoHandler::CryptBlock(bool bEncrypt,
}
struct AESCryptContext {
- uint8_t m_Context[2048];
bool m_bIV;
uint8_t m_Block[16];
uint32_t m_BlockOffset;
+ CRYPT_aes_context m_Context;
};
void* CPDF_CryptoHandler::CryptStart(uint32_t objnum,
@@ -90,12 +93,12 @@ void* CPDF_CryptoHandler::CryptStart(uint32_t objnum,
AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1);
pContext->m_bIV = true;
pContext->m_BlockOffset = 0;
- CRYPT_AESSetKey(pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt);
+ CRYPT_AESSetKey(&pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt);
if (bEncrypt) {
for (int i = 0; i < 16; i++) {
pContext->m_Block[i] = (uint8_t)rand();
}
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block);
+ CRYPT_AESSetIV(&pContext->m_Context, pContext->m_Block);
}
return pContext;
}
@@ -116,12 +119,12 @@ void* CPDF_CryptoHandler::CryptStart(uint32_t objnum,
AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1);
pContext->m_bIV = true;
pContext->m_BlockOffset = 0;
- CRYPT_AESSetKey(pContext->m_Context, 16, realkey, 16, bEncrypt);
+ CRYPT_AESSetKey(&pContext->m_Context, 16, realkey, 16, bEncrypt);
if (bEncrypt) {
for (int i = 0; i < 16; i++) {
pContext->m_Block[i] = (uint8_t)rand();
}
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block);
+ CRYPT_AESSetIV(&pContext->m_Context, pContext->m_Block);
}
return pContext;
}
@@ -168,16 +171,16 @@ bool CPDF_CryptoHandler::CryptStream(void* context,
pContext->m_BlockOffset += copy_size;
if (pContext->m_BlockOffset == 16) {
if (!bEncrypt && pContext->m_bIV) {
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block);
+ CRYPT_AESSetIV(&pContext->m_Context, pContext->m_Block);
pContext->m_bIV = false;
pContext->m_BlockOffset = 0;
} else if (src_off < src_size) {
uint8_t block_buf[16];
if (bEncrypt) {
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block,
+ CRYPT_AESEncrypt(&pContext->m_Context, block_buf, pContext->m_Block,
16);
} else {
- CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block,
+ CRYPT_AESDecrypt(&pContext->m_Context, block_buf, pContext->m_Block,
16);
}
dest_buf.AppendBlock(block_buf, 16);
@@ -207,18 +210,18 @@ bool CPDF_CryptoHandler::CryptFinish(void* context,
if (bEncrypt) {
uint8_t block_buf[16];
if (pContext->m_BlockOffset == 16) {
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
+ CRYPT_AESEncrypt(&pContext->m_Context, block_buf, pContext->m_Block, 16);
dest_buf.AppendBlock(block_buf, 16);
pContext->m_BlockOffset = 0;
}
memset(pContext->m_Block + pContext->m_BlockOffset,
(uint8_t)(16 - pContext->m_BlockOffset),
16 - pContext->m_BlockOffset);
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
+ CRYPT_AESEncrypt(&pContext->m_Context, block_buf, pContext->m_Block, 16);
dest_buf.AppendBlock(block_buf, 16);
} else if (pContext->m_BlockOffset == 16) {
uint8_t block_buf[16];
- CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
+ CRYPT_AESDecrypt(&pContext->m_Context, block_buf, pContext->m_Block, 16);
if (block_buf[15] <= 16) {
dest_buf.AppendBlock(block_buf, 16 - block_buf[15]);
}
@@ -247,18 +250,18 @@ uint32_t CPDF_CryptoHandler::DecryptGetSize(uint32_t src_size) {
bool CPDF_CryptoHandler::Init(CPDF_Dictionary* pEncryptDict,
CPDF_SecurityHandler* pSecurityHandler) {
const uint8_t* key;
- if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen)) {
+ if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen))
return false;
- }
- if (m_KeyLen > 32 || m_KeyLen < 0) {
+
+ if (m_KeyLen > 32 || m_KeyLen < 0)
return false;
- }
- if (m_Cipher != FXCIPHER_NONE) {
+
+ if (m_Cipher != FXCIPHER_NONE)
memcpy(m_EncryptKey, key, m_KeyLen);
- }
- if (m_Cipher == FXCIPHER_AES) {
- m_pAESContext = FX_Alloc(uint8_t, 2048);
- }
+
+ if (m_Cipher == FXCIPHER_AES)
+ m_pAESContext.reset(FX_Alloc(CRYPT_aes_context, 1));
+
return true;
}
@@ -288,17 +291,19 @@ bool CPDF_CryptoHandler::Init(int cipher, const uint8_t* key, int keylen) {
m_Cipher = cipher;
m_KeyLen = keylen;
memcpy(m_EncryptKey, key, keylen);
- if (m_Cipher == FXCIPHER_AES) {
- m_pAESContext = FX_Alloc(uint8_t, 2048);
- }
+ if (m_Cipher == FXCIPHER_AES)
+ m_pAESContext.reset(FX_Alloc(CRYPT_aes_context, 1));
+
return true;
}
+
bool CPDF_CryptoHandler::DecryptStream(void* context,
const uint8_t* src_buf,
uint32_t src_size,
CFX_BinaryBuf& dest_buf) {
return CryptStream(context, src_buf, src_size, dest_buf, false);
}
+
bool CPDF_CryptoHandler::DecryptFinish(void* context, CFX_BinaryBuf& dest_buf) {
return CryptFinish(context, dest_buf, false);
}
@@ -311,6 +316,7 @@ uint32_t CPDF_CryptoHandler::EncryptGetSize(uint32_t objnum,
}
return src_size;
}
+
bool CPDF_CryptoHandler::EncryptContent(uint32_t objnum,
uint32_t gennum,
const uint8_t* src_buf,
@@ -320,14 +326,11 @@ bool CPDF_CryptoHandler::EncryptContent(uint32_t objnum,
CryptBlock(true, objnum, gennum, src_buf, src_size, dest_buf, dest_size);
return true;
}
-CPDF_CryptoHandler::CPDF_CryptoHandler() {
- m_pAESContext = nullptr;
- m_Cipher = FXCIPHER_NONE;
- m_KeyLen = 0;
-}
-CPDF_CryptoHandler::~CPDF_CryptoHandler() {
- FX_Free(m_pAESContext);
-}
+
+CPDF_CryptoHandler::CPDF_CryptoHandler()
+ : m_KeyLen(0), m_Cipher(FXCIPHER_NONE) {}
+
+CPDF_CryptoHandler::~CPDF_CryptoHandler() {}
void CPDF_CryptoHandler::PopulateKey(uint32_t objnum,
uint32_t gennum,
diff --git a/core/fpdfapi/parser/cpdf_crypto_handler.h b/core/fpdfapi/parser/cpdf_crypto_handler.h
index 24caff7081..9d76e67d96 100644
--- a/core/fpdfapi/parser/cpdf_crypto_handler.h
+++ b/core/fpdfapi/parser/cpdf_crypto_handler.h
@@ -7,8 +7,12 @@
#ifndef CORE_FPDFAPI_PARSER_CPDF_CRYPTO_HANDLER_H_
#define CORE_FPDFAPI_PARSER_CPDF_CRYPTO_HANDLER_H_
+#include <memory>
+
+#include "core/fdrm/crypto/fx_crypt.h"
#include "core/fxcrt/cfx_retain_ptr.h"
#include "core/fxcrt/fx_basic.h"
+#include "core/fxcrt/fx_memory.h"
#include "core/fxcrt/fx_string.h"
#include "core/fxcrt/fx_system.h"
@@ -68,7 +72,7 @@ class CPDF_CryptoHandler : public CFX_Retainable {
uint8_t m_EncryptKey[32];
int m_KeyLen;
int m_Cipher;
- uint8_t* m_pAESContext;
+ std::unique_ptr<CRYPT_aes_context, FxFreeDeleter> m_pAESContext;
};
#endif // CORE_FPDFAPI_PARSER_CPDF_CRYPTO_HANDLER_H_
diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp
index 4ea5da3497..85a3805eea 100644
--- a/core/fpdfapi/parser/cpdf_security_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_security_handler.cpp
@@ -230,7 +230,7 @@ void Revision6_Hash(const uint8_t* password,
const uint8_t* salt,
const uint8_t* vector,
uint8_t* hash) {
- CRYPT_sha256_context sha;
+ CRYPT_sha2_context sha;
CRYPT_SHA256Start(&sha);
CRYPT_SHA256Update(&sha, password, size);
CRYPT_SHA256Update(&sha, salt, 8);
@@ -249,7 +249,8 @@ void Revision6_Hash(const uint8_t* password,
CFX_ByteTextBuf interDigest;
int i = 0;
int iBlockSize = 32;
- uint8_t* aes = FX_Alloc(uint8_t, 2048);
+ CRYPT_aes_context aes;
+ memset(&aes, 0, sizeof(aes));
while (i < 64 || i < E[iBufLen - 1] + 32) {
int iRoundSize = size + iBlockSize;
if (vector) {
@@ -266,9 +267,9 @@ void Revision6_Hash(const uint8_t* password,
content.AppendBlock(vector, 48);
}
}
- CRYPT_AESSetKey(aes, 16, key, 16, true);
- CRYPT_AESSetIV(aes, iv);
- CRYPT_AESEncrypt(aes, E, content.GetBuffer(), iBufLen);
+ CRYPT_AESSetKey(&aes, 16, key, 16, true);
+ CRYPT_AESSetIV(&aes, iv);
+ CRYPT_AESEncrypt(&aes, E, content.GetBuffer(), iBufLen);
int iHash = 0;
switch (BigOrder64BitsMod3(E)) {
case 0:
@@ -297,7 +298,6 @@ void Revision6_Hash(const uint8_t* password,
iv = input + 16;
++i;
}
- FX_Free(aes);
if (hash) {
memcpy(hash, input, 32);
}
@@ -319,7 +319,7 @@ bool CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password,
return false;
const uint8_t* pkey = bOwner ? okey.raw_str() : ukey.raw_str();
- CRYPT_sha256_context sha;
+ CRYPT_sha2_context sha;
uint8_t digest[32];
if (m_Revision >= 6) {
Revision6_Hash(password, size, (const uint8_t*)pkey + 32,
@@ -357,14 +357,15 @@ bool CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password,
if (ekey.GetLength() < 32)
return false;
- std::vector<uint8_t> aes(2048);
- CRYPT_AESSetKey(aes.data(), 16, digest, 32, false);
+ CRYPT_aes_context aes;
+ memset(&aes, 0, sizeof(aes));
+ CRYPT_AESSetKey(&aes, 16, digest, 32, false);
uint8_t iv[16];
memset(iv, 0, 16);
- CRYPT_AESSetIV(aes.data(), iv);
- CRYPT_AESDecrypt(aes.data(), key, ekey.raw_str(), 32);
- CRYPT_AESSetKey(aes.data(), 16, key, 32, false);
- CRYPT_AESSetIV(aes.data(), iv);
+ CRYPT_AESSetIV(&aes, iv);
+ CRYPT_AESDecrypt(&aes, key, ekey.raw_str(), 32);
+ CRYPT_AESSetKey(&aes, 16, key, 32, false);
+ CRYPT_AESSetIV(&aes, iv);
CFX_ByteString perms = m_pEncryptDict->GetStringFor("Perms");
if (perms.IsEmpty())
return false;
@@ -375,7 +376,7 @@ bool CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password,
std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength()));
memcpy(perms_buf, perms.raw_str(), copy_len);
uint8_t buf[16];
- CRYPT_AESDecrypt(aes.data(), buf, perms_buf, 16);
+ CRYPT_AESDecrypt(&aes, buf, perms_buf, 16);
if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b')
return false;
@@ -532,7 +533,7 @@ void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict,
}
if (m_Revision >= 5) {
int t = (int)time(nullptr);
- CRYPT_sha256_context sha;
+ CRYPT_sha2_context sha;
CRYPT_SHA256Start(&sha);
CRYPT_SHA256Update(&sha, (uint8_t*)&t, sizeof t);
CRYPT_SHA256Update(&sha, m_EncryptKey, 32);
@@ -640,7 +641,7 @@ void CPDF_SecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptDict,
CRYPT_SHA1Finish(&sha, digest);
CFX_ByteString ukey = pEncryptDict->GetStringFor("U");
- CRYPT_sha256_context sha2;
+ CRYPT_sha2_context sha2;
uint8_t digest1[48];
if (m_Revision >= 6) {
Revision6_Hash(password, size, digest, bOwner ? ukey.raw_str() : nullptr,
@@ -669,13 +670,13 @@ void CPDF_SecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptDict,
}
CRYPT_SHA256Finish(&sha2, digest1);
}
- uint8_t* aes = FX_Alloc(uint8_t, 2048);
- CRYPT_AESSetKey(aes, 16, digest1, 32, true);
+ CRYPT_aes_context aes;
+ memset(&aes, 0, sizeof(aes));
+ CRYPT_AESSetKey(&aes, 16, digest1, 32, true);
uint8_t iv[16];
memset(iv, 0, 16);
- CRYPT_AESSetIV(aes, iv);
- CRYPT_AESEncrypt(aes, digest1, key, 32);
- FX_Free(aes);
+ CRYPT_AESSetIV(&aes, iv);
+ CRYPT_AESEncrypt(&aes, digest1, key, 32);
pEncryptDict->SetNewFor<CPDF_String>(bOwner ? "OE" : "UE",
CFX_ByteString(digest1, 32), false);
}
@@ -697,13 +698,17 @@ void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict,
buf[9] = 'a';
buf[10] = 'd';
buf[11] = 'b';
- uint8_t* aes = FX_Alloc(uint8_t, 2048);
- CRYPT_AESSetKey(aes, 16, key, 32, true);
- uint8_t iv[16], buf1[16];
+
+ CRYPT_aes_context aes;
+ memset(&aes, 0, sizeof(aes));
+ CRYPT_AESSetKey(&aes, 16, key, 32, true);
+
+ uint8_t iv[16];
memset(iv, 0, 16);
- CRYPT_AESSetIV(aes, iv);
- CRYPT_AESEncrypt(aes, buf1, buf, 16);
- FX_Free(aes);
+ CRYPT_AESSetIV(&aes, iv);
+
+ uint8_t buf1[16];
+ CRYPT_AESEncrypt(&aes, buf1, buf, 16);
pEncryptDict->SetNewFor<CPDF_String>("Perms", CFX_ByteString(buf1, 16),
false);
}