aes_encryptor.h

// Copyright 2014 Google Inc. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file or at
// https://developers.google.com/open-source/licenses/bsd
//
// AES Encryptor implementation using openssl.

#ifndef MEDIA_BASE_AES_ENCRYPTOR_H_
#define MEDIA_BASE_AES_ENCRYPTOR_H_

#include <string>
#include <vector>

#include "packager/base/memory/scoped_ptr.h"
#include "packager/base/stl_util.h"

struct aes_key_st;
typedef struct aes_key_st AES_KEY;

namespace edash_packager {
namespace media {

// Class which implements AES-CTR counter-mode encryption/decryption.
class AesCtrEncryptor {
 public:
  AesCtrEncryptor();
  ~AesCtrEncryptor();

  bool InitializeWithRandomIv(const std::vector<uint8_t>& key, uint8_t iv_size);

  bool InitializeWithIv(const std::vector<uint8_t>& key,
                        const std::vector<uint8_t>& iv);

  bool Encrypt(const uint8_t* plaintext,
               size_t plaintext_size,
               uint8_t* ciphertext);

  bool Encrypt(const std::vector<uint8_t>& plaintext,
               std::vector<uint8_t>* ciphertext) {
    ciphertext->resize(plaintext.size());
    return Encrypt(&plaintext[0], plaintext.size(), &(*ciphertext)[0]);
  }

  bool Encrypt(const std::string& plaintext, std::string* ciphertext) {
    ciphertext->resize(plaintext.size());
    return Encrypt(reinterpret_cast<const uint8_t*>(plaintext.data()),
                   plaintext.size(),
                   reinterpret_cast<uint8_t*>(string_as_array(ciphertext)));
  }

  // For AES CTR, encryption and decryption are identical.
  bool Decrypt(const uint8_t* ciphertext,
               size_t ciphertext_size,
               uint8_t* plaintext) {
    return Encrypt(ciphertext, ciphertext_size, plaintext);
  }

  bool Decrypt(const std::vector<uint8_t>& ciphertext,
               std::vector<uint8_t>* plaintext) {
    return Encrypt(ciphertext, plaintext);
  }

  bool Decrypt(const std::string& ciphertext, std::string* plaintext) {
    return Encrypt(ciphertext, plaintext);
  }

  void UpdateIv();

  bool SetIv(const std::vector<uint8_t>& iv);

  const std::vector<uint8_t>& iv() const { return iv_; }

  uint32_t block_offset() const { return block_offset_; }

 private:
  // Initialization vector, with size 8 or 16.
  std::vector<uint8_t> iv_;
  // Current block offset.
  uint32_t block_offset_;
  // Openssl AES_KEY.
  scoped_ptr<AES_KEY> aes_key_;
  // Current AES-CTR counter.
  std::vector<uint8_t> counter_;
  // Encrypted counter.
  std::vector<uint8_t> encrypted_counter_;
  // Keep track of whether the counter has overflowed.
  bool counter_overflow_;

  DISALLOW_COPY_AND_ASSIGN(AesCtrEncryptor);
};

// Class which implements AES-CBC (Cipher block chaining) encryption with
// PKCS#5 padding.
class AesCbcPkcs5Encryptor {
 public:
  AesCbcPkcs5Encryptor();
  ~AesCbcPkcs5Encryptor();

  bool InitializeWithIv(const std::vector<uint8_t>& key,
                        const std::vector<uint8_t>& iv);

  void Encrypt(const std::string& plaintext, std::string* ciphertext);

  bool SetIv(const std::vector<uint8_t>& iv);

  const std::vector<uint8_t>& iv() const { return iv_; }

 private:
  std::vector<uint8_t> iv_;
  scoped_ptr<AES_KEY> encrypt_key_;

  DISALLOW_COPY_AND_ASSIGN(AesCbcPkcs5Encryptor);
};

// Class which implements AES-CBC (Cipher block chaining) decryption with
// PKCS#5 padding.
class AesCbcPkcs5Decryptor {
 public:
  AesCbcPkcs5Decryptor();
  ~AesCbcPkcs5Decryptor();

  bool InitializeWithIv(const std::vector<uint8_t>& key,
                        const std::vector<uint8_t>& iv);

  bool Decrypt(const std::string& ciphertext, std::string* plaintext);

  bool SetIv(const std::vector<uint8_t>& iv);

  const std::vector<uint8_t>& iv() const { return iv_; }

 private:
  std::vector<uint8_t> iv_;
  scoped_ptr<AES_KEY> decrypt_key_;

  DISALLOW_COPY_AND_ASSIGN(AesCbcPkcs5Decryptor);
};

// Class which implements AES-CBC (Cipher block chaining) encryption with
// Ciphertext stealing.
class AesCbcCtsEncryptor {
 public:
  AesCbcCtsEncryptor();
  ~AesCbcCtsEncryptor();

  bool InitializeWithIv(const std::vector<uint8_t>& key,
                        const std::vector<uint8_t>& iv);

  void Encrypt(const uint8_t* plaintext, size_t size, uint8_t* ciphertext);

  void Encrypt(const std::vector<uint8_t>& plaintext,
               std::vector<uint8_t>* ciphertext);

  bool SetIv(const std::vector<uint8_t>& iv);

  const std::vector<uint8_t>& iv() const { return iv_; }

 private:
  std::vector<uint8_t> iv_;
  scoped_ptr<AES_KEY> encrypt_key_;

  DISALLOW_COPY_AND_ASSIGN(AesCbcCtsEncryptor);
};

// Class which implements AES-CBC (Cipher block chaining) decryption with
// Ciphertext stealing.
class AesCbcCtsDecryptor {
 public:
  AesCbcCtsDecryptor();
  ~AesCbcCtsDecryptor();

  bool InitializeWithIv(const std::vector<uint8_t>& key,
                        const std::vector<uint8_t>& iv);

  void Decrypt(const uint8_t* ciphertext, size_t size, uint8_t* plaintext);

  void Decrypt(const std::vector<uint8_t>& ciphertext,
               std::vector<uint8_t>* plaintext);

  bool SetIv(const std::vector<uint8_t>& iv);

  const std::vector<uint8_t>& iv() const { return iv_; }

 private:
  std::vector<uint8_t> iv_;
  scoped_ptr<AES_KEY> decrypt_key_;

  DISALLOW_COPY_AND_ASSIGN(AesCbcCtsDecryptor);
};

}  // namespace media
}  // namespace edash_packager

#endif  // MEDIA_BASE_AES_ENCRYPTOR_H_