Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1079)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/hmac_nss.cc

Issue 113001: Separate the key setting code in the constructor of HMAC class into the Init... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Test upload Created 11 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/hmac_mac.cc ('k') | base/hmac_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/hmac.h" 5 #include "base/hmac.h"
6 6
7 #include <nss.h> 7 #include <nss.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 24 matching lines...) Expand all
35 35
36 } // namespace 36 } // namespace
37 37
38 namespace base { 38 namespace base {
39 39
40 struct HMACPlatformData { 40 struct HMACPlatformData {
41 ScopedNSSSlot slot_; 41 ScopedNSSSlot slot_;
42 ScopedNSSSymKey sym_key_; 42 ScopedNSSSymKey sym_key_;
43 }; 43 };
44 44
45 HMAC::HMAC(HashAlgorithm hash_alg, const unsigned char* key, int key_length) 45 HMAC::HMAC(HashAlgorithm hash_alg)
46 : hash_alg_(hash_alg), plat_(new HMACPlatformData()) { 46 : hash_alg_(hash_alg), plat_(new HMACPlatformData()) {
47 // Only SHA-1 digest is supported now.
47 DCHECK(hash_alg_ == SHA1); 48 DCHECK(hash_alg_ == SHA1);
49 }
48 50
51 bool HMAC::Init(const unsigned char *key, int key_length) {
49 base::EnsureNSSInit(); 52 base::EnsureNSSInit();
50 53
54 if (hash_alg_ != SHA1) {
55 NOTREACHED();
56 return false;
57 }
58
59 if (plat_->slot_.get() || plat_->slot_.get()) {
60 // Init must not be called more than twice on the same HMAC object.
61 NOTREACHED();
62 return false;
63 }
64
51 plat_->slot_.reset(PK11_GetBestSlot(CKM_SHA_1_HMAC, NULL)); 65 plat_->slot_.reset(PK11_GetBestSlot(CKM_SHA_1_HMAC, NULL));
52 CHECK(plat_->slot_.get()); 66 if (!plat_->slot_.get()) {
67 NOTREACHED();
68 return false;
69 }
53 70
54 SECItem key_item; 71 SECItem key_item;
55 key_item.type = siBuffer; 72 key_item.type = siBuffer;
56 key_item.data = const_cast<unsigned char*>(key); // NSS API isn't const. 73 key_item.data = const_cast<unsigned char*>(key); // NSS API isn't const.
57 key_item.len = key_length; 74 key_item.len = key_length;
58 75
59 plat_->sym_key_.reset(PK11_ImportSymKey(plat_->slot_.get(), 76 plat_->sym_key_.reset(PK11_ImportSymKey(plat_->slot_.get(),
60 CKM_SHA_1_HMAC, 77 CKM_SHA_1_HMAC,
61 PK11_OriginUnwrap, 78 PK11_OriginUnwrap,
62 CKA_SIGN, 79 CKA_SIGN,
63 &key_item, 80 &key_item,
64 NULL)); 81 NULL));
65 CHECK(plat_->sym_key_.get()); 82 if (!plat_->sym_key_.get()) {
83 NOTREACHED();
84 return false;
85 }
86
87 return true;
66 } 88 }
67 89
68 HMAC::~HMAC() { 90 HMAC::~HMAC() {
69 } 91 }
70 92
71 bool HMAC::Sign(const std::string& data, 93 bool HMAC::Sign(const std::string& data,
72 unsigned char* digest, 94 unsigned char* digest,
73 int digest_length) { 95 int digest_length) {
96 if (!plat_->sym_key_.get()) {
97 // Init has not been called before Sign.
98 NOTREACHED();
99 return false;
100 }
101
74 SECItem param = { siBuffer, NULL, 0 }; 102 SECItem param = { siBuffer, NULL, 0 };
75 ScopedNSSContext context(PK11_CreateContextBySymKey(CKM_SHA_1_HMAC, 103 ScopedNSSContext context(PK11_CreateContextBySymKey(CKM_SHA_1_HMAC,
76 CKA_SIGN, 104 CKA_SIGN,
77 plat_->sym_key_.get(), 105 plat_->sym_key_.get(),
78 &param)); 106 &param));
79 if (!context.get()) { 107 if (!context.get()) {
80 NOTREACHED(); 108 NOTREACHED();
81 return false; 109 return false;
82 } 110 }
83 111
(...skipping 13 matching lines...) Expand all
97 if (PK11_DigestFinal(context.get(), 125 if (PK11_DigestFinal(context.get(),
98 digest, &len, digest_length) != SECSuccess) { 126 digest, &len, digest_length) != SECSuccess) {
99 NOTREACHED(); 127 NOTREACHED();
100 return false; 128 return false;
101 } 129 }
102 130
103 return true; 131 return true;
104 } 132 }
105 133
106 } // namespace base 134 } // namespace base
OLDNEW
« no previous file with comments | « base/hmac_mac.cc ('k') | base/hmac_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698