Add Mac implementations of new SymmetricKey and Encryptor classes.

base/crypto/cssm_init.cc

Index: base/crypto/cssm_init.cc
diff --git a/base/crypto/cssm_init.cc b/base/crypto/cssm_init.cc
index c3cbbd237095dac2501e977a3848fb3405918a14..510ae0cad6592f2fbbf8c4fc71e9c193a8fb1bb6 100644
--- a/base/crypto/cssm_init.cc
+++ b/base/crypto/cssm_init.cc
@@ -3,8 +3,12 @@
 // found in the LICENSE file.
 
 #include "base/crypto/cssm_init.h"
+
+#include <Security/SecBase.h>
+
 #include "base/logging.h"
 #include "base/singleton.h"
+#include "base/sys_string_conversions.h"
 
 // When writing crypto code for Mac OS X, you may find the following
 // documentation useful:
@@ -17,7 +21,7 @@ namespace {
 
 class CSSMInitSingleton {
  public:
-  CSSMInitSingleton() : inited_(false), loaded_(false) {
+  CSSMInitSingleton() : inited_(false), loaded_(false), csp_handle_(NULL) {
     static CSSM_VERSION version = {2, 0};
     // TODO(wtc): what should our caller GUID be?
     static const CSSM_GUID test_guid = {
@@ -39,10 +43,20 @@ class CSSMInitSingleton {
       return;
     }
     loaded_ = true;
+
+    crtn = CSSM_ModuleAttach(&gGuidAppleCSP, &version,
+                             &base::kCssmMemoryFunctions, 0,
+                             CSSM_SERVICE_CSP, 0, CSSM_KEY_HIERARCHY_NONE,
+                             NULL, 0, NULL, &csp_handle_);
+    DCHECK(crtn == CSSM_OK);
   }
 
   ~CSSMInitSingleton() {
     CSSM_RETURN crtn;
+    if (csp_handle_) {
+      CSSM_RETURN crtn = CSSM_ModuleDetach(csp_handle_);
+      DCHECK(crtn == CSSM_OK);
+    }
     if (loaded_) {
       crtn = CSSM_ModuleUnload(&gGuidAppleCSP, NULL, NULL);
       DCHECK(crtn == CSSM_OK);
@@ -53,9 +67,12 @@ class CSSMInitSingleton {
     }
   }
 
+  CSSM_CSP_HANDLE csp_handle() const  {return csp_handle_;}
+
  private:
   bool inited_;  // True if CSSM_Init has been called successfully.
   bool loaded_;  // True if CSSM_ModuleLoad has been called successfully.
+  CSSM_CSP_HANDLE csp_handle_;
 };
 
 }  // namespace
@@ -66,6 +83,10 @@ void EnsureCSSMInit() {
   Singleton<CSSMInitSingleton>::get();
 }
 
+CSSM_CSP_HANDLE GetSharedCSPHandle() {
+  return Singleton<CSSMInitSingleton>::get()->csp_handle();
+}
+
 void* CSSMMalloc(CSSM_SIZE size, void *alloc_ref) {
   return malloc(size);
 }
@@ -90,4 +111,17 @@ const CSSM_API_MEMORY_FUNCS kCssmMemoryFunctions = {
   NULL
 };
 
+void LogCSSMError(const char *fn_name, CSSM_RETURN err) {

[wtc, 2010/03/26 21:14:30]

Nit: I like the original |function_name| better.  I know it
requires wrapping the LOG(ERROR) statement at line 121...

+  if (!err)
+    return;
+  CFStringRef cfstr = SecCopyErrorMessageString(err, NULL);
+  if (cfstr) {
+    std::string err_name = SysCFStringRefToUTF8(cfstr);
+    CFRelease(cfstr);
+    LOG(ERROR) << fn_name << " returned " << err << " (" << err_name << ")";
+  } else {
+    LOG(ERROR) << fn_name << " returned " << err;
+  }
+}
+
 }  // namespace base