Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(206)

Unified Diff: base/crypto/symmetric_key_openssl.cc

Issue 4691003: Implement symmetric key for openssl (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Refactored tests to parameterized style, and working Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: base/crypto/symmetric_key_openssl.cc
diff --git a/base/crypto/symmetric_key_openssl.cc b/base/crypto/symmetric_key_openssl.cc
index 591252dc225393a1cbc20916a93d51f6a5b2d5af..8758abebdc4e450aae370822401cc9a5e619776c 100644
--- a/base/crypto/symmetric_key_openssl.cc
+++ b/base/crypto/symmetric_key_openssl.cc
@@ -4,18 +4,48 @@
#include "base/crypto/symmetric_key.h"
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
#include "base/logging.h"
+#include "base/scoped_ptr.h"
+#include "base/stl_util-inl.h"
namespace base {
+SymmetricKey::SymmetricKey(std::string* key) {
+ key->swap(key_);
Ryan Sleevi 2010/11/10 23:18:46 Why the swap, as opposed to assignment or just tak
joth 2010/11/11 15:07:12 Just trying to reduce the number of copies of the
+}
+
SymmetricKey::~SymmetricKey() {
+ // Zero out the content.
+ key_.assign(key_.length(), '\0');
}
// static
SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm,
size_t key_size_in_bits) {
- NOTIMPLEMENTED();
- return NULL;
+ DCHECK_EQ(AES, algorithm);
Ryan Sleevi 2010/11/10 23:18:46 Why restrict |algorithm| to AES? See symmetric_key
joth 2010/11/11 15:07:12 Just copied this from the NSS version, I didn't wa
+ int key_size_in_bytes = key_size_in_bits / 8;
Ryan Sleevi 2010/11/10 23:18:46 My bit-byte sense tingles on this, though it may b
joth 2010/11/11 15:07:12 As above, although I originally had a CHECK that t
+
+ if (key_size_in_bits == 0)
+ return NULL;
+
+ std::string key;
+ key.resize(key_size_in_bytes);
+
+ unsigned char* key_data =
+ reinterpret_cast<unsigned char*>(string_as_array(&key));
+ int res = RAND_bytes(key_data, key.length());
+ if (res != 1) {
+ unsigned long err = ERR_get_error();
Ryan Sleevi 2010/11/10 23:18:46 As a defensive measure, whenever programming OpenS
joth 2010/11/11 15:07:12 Done.
+ LOG(ERROR) << "Could not obtain random bytes. res = " << res
+ << ", err = " << err << " " << ERR_error_string(err, NULL);
+ return NULL;
+ }
+ return new SymmetricKey(&key);
+
}
// static
@@ -24,20 +54,37 @@ SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm,
const std::string& salt,
size_t iterations,
size_t key_size_in_bits) {
- NOTIMPLEMENTED();
- return NULL;
+ DCHECK(algorithm == AES || algorithm == HMAC_SHA1);
+ int key_size_in_bytes = key_size_in_bits / 8;
+
+ std::string key;
+ key.resize(key_size_in_bytes);
+
+ const unsigned char* salt_data =
+ reinterpret_cast<const unsigned char*>(salt.data());
+ unsigned char* key_data =
+ reinterpret_cast<unsigned char*>(string_as_array(&key));
+
+ int res = PKCS5_PBKDF2_HMAC_SHA1(password.data(), password.length(),
+ salt_data, salt.length(), iterations,
+ key.length(), key_data);
+ if (res != 1) {
+ NOTREACHED() << "HMAC SHA1 failed. res = " << res;
+ return NULL;
+ }
+ return new SymmetricKey(&key);
}
// static
SymmetricKey* SymmetricKey::Import(Algorithm algorithm,
const std::string& raw_key) {
- NOTIMPLEMENTED();
- return NULL;
+ std::string copy(raw_key);
+ return new SymmetricKey(&copy);
}
bool SymmetricKey::GetRawKey(std::string* raw_key) {
- NOTIMPLEMENTED();
- return false;
+ *raw_key = key_;
+ return true;
}
} // namespace base

Powered by Google App Engine
This is Rietveld 408576698