Private API for extensions like ssh-client that need access to TCP.

base/crypto/symmetric_key_mac.cc

Index: base/crypto/symmetric_key_mac.cc
diff --git a/base/crypto/symmetric_key_mac.cc b/base/crypto/symmetric_key_mac.cc
index 574f9d28e28b23aed3f0ea20ed5b8f4a059910d9..616185b2eec84f45bc5e51e9b84d3989cbdb9894 100644
--- a/base/crypto/symmetric_key_mac.cc
+++ b/base/crypto/symmetric_key_mac.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -32,13 +32,33 @@ CSSM_KEY_TYPE CheckKeyParams(base::SymmetricKey::Algorithm algorithm,
   }
 }
 
-void* CreateRandomBytes(size_t size) {
+StringToData(const std::string& str) {
+  CSSM_DATA data = {
+    str.size(),
+    reinterpret_cast<uint8_t*>(const_cast<char*>(str.data()))
+  };
+  return data;
+}
+
+}  // namespace
+
+namespace base {
+
+SymmetricKey::~SymmetricKey() {}
+
+// static
+bool SymmetricKey::GenerateRandomBytes(size_t num_bytes, uint8* out) {
+  if (num_bytes == 0)
+    return true;
+  if (out == NULL)
+    return false;
+
   CSSM_RETURN err;
   CSSM_CC_HANDLE ctx;
   err = CSSM_CSP_CreateRandomGenContext(base::GetSharedCSPHandle(),
                                         CSSM_ALGID_APPLE_YARROW,
                                         NULL,
-                                        size, &ctx);
+                                        num_bytes, &ctx);
   if (err) {
     base::LogCSSMError("CSSM_CSP_CreateRandomGenContext", err);
     return NULL;
@@ -50,32 +70,20 @@ void* CreateRandomBytes(size_t size) {
     random_data.Data = NULL;
   }
   CSSM_DeleteContext(ctx);
-  return random_data.Data;  // Caller responsible for freeing this
-}
-
-inline CSSM_DATA StringToData(const std::string& str) {
-  CSSM_DATA data = {
-    str.size(),
-    reinterpret_cast<uint8_t*>(const_cast<char*>(str.data()))
-  };
-  return data;
+  std::copy(random_data.Data, random_data.Data + num_bytes, out);

[zel, 2011/03/29 05:31:34]

you should avoid data copy here

change the function to:

GenerateRandomBytes(size_t num_bytes, uint8** out)

and allocate memory inside, don't copy+delete for no good reason

[Denis Lagno, 2011/04/04 18:18:02]

mac was the only platform that performed this copying.
I've adjusted code to avoid copy.

+  delete random_data.Data;
+  return true;
 }
 
-}  // namespace
-
-namespace base {
-
-SymmetricKey::~SymmetricKey() {}
-
 // static
 SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm,
                                               size_t key_size_in_bits) {
   CheckKeyParams(algorithm, key_size_in_bits);
-  void* random_bytes = CreateRandomBytes((key_size_in_bits + 7) / 8);
-  if (!random_bytes)
+  std::vector<uint8> random_bytes((key_size_in_bits + 7) / 8);
+  if (!GenerateRandomBytes(random_bytes.size(), &random_bytes[0]))
     return NULL;
-  SymmetricKey *key = new SymmetricKey(random_bytes, key_size_in_bits);
-  free(random_bytes);
+  SymmetricKey *key = new SymmetricKey(&random_bytes[0], key_size_in_bits);
+  std::fill(random_bytes.begin(), random_bytes.end(), 0u);

[zel, 2011/03/29 05:31:34]

why cleaning here? the data is already in memory somewhere else

[Denis Lagno, 2011/04/04 18:18:02]

yes, in memory somewhere else.  But looking into implementation for other
platforms it is clear that we expect that after key destruction it will be wiped
out from memory completely to avoid leak.  If we would not clean here then after
key destruction its data may still left here.

   return key;
 }