| Index: crypto/symmetric_key_mac.cc
|
| diff --git a/crypto/symmetric_key_mac.cc b/crypto/symmetric_key_mac.cc
|
| index 47193a0883311a9ee376721d8fee084734db8734..4752d66bc2fb4264fb37f08552b4bef61bd66015 100644
|
| --- a/crypto/symmetric_key_mac.cc
|
| +++ b/crypto/symmetric_key_mac.cc
|
| @@ -4,6 +4,8 @@
|
|
|
| #include "crypto/symmetric_key.h"
|
|
|
| +#include <vector>
|
| +
|
| #include <CommonCrypto/CommonCryptor.h>
|
| #include <CoreFoundation/CFString.h>
|
| #include <Security/cssm.h>
|
| @@ -32,27 +34,6 @@ CSSM_KEY_TYPE CheckKeyParams(crypto::SymmetricKey::Algorithm algorithm,
|
| }
|
| }
|
|
|
| -void* CreateRandomBytes(size_t size) {
|
| - CSSM_RETURN err;
|
| - CSSM_CC_HANDLE ctx;
|
| - err = CSSM_CSP_CreateRandomGenContext(crypto::GetSharedCSPHandle(),
|
| - CSSM_ALGID_APPLE_YARROW,
|
| - NULL,
|
| - size, &ctx);
|
| - if (err) {
|
| - crypto::LogCSSMError("CSSM_CSP_CreateRandomGenContext", err);
|
| - return NULL;
|
| - }
|
| - CSSM_DATA random_data = {};
|
| - err = CSSM_GenerateRandom(ctx, &random_data);
|
| - if (err) {
|
| - crypto::LogCSSMError("CSSM_GenerateRandom", err);
|
| - random_data.Data = NULL;
|
| - }
|
| - CSSM_DeleteContext(ctx);
|
| - return random_data.Data; // Caller responsible for freeing this
|
| -}
|
| -
|
| inline CSSM_DATA StringToData(const std::string& str) {
|
| CSSM_DATA data = {
|
| str.size(),
|
| @@ -65,17 +46,47 @@ inline CSSM_DATA StringToData(const std::string& str) {
|
|
|
| namespace crypto {
|
|
|
| -SymmetricKey::~SymmetricKey() {}
|
| +SymmetricKey::~SymmetricKey() {
|
| + std::fill(key_.begin(), key_.end(), 0);
|
| +}
|
| +
|
| +// static
|
| +bool SymmetricKey::GenerateRandomBytes(size_t num_bytes, uint8* out) {
|
| + if (num_bytes == 0)
|
| + return true;
|
| + if (out == NULL)
|
| + return false;
|
| +
|
| + CSSM_RETURN err;
|
| + CSSM_CC_HANDLE ctx;
|
| + err = CSSM_CSP_CreateRandomGenContext(crypto::GetSharedCSPHandle(),
|
| + CSSM_ALGID_APPLE_YARROW,
|
| + NULL,
|
| + num_bytes, &ctx);
|
| + if (err) {
|
| + crypto::LogCSSMError("CSSM_CSP_CreateRandomGenContext", err);
|
| + return false;
|
| + }
|
| + CSSM_DATA random_data = { num_bytes, out };
|
| + err = CSSM_GenerateRandom(ctx, &random_data);
|
| + CSSM_DeleteContext(ctx);
|
| + if (err != CSSM_OK) {
|
| + crypto::LogCSSMError("CSSM_GenerateRandom", err);
|
| + return false;
|
| + }
|
| + DCHECK(random_data.Data == out);
|
| + return true;
|
| +}
|
|
|
| // static
|
| SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm,
|
| size_t key_size_in_bits) {
|
| CheckKeyParams(algorithm, key_size_in_bits);
|
| - void* random_bytes = CreateRandomBytes((key_size_in_bits + 7) / 8);
|
| - if (!random_bytes)
|
| + std::vector<uint8> random_bytes((key_size_in_bits + 7) / 8);
|
| + if (!GenerateRandomBytes(random_bytes.size(), &random_bytes[0]))
|
| return NULL;
|
| - SymmetricKey *key = new SymmetricKey(random_bytes, key_size_in_bits);
|
| - free(random_bytes);
|
| + SymmetricKey* key = new SymmetricKey(&random_bytes[0], key_size_in_bits);
|
| + std::fill(random_bytes.begin(), random_bytes.end(), 0u);
|
| return key;
|
| }
|
|
|
| @@ -139,9 +150,9 @@ SymmetricKey* SymmetricKey::Import(Algorithm algorithm,
|
| return new SymmetricKey(raw_key.data(), raw_key.size() * 8);
|
| }
|
|
|
| -SymmetricKey::SymmetricKey(const void *key_data, size_t key_size_in_bits)
|
| - : key_(reinterpret_cast<const char*>(key_data),
|
| - key_size_in_bits / 8) {}
|
| +SymmetricKey::SymmetricKey(const void* key_data, size_t key_size_in_bits)
|
| + : key_(static_cast<const char*>(key_data), key_size_in_bits / 8) {
|
| +}
|
|
|
| bool SymmetricKey::GetRawKey(std::string* raw_key) {
|
| *raw_key = key_;
|
|
|
Chromium Code Reviews
Issue 6683060:
Private API for extensions like ssh-client that need access to TCP. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src