Move crypto_helpers from sync to base

crypto/random.cc

Index: crypto/random.cc
diff --git a/crypto/random.cc b/crypto/random.cc
new file mode 100644
index 0000000000000000000000000000000000000000..2165399631826e3bf54b149367b40e15d4ce5879
--- /dev/null
+++ b/crypto/random.cc
@@ -0,0 +1,47 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "crypto/random.h"
+
+#include <string>
+
+#if defined(OS_WIN)
+#include "crypto/scoped_capi_types.h"
+#endif  // defined(OS_WIN)

[wtc, 2011/04/28 19:42:22]

Nit: this block should be moved after line 14.  See
Chromium Coding Style guide (the last example):
http://dev.chromium.org/developers/coding-style#TOC-Platform-specific-code

+
+#include "base/base64.h"
+#include "base/rand_util.h"
+
+void GetRandomBytes(void* output, size_t output_length) {

[Ryan Sleevi, 2011/04/27 02:32:24]

nit: Should the return be a bool instead?

Both CryptAcquireContext and CryptGenRandom can fail - the former especially if
AES is not available (< XP SP2). If CryptGenRandom fails, you'd be in a bad
state of thinking cryptographically strong random was acquired, when none
actually was.

+#if defined(OS_WIN)

[wtc, 2011/04/28 19:42:22]

Optional: I would just eliminate the OS_WIN code.  There is
a faster way to get random bytes on Windows (calling the
undocumented but supported function RtlGenRandom in
advapi32.dll), and base::RandUint64() uses that method under
the hood.

+  ScopedHCRYPTPROV safe_provider;
+  // Note: The only time NULL is safe to be passed as pszContainer is when
+  // dwFlags contains CRYPT_VERIFYCONTEXT, as all keys generated and/or used
+  // will be treated as ephemeral keys and not persisted.
+  BOOL ok = CryptAcquireContext(safe_provider.receive(), NULL, NULL,
+                                PROV_RSA_AES, CRYPT_VERIFYCONTEXT);

[Ryan Sleevi, 2011/04/27 02:32:24]

drive by: PROV_RSA_AES is only valid for XP SP2+. Since you're just wanting
cryptographically strong random, PROV_RSA_FULL should suffice. Though there is
one place where PROV_RSA_AES is used (incidentally, in symmetic_key_win.cc to
generating an AES key, which only Nigori/Sync calls), all the other places (SHA,
HMAC, RSA) use PROV_RSA_FULL.

Another thing to be concerned about is the overhead of acquiring a verify
context in every call, if this is frequently called code. When
http://crrev.com/50648 landed, it had to be reverted in http://crrev.com/50900
due to perf regressions. wtc can speak more, but my suspicion is that the
regressions may have been related to the overhead of needing to acquire the
context every time (which can end up going through a series of registry lookups
and module loads every call).

I'm not aware of any thread-safety issues in caching the handle returned,
perhaps as a base::LazyInstance, if perf turns out to be an issue. You may just
want to keep a eye for any perf impact. I suspect that it'd only be an issue if
this got put in a tight loop of 4-8 bytes a pass (like how lines 32-36 are), and
even then it may not be one.

+  if (!ok)
+    return;
+
+  CryptGenRandom(safe_provider, output_length, output);

[Ryan Sleevi, 2011/04/27 02:32:24]

nit: I know the style guide recommends size_t for dealing with ranges of bytes,
as was agl's suggestion, but there is a subtle truncation issue here on 64-bit
(size_t vs DWORD) which, at least in the extremely rare/impossible circumstance
you're requesting >4GB of random, would leave the input buffer with
substantially less entropy.

In practice, this should never happen, but it's cheap to be defensive here. This
may just be a personal nit though, because I'd say it's likely a bug if you're
requesting that much cryptographically strong random.

+#else
+  uint64 random_int;
+  const char* random_int_bytes = reinterpret_cast<const char*>(&random_int);
+  size_t random_int_size = sizeof(random_int);
+  for (size_t i = 0; i < output_length; i += random_int_size) {
+    random_int = base::RandUint64();
+    size_t copy_count = std::min(output_length - i, random_int_size);
+    memcpy(((uint8*)output) + i, random_int_bytes, copy_count);
+  }
+#endif  // defined(OS_WIN)
+}
+
+std::string Generate128BitRandomBase64String() {
+  const int kNumberBytes = 128 / 8;
+  std::string random_bytes(kNumberBytes, ' ');
+  GetRandomBytes(&random_bytes[0], kNumberBytes);
+  std::string base64_encoded_bytes;
+  base::Base64Encode(random_bytes, &base64_encoded_bytes);
+  return base64_encoded_bytes;
+}