Chromium Code Reviews Chromium Code Reviews
Issue 7522014:
Add WARN_UNUSED_RESULT to crypto/hmac.h (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: remoting/protocol/secure_p2p_socket.cc |
| diff --git a/remoting/protocol/secure_p2p_socket.cc b/remoting/protocol/secure_p2p_socket.cc |
| index cbc480f0036cb1443c376f9b66bf2f334aa5a2a3..ce873a83730a38b825e7906788fefc40662875a0 100644 |
| --- a/remoting/protocol/secure_p2p_socket.cc |
| +++ b/remoting/protocol/secure_p2p_socket.cc |
| @@ -91,8 +91,9 @@ SecureP2PSocket::SecureP2PSocket(Socket* socket, const std::string& ice_key) |
| reinterpret_cast<const unsigned char*>(ice_key.data()), kKeySize); |
| DCHECK(ret) << "Initialize HMAC-SHA1 for mask failed."; |
| scoped_array<uint8> mask_digest(new uint8[mask_hasher.DigestLength()]); |
| - mask_hasher.Sign(kMaskSaltStr, mask_digest.get(), |
| - mask_hasher.DigestLength()); |
| + ret = mask_hasher.Sign(kMaskSaltStr, mask_digest.get(), |
| + mask_hasher.DigestLength()); |
| + DCHECK(ret) << "Sign with HMAC-SHA1 for mask failed."; |
| mask_key_.reset(crypto::SymmetricKey::Import( |
| crypto::SymmetricKey::AES, |
| std::string(mask_digest.get(), mask_digest.get() + kKeySize))); |
| @@ -107,8 +108,9 @@ SecureP2PSocket::SecureP2PSocket(Socket* socket, const std::string& ice_key) |
| reinterpret_cast<const unsigned char*>(ice_key.data()), kKeySize); |
| DCHECK(ret) << "Initialize HMAC-SHA1 for hash failed."; |
| scoped_array<uint8> hash_key(new uint8[hash_hasher.DigestLength()]); |
| - hash_hasher.Sign(kHashSaltStr, hash_key.get(), hash_hasher.DigestLength()); |
| - |
| + ret = hash_hasher.Sign(kHashSaltStr, hash_key.get(), |
| + hash_hasher.DigestLength()); |
| + DCHECK(ret) << "Sign with HMAC-SHA1 for hash failed."; |
| // Create a hasher for message. |
| ret = msg_hasher_.Init(hash_key.get(), kKeySize); |
| DCHECK(ret) << "Initialize HMAC-SHA1 for message failed."; |
| @@ -164,10 +166,10 @@ int SecureP2PSocket::Write(IOBuffer* buf, int buf_len, |
| // 10. Create hash from masked message with nonce. |
| scoped_array<uint8> msg_digest(new uint8[msg_hasher_.DigestLength()]); |
| - msg_hasher_.Sign( |
| + CHECK(msg_hasher_.Sign( |
|
Denis Lagno
2011/07/28 08:13:37
nit: I understand that CHECK is executed always, b
|
| base::StringPiece(encrypted_buf->data() + kNoncePosition, |
| kRawMessageSize + kKeySize), |
| - msg_digest.get(), msg_hasher_.DigestLength()); |
| + msg_digest.get(), msg_hasher_.DigestLength())); |
| memcpy(encrypted_buf->data() + kHashPosition, msg_digest.get(), kKeySize); |
| // Write to the socket. |
| @@ -256,16 +258,13 @@ int SecureP2PSocket::DecryptBuffer(int size) { |
| // See the spec for the steps taken in this method: |
| // http://www.whatwg.org/specs/web-apps/current-work/complete/video-conferencing-and-peer-to-peer-communication.html#peer-to-peer-connections |
| // 5. Compute hash of the message. |
| - scoped_array<uint8> msg_digest(new uint8[msg_hasher_.DigestLength()]); |
| - msg_hasher_.Sign( |
| + // 6. Compare the hash values. |
| + if (!msg_hasher_.Verify( |
| base::StringPiece(read_buf_->data() + kNoncePosition, |
| size - kNoncePosition), |
| - msg_digest.get(), msg_hasher_.DigestLength()); |
| - |
| - // 6. Compare the hash values. |
| - int ret = memcmp(read_buf_->data(), msg_digest.get(), kKeySize); |
| - if (ret) |
| + base::StringPiece(read_buf_->data(), kKeySize))) { |
| return net::ERR_INVALID_RESPONSE; |
| + } |
| // 7. Decrypt the message. |
| std::string nonce = std::string( |
| @@ -294,10 +293,10 @@ int SecureP2PSocket::DecryptBuffer(int size) { |
| // 15. Parse the frame type. |
| if (raw_message_size < kSeqNumberSize + kFrameTypeSize) |
| return net::ERR_INVALID_RESPONSE; |
| - ret = memcmp(raw_message.data() + kSeqNumberSize, kFrameType, |
| - kFrameTypeSize); |
| - if (ret) |
| + if (memcmp(raw_message.data() + kSeqNumberSize, kFrameType, |
| + kFrameTypeSize) != 0) { |
| return net::ERR_INVALID_RESPONSE; |
| + } |
| // 16. Read the message. |
| const int kMessageSize = raw_message_size - kSeqNumberSize - kFrameTypeSize; |
