Update SHA1_LENGTH -> kSHA1Length to match previous change to SHA256_LENGTH.

chrome/common/net/x509_certificate_model_nss.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/net/x509_certificate_model.h"
 
 #include <cert.h>
 #include <cms.h>
 #include <hasht.h>
 #include <keyhi.h>  // SECKEY_DestroyPrivateKey
 #include <keythi.h>  // SECKEYPrivateKey
 #include <pk11pub.h>  // PK11_FindKeyByAnyCert
 #include <seccomon.h>  // SECItem
 #include <sechash.h>
 
 #include "base/logging.h"
+#include "base/sha1.h"
 #include "base/string_number_conversions.h"
 #include "crypto/nss_util.h"
+#include "crypto/sha2.h"

[wtc, 2011/09/24 01:39:41]

BUG: Please undo all the changes in this file.  This is one
reason I like the renaming.  It turns out that NSS has
macros named SHA1_LENGTH and SHA256_LENGTH:
http://mxr.mozilla.org/security/ident?i=SHA1_LENGTH
http://mxr.mozilla.org/security/ident?i=SHA256_LENGTH

So the references to SHA1_LENGTH and SHA256_LENGTH in
this file are actually to the NSS macros.  This is why
they don't have the base:: and crypto:: namespace prefixes.

[Peter Kasting, 2011/09/25 20:52:01]

Right.  I meant to be clearer about this in my change description -- I was
intentionally changing all non-third_party code to use the chrome constants, and
leaving third_party/*nss* using the NSS macros, in hopes of consistency and
fewer (possibly implicit) dependencies on things defined in the NSS headers.

I can change them back, but do you have a feeling about the above idea, or any
rules on when or how we should pick one over the other?  If we're not drawing
the line at the boundary of third_party, things seem a lot more subtle.

[wtc, 2011/09/26 18:06:22]

The rule is that a file that uses the NSS hash functions
should also use the NSS hash-length macros.  There are
such files outside third_party as well.  Usually such
files are named xxx_nss.cc.

[Peter Kasting, 2011/09/26 20:08:18]

OK.  I reverted the four files you mentioned needing reverts.

 #include "net/base/x509_certificate.h"
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h"
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertificate.h"
 #include "chrome/third_party/mozilla_security_manager/nsUsageArrayHelper.h"
 
 namespace psm = mozilla_security_manager;
 
 namespace {
 
 // Convert a char* return value from NSS into a std::string and free the NSS
@@ skipping 261 matching lines @@
       Extension extension;
       extension.name = psm::GetOIDText(&cert_handle->extensions[i]->id);
       extension.value = ProcessExtension(
           critical_label, non_critical_label, cert_handle->extensions[i]);
       extensions->push_back(extension);
     }
   }
 }
 
 string HashCertSHA256(X509Certificate::OSCertHandle cert_handle) {
-  return HashCert(cert_handle, HASH_AlgSHA256, SHA256_LENGTH);
+  return HashCert(cert_handle, HASH_AlgSHA256, kSHA256Length);
 }
 
 string HashCertSHA1(X509Certificate::OSCertHandle cert_handle) {
-  return HashCert(cert_handle, HASH_AlgSHA1, SHA1_LENGTH);
+  return HashCert(cert_handle, HASH_AlgSHA1, kSHA1Length);
 }
 
 void GetCertChainFromCert(X509Certificate::OSCertHandle cert_handle,
                           X509Certificate::OSCertHandles* cert_handles) {
   CERTCertList* cert_list =
       CERT_GetCertChainFromCert(cert_handle, PR_Now(), certUsageSSLServer);
   CERTCertListNode* node;
   for (node = CERT_LIST_HEAD(cert_list);
        !CERT_LIST_END(node, cert_list);
        node = CERT_LIST_NEXT(node)) {
@@ skipping 88 matching lines @@
 string ProcessRawBitsSignatureWrap(X509Certificate::OSCertHandle cert_handle) {
   return ProcessRawBits(cert_handle->signatureWrap.signature.data,
                         cert_handle->signatureWrap.signature.len);
 }
 
 void RegisterDynamicOids() {
   psm::RegisterDynamicOids();
 }
 
 }  // namespace x509_certificate_model