Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(121)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: crypto/hmac.cc

Issue 1924093006: Removing crypto/third_party/nss/ and removing crypto _win files (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « crypto/crypto_nacl.gyp ('k') | crypto/hmac_openssl.cc » ('j') | third_party/boringssl/boringssl.gyp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: crypto/hmac.cc
diff --git a/crypto/hmac.cc b/crypto/hmac.cc
index 333e357f90c327689b9909b152fe1f6af22ddc5e..58d7cadc7899ab282f5634a6a6ac15e7dda10fda 100644
--- a/crypto/hmac.cc
+++ b/crypto/hmac.cc
@@ -4,24 +4,36 @@
#include "crypto/hmac.h"
+#include <openssl/hmac.h>
#include <stddef.h>
#include <algorithm>
#include <memory>
+#include <vector>
#include "base/logging.h"
+#include "base/stl_util.h"
+#include "crypto/openssl_util.h"
#include "crypto/secure_util.h"
#include "crypto/symmetric_key.h"
namespace crypto {
-bool HMAC::Init(SymmetricKey* key) {
- std::string raw_key;
- bool result = key->GetRawKey(&raw_key) && Init(raw_key);
- // Zero out key copy. This might get optimized away, but one can hope.
- // Using std::string to store key info at all is a larger problem.
- std::fill(raw_key.begin(), raw_key.end(), 0);
- return result;
+struct HMACPlatformData {
+ std::vector<unsigned char> key;
+};
Ryan Sleevi 2016/04/28 21:06:58 Can't we get rid of this entirely, since we're get
svaldez 2016/04/28 21:14:50 Done.
+
+HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg) {
+ // Only SHA-1 and SHA-256 hash algorithms are supported now.
+ DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
+}
+
+HMAC::~HMAC() {
+ if (plat_) {
+ // Zero out key copy.
+ plat_->key.assign(plat_->key.size(), 0);
+ STLClearObject(&plat_->key);
+ }
}
size_t HMAC::DigestLength() const {
@@ -36,6 +48,35 @@ size_t HMAC::DigestLength() const {
}
}
+bool HMAC::Init(const unsigned char* key, size_t key_length) {
+ // Init must not be called more than once on the same HMAC object.
+ DCHECK(!plat_);
+ plat_.reset(new HMACPlatformData());
+ plat_->key.assign(key, key + key_length);
+ return true;
+}
+
+bool HMAC::Init(SymmetricKey* key) {
+ std::string raw_key;
+ bool result = key->GetRawKey(&raw_key) && Init(raw_key);
+ // Zero out key copy. This might get optimized away, but one can hope.
+ // Using std::string to store key info at all is a larger problem.
+ std::fill(raw_key.begin(), raw_key.end(), 0);
+ return result;
+}
+
+bool HMAC::Sign(const base::StringPiece& data,
+ unsigned char* digest,
+ size_t digest_length) const {
+ DCHECK(plat_); // Init must be called before Sign.
+
+ ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);
+ return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(),
+ plat_->key.data(), plat_->key.size(),
+ reinterpret_cast<const unsigned char*>(data.data()),
+ data.size(), result.safe_buffer(), NULL);
+}
+
bool HMAC::Verify(const base::StringPiece& data,
const base::StringPiece& digest) const {
if (digest.size() != DigestLength())
« no previous file with comments | « crypto/crypto_nacl.gyp ('k') | crypto/hmac_openssl.cc » ('j') | third_party/boringssl/boringssl.gyp » ('J')

Powered by Google App Engine
This is Rietveld 408576698