Index: crypto/hmac.cc |
diff --git a/crypto/hmac.cc b/crypto/hmac.cc |
index 333e357f90c327689b9909b152fe1f6af22ddc5e..58d7cadc7899ab282f5634a6a6ac15e7dda10fda 100644 |
--- a/crypto/hmac.cc |
+++ b/crypto/hmac.cc |
@@ -4,24 +4,36 @@ |
#include "crypto/hmac.h" |
+#include <openssl/hmac.h> |
#include <stddef.h> |
#include <algorithm> |
#include <memory> |
+#include <vector> |
#include "base/logging.h" |
+#include "base/stl_util.h" |
+#include "crypto/openssl_util.h" |
#include "crypto/secure_util.h" |
#include "crypto/symmetric_key.h" |
namespace crypto { |
-bool HMAC::Init(SymmetricKey* key) { |
- std::string raw_key; |
- bool result = key->GetRawKey(&raw_key) && Init(raw_key); |
- // Zero out key copy. This might get optimized away, but one can hope. |
- // Using std::string to store key info at all is a larger problem. |
- std::fill(raw_key.begin(), raw_key.end(), 0); |
- return result; |
+struct HMACPlatformData { |
+ std::vector<unsigned char> key; |
+}; |
Ryan Sleevi
2016/04/28 21:06:58
Can't we get rid of this entirely, since we're get
svaldez
2016/04/28 21:14:50
Done.
|
+ |
+HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg) { |
+ // Only SHA-1 and SHA-256 hash algorithms are supported now. |
+ DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256); |
+} |
+ |
+HMAC::~HMAC() { |
+ if (plat_) { |
+ // Zero out key copy. |
+ plat_->key.assign(plat_->key.size(), 0); |
+ STLClearObject(&plat_->key); |
+ } |
} |
size_t HMAC::DigestLength() const { |
@@ -36,6 +48,35 @@ size_t HMAC::DigestLength() const { |
} |
} |
+bool HMAC::Init(const unsigned char* key, size_t key_length) { |
+ // Init must not be called more than once on the same HMAC object. |
+ DCHECK(!plat_); |
+ plat_.reset(new HMACPlatformData()); |
+ plat_->key.assign(key, key + key_length); |
+ return true; |
+} |
+ |
+bool HMAC::Init(SymmetricKey* key) { |
+ std::string raw_key; |
+ bool result = key->GetRawKey(&raw_key) && Init(raw_key); |
+ // Zero out key copy. This might get optimized away, but one can hope. |
+ // Using std::string to store key info at all is a larger problem. |
+ std::fill(raw_key.begin(), raw_key.end(), 0); |
+ return result; |
+} |
+ |
+bool HMAC::Sign(const base::StringPiece& data, |
+ unsigned char* digest, |
+ size_t digest_length) const { |
+ DCHECK(plat_); // Init must be called before Sign. |
+ |
+ ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length); |
+ return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(), |
+ plat_->key.data(), plat_->key.size(), |
+ reinterpret_cast<const unsigned char*>(data.data()), |
+ data.size(), result.safe_buffer(), NULL); |
+} |
+ |
bool HMAC::Verify(const base::StringPiece& data, |
const base::StringPiece& digest) const { |
if (digest.size() != DigestLength()) |