WebCrypto: Implement digest() using NSS

content/renderer/webcrypto_digest_nss.cc

Index: content/renderer/webcrypto_digest_nss.cc
diff --git a/content/renderer/webcrypto_digest_nss.cc b/content/renderer/webcrypto_digest_nss.cc
new file mode 100644
index 0000000000000000000000000000000000000000..3a19b67625c466898725f4303089e4ea435cd252
--- /dev/null
+++ b/content/renderer/webcrypto_digest_nss.cc
@@ -0,0 +1,101 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/renderer/webcrypto_digest.h"
+
+#include <sechash.h>
+
+#include "base/logging.h"
+#include "crypto/nss_util.h"
+#include "third_party/WebKit/public/platform/WebArrayBuffer.h"
+#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
+
+namespace content {
+
+WebCryptoDigest::WebCryptoDigest(
+    const WebKit::WebCryptoOperationResult& result)
+    : result_(result),
+      context_(NULL) {
+}
+
+WebCryptoDigest::~WebCryptoDigest() {
+  if (context_) {
+    HASH_Destroy(context_);

[jamesr, 2013/08/09 20:04:55]

you could also define a HASHDeleter that overrides operator() to call
HASH_Destroy and then store this hash in a scoped_ptr<Type, HASHDeleter>

[Bryan Eyler, 2013/08/13 18:22:21]

Ah, very cool.  Done.

[eroman, 2013/08/13 18:32:24]

I will defer to sleevi, however if we go this route probably better to add them
to src/crypto/scoped_nss_types.h with the others.

+  }
+}
+
+bool WebCryptoDigest::Initialize(
+    const WebKit::WebCryptoAlgorithm& algorithm) {
+  crypto::EnsureNSSInit();
+
+  HASH_HashType hash_type = HASH_AlgNULL;
+
+  switch (algorithm.id()) {
+    case WebKit::WebCryptoAlgorithmIdSha1:
+      hash_type = HASH_AlgSHA1;
+      break;
+    case WebKit::WebCryptoAlgorithmIdSha224:
+      hash_type = HASH_AlgSHA224;
+      break;
+    case WebKit::WebCryptoAlgorithmIdSha256:
+      hash_type = HASH_AlgSHA256;
+      break;
+    case WebKit::WebCryptoAlgorithmIdSha384:
+      hash_type = HASH_AlgSHA384;
+      break;
+    case WebKit::WebCryptoAlgorithmIdSha512:
+      hash_type = HASH_AlgSHA512;
+      break;
+    default:
+      NOTREACHED();
+      return false;
+  }
+
+  context_ = HASH_Create(hash_type);
+  if (!context_) {
+    LOG(ERROR) << "Could not create digest context for hash algorithm: "
+               << hash_type;
+    return false;
+  }
+
+  HASH_Begin(context_);
+
+  return true;
+}
+
+void WebCryptoDigest::process(const unsigned char* bytes, size_t size) {
+  DCHECK(context_);
+  HASH_Update(context_, bytes, size);
+}
+
+void WebCryptoDigest::abort() {
+  delete this;

[jamesr, 2013/08/09 20:04:55]

this is very unusual. what's the lifecycle of this object?

[Bryan Eyler, 2013/08/13 18:22:21]

The way the interface is defined, this object needs to be freed once it has been
aborted.

The object is created when a WebKit::WebCrypto operation is kicked off, then
WebKit::CryptoOperation makes calls into it to process/abort/finish. 
WebKit::CryptoOperationImpl maintains the state, but does not own the object, so
it frees itself and relies on WebKit::CryptoOperationImpl to maintain the proper
state.

+}
+
+void WebCryptoDigest::finish() {
+  DCHECK(context_);
+
+  unsigned int hash_result_length = HASH_ResultLenContext(context_);
+  WebKit::WebArrayBuffer buffer(
+      WebKit::WebArrayBuffer::create(hash_result_length, 1));
+
+  unsigned char* digest = reinterpret_cast<unsigned char*>(buffer.data());
+  DCHECK(digest);
+
+  unsigned int result_length = 0;
+  HASH_End(context_, digest, &result_length, hash_result_length);
+  if (result_length != hash_result_length) {
+    LOG(ERROR) << "Result length invalid; expected " << hash_result_length
+               << ", got " << result_length;
+    result_.completeWithError();
+    delete this;
+    return;
+  }
+
+  result_.completeWithArrayBuffer(buffer);
+
+  delete this;
+}
+
+}  // namespace content