Support for the new WebCrypto digest by chunks API.

content/child/webcrypto/platform_crypto_nss.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/platform_crypto.h"
 
 #include <cryptohi.h>
 #include <pk11pub.h>
 #include <secerr.h>
 #include <sechash.h>
 #include <secoid.h>
 
 #include <vector>
 
 #include "base/lazy_instance.h"
 #include "base/logging.h"
+#include "base/memory/scoped_ptr.h"
 #include "content/child/webcrypto/crypto_data.h"
 #include "content/child/webcrypto/status.h"
 #include "content/child/webcrypto/webcrypto_util.h"
 #include "crypto/nss_util.h"
 #include "crypto/scoped_nss_types.h"
 #include "third_party/WebKit/public/platform/WebArrayBuffer.h"
 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
 
@@ skipping 620 matching lines @@
     SECITEM_FreeItem(&out->prime1, PR_FALSE);
     SECITEM_FreeItem(&out->prime2, PR_FALSE);
     SECITEM_FreeItem(&out->exponent1, PR_FALSE);
     SECITEM_FreeItem(&out->exponent2, PR_FALSE);
     SECITEM_FreeItem(&out->coefficient, PR_FALSE);
   }
 };
 
 }  // namespace
 
+class DigestorNSS : public blink::WebCryptoDigestor {
+ public:
+  explicit DigestorNSS(blink::WebCryptoAlgorithmId algorithm_id)
+      : hash_context_(NULL), algorithm_id_(algorithm_id) {}
+
+  virtual ~DigestorNSS() OVERRIDE {

[eroman, 2014/03/26 01:43:54]

no need for override here, suggest removing (in principle i like override, just
a nuisance for blink<-->chromium)

[jww, 2014/03/26 18:49:40]

Done.

+    if (!hash_context_)
+      return;
+
+    HASH_Destroy(hash_context_);
+    hash_context_ = NULL;
+  }
+
+  virtual bool consume(const unsigned char* data, unsigned int size) {
+    return ConsumeWithStatus(data, size).IsSuccess();
+  }
+
+  Status ConsumeWithStatus(const unsigned char* data, unsigned int size) {
+    // Initialize everything if the object hasn't been initialized yet.
+    if (!hash_context_) {
+      Status error = Init();
+      if (!error.IsSuccess())
+        return error;
+    }
+
+    HASH_Update(hash_context_, data, size);
+
+    return Status::Success();
+  }
+
+  virtual bool finish(unsigned char*& result_data,
+                      unsigned int& result_data_size) {
+    Status error = FinishInternal(result_, &result_data_size);
+    if (!error.IsSuccess())
+      return false;
+    result_data = result_;
+    return true;
+  }
+
+  Status FinishWithWebArrayAndStatus(blink::WebArrayBuffer* result) {
+    if (!hash_context_)
+      return Status::ErrorUnexpected();
+
+    unsigned int result_length = HASH_ResultLenContext(hash_context_);
+    *result = blink::WebArrayBuffer::create(result_length, 1);
+    unsigned char* digest = reinterpret_cast<unsigned char*>(result->data());
+    unsigned int digest_size;  // ignored
+    return FinishInternal(digest, &digest_size);
+  }
+
+ private:
+  HASHContext* hash_context_;

[eroman, 2014/03/26 01:43:54]

[style] members go after functions. Move all the members to the very end of the
private block.

[jww, 2014/03/26 18:49:40]

Done.

+  blink::WebCryptoAlgorithmId algorithm_id_;
+  unsigned char result_[HASH_LENGTH_MAX];
+
+  Status Init() {
+    HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm_id_);
+
+    if (hash_type == HASH_AlgNULL)
+      return Status::ErrorUnsupported();
+
+    hash_context_ = HASH_Create(hash_type);
+    if (!hash_context_)
+      return Status::Error();
+
+    HASH_Begin(hash_context_);
+
+    return Status::Success();
+  }
+
+  Status FinishInternal(unsigned char* result, unsigned int* result_size) {
+    if (!hash_context_) {
+      Status error = Init();
+      if (!error.IsSuccess())
+        return error;
+    }
+
+    unsigned int hash_result_length = HASH_ResultLenContext(hash_context_);
+    DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX));
+
+    HASH_End(hash_context_, result, result_size, hash_result_length);
+
+    if (*result_size != hash_result_length)
+      return Status::ErrorUnexpected();
+    return Status::Success();
+  }
+};
+
 Status ImportKeyRaw(const blink::WebCryptoAlgorithm& algorithm,
                     const CryptoData& key_data,
                     bool extractable,
                     blink::WebCryptoKeyUsageMask usage_mask,
                     blink::WebCryptoKey* key) {
 
   DCHECK(!algorithm.isNull());
 
   CK_MECHANISM_TYPE mechanism;
   CK_FLAGS flags;
@@ skipping 503 matching lines @@
                                   usage_mask);
 
   return Status::Success();
 }
 
 void Init() { crypto::EnsureNSSInit(); }
 
 Status DigestSha(blink::WebCryptoAlgorithmId algorithm,
                  const CryptoData& data,
                  blink::WebArrayBuffer* buffer) {
-  HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm);
-  if (hash_type == HASH_AlgNULL)
-    return Status::ErrorUnsupported();
+  DigestorNSS digestor(algorithm);
+  Status error = digestor.ConsumeWithStatus(data.bytes(), data.byte_length());
+  if (!error.IsSuccess())
+    return error;
+  return digestor.FinishWithWebArrayAndStatus(buffer);
+}
 
-  HASHContext* context = HASH_Create(hash_type);
-  if (!context)
-    return Status::Error();
-
-  HASH_Begin(context);
-
-  HASH_Update(context, data.bytes(), data.byte_length());
-
-  unsigned int hash_result_length = HASH_ResultLenContext(context);
-  DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX));
-
-  *buffer = blink::WebArrayBuffer::create(hash_result_length, 1);
-
-  unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data());
-
-  unsigned int result_length = 0;
-  HASH_End(context, digest, &result_length, hash_result_length);
-
-  HASH_Destroy(context);
-
-  if (result_length != hash_result_length)
-    return Status::ErrorUnexpected();
-  return Status::Success();
+scoped_ptr<blink::WebCryptoDigestor> CreateDigestor(
+    blink::WebCryptoAlgorithmId algorithm_id) {
+  return scoped_ptr<blink::WebCryptoDigestor>(new DigestorNSS(algorithm_id));
 }
 
 Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
                          bool extractable,
                          blink::WebCryptoKeyUsageMask usage_mask,
                          unsigned keylen_bytes,
                          blink::WebCryptoKey* key) {
   CK_MECHANISM_TYPE mech = WebCryptoAlgorithmToGenMechanism(algorithm);
   blink::WebCryptoKeyType key_type = blink::WebCryptoKeyTypeSecret;
 
@@ skipping 257 matching lines @@
                                      key_algorithm,
                                      usage_mask);
   return Status::Success();
 }
 
 }  // namespace platform
 
 }  // namespace webcrypto
 
 }  // namespace content