Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(393)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/webcrypto/algorithms/hmac.cc

Issue 2202843002: Pass a minimally sized buffer to BoringSSL's HMAC(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <openssl/hmac.h> 5 #include <openssl/hmac.h>
6 #include <stddef.h> 6 #include <stddef.h>
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/memory/ptr_util.h" 10 #include "base/memory/ptr_util.h"
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
89 const CryptoData& data, 89 const CryptoData& data,
90 std::vector<uint8_t>* buffer) { 90 std::vector<uint8_t>* buffer) {
91 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 91 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
92 92
93 const EVP_MD* digest_algorithm = GetDigest(hash); 93 const EVP_MD* digest_algorithm = GetDigest(hash);
94 if (!digest_algorithm) 94 if (!digest_algorithm)
95 return Status::ErrorUnsupported(); 95 return Status::ErrorUnsupported();
96 size_t hmac_expected_length = EVP_MD_size(digest_algorithm); 96 size_t hmac_expected_length = EVP_MD_size(digest_algorithm);
97 97
98 buffer->resize(hmac_expected_length); 98 buffer->resize(hmac_expected_length);
99 crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result(
100 buffer->data(), hmac_expected_length);
101 99
102 unsigned int hmac_actual_length; 100 unsigned int hmac_actual_length;
103 unsigned char* const success = 101 unsigned char* const success =
104 HMAC(digest_algorithm, raw_key.data(), raw_key.size(), data.bytes(), 102 HMAC(digest_algorithm, raw_key.data(), raw_key.size(), data.bytes(),
105 data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length); 103 data.byte_length(), buffer->data(), &hmac_actual_length);
106 if (!success || hmac_actual_length != hmac_expected_length) 104 if (!success)
davidben 2016/08/02 18:17:54 Optional: You can also just write: if (!HMAC(....
eroman 2016/08/02 18:28:21 Done.
107 return Status::OperationError(); 105 return Status::OperationError();
108 106
107 if (hmac_actual_length != hmac_expected_length) {
108 // HMAC() promises to use at most EVP_MD_CTX_size(). If this was not the
109 // case then memory corruption may have just occurred.
110 CHECK(false);
111 }
davidben 2016/08/02 18:17:54 CHECK_EQ(hmac_expected_length, hmac_actual_length)
eroman 2016/08/02 18:28:21 Done.
112
109 return Status::Success(); 113 return Status::Success();
110 } 114 }
111 115
112 class HmacImplementation : public AlgorithmImplementation { 116 class HmacImplementation : public AlgorithmImplementation {
113 public: 117 public:
114 HmacImplementation() {} 118 HmacImplementation() {}
115 119
116 Status GenerateKey(const blink::WebCryptoAlgorithm& algorithm, 120 Status GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
117 bool extractable, 121 bool extractable,
118 blink::WebCryptoKeyUsageMask usages, 122 blink::WebCryptoKeyUsageMask usages,
(...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after
287 } 291 }
288 }; 292 };
289 293
290 } // namespace 294 } // namespace
291 295
292 std::unique_ptr<AlgorithmImplementation> CreateHmacImplementation() { 296 std::unique_ptr<AlgorithmImplementation> CreateHmacImplementation() {
293 return base::WrapUnique(new HmacImplementation); 297 return base::WrapUnique(new HmacImplementation);
294 } 298 }
295 299
296 } // namespace webcrypto 300 } // namespace webcrypto
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698