Implement crypto signature verification routines using OpenSSL.

extensions/browser/api/cast_channel/cast_auth_util_nss.cc

Index: extensions/browser/api/cast_channel/cast_auth_util_nss.cc
diff --git a/extensions/browser/api/cast_channel/cast_auth_util_nss.cc b/extensions/browser/api/cast_channel/cast_auth_util_nss.cc
index 9a0d067a72f6ae80ecab358fa6e58bdcc0ec07bd..2d5bd143dcb1698a6c37f27f8d54982aa9dbdada 100644
--- a/extensions/browser/api/cast_channel/cast_auth_util_nss.cc
+++ b/extensions/browser/api/cast_channel/cast_auth_util_nss.cc
@@ -30,10 +30,10 @@ typedef scoped_ptr<
         ScopedCERTCertificate;
 
 // Authenticates the given credentials:
-// 1. |signature| verification of |data| using |certificate|.
+// 1. |signature| verification of |peer_cert| using |certificate|.
 // 2. |certificate| is signed by a trusted CA.
 AuthResult VerifyCredentials(const AuthResponse& response,
-                             const std::string& data) {
+                             const std::string& peer_cert) {
   const std::string kErrorPrefix("Failed to verify credentials: ");
   const std::string& certificate = response.client_auth_certificate();
   const std::string& signature = response.signature();
@@ -98,7 +98,7 @@ AuthResult VerifyCredentials(const AuthResponse& response,
 
   VLOG(1) << "Cert signed by trusted CA";
 
-  // Verify that the |signature| matches |data|.
+  // Verify that the |signature| matches |peer_cert|.
   crypto::ScopedSECKEYPublicKey public_key(CERT_ExtractPublicKey(cert.get()));
   if (!public_key.get()) {
     return AuthResult::CreateWithNSSError(
@@ -112,7 +112,7 @@ AuthResult VerifyCredentials(const AuthResponse& response,
       const_cast<char*>(signature.data()));
   signature_item.len = signature.length();
   verified = VFY_VerifyDataDirect(
-      reinterpret_cast<unsigned char*>(const_cast<char*>(data.data())),
+      reinterpret_cast<unsigned char*>(const_cast<char*>(peer_cert.data())),
       data.size(),
       public_key.get(),
       &signature_item,