Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(324)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/openssl/hmac_openssl.cc

Issue 975273002: Update some comments and code to reflect the fact that HMAC() is no longer hostile to NULL key data. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | crypto/hmac_openssl.cc » ('j') | crypto/hmac_openssl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <openssl/hmac.h> 5 #include <openssl/hmac.h>
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/stl_util.h" 8 #include "base/stl_util.h"
9 #include "content/child/webcrypto/algorithm_implementation.h" 9 #include "content/child/webcrypto/algorithm_implementation.h"
10 #include "content/child/webcrypto/crypto_data.h" 10 #include "content/child/webcrypto/crypto_data.h"
(...skipping 20 matching lines...) Expand all
31 const blink::WebCryptoAlgorithm& hash, 31 const blink::WebCryptoAlgorithm& hash,
32 const CryptoData& data, 32 const CryptoData& data,
33 std::vector<uint8_t>* buffer) { 33 std::vector<uint8_t>* buffer) {
34 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 34 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
35 35
36 const EVP_MD* digest_algorithm = GetDigest(hash.id()); 36 const EVP_MD* digest_algorithm = GetDigest(hash.id());
37 if (!digest_algorithm) 37 if (!digest_algorithm)
38 return Status::ErrorUnsupported(); 38 return Status::ErrorUnsupported();
39 unsigned int hmac_expected_length = EVP_MD_size(digest_algorithm); 39 unsigned int hmac_expected_length = EVP_MD_size(digest_algorithm);
40 40
41 // OpenSSL wierdness here. 41 // HMAC() needs a void* for the key data, so make one up front as a
42 // First, HMAC() needs a void* for the key data, so make one up front as a 42 // cosmetic to avoid a cast.
43 // cosmetic to avoid a cast. Second, OpenSSL does not like a NULL key, 43 const void* const raw_key_voidp = raw_key.empty() ? NULL : &raw_key[0];
davidben 2015/03/04 19:40:59 vector_as_array?
44 // which will result if the raw_key vector is empty; an entirely valid
45 // case. Handle this specific case by pointing to a fresh array.
46 const unsigned char null_key[] = {0};
47 const void* const raw_key_voidp = raw_key.size() ? &raw_key[0] : null_key;
48 44
49 buffer->resize(hmac_expected_length); 45 buffer->resize(hmac_expected_length);
50 crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result( 46 crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result(
51 vector_as_array(buffer), hmac_expected_length); 47 vector_as_array(buffer), hmac_expected_length);
52 48
53 unsigned int hmac_actual_length; 49 unsigned int hmac_actual_length;
54 unsigned char* const success = 50 unsigned char* const success =
55 HMAC(digest_algorithm, raw_key_voidp, raw_key.size(), data.bytes(), 51 HMAC(digest_algorithm, raw_key_voidp, raw_key.size(), data.bytes(),
56 data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length); 52 data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length);
57 if (!success || hmac_actual_length != hmac_expected_length) 53 if (!success || hmac_actual_length != hmac_expected_length)
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
228 224
229 } // namespace 225 } // namespace
230 226
231 AlgorithmImplementation* CreatePlatformHmacImplementation() { 227 AlgorithmImplementation* CreatePlatformHmacImplementation() {
232 return new HmacImplementation; 228 return new HmacImplementation;
233 } 229 }
234 230
235 } // namespace webcrypto 231 } // namespace webcrypto
236 232
237 } // namespace content 233 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | crypto/hmac_openssl.cc » ('j') | crypto/hmac_openssl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698