Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/openssl/hmac_openssl.cc

Issue 975273002: Update some comments and code to reflect the fact that HMAC() is no longer hostile to NULL key data. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase and address David's comments Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | crypto/hmac_openssl.cc » ('j') | crypto/hmac_openssl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <openssl/hmac.h> 5 #include <openssl/hmac.h>
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/stl_util.h" 8 #include "base/stl_util.h"
9 #include "content/child/webcrypto/algorithm_implementation.h" 9 #include "content/child/webcrypto/algorithm_implementation.h"
10 #include "content/child/webcrypto/crypto_data.h" 10 #include "content/child/webcrypto/crypto_data.h"
(...skipping 20 matching lines...) Expand all
31 const blink::WebCryptoAlgorithm& hash, 31 const blink::WebCryptoAlgorithm& hash,
32 const CryptoData& data, 32 const CryptoData& data,
33 std::vector<uint8_t>* buffer) { 33 std::vector<uint8_t>* buffer) {
34 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 34 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
35 35
36 const EVP_MD* digest_algorithm = GetDigest(hash.id()); 36 const EVP_MD* digest_algorithm = GetDigest(hash.id());
37 if (!digest_algorithm) 37 if (!digest_algorithm)
38 return Status::ErrorUnsupported(); 38 return Status::ErrorUnsupported();
39 unsigned int hmac_expected_length = EVP_MD_size(digest_algorithm); 39 unsigned int hmac_expected_length = EVP_MD_size(digest_algorithm);
40 40
41 // OpenSSL wierdness here.
42 // First, HMAC() needs a void* for the key data, so make one up front as a
43 // cosmetic to avoid a cast. Second, OpenSSL does not like a NULL key,
44 // which will result if the raw_key vector is empty; an entirely valid
45 // case. Handle this specific case by pointing to a fresh array.
46 const unsigned char null_key[] = {0};
47 const void* const raw_key_voidp = raw_key.size() ? &raw_key[0] : null_key;
48
49 buffer->resize(hmac_expected_length); 41 buffer->resize(hmac_expected_length);
50 crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result( 42 crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result(
51 vector_as_array(buffer), hmac_expected_length); 43 vector_as_array(buffer), hmac_expected_length);
52 44
53 unsigned int hmac_actual_length; 45 unsigned int hmac_actual_length;
54 unsigned char* const success = 46 unsigned char* const success = HMAC(
55 HMAC(digest_algorithm, raw_key_voidp, raw_key.size(), data.bytes(), 47 digest_algorithm, vector_as_array(&raw_key), raw_key.size(), data.bytes(),
56 data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length); 48 data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length);
57 if (!success || hmac_actual_length != hmac_expected_length) 49 if (!success || hmac_actual_length != hmac_expected_length)
58 return Status::OperationError(); 50 return Status::OperationError();
59 51
60 return Status::Success(); 52 return Status::Success();
61 } 53 }
62 54
63 class HmacImplementation : public AlgorithmImplementation { 55 class HmacImplementation : public AlgorithmImplementation {
64 public: 56 public:
65 HmacImplementation() {} 57 HmacImplementation() {}
66 58
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after
228 220
229 } // namespace 221 } // namespace
230 222
231 AlgorithmImplementation* CreatePlatformHmacImplementation() { 223 AlgorithmImplementation* CreatePlatformHmacImplementation() {
232 return new HmacImplementation; 224 return new HmacImplementation;
233 } 225 }
234 226
235 } // namespace webcrypto 227 } // namespace webcrypto
236 228
237 } // namespace content 229 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | crypto/hmac_openssl.cc » ('j') | crypto/hmac_openssl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698