crypto/hmac_openssl.cc - Issue 975273002: Update some comments and code to reflect the fact that HMAC() is no longer hostile to NULL key data.

Side by Side Diff: crypto/hmac_openssl.cc

Issue 975273002: Update some comments and code to reflect the fact that HMAC() is no longer hostile to NULL key data. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase and address David's comments Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "crypto/hmac.h"	5 #include "crypto/hmac.h"

6	6

7 #include <openssl/hmac.h>	7 #include <openssl/hmac.h>

8	8

9 #include <algorithm>	9 #include <algorithm>

10 #include <vector>	10 #include <vector>

11	11

12 #include "base/logging.h"	12 #include "base/logging.h"

13 #include "base/memory/scoped_ptr.h"	13 #include "base/memory/scoped_ptr.h"

14 #include "base/stl_util.h"	14 #include "base/stl_util.h"

15 #include "crypto/openssl_util.h"	15 #include "crypto/openssl_util.h"

16	16

17 namespace crypto {	17 namespace crypto {

18	18

19 struct HMACPlatformData {	19 struct HMACPlatformData {

20 std::vector<unsigned char> key;	20 std::vector<unsigned char> key;

21 };	21 };

22	22

23 HMAC::HMAC(HashAlgorithm hash_alg)	23 HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg) {

24 : hash_alg_(hash_alg), plat_(new HMACPlatformData()) {

25 // Only SHA-1 and SHA-256 hash algorithms are supported now.	24 // Only SHA-1 and SHA-256 hash algorithms are supported now.

26 DCHECK(hash_alg_ == SHA1 \|\| hash_alg_ == SHA256);	25 DCHECK(hash_alg_ == SHA1 \|\| hash_alg_ == SHA256);

27 }	26 }

28	27

29 bool HMAC::Init(const unsigned char* key, size_t key_length) {	28 bool HMAC::Init(const unsigned char* key, size_t key_length) {

30 // Init must not be called more than once on the same HMAC object.	29 // Init must not be called more than once on the same HMAC object.

31 DCHECK(plat_->key.empty());	30 DCHECK(!plat_);

32	31 plat_.reset(new HMACPlatformData());

33 plat_->key.assign(key, key + key_length);	32 plat_->key.assign(key, key + key_length);

34 if (key_length == 0) {

35 // Special-case: if the key is empty, use a key with one zero

36 // byte. OpenSSL's HMAC function breaks when passed a NULL key. (It calls

37 // HMAC_Init_ex which treats a NULL key as having already been initialized

38 // with a key previously.) HMAC pads keys with zeros, so this key is

39 // equivalent.

40 plat_->key.push_back(0);

41 }

42 return true;	33 return true;

43 }	34 }

44	35

45 HMAC::~HMAC() {	36 HMAC::~HMAC() {

46 // Zero out key copy.	37 if (plat_) {

47 plat_->key.assign(plat_->key.size(), 0);	38 // Zero out key copy.

48 STLClearObject(&plat_->key);	39 plat_->key.assign(plat_->key.size(), 0);

	40 STLClearObject(&plat_->key);
	davidben 2015/03/05 00:31:29 (While you're here, I'm not sure line 40 does anyt (While you're here, I'm not sure line 40 does anything useful. Line 39 may be less pointless, if the compile isn't clever enough to optimize it away. shrug) eroman 2015/03/05 00:41:11 Yeah I agree doesn't seem useful. I will propose t Show quoted text On 2015/03/05 00:31:29, David Benjamin (slow this week wrote: > (While you're here, I'm not sure line 40 does anything useful. Line 39 may be > less pointless, if the compile isn't clever enough to optimize it away. shrug) Yeah I agree doesn't seem useful. I will propose that separately though to keep this CL strictly a refactor.
	41 }

49 }	42 }

50	43

51 bool HMAC::Sign(const base::StringPiece& data,	44 bool HMAC::Sign(const base::StringPiece& data,

52 unsigned char* digest,	45 unsigned char* digest,

53 size_t digest_length) const {	46 size_t digest_length) const {

54 DCHECK(!plat_->key.empty()); // Init must be called before Sign.	47 DCHECK(plat_); // Init must be called before Sign.

55	48

56 ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);	49 ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);

57 return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(),	50 return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(),

58 &plat_->key[0], plat_->key.size(),	51 vector_as_array(&plat_->key), plat_->key.size(),

59 reinterpret_cast<const unsigned char*>(data.data()),	52 reinterpret_cast<const unsigned char*>(data.data()),

60 data.size(),	53 data.size(), result.safe_buffer(), NULL);

61 result.safe_buffer(), NULL);

62 }	54 }

63	55

64 } // namespace crypto	56 } // namespace crypto

OLD	NEW

« no previous file with comments | « content/child/webcrypto/openssl/hmac_openssl.cc ('k') | no next file » | no next file with comments »