diff options
| author | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-14 17:37:14 +0000 |
|---|---|---|
| committer | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-14 17:37:14 +0000 |
| commit | 4b559b4ddffc0b7f688019bcb80658f05e063af7 (patch) | |
| tree | 0be21d8914de707f5125d2cb66733cbcf088606c | |
| parent | 056dd45d610de34312344445d7b078a31f4a1e20 (diff) | |
| download | chromium_src-4b559b4ddffc0b7f688019bcb80658f05e063af7.zip chromium_src-4b559b4ddffc0b7f688019bcb80658f05e063af7.tar.gz chromium_src-4b559b4ddffc0b7f688019bcb80658f05e063af7.tar.bz2 | |
Move crypto files out of base, to a top level directory.
src/crypto is now an independent project that contains our
cryptographic primitives (except md5 and sha1).
This removes the base dependency from nss, openssl and sqlite.
BUG=76996
TEST=none
Review URL: http://codereview.chromium.org/6805019
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81611 0039d316-1c4b-4281-b951-d872f2087c98
183 files changed, 1153 insertions, 1041 deletions
diff --git a/base/base.gyp b/base/base.gyp index 183749e..37b197d 100644 --- a/base/base.gyp +++ b/base/base.gyp @@ -112,13 +112,6 @@ 'callback_unittest.cc', 'command_line_unittest.cc', 'cpu_unittest.cc', - 'crypto/encryptor_unittest.cc', - 'crypto/rsa_private_key_unittest.cc', - 'crypto/rsa_private_key_nss_unittest.cc', - 'crypto/secure_hash_unittest.cc', - 'crypto/signature_creator_unittest.cc', - 'crypto/signature_verifier_unittest.cc', - 'crypto/symmetric_key_unittest.cc', 'debug/leak_tracker_unittest.cc', 'debug/stack_trace_unittest.cc', 'debug/trace_event_win_unittest.cc', @@ -129,7 +122,6 @@ 'file_util_unittest.cc', 'file_version_info_unittest.cc', 'gmock_unittest.cc', - 'hmac_unittest.cc', 'id_map_unittest.cc', 'i18n/break_iterator_unittest.cc', 'i18n/char_iterator_unittest.cc', @@ -167,7 +159,6 @@ 'process_util_unittest_mac.mm', 'rand_util_unittest.cc', 'sha1_unittest.cc', - 'sha2_unittest.cc', 'shared_memory_unittest.cc', 'stack_container_unittest.cc', 'string16_unittest.cc', @@ -256,7 +247,6 @@ }, { # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris" 'sources!': [ 'message_pump_glib_unittest.cc', - 'crypto/rsa_private_key_nss_unittest.cc', ] }], # This is needed to trigger the dll copy step on windows. @@ -281,11 +271,6 @@ 'win_util_unittest.cc', ], }], - [ 'use_openssl==1', { - 'sources!': [ - 'crypto/rsa_private_key_nss_unittest.cc', - ], - }], ], }, { diff --git a/base/base.gypi b/base/base.gypi index 4f409ab..8e49dd5 100644 --- a/base/base.gypi +++ b/base/base.gypi @@ -456,22 +456,6 @@ }, }, ], - [ 'use_openssl==1', { - 'dependencies': [ - '../third_party/openssl/openssl.gyp:openssl', - ], - }, { # use_openssl==0 - 'sources': [ - 'base/crypto/scoped_nss_types.h', - ], - 'dependencies': [ - '../build/linux/system.gyp:nss', - ], - 'export_dependent_settings': [ - '../build/linux/system.gyp:nss', - ], - } - ], ], 'dependencies': [ 'symbolize', @@ -525,27 +509,13 @@ '$(SDKROOT)/System/Library/Frameworks/Security.framework', ], }, - }, { # OS != "mac" - 'sources!': [ - 'crypto/cssm_init.cc', - 'crypto/cssm_init.h', - 'crypto/mac_security_services_lock.cc', - 'crypto/mac_security_services_lock.h', - ], }], - [ 'OS == "mac" or OS == "win"', { - 'dependencies': [ - '../third_party/nss/nss.gyp:nss', - ], - },], [ 'OS != "win"', { 'dependencies': ['../third_party/libevent/libevent.gyp:libevent'], 'sources!': [ 'third_party/purify/pure_api.c', 'base_drag_source.cc', 'base_drop_target.cc', - 'crypto/capi_util.h', - 'crypto/capi_util.cc', 'event_recorder.cc', 'file_version_info.cc', 'registry.cc', @@ -553,82 +523,11 @@ 'win_util.cc', ], },], - [ 'use_openssl==1', { - # TODO(joth): Use a glob to match exclude patterns once the - # OpenSSL file set is complete. - 'sources!': [ - 'crypto/encryptor_nss.cc', - 'crypto/rsa_private_key_nss.cc', - 'crypto/secure_hash_default.cc', - 'crypto/signature_creator_nss.cc', - 'crypto/signature_verifier_nss.cc', - 'crypto/symmetric_key_nss.cc', - 'hmac_nss.cc', - 'nss_util.cc', - 'nss_util.h', - 'third_party/nss/blapi.h', - 'third_party/nss/blapit.h', - 'third_party/nss/sha256.h', - 'third_party/nss/sha512.cc', - ], - }, { - 'sources!': [ - 'crypto/encryptor_openssl.cc', - 'crypto/rsa_private_key_openssl.cc', - 'crypto/secure_hash_openssl.cc', - 'crypto/signature_creator_openssl.cc', - 'crypto/signature_verifier_openssl.cc', - 'crypto/symmetric_key_openssl.cc', - 'hmac_openssl.cc', - 'openssl_util.cc', - 'openssl_util.h', - ], - },], ], 'sources': [ - 'crypto/capi_util.cc', - 'crypto/capi_util.h', - 'crypto/crypto_module_blocking_password_delegate.h', - 'crypto/cssm_init.cc', - 'crypto/cssm_init.h', - 'crypto/encryptor.h', - 'crypto/encryptor_mac.cc', - 'crypto/encryptor_nss.cc', - 'crypto/encryptor_openssl.cc', - 'crypto/encryptor_win.cc', - 'crypto/mac_security_services_lock.cc', - 'crypto/mac_security_services_lock.h', - 'crypto/rsa_private_key.h', - 'crypto/rsa_private_key.cc', - 'crypto/rsa_private_key_mac.cc', - 'crypto/rsa_private_key_nss.cc', - 'crypto/rsa_private_key_openssl.cc', - 'crypto/rsa_private_key_win.cc', - 'crypto/secure_hash.h', - 'crypto/secure_hash_default.cc', - 'crypto/secure_hash_openssl.cc', - 'crypto/signature_creator.h', - 'crypto/signature_creator_mac.cc', - 'crypto/signature_creator_nss.cc', - 'crypto/signature_creator_openssl.cc', - 'crypto/signature_creator_win.cc', - 'crypto/signature_verifier.h', - 'crypto/signature_verifier_mac.cc', - 'crypto/signature_verifier_nss.cc', - 'crypto/signature_verifier_openssl.cc', - 'crypto/signature_verifier_win.cc', - 'crypto/symmetric_key.h', - 'crypto/symmetric_key_mac.cc', - 'crypto/symmetric_key_nss.cc', - 'crypto/symmetric_key_openssl.cc', - 'crypto/symmetric_key_win.cc', 'third_party/nspr/prcpucfg.h', 'third_party/nspr/prcpucfg_win.h', 'third_party/nspr/prtypes.h', - 'third_party/nss/blapi.h', - 'third_party/nss/blapit.h', - 'third_party/nss/sha256.h', - 'third_party/nss/sha512.cc', 'third_party/purify/pure.h', 'third_party/purify/pure_api.c', 'third_party/xdg_user_dirs/xdg_user_dir_lookup.cc', @@ -641,11 +540,6 @@ 'event_recorder_stubs.cc', 'file_descriptor_shuffle.cc', 'file_descriptor_shuffle.h', - 'hmac.h', - 'hmac_mac.cc', - 'hmac_nss.cc', - 'hmac_openssl.cc', - 'hmac_win.cc', 'linux_util.cc', 'linux_util.h', 'md5.cc', @@ -661,12 +555,6 @@ 'message_pump_mac.mm', 'metrics/field_trial.cc', 'metrics/field_trial.h', - 'nss_util.cc', - 'nss_util.h', - 'openssl_util.cc', - 'openssl_util.h', - 'sha2.cc', - 'sha2.h', 'string16.cc', 'string16.h', 'sync_socket.h', diff --git a/base/sha1_win.cc b/base/sha1_win.cc index 853c244..233749b5 100644 --- a/base/sha1_win.cc +++ b/base/sha1_win.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -7,7 +7,9 @@ #include <windows.h> #include <wincrypt.h> -#include "base/crypto/scoped_capi_types.h" +// This file is not being compiled at the moment (see bug 47218). If we keep +// sha1 inside base, we cannot depend on src/crypto. +// #include "crypto/scoped_capi_types.h" #include "base/logging.h" namespace base { diff --git a/base/test/test_suite.cc b/base/test/test_suite.cc index aadd5e1..d952dc9 100644 --- a/base/test/test_suite.cc +++ b/base/test/test_suite.cc @@ -15,7 +15,6 @@ #include "base/logging.h" #include "base/mac/scoped_nsautorelease_pool.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/process_util.h" #include "base/test/multiprocess_test.h" @@ -214,14 +213,6 @@ void TestSuite::Initialize() { icu_util::Initialize(); -#if defined(USE_NSS) - // Trying to repeatedly initialize and cleanup NSS and NSPR may result in - // a deadlock. Such repeated initialization will happen when using test - // isolation. Prevent problems by initializing NSS here, so that the cleanup - // will be done only on process exit. - base::EnsureNSSInit(); -#endif // defined(USE_NSS) - CatchMaybeTests(); TestTimeouts::Initialize(); diff --git a/chrome/DEPS b/chrome/DEPS index a64c1c0..43bc0f4 100644 --- a/chrome/DEPS +++ b/chrome/DEPS @@ -1,6 +1,7 @@ include_rules = [ "+app", "+content", + "+crypto", "+gpu", "+net", "+printing", diff --git a/chrome/app/chrome_main.cc b/chrome/app/chrome_main.cc index 6ac2496..0f9d663 100644 --- a/chrome/app/chrome_main.cc +++ b/chrome/app/chrome_main.cc @@ -13,13 +13,13 @@ #include "base/message_loop.h" #include "base/metrics/stats_counters.h" #include "base/metrics/stats_table.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/process_util.h" #include "base/string_number_conversions.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" #include "build/build_config.h" +#include "crypto/nss_util.h" #include "chrome/browser/defaults.h" #include "chrome/browser/diagnostics/diagnostics_main.h" #include "chrome/browser/platform_util.h" @@ -589,7 +589,7 @@ int ChromeMain(int argc, char** argv) { SetupCRT(command_line); #if defined(USE_NSS) - base::EarlySetupForNSSInit(); + crypto::EarlySetupForNSSInit(); #endif // Initialize the Chrome path provider. diff --git a/chrome/browser/browser_main_gtk.cc b/chrome/browser/browser_main_gtk.cc index 342c643..072ed0e 100644 --- a/chrome/browser/browser_main_gtk.cc +++ b/chrome/browser/browser_main_gtk.cc @@ -27,7 +27,7 @@ #include "ui/gfx/gtk_util.h" #if defined(USE_NSS) -#include "base/nss_util.h" +#include "crypto/nss_util.h" #endif #if defined(USE_LINUX_BREAKPAD) @@ -69,7 +69,7 @@ void BrowserMainPartsGtk::PreEarlyInitialization() { #if defined(USE_NSS) // We want to be sure to init NSPR on the main thread. - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); #endif } diff --git a/chrome/browser/browser_main_mac.mm b/chrome/browser/browser_main_mac.mm index 806c6e7..5ebe23d 100644 --- a/chrome/browser/browser_main_mac.mm +++ b/chrome/browser/browser_main_mac.mm @@ -11,8 +11,8 @@ #include "base/file_path.h" #include "base/mac/mac_util.h" #include "base/memory/scoped_nsobject.h" -#include "base/nss_util.h" #include "base/path_service.h" +#include "crypto/nss_util.h" #include "chrome/app/breakpad_mac.h" #import "chrome/browser/app_controller_mac.h" #include "chrome/browser/browser_main_win.h" @@ -137,7 +137,7 @@ class BrowserMainPartsMac : public BrowserMainPartsPosix { net::ClientSocketFactory::UseSystemSSL(); } else { // We want to be sure to init NSPR on the main thread. - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); } } }; diff --git a/chrome/browser/browser_main_win.cc b/chrome/browser/browser_main_win.cc index fc69fcd..0a5ded4 100644 --- a/chrome/browser/browser_main_win.cc +++ b/chrome/browser/browser_main_win.cc @@ -15,11 +15,11 @@ #include "base/i18n/rtl.h" #include "base/memory/scoped_native_library.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/utf_string_conversions.h" #include "base/win/windows_version.h" #include "base/win/wrapped_window_proc.h" +#include "crypto/nss_util.h" #include "chrome/browser/first_run/first_run.h" #include "chrome/browser/first_run/upgrade_util.h" #include "chrome/browser/metrics/metrics_service.h" @@ -295,7 +295,7 @@ class BrowserMainPartsWin : public BrowserMainParts { net::ClientSocketFactory::UseSystemSSL(); } else { // We want to be sure to init NSPR on the main thread. - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); } } }; diff --git a/chrome/browser/chromeos/login/google_authenticator.cc b/chrome/browser/chromeos/login/google_authenticator.cc index f927e60..3ecece9 100644 --- a/chrome/browser/chromeos/login/google_authenticator.cc +++ b/chrome/browser/chromeos/login/google_authenticator.cc @@ -11,11 +11,10 @@ #include "base/file_util.h" #include "base/logging.h" #include "base/path_service.h" -#include "base/sha2.h" #include "base/string_util.h" #include "base/synchronization/lock.h" -#include "base/third_party/nss/blapi.h" -#include "base/third_party/nss/sha256.h" +#include "crypto/third_party/nss/blapi.h" +#include "crypto/third_party/nss/sha256.h" #include "chrome/browser/chromeos/boot_times_loader.h" #include "chrome/browser/chromeos/cros/cryptohome_library.h" #include "chrome/browser/chromeos/login/auth_response_handler.h" diff --git a/chrome/browser/chromeos/login/mock_owner_key_utils.h b/chrome/browser/chromeos/login/mock_owner_key_utils.h index e755ca8..57b47dc 100644 --- a/chrome/browser/chromeos/login/mock_owner_key_utils.h +++ b/chrome/browser/chromeos/login/mock_owner_key_utils.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,16 +9,14 @@ #include <vector> #include "base/basictypes.h" -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" +#include "crypto/rsa_private_key.h" #include "chrome/browser/chromeos/cros/login_library.h" #include "chrome/browser/chromeos/login/owner_key_utils.h" #include "content/browser/browser_thread.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" -using ::base::RSAPrivateKey; - namespace chromeos { class MockKeyUtils : public OwnerKeyUtils { @@ -31,10 +29,11 @@ class MockKeyUtils : public OwnerKeyUtils { const std::vector<uint8> public_key)); MOCK_METHOD3(Sign, bool(const std::string& data, std::vector<uint8>* OUT_signature, - base::RSAPrivateKey* key)); - MOCK_METHOD1(FindPrivateKey, RSAPrivateKey*(const std::vector<uint8>& key)); + crypto::RSAPrivateKey* key)); + MOCK_METHOD1(FindPrivateKey, + crypto::RSAPrivateKey*(const std::vector<uint8>& key)); MOCK_METHOD0(GetOwnerKeyFilePath, FilePath()); - MOCK_METHOD2(ExportPublicKeyToFile, bool(base::RSAPrivateKey* pair, + MOCK_METHOD2(ExportPublicKeyToFile, bool(crypto::RSAPrivateKey* pair, const FilePath& key_file)); protected: virtual ~MockKeyUtils() {} diff --git a/chrome/browser/chromeos/login/owner_key_utils.cc b/chrome/browser/chromeos/login/owner_key_utils.cc index bdfc489..119eb33 100644 --- a/chrome/browser/chromeos/login/owner_key_utils.cc +++ b/chrome/browser/chromeos/login/owner_key_utils.cc @@ -6,19 +6,18 @@ #include <limits> -#include "base/crypto/rsa_private_key.h" -#include "base/crypto/signature_creator.h" -#include "base/crypto/signature_verifier.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/string_util.h" +#include "crypto/rsa_private_key.h" +#include "crypto/signature_creator.h" +#include "crypto/signature_verifier.h" #include "chrome/browser/chromeos/cros/cros_library.h" #include "chrome/browser/chromeos/cros/login_library.h" #include "chrome/common/extensions/extension_constants.h" -using base::RSAPrivateKey; using extension_misc::kSignatureAlgorithm; namespace chromeos { @@ -49,16 +48,17 @@ class OwnerKeyUtilsImpl : public OwnerKeyUtils { bool Sign(const std::string& data, std::vector<uint8>* OUT_signature, - base::RSAPrivateKey* key); + crypto::RSAPrivateKey* key); - RSAPrivateKey* FindPrivateKey(const std::vector<uint8>& key); + crypto::RSAPrivateKey* FindPrivateKey(const std::vector<uint8>& key); FilePath GetOwnerKeyFilePath(); protected: virtual ~OwnerKeyUtilsImpl(); - bool ExportPublicKeyToFile(RSAPrivateKey* pair, const FilePath& key_file); + bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair, + const FilePath& key_file); private: // The file outside the owner's encrypted home directory where her @@ -83,7 +83,7 @@ OwnerKeyUtilsImpl::OwnerKeyUtilsImpl() {} OwnerKeyUtilsImpl::~OwnerKeyUtilsImpl() {} -bool OwnerKeyUtilsImpl::ExportPublicKeyToFile(RSAPrivateKey* pair, +bool OwnerKeyUtilsImpl::ExportPublicKeyToFile(crypto::RSAPrivateKey* pair, const FilePath& key_file) { DCHECK(pair); bool ok = false; @@ -134,7 +134,7 @@ bool OwnerKeyUtilsImpl::ImportPublicKey(const FilePath& key_file, bool OwnerKeyUtilsImpl::Verify(const std::string& data, const std::vector<uint8> signature, const std::vector<uint8> public_key) { - base::SignatureVerifier verifier; + crypto::SignatureVerifier verifier; if (!verifier.VerifyInit(kSignatureAlgorithm, sizeof(kSignatureAlgorithm), &signature[0], signature.size(), &public_key[0], public_key.size())) { @@ -148,9 +148,9 @@ bool OwnerKeyUtilsImpl::Verify(const std::string& data, bool OwnerKeyUtilsImpl::Sign(const std::string& data, std::vector<uint8>* OUT_signature, - base::RSAPrivateKey* key) { - scoped_ptr<base::SignatureCreator> signer( - base::SignatureCreator::Create(key)); + crypto::RSAPrivateKey* key) { + scoped_ptr<crypto::SignatureCreator> signer( + crypto::SignatureCreator::Create(key)); if (!signer->Update(reinterpret_cast<const uint8*>(data.c_str()), data.length())) { return false; @@ -158,9 +158,9 @@ bool OwnerKeyUtilsImpl::Sign(const std::string& data, return signer->Final(OUT_signature); } -RSAPrivateKey* OwnerKeyUtilsImpl::FindPrivateKey( +crypto::RSAPrivateKey* OwnerKeyUtilsImpl::FindPrivateKey( const std::vector<uint8>& key) { - return RSAPrivateKey::FindFromPublicKeyInfo(key); + return crypto::RSAPrivateKey::FindFromPublicKeyInfo(key); } FilePath OwnerKeyUtilsImpl::GetOwnerKeyFilePath() { diff --git a/chrome/browser/chromeos/login/owner_key_utils.h b/chrome/browser/chromeos/login/owner_key_utils.h index 3a2c84c..e8ba047f 100644 --- a/chrome/browser/chromeos/login/owner_key_utils.h +++ b/chrome/browser/chromeos/login/owner_key_utils.h @@ -15,7 +15,7 @@ class FilePath; -namespace base { +namespace crypto { class RSAPrivateKey; } @@ -60,12 +60,12 @@ class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> { // and populate |OUT_signature|. virtual bool Sign(const std::string& data, std::vector<uint8>* OUT_signature, - base::RSAPrivateKey* key) = 0; + crypto::RSAPrivateKey* key) = 0; // Looks for the private key associated with |key| in the default slot, // and returns it if it can be found. Returns NULL otherwise. // Caller takes ownership. - virtual base::RSAPrivateKey* FindPrivateKey( + virtual crypto::RSAPrivateKey* FindPrivateKey( const std::vector<uint8>& key) = 0; virtual FilePath GetOwnerKeyFilePath() = 0; @@ -76,7 +76,7 @@ class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> { // DER encodes public half of |pair| and writes it out to |key_file|. // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object. // Returns false on error. - virtual bool ExportPublicKeyToFile(base::RSAPrivateKey* pair, + virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair, const FilePath& key_file) = 0; private: diff --git a/chrome/browser/chromeos/login/owner_key_utils_unittest.cc b/chrome/browser/chromeos/login/owner_key_utils_unittest.cc index 6033455..1b5ef26 100644 --- a/chrome/browser/chromeos/login/owner_key_utils_unittest.cc +++ b/chrome/browser/chromeos/login/owner_key_utils_unittest.cc @@ -7,13 +7,13 @@ #include <string> #include <vector> -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/memory/ref_counted.h" #include "base/memory/scoped_temp_dir.h" -#include "base/nss_util.h" -#include "base/nss_util_internal.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" +#include "crypto/rsa_private_key.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" @@ -25,7 +25,7 @@ class OwnerKeyUtilsTest : public ::testing::Test { virtual ~OwnerKeyUtilsTest() {} virtual void SetUp() { - base::OpenPersistentNSSDB(); + crypto::OpenPersistentNSSDB(); } // Key generation parameters. @@ -39,9 +39,9 @@ class OwnerKeyUtilsTest : public ::testing::Test { const uint16 OwnerKeyUtilsTest::kKeySizeInBits = 2048; TEST_F(OwnerKeyUtilsTest, ExportImportPublicKey) { - scoped_ptr<base::RSAPrivateKey> pair( - base::RSAPrivateKey::CreateSensitive(kKeySizeInBits)); - ASSERT_NE(pair.get(), reinterpret_cast<base::RSAPrivateKey*>(NULL)); + scoped_ptr<crypto::RSAPrivateKey> pair( + crypto::RSAPrivateKey::CreateSensitive(kKeySizeInBits)); + ASSERT_NE(pair.get(), reinterpret_cast<crypto::RSAPrivateKey*>(NULL)); // Export public key to file. ScopedTempDir tmpdir; diff --git a/chrome/browser/chromeos/login/owner_manager.h b/chrome/browser/chromeos/login/owner_manager.h index 06f700a..9b0f036 100644 --- a/chrome/browser/chromeos/login/owner_manager.h +++ b/chrome/browser/chromeos/login/owner_manager.h @@ -9,8 +9,8 @@ #include <vector> #include "base/basictypes.h" -#include "base/crypto/rsa_private_key.h" #include "base/memory/ref_counted.h" +#include "crypto/rsa_private_key.h" #include "chrome/browser/chromeos/login/owner_key_utils.h" #include "content/browser/browser_thread.h" @@ -89,7 +89,7 @@ class OwnerManager : public base::RefCountedThreadSafe<OwnerManager> { d->OnKeyOpComplete(return_code, payload); } - scoped_ptr<base::RSAPrivateKey> private_key_; + scoped_ptr<crypto::RSAPrivateKey> private_key_; std::vector<uint8> public_key_; scoped_refptr<OwnerKeyUtils> utils_; diff --git a/chrome/browser/chromeos/login/owner_manager_unittest.cc b/chrome/browser/chromeos/login/owner_manager_unittest.cc index edeeab9..b2e7f88e 100644 --- a/chrome/browser/chromeos/login/owner_manager_unittest.cc +++ b/chrome/browser/chromeos/login/owner_manager_unittest.cc @@ -7,18 +7,18 @@ #include <string> -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/logging.h" #include "base/memory/scoped_temp_dir.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" +#include "crypto/rsa_private_key.h" #include "chrome/browser/chromeos/login/mock_owner_key_utils.h" #include "content/browser/browser_thread.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" -using ::base::RSAPrivateKey; +using ::crypto::RSAPrivateKey; using ::testing::DoAll; using ::testing::Eq; using ::testing::Invoke; @@ -40,7 +40,7 @@ class OwnerManagerTest : public ::testing::Test { virtual ~OwnerManagerTest() {} virtual void SetUp() { - base::OpenPersistentNSSDB(); // TODO(cmasone): use test DB instead + crypto::OpenPersistentNSSDB(); // TODO(cmasone): use test DB instead fake_private_key_.reset(RSAPrivateKey::Create(256)); ASSERT_TRUE(fake_private_key_->ExportPublicKey(&fake_public_key_)); diff --git a/chrome/browser/chromeos/login/ownership_service_unittest.cc b/chrome/browser/chromeos/login/ownership_service_unittest.cc index 24b5959..dfa4f25 100644 --- a/chrome/browser/chromeos/login/ownership_service_unittest.cc +++ b/chrome/browser/chromeos/login/ownership_service_unittest.cc @@ -6,20 +6,20 @@ #include <string> -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/memory/scoped_temp_dir.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" +#include "crypto/rsa_private_key.h" #include "chrome/browser/chromeos/login/mock_owner_key_utils.h" #include "chrome/browser/chromeos/login/owner_manager_unittest.h" #include "content/browser/browser_thread.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" -using ::base::RSAPrivateKey; +using ::crypto::RSAPrivateKey; using ::testing::DoAll; using ::testing::Eq; using ::testing::Invoke; @@ -42,7 +42,7 @@ class OwnershipServiceTest : public ::testing::Test { virtual ~OwnershipServiceTest() {} virtual void SetUp() { - base::OpenPersistentNSSDB(); // TODO(cmasone): use test DB instead + crypto::OpenPersistentNSSDB(); // TODO(cmasone): use test DB instead fake_private_key_.reset(RSAPrivateKey::Create(256)); ASSERT_TRUE(fake_private_key_->ExportPublicKey(&fake_public_key_)); diff --git a/chrome/browser/chromeos/login/parallel_authenticator.cc b/chrome/browser/chromeos/login/parallel_authenticator.cc index d2f9b84..e419059 100644 --- a/chrome/browser/chromeos/login/parallel_authenticator.cc +++ b/chrome/browser/chromeos/login/parallel_authenticator.cc @@ -11,11 +11,10 @@ #include "base/file_util.h" #include "base/logging.h" #include "base/path_service.h" -#include "base/sha2.h" #include "base/string_util.h" #include "base/synchronization/lock.h" -#include "base/third_party/nss/blapi.h" -#include "base/third_party/nss/sha256.h" +#include "crypto/third_party/nss/blapi.h" +#include "crypto/third_party/nss/sha256.h" #include "chrome/browser/chromeos/cros/cryptohome_library.h" #include "chrome/browser/chromeos/login/auth_response_handler.h" #include "chrome/browser/chromeos/login/authentication_notification_details.h" diff --git a/chrome/browser/chromeos/login/signed_settings_unittest.cc b/chrome/browser/chromeos/login/signed_settings_unittest.cc index 6570cac..80f6815 100644 --- a/chrome/browser/chromeos/login/signed_settings_unittest.cc +++ b/chrome/browser/chromeos/login/signed_settings_unittest.cc @@ -7,7 +7,6 @@ #include "base/file_util.h" #include "base/logging.h" #include "base/memory/scoped_temp_dir.h" -#include "base/nss_util.h" #include "base/stringprintf.h" #include "chrome/browser/chromeos/cros/cros_library.h" #include "chrome/browser/chromeos/cros/mock_library_loader.h" @@ -18,6 +17,7 @@ #include "chrome/browser/policy/proto/device_management_backend.pb.h" #include "chrome/test/thread_test_helper.h" #include "content/browser/browser_thread.h" +#include "crypto/rsa_private_key.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" @@ -259,7 +259,7 @@ class SignedSettingsTest : public ::testing::Test { BrowserThread file_thread_; std::vector<uint8> fake_public_key_; - scoped_ptr<RSAPrivateKey> fake_private_key_; + scoped_ptr<crypto::RSAPrivateKey> fake_private_key_; MockKeyUtils* mock_; MockInjector injector_; diff --git a/chrome/browser/chromeos/login/user_manager.cc b/chrome/browser/chromeos/login/user_manager.cc index 671eaf4..1b71734 100644 --- a/chrome/browser/chromeos/login/user_manager.cc +++ b/chrome/browser/chromeos/login/user_manager.cc @@ -10,13 +10,13 @@ #include "base/file_util.h" #include "base/lazy_instance.h" #include "base/logging.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/string_util.h" #include "base/stringprintf.h" #include "base/time.h" #include "base/utf_string_conversions.h" #include "base/values.h" +#include "crypto/nss_util.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/chromeos/cros/cros_library.h" #include "chrome/browser/chromeos/cros/cryptohome_library.h" @@ -567,14 +567,14 @@ void UserManager::NotifyOnLogin() { // Let the window manager know that we're logged in now. WmIpc::instance()->SetLoggedInProperty(true); // Ensure we've opened the real user's key/certificate database. - base::OpenPersistentNSSDB(); + crypto::OpenPersistentNSSDB(); // Only load the Opencryptoki library into NSS if we have this switch. // TODO(gspencer): Remove this switch once cryptohomed work is finished: // http://crosbug.com/12295 and http://crosbug.com/12304 if (CommandLine::ForCurrentProcess()->HasSwitch( switches::kLoadOpencryptoki)) { - base::EnableTPMForNSS(); + crypto::EnableTPMForNSS(); } // Schedules current user ownership check on file thread. diff --git a/chrome/browser/download/base_file.cc b/chrome/browser/download/base_file.cc index 5f5a53b..d135191 100644 --- a/chrome/browser/download/base_file.cc +++ b/chrome/browser/download/base_file.cc @@ -4,11 +4,11 @@ #include "chrome/browser/download/base_file.h" -#include "base/crypto/secure_hash.h" #include "base/file_util.h" #include "base/format_macros.h" #include "base/logging.h" #include "base/stringprintf.h" +#include "crypto/secure_hash.h" #include "net/base/file_stream.h" #include "net/base/net_errors.h" #include "chrome/browser/download/download_util.h" @@ -52,7 +52,7 @@ bool BaseFile::Initialize(bool calculate_hash) { calculate_hash_ = calculate_hash; if (calculate_hash_) - secure_hash_.reset(base::SecureHash::Create(base::SecureHash::SHA256)); + secure_hash_.reset(crypto::SecureHash::Create(crypto::SecureHash::SHA256)); if (!full_path_.empty() || download_util::CreateTemporaryFileForDownload(&full_path_)) diff --git a/chrome/browser/download/base_file.h b/chrome/browser/download/base_file.h index fcbd2d9..f9a5c28 100644 --- a/chrome/browser/download/base_file.h +++ b/chrome/browser/download/base_file.h @@ -14,7 +14,7 @@ #include "chrome/browser/power_save_blocker.h" #include "googleurl/src/gurl.h" -namespace base { +namespace crypto { class SecureHash; } namespace net { @@ -94,7 +94,7 @@ class BaseFile { // Used to calculate sha256 hash for the file when calculate_hash_ // is set. - scoped_ptr<base::SecureHash> secure_hash_; + scoped_ptr<crypto::SecureHash> secure_hash_; unsigned char sha256_hash_[kSha256HashLen]; diff --git a/chrome/browser/enumerate_modules_model_win.cc b/chrome/browser/enumerate_modules_model_win.cc index 7897476..8b0f6be 100644 --- a/chrome/browser/enumerate_modules_model_win.cc +++ b/chrome/browser/enumerate_modules_model_win.cc @@ -12,7 +12,6 @@ #include "base/file_path.h" #include "base/file_version_info_win.h" #include "base/metrics/histogram.h" -#include "base/sha2.h" #include "base/string_number_conversions.h" #include "base/string_util.h" #include "base/time.h" @@ -21,6 +20,7 @@ #include "base/version.h" #include "base/win/registry.h" #include "base/win/scoped_handle.h" +#include "crypto/sha2.h" #include "chrome/browser/net/service_providers_win.h" #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_switches.h" @@ -262,7 +262,7 @@ static void GenerateHash(const std::string& input, std::string* output) { } uint8 hash[4]; - base::SHA256HashString(input, hash, sizeof(hash)); + crypto::SHA256HashString(input, hash, sizeof(hash)); *output = StringToLowerASCII(base::HexEncode(hash, sizeof(hash))); } diff --git a/chrome/browser/extensions/convert_user_script.cc b/chrome/browser/extensions/convert_user_script.cc index 3f89b74..e1f7e79 100644 --- a/chrome/browser/extensions/convert_user_script.cc +++ b/chrome/browser/extensions/convert_user_script.cc @@ -12,8 +12,8 @@ #include "base/file_util.h" #include "base/memory/scoped_temp_dir.h" #include "base/path_service.h" -#include "base/sha2.h" #include "base/string_util.h" +#include "crypto/sha2.h" #include "chrome/browser/extensions/user_script_master.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/extension.h" @@ -72,10 +72,10 @@ scoped_refptr<Extension> ConvertUserScriptToExtension( // identity is its namespace+name, so we hash that to create a public key. // There will be no corresponding private key, which means user scripts cannot // be auto-updated, or claimed in the gallery. - char raw[base::SHA256_LENGTH] = {0}; + char raw[crypto::SHA256_LENGTH] = {0}; std::string key; - base::SHA256HashString(script_name, raw, base::SHA256_LENGTH); - base::Base64Encode(std::string(raw, base::SHA256_LENGTH), &key); + crypto::SHA256HashString(script_name, raw, crypto::SHA256_LENGTH); + base::Base64Encode(std::string(raw, crypto::SHA256_LENGTH), &key); // The script may not have a name field, but we need one for an extension. If // it is missing, use the filename of the original URL. diff --git a/chrome/browser/extensions/convert_web_app.cc b/chrome/browser/extensions/convert_web_app.cc index 27a0fc9..f3305a7 100644 --- a/chrome/browser/extensions/convert_web_app.cc +++ b/chrome/browser/extensions/convert_web_app.cc @@ -15,10 +15,10 @@ #include "base/logging.h" #include "base/memory/scoped_temp_dir.h" #include "base/path_service.h" -#include "base/sha2.h" #include "base/stringprintf.h" #include "base/time.h" #include "base/utf_string_conversions.h" +#include "crypto/sha2.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_constants.h" @@ -46,12 +46,12 @@ const char kIconsDirName[] = "icons"; // auto-updated using ExtensionUpdater. But Chrome does notice updates to the // manifest and regenerates these extensions. std::string GenerateKey(const GURL& manifest_url) { - char raw[base::SHA256_LENGTH] = {0}; + char raw[crypto::SHA256_LENGTH] = {0}; std::string key; - base::SHA256HashString(manifest_url.spec().c_str(), - raw, - base::SHA256_LENGTH); - base::Base64Encode(std::string(raw, base::SHA256_LENGTH), &key); + crypto::SHA256HashString(manifest_url.spec().c_str(), + raw, + crypto::SHA256_LENGTH); + base::Base64Encode(std::string(raw, crypto::SHA256_LENGTH), &key); return key; } diff --git a/chrome/browser/extensions/extension_creator.cc b/chrome/browser/extensions/extension_creator.cc index 4aa7d8c..2f4acf1 100644 --- a/chrome/browser/extensions/extension_creator.cc +++ b/chrome/browser/extensions/extension_creator.cc @@ -7,12 +7,12 @@ #include <vector> #include <string> -#include "base/crypto/rsa_private_key.h" -#include "base/crypto/signature_creator.h" #include "base/file_util.h" #include "base/memory/scoped_handle.h" #include "base/memory/scoped_temp_dir.h" #include "base/string_util.h" +#include "crypto/rsa_private_key.h" +#include "crypto/signature_creator.h" #include "chrome/browser/extensions/sandboxed_extension_unpacker.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_file_util.h" @@ -74,7 +74,7 @@ bool ExtensionCreator::InitializeInput( return true; } -base::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath& +crypto::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath& private_key_path) { if (!file_util::PathExists(private_key_path)) { error_message_ = @@ -98,14 +98,14 @@ base::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath& return NULL; } - return base::RSAPrivateKey::CreateFromPrivateKeyInfo( + return crypto::RSAPrivateKey::CreateFromPrivateKeyInfo( std::vector<uint8>(private_key_bytes.begin(), private_key_bytes.end())); } -base::RSAPrivateKey* ExtensionCreator::GenerateKey(const FilePath& +crypto::RSAPrivateKey* ExtensionCreator::GenerateKey(const FilePath& output_private_key_path) { - scoped_ptr<base::RSAPrivateKey> key_pair( - base::RSAPrivateKey::Create(kRSAKeySize)); + scoped_ptr<crypto::RSAPrivateKey> key_pair( + crypto::RSAPrivateKey::Create(kRSAKeySize)); if (!key_pair.get()) { error_message_ = l10n_util::GetStringUTF8(IDS_EXTENSION_PRIVATE_KEY_FAILED_TO_GENERATE); @@ -163,10 +163,10 @@ bool ExtensionCreator::CreateZip(const FilePath& extension_dir, } bool ExtensionCreator::SignZip(const FilePath& zip_path, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, std::vector<uint8>* signature) { - scoped_ptr<base::SignatureCreator> signature_creator( - base::SignatureCreator::Create(private_key)); + scoped_ptr<crypto::SignatureCreator> signature_creator( + crypto::SignatureCreator::Create(private_key)); ScopedStdioHandle zip_handle(file_util::OpenFile(zip_path, "rb")); size_t buffer_size = 1 << 16; scoped_array<uint8> buffer(new uint8[buffer_size]); @@ -186,7 +186,7 @@ bool ExtensionCreator::SignZip(const FilePath& zip_path, } bool ExtensionCreator::WriteCRX(const FilePath& zip_path, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, const std::vector<uint8>& signature, const FilePath& crx_path) { if (file_util::PathExists(crx_path)) @@ -246,7 +246,7 @@ bool ExtensionCreator::Run(const FilePath& extension_dir, } // Initialize Key Pair - scoped_ptr<base::RSAPrivateKey> key_pair; + scoped_ptr<crypto::RSAPrivateKey> key_pair; if (!private_key_path.value().empty()) key_pair.reset(ReadInputKey(private_key_path)); else diff --git a/chrome/browser/extensions/extension_creator.h b/chrome/browser/extensions/extension_creator.h index 6235584..0499821 100644 --- a/chrome/browser/extensions/extension_creator.h +++ b/chrome/browser/extensions/extension_creator.h @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -11,7 +11,7 @@ #include "base/basictypes.h" -namespace base { +namespace crypto { class RSAPrivateKey; } @@ -45,11 +45,11 @@ class ExtensionCreator { const FilePath& private_key_output_path); // Reads private key from |private_key_path|. - base::RSAPrivateKey* ReadInputKey(const FilePath& private_key_path); + crypto::RSAPrivateKey* ReadInputKey(const FilePath& private_key_path); // Generates a key pair and writes the private key to |private_key_path| // if provided. - base::RSAPrivateKey* GenerateKey(const FilePath& private_key_path); + crypto::RSAPrivateKey* GenerateKey(const FilePath& private_key_path); // Creates temporary zip file for the extension. bool CreateZip(const FilePath& extension_dir, const FilePath& temp_path, @@ -57,12 +57,12 @@ class ExtensionCreator { // Signs the temporary zip and returns the signature. bool SignZip(const FilePath& zip_path, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, std::vector<uint8>* signature); // Export installable .crx to |crx_path|. bool WriteCRX(const FilePath& zip_path, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, const std::vector<uint8>& signature, const FilePath& crx_path); diff --git a/chrome/browser/extensions/extension_updater.cc b/chrome/browser/extensions/extension_updater.cc index 5aeeab6..ca05574 100644 --- a/chrome/browser/extensions/extension_updater.cc +++ b/chrome/browser/extensions/extension_updater.cc @@ -12,7 +12,6 @@ #include "base/file_util.h" #include "base/metrics/histogram.h" #include "base/rand_util.h" -#include "base/sha2.h" #include "base/stl_util-inl.h" #include "base/string_number_conversions.h" #include "base/string_split.h" @@ -20,6 +19,7 @@ #include "base/time.h" #include "base/threading/thread.h" #include "base/version.h" +#include "crypto/sha2.h" #include "content/common/notification_service.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/extensions/extension_error_reporter.h" @@ -787,10 +787,10 @@ void ExtensionUpdater::HandleManifestResults( void ExtensionUpdater::ProcessBlacklist(const std::string& data) { DCHECK(alive_); // Verify sha256 hash value. - char sha256_hash_value[base::SHA256_LENGTH]; - base::SHA256HashString(data, sha256_hash_value, base::SHA256_LENGTH); + char sha256_hash_value[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(data, sha256_hash_value, crypto::SHA256_LENGTH); std::string hash_in_hex = base::HexEncode(sha256_hash_value, - base::SHA256_LENGTH); + crypto::SHA256_LENGTH); if (current_extension_fetch_.package_hash != hash_in_hex) { NOTREACHED() << "Fetched blacklist checksum is not as expected. " diff --git a/chrome/browser/extensions/sandboxed_extension_unpacker.cc b/chrome/browser/extensions/sandboxed_extension_unpacker.cc index 8aead47..3cb5173 100644 --- a/chrome/browser/extensions/sandboxed_extension_unpacker.cc +++ b/chrome/browser/extensions/sandboxed_extension_unpacker.cc @@ -7,7 +7,6 @@ #include <set> #include "base/base64.h" -#include "base/crypto/signature_verifier.h" #include "base/file_util.h" #include "base/file_util_proxy.h" #include "base/memory/scoped_handle.h" @@ -16,6 +15,7 @@ #include "base/path_service.h" #include "base/task.h" #include "base/utf_string_conversions.h" // TODO(viettrungluu): delete me. +#include "crypto/signature_verifier.h" #include "chrome/browser/extensions/extension_service.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/chrome_switches.h" @@ -367,7 +367,7 @@ bool SandboxedExtensionUnpacker::ValidateSignature() { return false; } - base::SignatureVerifier verifier; + crypto::SignatureVerifier verifier; if (!verifier.VerifyInit(extension_misc::kSignatureAlgorithm, sizeof(extension_misc::kSignatureAlgorithm), &signature.front(), diff --git a/chrome/browser/importer/nss_decryptor_system_nss.cc b/chrome/browser/importer/nss_decryptor_system_nss.cc index 58ce34e..f51a777 100644 --- a/chrome/browser/importer/nss_decryptor_system_nss.cc +++ b/chrome/browser/importer/nss_decryptor_system_nss.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,9 +9,9 @@ #include "base/basictypes.h" #include "base/file_path.h" -#include "base/nss_util.h" #include "base/string_util.h" #include "base/sys_string_conversions.h" +#include "crypto/nss_util.h" NSSDecryptor::NSSDecryptor() : is_nss_initialized_(false), db_slot_(NULL) {} NSSDecryptor::~NSSDecryptor() { @@ -25,7 +25,7 @@ NSSDecryptor::~NSSDecryptor() { } bool NSSDecryptor::Init(const FilePath& dll_path, const FilePath& db_path) { - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); is_nss_initialized_ = true; const std::string modspec = StringPrintf("configDir='%s' tokenDescription='Firefox NSS database' " diff --git a/chrome/browser/password_manager/encryptor_linux.cc b/chrome/browser/password_manager/encryptor_linux.cc index 5da8fd8..9cdbb10 100644 --- a/chrome/browser/password_manager/encryptor_linux.cc +++ b/chrome/browser/password_manager/encryptor_linux.cc @@ -4,11 +4,11 @@ #include "chrome/browser/password_manager/encryptor.h" -#include "base/crypto/encryptor.h" -#include "base/crypto/symmetric_key.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/utf_string_conversions.h" +#include "crypto/encryptor.h" +#include "crypto/symmetric_key.h" namespace { @@ -32,7 +32,7 @@ const char kObfuscationPrefix[] = "v10"; // Generates a newly allocated SymmetricKey object based a hard-coded password. // Ownership of the key is passed to the caller. Returns NULL key if a key // generation error occurs. -base::SymmetricKey* GetEncryptionKey() { +crypto::SymmetricKey* GetEncryptionKey() { // We currently "obfuscate" by encrypting and decrypting with hard-coded // password. We need to improve this password situation by moving a secure // password into a system-level key store. @@ -41,12 +41,12 @@ base::SymmetricKey* GetEncryptionKey() { std::string salt(kSalt); // Create an encryption key from our password and salt. - scoped_ptr<base::SymmetricKey> encryption_key( - base::SymmetricKey::DeriveKeyFromPassword(base::SymmetricKey::AES, - password, - salt, - kEncryptionIterations, - kDerivedKeySizeInBits)); + scoped_ptr<crypto::SymmetricKey> encryption_key( + crypto::SymmetricKey::DeriveKeyFromPassword(crypto::SymmetricKey::AES, + password, + salt, + kEncryptionIterations, + kDerivedKeySizeInBits)); DCHECK(encryption_key.get()); return encryption_key.release(); @@ -81,13 +81,13 @@ bool Encryptor::EncryptString(const std::string& plaintext, return true; } - scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey()); + scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey()); if (!encryption_key.get()) return false; std::string iv(kIVBlockSizeAES128, ' '); - base::Encryptor encryptor; - if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv)) + crypto::Encryptor encryptor; + if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) return false; if (!encryptor.Encrypt(plaintext, ciphertext)) @@ -123,13 +123,13 @@ bool Encryptor::DecryptString(const std::string& ciphertext, // Strip off the versioning prefix before decrypting. std::string raw_ciphertext = ciphertext.substr(strlen(kObfuscationPrefix)); - scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey()); + scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey()); if (!encryption_key.get()) return false; std::string iv(kIVBlockSizeAES128, ' '); - base::Encryptor encryptor; - if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv)) + crypto::Encryptor encryptor; + if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) return false; if (!encryptor.Decrypt(raw_ciphertext, plaintext)) diff --git a/chrome/browser/password_manager/encryptor_mac.mm b/chrome/browser/password_manager/encryptor_mac.mm index a2d9f1c..56b048c 100644 --- a/chrome/browser/password_manager/encryptor_mac.mm +++ b/chrome/browser/password_manager/encryptor_mac.mm @@ -6,11 +6,11 @@ #include <CommonCrypto/CommonCryptor.h> // for kCCBlockSizeAES128 -#include "base/crypto/encryptor.h" -#include "base/crypto/symmetric_key.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/utf_string_conversions.h" +#include "crypto/encryptor.h" +#include "crypto/symmetric_key.h" #include "chrome/browser/password_manager/encryptor_password_mac.h" #include "chrome/browser/keychain_mac.h" @@ -37,7 +37,7 @@ const char kEncryptionVersionPrefix[] = "v10"; // in the Keychain. The generated key is for AES encryption. Ownership of the // key is passed to the caller. Returns NULL key in the case password access // is denied or key generation error occurs. -base::SymmetricKey* GetEncryptionKey() { +crypto::SymmetricKey* GetEncryptionKey() { std::string password; if (use_mock_keychain) { @@ -54,12 +54,12 @@ base::SymmetricKey* GetEncryptionKey() { std::string salt(kSalt); // Create an encryption key from our password and salt. - scoped_ptr<base::SymmetricKey> encryption_key( - base::SymmetricKey::DeriveKeyFromPassword(base::SymmetricKey::AES, - password, - salt, - kEncryptionIterations, - kDerivedKeySizeInBits)); + scoped_ptr<crypto::SymmetricKey> encryption_key( + crypto::SymmetricKey::DeriveKeyFromPassword(crypto::SymmetricKey::AES, + password, + salt, + kEncryptionIterations, + kDerivedKeySizeInBits)); DCHECK(encryption_key.get()); return encryption_key.release(); @@ -89,13 +89,13 @@ bool Encryptor::EncryptString(const std::string& plaintext, return true; } - scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey()); + scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey()); if (!encryption_key.get()) return false; std::string iv(kCCBlockSizeAES128, ' '); - base::Encryptor encryptor; - if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv)) + crypto::Encryptor encryptor; + if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) return false; if (!encryptor.Encrypt(plaintext, ciphertext)) @@ -127,13 +127,13 @@ bool Encryptor::DecryptString(const std::string& ciphertext, std::string raw_ciphertext = ciphertext.substr(strlen(kEncryptionVersionPrefix)); - scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey()); + scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey()); if (!encryption_key.get()) return false; std::string iv(kCCBlockSizeAES128, ' '); - base::Encryptor encryptor; - if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv)) + crypto::Encryptor encryptor; + if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) return false; if (!encryptor.Decrypt(raw_ciphertext, plaintext)) diff --git a/chrome/browser/safe_browsing/filter_false_positive_perftest.cc b/chrome/browser/safe_browsing/filter_false_positive_perftest.cc index 3548806..e69a59d 100644 --- a/chrome/browser/safe_browsing/filter_false_positive_perftest.cc +++ b/chrome/browser/safe_browsing/filter_false_positive_perftest.cc @@ -64,10 +64,10 @@ #include "base/memory/scoped_ptr.h" #include "base/path_service.h" #include "base/rand_util.h" -#include "base/sha2.h" #include "base/string_number_conversions.h" #include "base/string_util.h" #include "base/time.h" +#include "crypto/sha2.h" #include "chrome/browser/safe_browsing/bloom_filter.h" #include "chrome/browser/safe_browsing/safe_browsing_util.h" #include "chrome/common/chrome_paths.h" @@ -176,7 +176,7 @@ int GeneratePrefixHits(const std::string url, for (size_t i = 0; i < hosts.size(); ++i) { for (size_t j = 0; j < paths.size(); ++j) { SBPrefix prefix; - base::SHA256HashString(hosts[i] + paths[j], &prefix, sizeof(prefix)); + crypto::SHA256HashString(hosts[i] + paths[j], &prefix, sizeof(prefix)); if (bloom_filter->Exists(prefix)) prefixes->push_back(prefix); } diff --git a/chrome/browser/safe_browsing/safe_browsing_database.cc b/chrome/browser/safe_browsing/safe_browsing_database.cc index ecc208c..0f979d4 100644 --- a/chrome/browser/safe_browsing/safe_browsing_database.cc +++ b/chrome/browser/safe_browsing/safe_browsing_database.cc @@ -13,7 +13,7 @@ #include "base/time.h" #include "base/message_loop.h" #include "base/process_util.h" -#include "base/sha2.h" +#include "crypto/sha2.h" #include "chrome/browser/safe_browsing/bloom_filter.h" #include "chrome/browser/safe_browsing/prefix_set.h" #include "chrome/browser/safe_browsing/safe_browsing_store_file.h" @@ -71,8 +71,8 @@ void GetDownloadUrlPrefix(const GURL& url, SBPrefix* prefix) { safe_browsing_util::CanonicalizeUrl(url, &hostname, &path, &query); SBFullHash full_hash; - base::SHA256HashString(hostname + path + query, &full_hash, - sizeof(full_hash)); + crypto::SHA256HashString(hostname + path + query, &full_hash, + sizeof(full_hash)); *prefix = full_hash.prefix; } @@ -103,8 +103,8 @@ void BrowseFullHashesToCheck(const GURL& url, for (size_t j = 0; j < paths.size(); ++j) { const std::string& path = paths[j]; SBFullHash full_hash; - base::SHA256HashString(hosts[i] + path, &full_hash, - sizeof(full_hash)); + crypto::SHA256HashString(hosts[i] + path, &full_hash, + sizeof(full_hash)); full_hashes->push_back(full_hash); // We may have /foo as path-prefix in the whitelist which should @@ -113,8 +113,8 @@ void BrowseFullHashesToCheck(const GURL& url, if (include_whitelist_hashes && path.size() > 1 && path[path.size() - 1] == '/') { - base::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1), - &full_hash, sizeof(full_hash)); + crypto::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1), + &full_hash, sizeof(full_hash)); full_hashes->push_back(full_hash); } } @@ -1297,7 +1297,8 @@ void SafeBrowsingDatabaseNew::LoadCsdWhitelist( std::sort(new_csd_whitelist.begin(), new_csd_whitelist.end()); SBFullHash kill_switch; - base::SHA256HashString(kCsdKillSwitchUrl, &kill_switch, sizeof(kill_switch)); + crypto::SHA256HashString(kCsdKillSwitchUrl, &kill_switch, + sizeof(kill_switch)); if (std::binary_search(new_csd_whitelist.begin(), new_csd_whitelist.end(), kill_switch)) { // The kill switch is whitelisted hence we whitelist all URLs. diff --git a/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc b/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc index 5af27d1..11ea60c 100644 --- a/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_database_unittest.cc @@ -10,8 +10,8 @@ #include "base/logging.h" #include "base/memory/scoped_temp_dir.h" #include "base/message_loop.h" -#include "base/sha2.h" #include "base/time.h" +#include "crypto/sha2.h" #include "chrome/browser/safe_browsing/safe_browsing_database.h" #include "chrome/browser/safe_browsing/safe_browsing_store_file.h" #include "chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h" @@ -26,13 +26,13 @@ namespace { SBPrefix Sha256Prefix(const std::string& str) { SBPrefix prefix; - base::SHA256HashString(str, &prefix, sizeof(prefix)); + crypto::SHA256HashString(str, &prefix, sizeof(prefix)); return prefix; } SBFullHash Sha256Hash(const std::string& str) { SBFullHash hash; - base::SHA256HashString(str, &hash, sizeof(hash)); + crypto::SHA256HashString(str, &hash, sizeof(hash)); return hash; } diff --git a/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc b/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc index 5434a53..8abecac 100644 --- a/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc @@ -9,7 +9,7 @@ #include "base/command_line.h" #include "base/memory/ref_counted.h" #include "base/metrics/histogram.h" -#include "base/sha2.h" +#include "crypto/sha2.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/safe_browsing/safe_browsing_database.h" #include "chrome/browser/safe_browsing/safe_browsing_service.h" @@ -256,8 +256,8 @@ class SafeBrowsingServiceTest : public InProcessBrowserTest { std::string host; std::string path; safe_browsing_util::CanonicalizeUrl(url, &host, &path, NULL); - base::SHA256HashString(host + path, &full_hash->hash, - sizeof(SBFullHash)); + crypto::SHA256HashString(host + path, &full_hash->hash, + sizeof(SBFullHash)); full_hash->list_name = list_name; full_hash->add_chunk_id = add_chunk_id; } diff --git a/chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h b/chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h index 5fa8ece..0868531 100644 --- a/chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h +++ b/chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,7 +8,7 @@ #include "chrome/browser/safe_browsing/safe_browsing_store.h" -#include "base/sha2.h" +#include "crypto/sha2.h" #include "testing/gtest/include/gtest/gtest.h" // Helper code for testing that a SafeBrowsingStore implementation @@ -17,7 +17,7 @@ // Helper to make it easy to initialize SBFullHash constants. inline const SBFullHash SBFullHashFromString(const char* str) { SBFullHash h; - base::SHA256HashString(str, &h.full_hash, sizeof(h.full_hash)); + crypto::SHA256HashString(str, &h.full_hash, sizeof(h.full_hash)); return h; } diff --git a/chrome/browser/safe_browsing/safe_browsing_util.cc b/chrome/browser/safe_browsing/safe_browsing_util.cc index d42ba79..427b9c7 100644 --- a/chrome/browser/safe_browsing/safe_browsing_util.cc +++ b/chrome/browser/safe_browsing/safe_browsing_util.cc @@ -1,13 +1,13 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/safe_browsing/safe_browsing_util.h" #include "base/base64.h" -#include "base/hmac.h" -#include "base/sha2.h" #include "base/string_util.h" +#include "crypto/hmac.h" +#include "crypto/sha2.h" #include "chrome/browser/google/google_util.h" #include "googleurl/src/gurl.h" #include "googleurl/src/url_util.h" @@ -436,9 +436,9 @@ int GetUrlHashIndex(const GURL& url, for (size_t h = 0; h < hosts.size(); ++h) { for (size_t p = 0; p < paths.size(); ++p) { SBFullHash key; - base::SHA256HashString(hosts[h] + paths[p], - key.full_hash, - sizeof(SBFullHash)); + crypto::SHA256HashString(hosts[h] + paths[p], + key.full_hash, + sizeof(SBFullHash)); int index = GetHashIndex(key, full_hashes); if (index != -1) return index; } @@ -485,7 +485,7 @@ bool VerifyMAC(const std::string& key, const std::string& mac, std::string decoded_mac; base::Base64Decode(mac_copy, &decoded_mac); - base::HMAC hmac(base::HMAC::SHA1); + crypto::HMAC hmac(crypto::HMAC::SHA1); if (!hmac.Init(decoded_key)) return false; const std::string data_str(data, data_length); @@ -520,12 +520,12 @@ GURL GeneratePhishingReportUrl(const std::string& report_page, } void StringToSBFullHash(const std::string& hash_in, SBFullHash* hash_out) { - DCHECK_EQ(static_cast<size_t>(base::SHA256_LENGTH), hash_in.size()); - memcpy(hash_out->full_hash, hash_in.data(), base::SHA256_LENGTH); + DCHECK_EQ(static_cast<size_t>(crypto::SHA256_LENGTH), hash_in.size()); + memcpy(hash_out->full_hash, hash_in.data(), crypto::SHA256_LENGTH); } std::string SBFullHashToString(const SBFullHash& hash) { - DCHECK_EQ(static_cast<size_t>(base::SHA256_LENGTH), sizeof(hash.full_hash)); + DCHECK_EQ(static_cast<size_t>(crypto::SHA256_LENGTH), sizeof(hash.full_hash)); return std::string(hash.full_hash, sizeof(hash.full_hash)); } } // namespace safe_browsing_util diff --git a/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc b/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc index 0cc0b3b..be20d31 100644 --- a/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc +++ b/chrome/browser/safe_browsing/safe_browsing_util_unittest.cc @@ -1,11 +1,11 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <algorithm> -#include "base/sha2.h" #include "base/string_util.h" +#include "crypto/sha2.h" #include "chrome/browser/safe_browsing/safe_browsing_util.h" #include "googleurl/src/gurl.h" #include "testing/gtest/include/gtest/gtest.h" @@ -283,7 +283,7 @@ TEST(SafeBrowsingUtilTest, CanonicalizeUrl) { TEST(SafeBrowsingUtilTest, GetUrlHashIndex) { GURL url("http://www.evil.com/phish.html"); SBFullHashResult full_hash; - base::SHA256HashString(url.host() + url.path(), + crypto::SHA256HashString(url.host() + url.path(), &full_hash.hash, sizeof(SBFullHash)); std::vector<SBFullHashResult> full_hashes; diff --git a/chrome/browser/sync/util/nigori.cc b/chrome/browser/sync/util/nigori.cc index 51f767b..cc17499 100644 --- a/chrome/browser/sync/util/nigori.cc +++ b/chrome/browser/sync/util/nigori.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -14,18 +14,18 @@ #include <vector> #include "base/base64.h" -#include "base/crypto/encryptor.h" -#include "base/hmac.h" #include "base/logging.h" #include "base/rand_util.h" #include "base/string_util.h" +#include "crypto/encryptor.h" +#include "crypto/hmac.h" using base::Base64Encode; using base::Base64Decode; -using base::Encryptor; -using base::HMAC; using base::RandInt; -using base::SymmetricKey; +using crypto::Encryptor; +using crypto::HMAC; +using crypto::SymmetricKey; namespace browser_sync { diff --git a/chrome/browser/sync/util/nigori.h b/chrome/browser/sync/util/nigori.h index 4aeb767..74fd6ec 100644 --- a/chrome/browser/sync/util/nigori.h +++ b/chrome/browser/sync/util/nigori.h @@ -8,8 +8,8 @@ #include <string> -#include "base/crypto/symmetric_key.h" #include "base/memory/scoped_ptr.h" +#include "crypto/symmetric_key.h" namespace browser_sync { @@ -73,9 +73,9 @@ class Nigori { static const size_t kSigningIterations = 1004; private: - scoped_ptr<base::SymmetricKey> user_key_; - scoped_ptr<base::SymmetricKey> encryption_key_; - scoped_ptr<base::SymmetricKey> mac_key_; + scoped_ptr<crypto::SymmetricKey> user_key_; + scoped_ptr<crypto::SymmetricKey> encryption_key_; + scoped_ptr<crypto::SymmetricKey> mac_key_; }; } // namespace browser_sync diff --git a/chrome/browser/ui/crypto_module_password_dialog.h b/chrome/browser/ui/crypto_module_password_dialog.h index ec8ba07..c1e70d7 100644 --- a/chrome/browser/ui/crypto_module_password_dialog.h +++ b/chrome/browser/ui/crypto_module_password_dialog.h @@ -12,7 +12,7 @@ #include "base/callback.h" #include "base/memory/ref_counted.h" -namespace base { +namespace crypto { class CryptoModuleBlockingPasswordDelegate; } @@ -48,7 +48,7 @@ void ShowCryptoModulePasswordDialog(const std::string& module_name, // Returns a CryptoModuleBlockingPasswordDelegate to open a dialog and block // until returning. Should only be used on a worker thread. -base::CryptoModuleBlockingPasswordDelegate* +crypto::CryptoModuleBlockingPasswordDelegate* NewCryptoModuleBlockingDialogDelegate( CryptoModulePasswordReason reason, const std::string& server); diff --git a/chrome/browser/ui/crypto_module_password_dialog_nss.cc b/chrome/browser/ui/crypto_module_password_dialog_nss.cc index 2727868..0932904 100644 --- a/chrome/browser/ui/crypto_module_password_dialog_nss.cc +++ b/chrome/browser/ui/crypto_module_password_dialog_nss.cc @@ -12,7 +12,7 @@ #include "net/base/x509_certificate.h" #if defined(OS_CHROMEOS) -#include "base/nss_util.h" +#include "crypto/nss_util.h" #endif namespace { @@ -66,11 +66,11 @@ void SlotUnlocker::Start() { for (; current_ < modules_.size(); ++current_) { if (ShouldShowDialog(modules_[current_].get())) { #if defined(OS_CHROMEOS) - if (modules_[current_]->GetTokenName() == base::GetTPMTokenName()) { + if (modules_[current_]->GetTokenName() == crypto::GetTPMTokenName()) { // The user PIN is a well known secret on this machine, and // the user didn't set it, so we need to fetch the value and // supply it for them here. - GotPassword(base::GetTPMUserPIN().c_str()); + GotPassword(crypto::GetTPMUserPIN().c_str()); return; } #endif diff --git a/chrome/browser/ui/gtk/certificate_viewer.cc b/chrome/browser/ui/gtk/certificate_viewer.cc index ff7f4a7..1a1a8fe 100644 --- a/chrome/browser/ui/gtk/certificate_viewer.cc +++ b/chrome/browser/ui/gtk/certificate_viewer.cc @@ -11,7 +11,6 @@ #include "base/i18n/time_formatting.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" #include "base/string_number_conversions.h" #include "base/time.h" #include "base/utf_string_conversions.h" diff --git a/chrome/browser/ui/gtk/crypto_module_password_dialog.cc b/chrome/browser/ui/gtk/crypto_module_password_dialog.cc index 2abe3f9..31f07ce 100644 --- a/chrome/browser/ui/gtk/crypto_module_password_dialog.cc +++ b/chrome/browser/ui/gtk/crypto_module_password_dialog.cc @@ -7,10 +7,10 @@ #include <gtk/gtk.h> #include "base/basictypes.h" -#include "base/crypto/crypto_module_blocking_password_delegate.h" #include "base/synchronization/waitable_event.h" #include "base/task.h" #include "base/utf_string_conversions.h" +#include "crypto/crypto_module_blocking_password_delegate.h" #include "chrome/browser/ui/gtk/gtk_util.h" #include "content/browser/browser_thread.h" #include "googleurl/src/gurl.h" @@ -21,7 +21,7 @@ namespace { class CryptoModuleBlockingDialogDelegate - : public base::CryptoModuleBlockingPasswordDelegate { + : public crypto::CryptoModuleBlockingPasswordDelegate { public: CryptoModuleBlockingDialogDelegate(browser::CryptoModulePasswordReason reason, const std::string& server) @@ -36,7 +36,7 @@ class CryptoModuleBlockingDialogDelegate password_.replace(0, password_.size(), password_.size(), 0); } - // base::CryptoModuleBlockingDialogDelegate implementation. + // crypto::CryptoModuleBlockingDialogDelegate implementation. virtual std::string RequestPassword(const std::string& slot_name, bool retry, bool* cancelled) { DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::UI)); @@ -220,7 +220,7 @@ void ShowCryptoModulePasswordDialog(const std::string& slot_name, callback))->Show(); } -base::CryptoModuleBlockingPasswordDelegate* +crypto::CryptoModuleBlockingPasswordDelegate* NewCryptoModuleBlockingDialogDelegate( CryptoModulePasswordReason reason, const std::string& server) { diff --git a/chrome/browser/ui/gtk/ssl_client_certificate_selector.cc b/chrome/browser/ui/gtk/ssl_client_certificate_selector.cc index 56a7e2a..76dedf3 100644 --- a/chrome/browser/ui/gtk/ssl_client_certificate_selector.cc +++ b/chrome/browser/ui/gtk/ssl_client_certificate_selector.cc @@ -11,7 +11,6 @@ #include "base/i18n/time_formatting.h" #include "base/logging.h" -#include "base/nss_util.h" #include "base/utf_string_conversions.h" #include "chrome/browser/ssl/ssl_client_auth_handler.h" #include "chrome/browser/ui/crypto_module_password_dialog.h" diff --git a/chrome/browser/ui/webui/options/certificate_manager_handler.cc b/chrome/browser/ui/webui/options/certificate_manager_handler.cc index b785c77..180201b 100644 --- a/chrome/browser/ui/webui/options/certificate_manager_handler.cc +++ b/chrome/browser/ui/webui/options/certificate_manager_handler.cc @@ -6,7 +6,6 @@ #include "base/file_util.h" // for FileAccessProvider #include "base/memory/scoped_vector.h" -#include "base/nss_util.h" #include "base/safe_strerror_posix.h" #include "base/string_number_conversions.h" #include "base/values.h" diff --git a/chrome/chrome.gyp b/chrome/chrome.gyp index fd178e5..b0ffac6 100644 --- a/chrome/chrome.gyp +++ b/chrome/chrome.gyp @@ -622,11 +622,13 @@ 'dependencies': [ 'common', '../base/base.gyp:base', + '../crypto/crypto.gyp:crypto', '../skia/skia.gyp:skia', 'browser/sync/protocol/sync_proto.gyp:sync_proto_cpp', ], 'export_dependent_settings': [ '../base/base.gyp:base', + '../crypto/crypto.gyp:crypto', 'browser/sync/protocol/sync_proto.gyp:sync_proto_cpp', ], # This target exports a hard dependency because its header files include diff --git a/chrome/chrome_browser.gypi b/chrome/chrome_browser.gypi index 7d12ee5..9bd7bb4 100644 --- a/chrome/chrome_browser.gypi +++ b/chrome/chrome_browser.gypi @@ -29,6 +29,7 @@ '../app/app.gyp:app_resources', '../build/temp_gyp/googleurl.gyp:googleurl', '../content/content.gyp:content_browser', + '../crypto/crypto.gyp:crypto', '../gpu/gpu.gyp:gpu_common', '../media/media.gyp:media', '../ppapi/ppapi.gyp:ppapi_proxy', # For PpapiMsg_LoadPlugin diff --git a/chrome/chrome_dll.gypi b/chrome/chrome_dll.gypi index 550b8b3..ecd297e 100644 --- a/chrome/chrome_dll.gypi +++ b/chrome/chrome_dll.gypi @@ -82,6 +82,7 @@ 'chrome_resources', 'installer_util_strings', '../content/content.gyp:content_worker', + '../crypto/crypto.gyp:crypto', '../printing/printing.gyp:printing', '../net/net.gyp:net_resources', '../third_party/cld/cld.gyp:cld', @@ -276,6 +277,7 @@ 'dependencies': [ # Bring in pdfsqueeze and run it on all pdfs '../build/temp_gyp/pdfsqueeze.gyp:pdfsqueeze', + '../crypto/crypto.gyp:crypto', # On Mac, Flash gets put into the framework, so we need this # dependency here. flash_player.gyp will copy the Flash bundle # into PRODUCT_DIR. diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 11ef47c..c5c88e3 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -14,14 +14,14 @@ #include "base/i18n/rtl.h" #include "base/logging.h" #include "base/memory/singleton.h" -#include "base/sha2.h" #include "base/stl_util-inl.h" -#include "base/third_party/nss/blapi.h" #include "base/string16.h" #include "base/string_number_conversions.h" #include "base/utf_string_conversions.h" #include "base/values.h" #include "base/version.h" +#include "crypto/sha2.h" +#include "crypto/third_party/nss/blapi.h" #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/chrome_version_info.h" @@ -622,7 +622,7 @@ GURL Extension::GetResourceURL(const GURL& extension_url, bool Extension::GenerateId(const std::string& input, std::string* output) { CHECK(output); uint8 hash[Extension::kIdSize]; - base::SHA256HashString(input, hash, sizeof(hash)); + crypto::SHA256HashString(input, hash, sizeof(hash)); *output = StringToLowerASCII(base::HexEncode(hash, sizeof(hash))); ConvertHexadecimalToIDAlphabet(output); diff --git a/chrome/common/net/x509_certificate_model_nss.cc b/chrome/common/net/x509_certificate_model_nss.cc index 42fa7a4..a85a178 100644 --- a/chrome/common/net/x509_certificate_model_nss.cc +++ b/chrome/common/net/x509_certificate_model_nss.cc @@ -14,8 +14,8 @@ #include <sechash.h> #include "base/logging.h" -#include "base/nss_util.h" #include "base/string_number_conversions.h" +#include "crypto/nss_util.h" #include "net/base/x509_certificate.h" #include "chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h" #include "chrome/third_party/mozilla_security_manager/nsNSSCertificate.h" @@ -198,8 +198,8 @@ bool GetTimes(X509Certificate::OSCertHandle cert_handle, base::Time* issued, base::Time* expires) { PRTime pr_issued, pr_expires; if (CERT_GetCertTimes(cert_handle, &pr_issued, &pr_expires) == SECSuccess) { - *issued = base::PRTimeToBaseTime(pr_issued); - *expires = base::PRTimeToBaseTime(pr_expires); + *issued = crypto::PRTimeToBaseTime(pr_issued); + *expires = crypto::PRTimeToBaseTime(pr_expires); return true; } return false; diff --git a/chrome/renderer/render_process_impl.cc b/chrome/renderer/render_process_impl.cc index e6c3193..922f5c0 100644 --- a/chrome/renderer/render_process_impl.cc +++ b/chrome/renderer/render_process_impl.cc @@ -18,10 +18,10 @@ #include "base/file_util.h" #include "base/message_loop.h" #include "base/metrics/histogram.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/sys_info.h" #include "base/utf_string_conversions.h" +#include "crypto/nss_util.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/render_messages.h" @@ -167,9 +167,9 @@ RenderProcessImpl::RenderProcessImpl() #if defined(USE_NSS) // We are going to fork to engage the sandbox and we have not loaded // any security modules so it is safe to disable the fork check in NSS. - base::DisableNSSForkCheck(); - base::ForceNSSNoDBInit(); - base::EnsureNSSInit(); + crypto::DisableNSSForkCheck(); + crypto::ForceNSSNoDBInit(); + crypto::EnsureNSSInit(); #else // TODO(bulach): implement openssl support. NOTREACHED() << "Remoting is not supported for openssl"; diff --git a/chrome/renderer/safe_browsing/phishing_classifier.cc b/chrome/renderer/safe_browsing/phishing_classifier.cc index 66ce82c..ad34053 100644 --- a/chrome/renderer/safe_browsing/phishing_classifier.cc +++ b/chrome/renderer/safe_browsing/phishing_classifier.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,8 +9,8 @@ #include "base/callback.h" #include "base/compiler_specific.h" #include "base/logging.h" -#include "base/sha2.h" #include "base/string_util.h" +#include "crypto/sha2.h" #include "chrome/common/url_constants.h" #include "chrome/renderer/safe_browsing/feature_extractor_clock.h" #include "chrome/renderer/safe_browsing/features.h" @@ -160,7 +160,7 @@ void PhishingClassifier::TermExtractionFinished(bool success) { it != features_->features().end(); ++it) { VLOG(2) << "Feature: " << it->first << " = " << it->second; bool result = hashed_features.AddRealFeature( - base::SHA256HashString(it->first), it->second); + crypto::SHA256HashString(it->first), it->second); DCHECK(result); } diff --git a/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc b/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc index 6d7c090..b3eb58e 100644 --- a/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc +++ b/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc @@ -12,9 +12,9 @@ #include <string> #include "base/memory/scoped_ptr.h" -#include "base/sha2.h" #include "base/string16.h" #include "base/utf_string_conversions.h" +#include "crypto/sha2.h" #include "chrome/renderer/safe_browsing/client_model.pb.h" #include "chrome/renderer/safe_browsing/features.h" #include "chrome/renderer/safe_browsing/mock_feature_extractor_clock.h" @@ -33,13 +33,13 @@ class PhishingClassifierTest : public RenderViewFakeResourcesTest { // Construct a model to test with. We include one feature from each of // the feature extractors, which allows us to verify that they all ran. ClientSideModel model; - model.add_hashes(base::SHA256HashString(features::kUrlTldToken + - std::string("net"))); - model.add_hashes(base::SHA256HashString(features::kPageLinkDomain + - std::string("phishing.com"))); - model.add_hashes(base::SHA256HashString(features::kPageTerm + - std::string("login"))); - model.add_hashes(base::SHA256HashString("login")); + model.add_hashes(crypto::SHA256HashString(features::kUrlTldToken + + std::string("net"))); + model.add_hashes(crypto::SHA256HashString(features::kPageLinkDomain + + std::string("phishing.com"))); + model.add_hashes(crypto::SHA256HashString(features::kPageTerm + + std::string("login"))); + model.add_hashes(crypto::SHA256HashString("login")); // Add a default rule with a non-phishy weight. ClientSideModel::Rule* rule = model.add_rule(); diff --git a/chrome/renderer/safe_browsing/phishing_term_feature_extractor.cc b/chrome/renderer/safe_browsing/phishing_term_feature_extractor.cc index dbb72f5..251cc75 100644 --- a/chrome/renderer/safe_browsing/phishing_term_feature_extractor.cc +++ b/chrome/renderer/safe_browsing/phishing_term_feature_extractor.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -10,10 +10,10 @@ #include "base/compiler_specific.h" #include "base/logging.h" #include "base/message_loop.h" -#include "base/sha2.h" #include "base/metrics/histogram.h" #include "base/time.h" #include "base/utf_string_conversions.h" +#include "crypto/sha2.h" #include "chrome/renderer/safe_browsing/feature_extractor_clock.h" #include "chrome/renderer/safe_browsing/features.h" #include "ui/base/l10n/l10n_util.h" @@ -200,7 +200,7 @@ void PhishingTermFeatureExtractor::ExtractFeaturesWithTimeout() { void PhishingTermFeatureExtractor::HandleWord(const string16& word) { std::string word_lower = UTF16ToUTF8(l10n_util::ToLower(word)); - std::string word_hash = base::SHA256HashString(word_lower); + std::string word_hash = crypto::SHA256HashString(word_lower); // Quick out if the word is not part of any term, which is the common case. if (page_word_hashes_->find(word_hash) == page_word_hashes_->end()) { @@ -234,7 +234,7 @@ void PhishingTermFeatureExtractor::HandleWord(const string16& word) { std::string current_term = state_->previous_words; for (std::list<size_t>::iterator it = state_->previous_word_sizes.begin(); it != state_->previous_word_sizes.end(); ++it) { - hashes_to_check[base::SHA256HashString(current_term)] = current_term; + hashes_to_check[crypto::SHA256HashString(current_term)] = current_term; current_term.erase(0, *it); } diff --git a/chrome/renderer/safe_browsing/phishing_term_feature_extractor_unittest.cc b/chrome/renderer/safe_browsing/phishing_term_feature_extractor_unittest.cc index e587047..1b18bf1 100644 --- a/chrome/renderer/safe_browsing/phishing_term_feature_extractor_unittest.cc +++ b/chrome/renderer/safe_browsing/phishing_term_feature_extractor_unittest.cc @@ -10,11 +10,11 @@ #include "base/hash_tables.h" #include "base/memory/scoped_ptr.h" #include "base/message_loop.h" -#include "base/sha2.h" #include "base/string16.h" #include "base/stringprintf.h" #include "base/time.h" #include "base/utf_string_conversions.h" +#include "crypto/sha2.h" #include "chrome/renderer/safe_browsing/features.h" #include "chrome/renderer/safe_browsing/mock_feature_extractor_clock.h" #include "testing/gmock/include/gmock/gmock.h" @@ -44,7 +44,7 @@ class PhishingTermFeatureExtractorTest : public ::testing::Test { for (base::hash_set<std::string>::iterator it = terms.begin(); it != terms.end(); ++it) { - term_hashes_.insert(base::SHA256HashString(*it)); + term_hashes_.insert(crypto::SHA256HashString(*it)); } base::hash_set<std::string> words; @@ -62,7 +62,7 @@ class PhishingTermFeatureExtractorTest : public ::testing::Test { for (base::hash_set<std::string>::iterator it = words.begin(); it != words.end(); ++it) { - word_hashes_.insert(base::SHA256HashString(*it)); + word_hashes_.insert(crypto::SHA256HashString(*it)); } extractor_.reset(new PhishingTermFeatureExtractor( diff --git a/chrome/service/service_process_unittest.cc b/chrome/service/service_process_unittest.cc index 690e7ae..d34d098 100644 --- a/chrome/service/service_process_unittest.cc +++ b/chrome/service/service_process_unittest.cc @@ -8,7 +8,6 @@ #include "base/base64.h" #include "base/command_line.h" -#include "base/crypto/rsa_private_key.h" #include "base/message_loop.h" #include "base/synchronization/waitable_event.h" #include "chrome/common/service_process_util.h" diff --git a/content/DEPS b/content/DEPS index 90779ea..bf29db6 100644 --- a/content/DEPS +++ b/content/DEPS @@ -2,6 +2,7 @@ # src/chrome in src/content. include_rules = [ "+app", + "+crypto", # TEMPORARY ONLY WHILE WE REDUCE THE DEPENDENCIES. # When the src\content refactoring is complete, this will be unnecessary (and diff --git a/content/browser/zygote_main_linux.cc b/content/browser/zygote_main_linux.cc index 5669530..a0d0ef0 100644 --- a/content/browser/zygote_main_linux.cc +++ b/content/browser/zygote_main_linux.cc @@ -29,13 +29,13 @@ #include "base/hash_tables.h" #include "base/linux_util.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/pickle.h" #include "base/process_util.h" #include "base/rand_util.h" #include "base/sys_info.h" #include "build/build_config.h" +#include "crypto/nss_util.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/pepper_plugin_registry.h" @@ -608,7 +608,7 @@ static void PreSandboxInit() { // NSS libraries are loaded before sandbox is activated. This is to allow // successful initialization of NSS which tries to load extra library files. // Doing so will allow NSS to be used within sandbox for chromoting. - base::LoadNSSLibraries(); + crypto::LoadNSSLibraries(); #else // TODO(bulach): implement openssl support. NOTREACHED() << "Remoting is not supported for openssl"; diff --git a/crypto/OWNERS b/crypto/OWNERS new file mode 100644 index 0000000..d93b7ea --- /dev/null +++ b/crypto/OWNERS @@ -0,0 +1,5 @@ +set noparent +agl@chromium.org +rsleevi@chromium.org +rvargas@chromium.org +wtc@chromium.org diff --git a/base/crypto/capi_util.cc b/crypto/capi_util.cc index 1828afd..7593f39 100644 --- a/base/crypto/capi_util.cc +++ b/crypto/capi_util.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/capi_util.h" +#include "crypto/capi_util.h" #include "base/basictypes.h" #include "base/memory/singleton.h" @@ -35,16 +35,15 @@ class CAPIUtilSingleton { } // namespace -namespace base { +namespace crypto { BOOL CryptAcquireContextLocked(HCRYPTPROV* prov, LPCWSTR container, LPCWSTR provider, DWORD prov_type, - DWORD flags) -{ + DWORD flags) { base::AutoLock lock(CAPIUtilSingleton::GetInstance()->acquire_context_lock()); return CryptAcquireContext(prov, container, provider, prov_type, flags); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/capi_util.h b/crypto/capi_util.h index f4b7e68..faaf012 100644 --- a/base/crypto/capi_util.h +++ b/crypto/capi_util.h @@ -2,16 +2,14 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_CAPI_UTIL_H_ -#define BASE_CRYPTO_CAPI_UTIL_H_ +#ifndef CRYPTO_CAPI_UTIL_H_ +#define CRYPTO_CAPI_UTIL_H_ #pragma once #include <windows.h> #include <wincrypt.h> -#include "base/base_api.h" - -namespace base { +namespace crypto { // CryptAcquireContext when passed CRYPT_NEWKEYSET or CRYPT_DELETEKEYSET in // flags is not thread-safe. For such calls, we create a global lock to @@ -23,12 +21,12 @@ namespace base { // "The CryptAcquireContext function is generally thread safe unless // CRYPT_NEWKEYSET or CRYPT_DELETEKEYSET is specified in the dwFlags // parameter." -BASE_API BOOL CryptAcquireContextLocked(HCRYPTPROV* prov, - LPCWSTR container, - LPCWSTR provider, - DWORD prov_type, - DWORD flags); +BOOL CryptAcquireContextLocked(HCRYPTPROV* prov, + LPCWSTR container, + LPCWSTR provider, + DWORD prov_type, + DWORD flags); -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_CAPI_UTIL_H_ +#endif // CRYPTO_CAPI_UTIL_H_ diff --git a/crypto/crypto.gyp b/crypto/crypto.gyp new file mode 100644 index 0000000..9c861cf --- /dev/null +++ b/crypto/crypto.gyp @@ -0,0 +1,223 @@ +# Copyright (c) 2011 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +{ + 'variables': { + 'chromium_code': 1, + }, + 'targets': [ + { + 'target_name': 'crypto', + 'type': '<(library)', + 'dependencies': [ + '../base/base.gyp:base', + ], + 'msvs_disabled_warnings': [ + 4018, + ], + 'conditions': [ + [ 'OS == "linux" or OS == "freebsd" or OS == "openbsd" or OS == "solaris"', { + 'conditions': [ + [ 'chromeos==1', { + 'sources/': [ ['include', '_chromeos\\.cc$'] ] + }, + ], + [ 'use_openssl==1', { + 'dependencies': [ + '../third_party/openssl/openssl.gyp:openssl', + ], + }, { # use_openssl==0 + 'dependencies': [ + '../build/linux/system.gyp:nss', + ], + 'export_dependent_settings': [ + '../build/linux/system.gyp:nss', + ], + } + ], + ], + }, { # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris" + 'sources/': [ + ['exclude', '_nss\.cc$'], + ], + }], + [ 'OS == "freebsd" or OS == "openbsd"', { + 'link_settings': { + 'libraries': [ + '-L/usr/local/lib -lexecinfo', + ], + }, + }, + ], + [ 'OS == "mac"', { + 'link_settings': { + 'libraries': [ + '$(SDKROOT)/System/Library/Frameworks/Security.framework', + ], + }, + }, { # OS != "mac" + 'sources!': [ + 'cssm_init.cc', + 'cssm_init.h', + 'mac_security_services_lock.cc', + 'mac_security_services_lock.h', + ], + }], + [ 'OS == "mac" or OS == "win"', { + 'dependencies': [ + '../third_party/nss/nss.gyp:nss', + ], + },], + [ 'OS != "win"', { + 'sources!': [ + 'capi_util.h', + 'capi_util.cc', + ], + },], + [ 'use_openssl==1', { + # TODO(joth): Use a glob to match exclude patterns once the + # OpenSSL file set is complete. + 'sources!': [ + 'encryptor_nss.cc', + 'hmac_nss.cc', + 'nss_util.cc', + 'nss_util.h', + 'rsa_private_key_nss.cc', + 'secure_hash_default.cc', + 'signature_creator_nss.cc', + 'signature_verifier_nss.cc', + 'symmetric_key_nss.cc', + 'third_party/nss/blapi.h', + 'third_party/nss/blapit.h', + 'third_party/nss/sha256.h', + 'third_party/nss/sha512.cc', + ], + }, { + 'sources!': [ + 'encryptor_openssl.cc', + 'hmac_openssl.cc', + 'openssl_util.cc', + 'openssl_util.h', + 'rsa_private_key_openssl.cc', + 'secure_hash_openssl.cc', + 'signature_creator_openssl.cc', + 'signature_verifier_openssl.cc', + 'symmetric_key_openssl.cc', + ], + },], + ], + 'sources': [ + 'capi_util.cc', + 'capi_util.h', + 'crypto_module_blocking_password_delegate.h', + 'cssm_init.cc', + 'cssm_init.h', + 'encryptor.h', + 'encryptor_mac.cc', + 'encryptor_nss.cc', + 'encryptor_openssl.cc', + 'encryptor_win.cc', + 'hmac.h', + 'hmac_mac.cc', + 'hmac_nss.cc', + 'hmac_openssl.cc', + 'hmac_win.cc', + 'mac_security_services_lock.cc', + 'mac_security_services_lock.h', + 'openssl_util.cc', + 'openssl_util.h', + 'nss_util.cc', + 'nss_util.h', + 'nss_util_internal.h', + 'rsa_private_key.h', + 'rsa_private_key.cc', + 'rsa_private_key_mac.cc', + 'rsa_private_key_nss.cc', + 'rsa_private_key_openssl.cc', + 'rsa_private_key_win.cc', + 'scoped_capi_types.h', + 'scoped_nss_types.h', + 'secure_hash.h', + 'secure_hash_default.cc', + 'secure_hash_openssl.cc', + 'sha2.cc', + 'sha2.h', + 'signature_creator.h', + 'signature_creator_mac.cc', + 'signature_creator_nss.cc', + 'signature_creator_openssl.cc', + 'signature_creator_win.cc', + 'signature_verifier.h', + 'signature_verifier_mac.cc', + 'signature_verifier_nss.cc', + 'signature_verifier_openssl.cc', + 'signature_verifier_win.cc', + 'symmetric_key.h', + 'symmetric_key_mac.cc', + 'symmetric_key_nss.cc', + 'symmetric_key_openssl.cc', + 'symmetric_key_win.cc', + 'third_party/nss/blapi.h', + 'third_party/nss/blapit.h', + 'third_party/nss/sha256.h', + 'third_party/nss/sha512.cc', + ], + }, + { + 'target_name': 'crypto_unittests', + 'type': 'executable', + 'sources': [ + # Infrastructure files. + 'run_all_unittests.cc', + + # Tests. + 'encryptor_unittest.cc', + 'hmac_unittest.cc', + 'rsa_private_key_unittest.cc', + 'rsa_private_key_nss_unittest.cc', + 'secure_hash_unittest.cc', + 'sha2_unittest.cc', + 'signature_creator_unittest.cc', + 'signature_verifier_unittest.cc', + 'symmetric_key_unittest.cc', + ], + 'dependencies': [ + 'crypto', + '../base/base.gyp:base', + '../base/base.gyp:test_support_base', + '../testing/gmock.gyp:gmock', + '../testing/gtest.gyp:gtest', + ], + 'conditions': [ + [ 'OS == "linux" or OS == "freebsd" or OS == "openbsd" or OS == "solaris"', { + 'conditions': [ + [ 'linux_use_tcmalloc==1', { + 'dependencies': [ + '../base/allocator/allocator.gyp:allocator', + ], + }, + ], + ], + 'dependencies': [ + '../build/linux/system.gyp:nss', + ], + }, { # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris" + 'sources!': [ + 'rsa_private_key_nss_unittest.cc', + ] + }], + [ 'OS == "mac" or OS == "win"', { + 'dependencies': [ + '../third_party/nss/nss.gyp:nss', + ], + }], + [ 'use_openssl==1', { + 'sources!': [ + 'rsa_private_key_nss_unittest.cc', + ], + }], + ], + }, + ], +} diff --git a/base/crypto/crypto_module_blocking_password_delegate.h b/crypto/crypto_module_blocking_password_delegate.h index ae962a8..847f484 100644 --- a/base/crypto/crypto_module_blocking_password_delegate.h +++ b/crypto/crypto_module_blocking_password_delegate.h @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ -#define BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ +#ifndef CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ +#define CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ #pragma once #include <string> -namespace base { +namespace crypto { // PK11_SetPasswordFunc is a global setting. An implementation of // CryptoModuleBlockingPasswordDelegate should be passed as the user data @@ -29,6 +29,6 @@ class CryptoModuleBlockingPasswordDelegate { bool* cancelled) = 0; }; -} +} // namespace crypto -#endif // BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ +#endif // CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ diff --git a/base/crypto/cssm_init.cc b/crypto/cssm_init.cc index ccd6993..5a5e3cc 100644 --- a/base/crypto/cssm_init.cc +++ b/crypto/cssm_init.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/cssm_init.h" +#include "crypto/cssm_init.h" #include <Security/SecBase.h> @@ -155,7 +155,7 @@ class CSSMInitSingleton { } // namespace -namespace base { +namespace crypto { void EnsureCSSMInit() { CSSMInitSingleton::GetInstance(); @@ -187,7 +187,7 @@ void LogCSSMError(const char* fn_name, CSSM_RETURN err) { base::mac::ScopedCFTypeRef<CFStringRef> cfstr( SecCopyErrorMessageString(err, NULL)); LOG(ERROR) << fn_name << " returned " << err - << " (" << SysCFStringRefToUTF8(cfstr) << ")"; + << " (" << base::SysCFStringRefToUTF8(cfstr) << ")"; } ScopedCSSMData::ScopedCSSMData() { @@ -201,4 +201,4 @@ ScopedCSSMData::~ScopedCSSMData() { } } -} // namespace base +} // namespace crypto diff --git a/base/crypto/cssm_init.h b/crypto/cssm_init.h index bce5954..9093b0f 100644 --- a/base/crypto/cssm_init.h +++ b/crypto/cssm_init.h @@ -1,16 +1,16 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_CSSM_INIT_H_ -#define BASE_CRYPTO_CSSM_INIT_H_ +#ifndef CRYPTO_CSSM_INIT_H_ +#define CRYPTO_CSSM_INIT_H_ #pragma once #include <Security/cssm.h> #include "base/basictypes.h" -namespace base { +namespace crypto { // Initialize CSSM if it isn't already initialized. This must be called before // any other CSSM functions. This function is thread-safe, and CSSM will only @@ -55,6 +55,6 @@ class ScopedCSSMData { DISALLOW_COPY_AND_ASSIGN(ScopedCSSMData); }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_CSSM_INIT_H_ +#endif // CRYPTO_CSSM_INIT_H_ diff --git a/base/crypto/encryptor.h b/crypto/encryptor.h index 360a333..d8250f6 100644 --- a/base/crypto/encryptor.h +++ b/crypto/encryptor.h @@ -2,26 +2,25 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_ENCRYPTOR_H_ -#define BASE_CRYPTO_ENCRYPTOR_H_ +#ifndef CRYPTO_ENCRYPTOR_H_ +#define CRYPTO_ENCRYPTOR_H_ #pragma once #include <string> -#include "base/base_api.h" #include "build/build_config.h" #if defined(USE_NSS) -#include "base/crypto/scoped_nss_types.h" +#include "crypto/scoped_nss_types.h" #elif defined(OS_WIN) -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif -namespace base { +namespace crypto { class SymmetricKey; -class BASE_API Encryptor { +class Encryptor { public: enum Mode { CBC @@ -65,6 +64,6 @@ class BASE_API Encryptor { #endif }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_ENCRYPTOR_H_ +#endif // CRYPTO_ENCRYPTOR_H_ diff --git a/base/crypto/encryptor_mac.cc b/crypto/encryptor_mac.cc index e26c6bd7..ff6e019 100644 --- a/base/crypto/encryptor_mac.cc +++ b/crypto/encryptor_mac.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/encryptor.h" +#include "crypto/encryptor.h" #include <CommonCrypto/CommonCryptor.h> -#include "base/crypto/symmetric_key.h" #include "base/logging.h" #include "base/string_util.h" +#include "crypto/symmetric_key.h" -namespace base { +namespace crypto { Encryptor::Encryptor() : key_(NULL), @@ -73,4 +73,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { return Crypt(kCCDecrypt, ciphertext, plaintext); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/encryptor_nss.cc b/crypto/encryptor_nss.cc index 3b9f7f3..aaa6626 100644 --- a/base/crypto/encryptor_nss.cc +++ b/crypto/encryptor_nss.cc @@ -2,16 +2,16 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/encryptor.h" +#include "crypto/encryptor.h" #include <cryptohi.h> #include <vector> -#include "base/crypto/symmetric_key.h" #include "base/logging.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" +#include "crypto/symmetric_key.h" -namespace base { +namespace crypto { Encryptor::Encryptor() : key_(NULL), @@ -122,4 +122,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/encryptor_openssl.cc b/crypto/encryptor_openssl.cc index 0e101a0..7b1e13f 100644 --- a/base/crypto/encryptor_openssl.cc +++ b/crypto/encryptor_openssl.cc @@ -2,17 +2,17 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/encryptor.h" +#include "crypto/encryptor.h" #include <openssl/aes.h> #include <openssl/evp.h> -#include "base/crypto/symmetric_key.h" #include "base/logging.h" -#include "base/openssl_util.h" #include "base/string_util.h" +#include "crypto/openssl_util.h" +#include "crypto/symmetric_key.h" -namespace base { +namespace crypto { namespace { @@ -124,4 +124,4 @@ bool Encryptor::Crypt(bool do_encrypt, return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/encryptor_unittest.cc b/crypto/encryptor_unittest.cc index 5060b2a..b916854 100644 --- a/base/crypto/encryptor_unittest.cc +++ b/crypto/encryptor_unittest.cc @@ -2,25 +2,26 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/encryptor.h" +#include "crypto/encryptor.h" #include <string> -#include "base/crypto/symmetric_key.h" #include "base/memory/scoped_ptr.h" #include "base/string_number_conversions.h" +#include "crypto/symmetric_key.h" #include "testing/gtest/include/gtest/gtest.h" TEST(EncryptorTest, EncryptDecrypt) { - scoped_ptr<base::SymmetricKey> key(base::SymmetricKey::DeriveKeyFromPassword( - base::SymmetricKey::AES, "password", "saltiest", 1000, 256)); + scoped_ptr<crypto::SymmetricKey> key( + crypto::SymmetricKey::DeriveKeyFromPassword( + crypto::SymmetricKey::AES, "password", "saltiest", 1000, 256)); EXPECT_TRUE(NULL != key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long as the cipher block size. std::string iv("the iv: 16 bytes"); EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CBC, iv)); std::string plaintext("this is the plaintext"); std::string ciphertext; @@ -86,15 +87,15 @@ TEST(EncryptorTest, EncryptAES256CBC) { }; std::string key(reinterpret_cast<const char*>(raw_key), sizeof(raw_key)); - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. std::string iv(reinterpret_cast<const char*>(raw_iv), sizeof(raw_iv)); EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); std::string plaintext(reinterpret_cast<const char*>(raw_plaintext), sizeof(raw_plaintext)); @@ -119,14 +120,14 @@ TEST(EncryptorTest, EncryptAES128CBCRegression) { "D4A67A0BA33C30F207344D81D1E944BBE65587C3D7D9939A" "C070C62B9C15A3EA312EA4AD1BC7929F4D3C16B03AD5ADA8"; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); std::string ciphertext; EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); @@ -145,14 +146,14 @@ TEST(EncryptorTest, EncryptAES192CBCRegression) { std::string plaintext = "Small text"; std::string expected_ciphertext_hex = "78DE5D7C2714FC5C61346C5416F6C89A"; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); std::string ciphertext; EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); @@ -170,26 +171,26 @@ TEST(EncryptorTest, EncryptAES192CBCRegression) { TEST(EncryptorTest, UnsupportedKeySize) { std::string key = "7 = bad"; std::string iv = "Sweet Sixteen IV"; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. EXPECT_EQ(16U, iv.size()); - EXPECT_FALSE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); } #endif // unsupported platforms. TEST(EncryptorTest, UnsupportedIV) { std::string key = "128=SixteenBytes"; std::string iv = "OnlyForteen :("; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; - EXPECT_FALSE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + crypto::Encryptor encryptor; + EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); } TEST(EncryptorTest, EmptyEncrypt) { @@ -198,14 +199,14 @@ TEST(EncryptorTest, EmptyEncrypt) { std::string plaintext; std::string expected_ciphertext_hex = "8518B8878D34E7185E300D0FCC426396"; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); std::string ciphertext; EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); @@ -217,14 +218,14 @@ TEST(EncryptorTest, EmptyDecrypt) { std::string key = "128=SixteenBytes"; std::string iv = "Sweet Sixteen IV"; - scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import( - base::SymmetricKey::AES, key)); + scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import( + crypto::SymmetricKey::AES, key)); ASSERT_TRUE(NULL != sym_key.get()); - base::Encryptor encryptor; + crypto::Encryptor encryptor; // The IV must be exactly as long a the cipher block size. EXPECT_EQ(16U, iv.size()); - EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv)); + EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); std::string decrypted; EXPECT_FALSE(encryptor.Decrypt("", &decrypted)); diff --git a/base/crypto/encryptor_win.cc b/crypto/encryptor_win.cc index 1d732b5..8bbd6b8 100644 --- a/base/crypto/encryptor_win.cc +++ b/crypto/encryptor_win.cc @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/encryptor.h" +#include "crypto/encryptor.h" #include <vector> -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" -namespace base { +namespace crypto { namespace { @@ -112,4 +112,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/hmac.h b/crypto/hmac.h index 2593307..816bf60 100644 --- a/base/hmac.h +++ b/crypto/hmac.h @@ -5,22 +5,21 @@ // Utility class for calculating the HMAC for a given message. We currently // only support SHA1 for the hash algorithm, but this can be extended easily. -#ifndef BASE_HMAC_H_ -#define BASE_HMAC_H_ +#ifndef CRYPTO_HMAC_H_ +#define CRYPTO_HMAC_H_ #pragma once #include <string> -#include "base/base_api.h" #include "base/basictypes.h" #include "base/memory/scoped_ptr.h" -namespace base { +namespace crypto { // Simplify the interface and reduce includes by abstracting out the internals. struct HMACPlatformData; -class BASE_API HMAC { +class HMAC { public: // The set of supported hash functions. Extend as required. enum HashAlgorithm { @@ -56,6 +55,6 @@ class BASE_API HMAC { DISALLOW_COPY_AND_ASSIGN(HMAC); }; -} // namespace base +} // namespace crypto -#endif // BASE_HMAC_H_ +#endif // CRYPTO_HMAC_H_ diff --git a/base/hmac_mac.cc b/crypto/hmac_mac.cc index 97dcbf5..d7cec61 100644 --- a/base/hmac_mac.cc +++ b/crypto/hmac_mac.cc @@ -1,14 +1,14 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/hmac.h" +#include "crypto/hmac.h" #include <CommonCrypto/CommonHMAC.h> #include "base/logging.h" -namespace base { +namespace crypto { struct HMACPlatformData { std::string key_; @@ -70,4 +70,4 @@ bool HMAC::Sign(const std::string& data, return true; } -} // namespace base +} // namespace crypto diff --git a/base/hmac_nss.cc b/crypto/hmac_nss.cc index 658616b..957f9db 100644 --- a/base/hmac_nss.cc +++ b/crypto/hmac_nss.cc @@ -2,17 +2,17 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/hmac.h" +#include "crypto/hmac.h" #include <nss.h> #include <pk11pub.h> -#include "base/crypto/scoped_nss_types.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" +#include "crypto/scoped_nss_types.h" -namespace base { +namespace crypto { struct HMACPlatformData { CK_MECHANISM_TYPE mechanism_; @@ -40,7 +40,7 @@ HMAC::~HMAC() { } bool HMAC::Init(const unsigned char *key, int key_length) { - base::EnsureNSSInit(); + EnsureNSSInit(); if (plat_->slot_.get()) { // Init must not be called more than twice on the same HMAC object. @@ -114,4 +114,4 @@ bool HMAC::Sign(const std::string& data, return true; } -} // namespace base +} // namespace crypto diff --git a/base/hmac_openssl.cc b/crypto/hmac_openssl.cc index 64ce177..6fbc437 100644 --- a/base/hmac_openssl.cc +++ b/crypto/hmac_openssl.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/hmac.h" +#include "crypto/hmac.h" #include <openssl/hmac.h> @@ -11,10 +11,10 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" #include "base/stl_util-inl.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { struct HMACPlatformData { std::vector<unsigned char> key; @@ -54,4 +54,4 @@ bool HMAC::Sign(const std::string& data, result.safe_buffer(), NULL); } -} // namespace base +} // namespace crypto diff --git a/base/hmac_unittest.cc b/crypto/hmac_unittest.cc index 480c771..c537c36 100644 --- a/base/hmac_unittest.cc +++ b/crypto/hmac_unittest.cc @@ -1,10 +1,10 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <string> -#include "base/hmac.h" +#include "crypto/hmac.h" #include "testing/gtest/include/gtest/gtest.h" static const int kSHA1DigestSize = 20; @@ -52,7 +52,7 @@ TEST(HMACTest, HmacSafeBrowsingResponseTest) { std::string message_data(kMessage); - base::HMAC hmac(base::HMAC::SHA1); + crypto::HMAC hmac(crypto::HMAC::SHA1); ASSERT_TRUE(hmac.Init(kClientKey, kKeySize)); unsigned char calculated_hmac[kSHA1DigestSize]; @@ -121,7 +121,7 @@ TEST(HMACTest, RFC2202TestCases) { }; for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) { - base::HMAC hmac(base::HMAC::SHA1); + crypto::HMAC hmac(crypto::HMAC::SHA1); ASSERT_TRUE(hmac.Init(reinterpret_cast<const unsigned char*>(cases[i].key), cases[i].key_len)); std::string data_string(cases[i].data, cases[i].data_len); @@ -147,7 +147,7 @@ TEST(HMACTest, RFC4231TestCase6) { 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 }; - base::HMAC hmac(base::HMAC::SHA256); + crypto::HMAC hmac(crypto::HMAC::SHA256); ASSERT_TRUE(hmac.Init(key, sizeof(key))); unsigned char calculated_hmac[kSHA256DigestSize]; @@ -187,14 +187,14 @@ TEST(HMACTest, NSSFIPSPowerUpSelfTest) { std::string message_data(kKnownMessage); - base::HMAC hmac(base::HMAC::SHA1); + crypto::HMAC hmac(crypto::HMAC::SHA1); ASSERT_TRUE(hmac.Init(kKnownSecretKey, kKnownSecretKeySize)); unsigned char calculated_hmac[kSHA1DigestSize]; EXPECT_TRUE(hmac.Sign(message_data, calculated_hmac, kSHA1DigestSize)); EXPECT_EQ(0, memcmp(kKnownHMACSHA1, calculated_hmac, kSHA1DigestSize)); - base::HMAC hmac2(base::HMAC::SHA256); + crypto::HMAC hmac2(crypto::HMAC::SHA256); ASSERT_TRUE(hmac2.Init(kKnownSecretKey, kKnownSecretKeySize)); unsigned char calculated_hmac2[kSHA256DigestSize]; @@ -225,7 +225,7 @@ TEST(HMACTest, HMACObjectReuse) { "\xBB\xFF\x1A\x91" } }; - base::HMAC hmac(base::HMAC::SHA1); + crypto::HMAC hmac(crypto::HMAC::SHA1); ASSERT_TRUE(hmac.Init(reinterpret_cast<const unsigned char*>(key), key_len)); for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) { std::string data_string(cases[i].data, cases[i].data_len); diff --git a/base/hmac_win.cc b/crypto/hmac_win.cc index a1c8225..e5511e0 100644 --- a/base/hmac_win.cc +++ b/crypto/hmac_win.cc @@ -1,8 +1,8 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/hmac.h" +#include "crypto/hmac.h" #include <windows.h> #include <wincrypt.h> @@ -10,12 +10,12 @@ #include <algorithm> #include <vector> -#include "base/crypto/scoped_capi_types.h" #include "base/logging.h" -#include "base/third_party/nss/blapi.h" -#include "base/third_party/nss/sha256.h" +#include "crypto/scoped_capi_types.h" +#include "crypto/third_party/nss/blapi.h" +#include "crypto/third_party/nss/sha256.h" -namespace base { +namespace crypto { namespace { @@ -194,4 +194,4 @@ bool HMAC::Sign(const std::string& data, return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/mac_security_services_lock.cc b/crypto/mac_security_services_lock.cc index d68d757..c0b8712 100644 --- a/base/crypto/mac_security_services_lock.cc +++ b/crypto/mac_security_services_lock.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/mac_security_services_lock.h" +#include "crypto/mac_security_services_lock.h" #include "base/memory/singleton.h" #include "base/synchronization/lock.h" @@ -33,10 +33,10 @@ class SecurityServicesSingleton { } // namespace -namespace base { +namespace crypto { base::Lock& GetMacSecurityServicesLock() { return SecurityServicesSingleton::GetInstance()->lock(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/mac_security_services_lock.h b/crypto/mac_security_services_lock.h index 42c2bff..85db73e 100644 --- a/base/crypto/mac_security_services_lock.h +++ b/crypto/mac_security_services_lock.h @@ -2,21 +2,24 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ -#define BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ +#ifndef CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ +#define CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ #pragma once namespace base { - class Lock; +} + + +namespace crypto { // The Mac OS X certificate and key management wrappers over CSSM are not // thread-safe. In particular, code that accesses the CSSM database is // problematic. // // http://developer.apple.com/mac/library/documentation/Security/Reference/certifkeytrustservices/Reference/reference.html -Lock& GetMacSecurityServicesLock(); +base::Lock& GetMacSecurityServicesLock(); -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ +#endif // CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ diff --git a/base/nss_util.cc b/crypto/nss_util.cc index a074ab5..976a5e3 100644 --- a/base/nss_util.cc +++ b/crypto/nss_util.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/nss_util.h" -#include "base/nss_util_internal.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" #include <nss.h> -#include <pk11pub.h> #include <plarena.h> #include <prerror.h> #include <prinit.h> #include <prtime.h> +#include <pk11pub.h> #include <secmod.h> #if defined(OS_LINUX) @@ -20,7 +20,6 @@ #include <vector> -#include "base/crypto/scoped_nss_types.h" #include "base/environment.h" #include "base/file_path.h" #include "base/file_util.h" @@ -30,17 +29,18 @@ #include "base/native_library.h" #include "base/stringprintf.h" #include "base/threading/thread_restrictions.h" +#include "crypto/scoped_nss_types.h" // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't // use NSS for crypto or certificate verification, and we don't use the NSS // certificate and key databases. #if defined(USE_NSS) -#include "base/crypto/crypto_module_blocking_password_delegate.h" #include "base/synchronization/lock.h" +#include "crypto/crypto_module_blocking_password_delegate.h" #endif // defined(USE_NSS) -namespace base { +namespace crypto { namespace { @@ -110,11 +110,11 @@ char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { #if defined(OS_CHROMEOS) // If we get asked for a password for the TPM, then return the // static password we use. - if (PK11_GetTokenName(slot) == base::GetTPMTokenName()) + if (PK11_GetTokenName(slot) == crypto::GetTPMTokenName()) return PORT_Strdup(GetTPMUserPIN().c_str()); #endif - base::CryptoModuleBlockingPasswordDelegate* delegate = - reinterpret_cast<base::CryptoModuleBlockingPasswordDelegate*>(arg); + crypto::CryptoModuleBlockingPasswordDelegate* delegate = + reinterpret_cast<crypto::CryptoModuleBlockingPasswordDelegate*>(arg); if (delegate) { bool cancelled = false; std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), @@ -147,7 +147,7 @@ void UseLocalCacheOfNSSDatabaseIfNFS(const FilePath& database_dir) { struct statfs buf; if (statfs(database_dir.value().c_str(), &buf) == 0) { if (buf.f_type == NFS_SUPER_MAGIC) { - scoped_ptr<Environment> env(Environment::Create()); + scoped_ptr<base::Environment> env(base::Environment::Create()); const char* use_cache_env_var = "NSS_SDB_USE_CACHE"; if (!env->HasVar(use_cache_env_var)) env->SetVar(use_cache_env_var, "yes"); @@ -196,7 +196,7 @@ PK11SlotInfo* FindSlotWithTokenName(const std::string& token_name) { // singleton. class NSPRInitSingleton { private: - friend struct DefaultLazyInstanceTraits<NSPRInitSingleton>; + friend struct base::DefaultLazyInstanceTraits<NSPRInitSingleton>; NSPRInitSingleton() { PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); @@ -214,8 +214,9 @@ class NSPRInitSingleton { } }; -LazyInstance<NSPRInitSingleton, LeakyLazyInstanceTraits<NSPRInitSingleton> > - g_nspr_singleton(LINKER_INITIALIZED); +base::LazyInstance<NSPRInitSingleton, + base::LeakyLazyInstanceTraits<NSPRInitSingleton> > + g_nspr_singleton(base::LINKER_INITIALIZED); class NSSInitSingleton { public: @@ -224,7 +225,7 @@ class NSSInitSingleton { if (!chromeos_user_logged_in_) { // GetDefaultConfigDirectory causes us to do blocking IO on UI thread. // Temporarily allow it until we fix http://crbug.com/70119 - ThreadRestrictions::ScopedAllowIO allow_io; + base::ThreadRestrictions::ScopedAllowIO allow_io; chromeos_user_logged_in_ = true; // This creates another DB slot in NSS that is read/write, unlike @@ -321,7 +322,7 @@ class NSSInitSingleton { } #if defined(USE_NSS) - Lock* write_lock() { + base::Lock* write_lock() { return &write_lock_; } #endif // defined(USE_NSS) @@ -333,7 +334,7 @@ class NSSInitSingleton { } private: - friend struct DefaultLazyInstanceTraits<NSSInitSingleton>; + friend struct base::DefaultLazyInstanceTraits<NSSInitSingleton>; NSSInitSingleton() : opencryptoki_module_(NULL), @@ -503,7 +504,7 @@ class NSSInitSingleton { #if defined(OS_CHROMEOS) void EnsureTPMInit() { - base::ScopedPK11Slot tpm_slot(GetTPMSlot()); + crypto::ScopedPK11Slot tpm_slot(GetTPMSlot()); if (tpm_slot.get()) { // TODO(gspencer): Remove this in favor of the dbus API for // cryptohomed when that is available. @@ -545,15 +546,16 @@ class NSSInitSingleton { #if defined(USE_NSS) // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011 // is fixed, we will no longer need the lock. - Lock write_lock_; + base::Lock write_lock_; #endif // defined(USE_NSS) }; // static bool NSSInitSingleton::force_nodb_init_ = false; -LazyInstance<NSSInitSingleton, LeakyLazyInstanceTraits<NSSInitSingleton> > - g_nss_singleton(LINKER_INITIALIZED); +base::LazyInstance<NSSInitSingleton, + base::LeakyLazyInstanceTraits<NSSInitSingleton> > + g_nss_singleton(base::LINKER_INITIALIZED); } // namespace @@ -573,7 +575,7 @@ void EnsureNSSInit() { // Initializing SSL causes us to do blocking IO. // Temporarily allow it until we fix // http://code.google.com/p/chromium/issues/detail?id=59847 - ThreadRestrictions::ScopedAllowIO allow_io; + base::ThreadRestrictions::ScopedAllowIO allow_io; g_nss_singleton.Get(); } @@ -582,7 +584,7 @@ void ForceNSSNoDBInit() { } void DisableNSSForkCheck() { - scoped_ptr<Environment> env(Environment::Create()); + scoped_ptr<base::Environment> env(base::Environment::Create()); env->SetVar("NSS_STRICT_NOFORK", "DISABLED"); } @@ -609,7 +611,7 @@ void LoadNSSLibraries() { for (size_t i = 0; i < libs.size(); ++i) { for (size_t j = 0; j < paths.size(); ++j) { FilePath path = paths[j].Append(libs[i]); - NativeLibrary lib = base::LoadNativeLibrary(path); + base::NativeLibrary lib = base::LoadNativeLibrary(path); if (lib) { ++loaded; break; @@ -638,7 +640,7 @@ void CloseTestNSSDB() { g_nss_singleton.Get().CloseTestNSSDB(); } -Lock* GetNSSWriteLock() { +base::Lock* GetNSSWriteLock() { return g_nss_singleton.Get().write_lock(); } @@ -676,11 +678,11 @@ std::string GetTPMUserPIN() { // TODO(port): Implement this more simply. We can convert by subtracting an // offset (the difference between NSPR's and base::Time's epochs). -Time PRTimeToBaseTime(PRTime prtime) { +base::Time PRTimeToBaseTime(PRTime prtime) { PRExplodedTime prxtime; PR_ExplodeTime(prtime, PR_GMTParameters, &prxtime); - Time::Exploded exploded; + base::Time::Exploded exploded; exploded.year = prxtime.tm_year; exploded.month = prxtime.tm_month + 1; exploded.day_of_week = prxtime.tm_wday; @@ -690,7 +692,7 @@ Time PRTimeToBaseTime(PRTime prtime) { exploded.second = prxtime.tm_sec; exploded.millisecond = prxtime.tm_usec / 1000; - return Time::FromUTCExploded(exploded); + return base::Time::FromUTCExploded(exploded); } PK11SlotInfo* GetPublicNSSKeySlot() { @@ -701,4 +703,4 @@ PK11SlotInfo* GetPrivateNSSKeySlot() { return g_nss_singleton.Get().GetPrivateNSSKeySlot(); } -} // namespace base +} // namespace crypto diff --git a/base/nss_util.h b/crypto/nss_util.h index adc514a..6cb03a8 100644 --- a/base/nss_util.h +++ b/crypto/nss_util.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_NSS_UTIL_H_ -#define BASE_NSS_UTIL_H_ +#ifndef CRYPTO_NSS_UTIL_H_ +#define CRYPTO_NSS_UTIL_H_ #pragma once #include <string> @@ -13,13 +13,15 @@ class FilePath; #endif // defined(USE_NSS) -// This file specifically doesn't depend on any NSS or NSPR headers because it -// is included by various (non-crypto) parts of chrome to call the -// initialization functions. namespace base { - class Lock; class Time; +} // namespace base + +// This file specifically doesn't depend on any NSS or NSPR headers because it +// is included by various (non-crypto) parts of chrome to call the +// initialization functions. +namespace crypto { #if defined(USE_NSS) // EarlySetupForNSSInit performs lightweight setup which must occur before the @@ -29,13 +31,12 @@ void EarlySetupForNSSInit(); #endif // Initialize NRPR if it isn't already initialized. This function is -// thread-safe, and NSPR will only ever be initialized once. NSPR will be -// properly shut down on program exit. +// thread-safe, and NSPR will only ever be initialized once. void EnsureNSPRInit(); // Initialize NSS if it isn't already initialized. This must be called before // any other NSS functions. This function is thread-safe, and NSS will only -// ever be initialized once. NSS will be properly shut down on program exit. +// ever be initialized once. void EnsureNSSInit(); // Call this before calling EnsureNSSInit() will force NSS to initialize @@ -100,7 +101,7 @@ std::string GetTPMUserPIN(); // Convert a NSS PRTime value into a base::Time object. // We use a int64 instead of PRTime here to avoid depending on NSPR headers. -Time PRTimeToBaseTime(int64 prtime); +base::Time PRTimeToBaseTime(int64 prtime); #if defined(USE_NSS) // Exposed for unittests only. |path| should be an existing directory under @@ -117,7 +118,7 @@ void CloseTestNSSDB(); // it to return NULL in the future. // // See https://bugzilla.mozilla.org/show_bug.cgi?id=564011 -Lock* GetNSSWriteLock(); +base::Lock* GetNSSWriteLock(); // A helper class that acquires the NSS write Lock while the AutoNSSWriteLock // is in scope. @@ -126,12 +127,12 @@ class AutoNSSWriteLock { AutoNSSWriteLock(); ~AutoNSSWriteLock(); private: - Lock *lock_; + base::Lock *lock_; DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); }; #endif // defined(USE_NSS) -} // namespace base +} // namespace crypto -#endif // BASE_NSS_UTIL_H_ +#endif // CRYPTO_NSS_UTIL_H_ diff --git a/base/nss_util_internal.h b/crypto/nss_util_internal.h index be8436a..ea40fdb 100644 --- a/base/nss_util_internal.h +++ b/crypto/nss_util_internal.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_NSS_SLOT_UTIL_H_ -#define BASE_NSS_SLOT_UTIL_H_ +#ifndef CRYPTO_NSS_UTIL_INTERNAL_H_ +#define CRYPTO_NSS_UTIL_INTERNAL_H_ #pragma once #include <secmodt.h> @@ -11,7 +11,7 @@ // These functions return a type defined in an NSS header, and so cannot be // declared in nss_util.h. Hence, they are declared here. -namespace base { +namespace crypto { // Returns a reference to the default NSS key slot for storing // public-key data only (e.g. server certs). Caller must release @@ -25,6 +25,6 @@ PK11SlotInfo* GetPublicNSSKeySlot(); // PK11_FreeSlot. PK11SlotInfo* GetPrivateNSSKeySlot(); -} // namespace base +} // namespace crypto -#endif // BASE_NSS_UTIL_H_ +#endif // CRYPTO_NSS_UTIL_INTERNAL_H_ diff --git a/base/openssl_util.cc b/crypto/openssl_util.cc index 2c20f45..feb47ca 100644 --- a/base/openssl_util.cc +++ b/crypto/openssl_util.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/openssl_util.h" +#include "crypto/openssl_util.h" #include <openssl/err.h> #include <openssl/ssl.h> @@ -13,12 +13,12 @@ #include "base/string_piece.h" #include "base/synchronization/lock.h" -namespace base { +namespace crypto { namespace { unsigned long CurrentThreadId() { - return static_cast<unsigned long>(PlatformThread::CurrentId()); + return static_cast<unsigned long>(base::PlatformThread::CurrentId()); } // Singleton for initializing and cleaning up the OpenSSL library. @@ -34,8 +34,8 @@ class OpenSSLInitSingleton { // we can't control the order the AtExit handlers will run in so // allowing the global environment to leak at least ensures it is // available for those other singletons to reliably cleanup. - return Singleton<OpenSSLInitSingleton, - LeakySingletonTraits<OpenSSLInitSingleton> >::get(); + return base::Singleton<OpenSSLInitSingleton, + base::LeakySingletonTraits<OpenSSLInitSingleton> >::get(); } private: friend struct DefaultSingletonTraits<OpenSSLInitSingleton>; @@ -110,4 +110,4 @@ void ClearOpenSSLERRStack(const tracked_objects::Location& location) { } } -} // namespace base +} // namespace crypto diff --git a/base/openssl_util.h b/crypto/openssl_util.h index 9ce7f81..d1f3d1f 100644 --- a/base/openssl_util.h +++ b/crypto/openssl_util.h @@ -1,15 +1,15 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_OPENSSL_UTIL_H_ -#define BASE_OPENSSL_UTIL_H_ +#ifndef CRYPTO_OPENSSL_UTIL_H_ +#define CRYPTO_OPENSSL_UTIL_H_ #pragma once #include "base/basictypes.h" #include "base/tracked.h" -namespace base { +namespace crypto { // A helper class that takes care of destroying OpenSSL objects when it goes out // of scope. @@ -108,6 +108,6 @@ class OpenSSLErrStackTracer { DISALLOW_IMPLICIT_CONSTRUCTORS(OpenSSLErrStackTracer); }; -} // namespace base +} // namespace crypto -#endif // BASE_OPENSSL_UTIL_H_ +#endif // CRYPTO_OPENSSL_UTIL_H_ diff --git a/base/crypto/rsa_private_key.cc b/crypto/rsa_private_key.cc index c4464f1..8290d16 100644 --- a/base/crypto/rsa_private_key.cc +++ b/crypto/rsa_private_key.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <algorithm> #include <list> @@ -42,7 +42,7 @@ namespace { } } // namespace -namespace base { +namespace crypto { const uint8 PrivateKeyInfoCodec::kRsaAlgorithmIdentifier[] = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, @@ -387,4 +387,4 @@ bool PrivateKeyInfoCodec::ReadVersion(uint8** pos, uint8* end) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/rsa_private_key.h b/crypto/rsa_private_key.h index 1f32982..080db46 100644 --- a/base/crypto/rsa_private_key.h +++ b/crypto/rsa_private_key.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_RSA_PRIVATE_KEY_H_ -#define BASE_CRYPTO_RSA_PRIVATE_KEY_H_ +#ifndef CRYPTO_RSA_PRIVATE_KEY_H_ +#define CRYPTO_RSA_PRIVATE_KEY_H_ #pragma once #include "build/build_config.h" @@ -22,21 +22,20 @@ struct SECKEYPublicKeyStr; #include <list> #include <vector> -#include "base/base_api.h" #include "base/basictypes.h" #if defined(OS_WIN) -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif #if defined(USE_NSS) #include "base/gtest_prod_util.h" #endif -namespace base { +namespace crypto { // Used internally by RSAPrivateKey for serializing and deserializing // PKCS #8 PrivateKeyInfo and PublicKeyInfo. -class BASE_API PrivateKeyInfoCodec { +class PrivateKeyInfoCodec { public: // ASN.1 encoding of the AlgorithmIdentifier from PKCS #8. @@ -171,7 +170,7 @@ class BASE_API PrivateKeyInfoCodec { // Encapsulates an RSA private key. Can be used to generate new keys, export // keys to other formats, or to extract a public key. // TODO(hclam): This class should be ref-counted so it can be reused easily. -class BASE_API RSAPrivateKey { +class RSAPrivateKey { public: ~RSAPrivateKey(); @@ -269,6 +268,6 @@ class BASE_API RSAPrivateKey { DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_RSA_PRIVATE_KEY_H_ +#endif // CRYPTO_RSA_PRIVATE_KEY_H_ diff --git a/base/crypto/rsa_private_key_mac.cc b/crypto/rsa_private_key_mac.cc index 35f9104..85dadfa 100644 --- a/base/crypto/rsa_private_key_mac.cc +++ b/crypto/rsa_private_key_mac.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <list> -#include "base/crypto/cssm_init.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" +#include "crypto/cssm_init.h" -namespace base { +namespace crypto { // static RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { @@ -133,8 +133,8 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( public_key->KeyHeader.KeyAttr = CSSM_KEYATTR_EXTRACTABLE; public_key->KeyHeader.KeyUsage = CSSM_KEYUSE_ANY; - crtn = CSSM_QueryKeySizeInBits( - base::GetSharedCSPHandle(), NULL, public_key, &key_size); + crtn = CSSM_QueryKeySizeInBits(GetSharedCSPHandle(), NULL, public_key, + &key_size); if (crtn) { DLOG(ERROR) << "CSSM_QueryKeySizeInBits failed " << crtn; return NULL; @@ -193,4 +193,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) { private_key_info.ExportPublicKeyInfo(output)); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/rsa_private_key_nss.cc b/crypto/rsa_private_key_nss.cc index 9c474ff..f5d4222 100644 --- a/base/crypto/rsa_private_key_nss.cc +++ b/crypto/rsa_private_key_nss.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <cryptohi.h> #include <keyhi.h> @@ -13,9 +13,9 @@ #include "base/debug/leak_annotations.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" -#include "base/nss_util_internal.h" #include "base/string_util.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" // TODO(rafaelw): Consider refactoring common functions and definitions from // rsa_private_key_win.cc or using NSS's ASN.1 encoder. @@ -39,7 +39,7 @@ static bool ReadAttribute(SECKEYPrivateKey* key, } // namespace -namespace base { +namespace crypto { RSAPrivateKey::~RSAPrivateKey() { if (key_) @@ -81,7 +81,7 @@ RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo( // static RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( const std::vector<uint8>& input) { - base::EnsureNSSInit(); + EnsureNSSInit(); scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); @@ -186,7 +186,7 @@ RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits, bool permanent, bool sensitive) { - base::EnsureNSSInit(); + EnsureNSSInit(); scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); @@ -212,7 +212,7 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( // This method currently leaks some memory. // See http://crbug.com/34742. ANNOTATE_SCOPED_MEMORY_LEAK; - base::EnsureNSSInit(); + EnsureNSSInit(); scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); @@ -245,4 +245,4 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( return result.release(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/rsa_private_key_nss_unittest.cc b/crypto/rsa_private_key_nss_unittest.cc index f132d37..d3370fa 100644 --- a/base/crypto/rsa_private_key_nss_unittest.cc +++ b/crypto/rsa_private_key_nss_unittest.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <keyhi.h> #include <pk11pub.h> @@ -11,7 +11,7 @@ #include "base/nss_util.h" #include "testing/gtest/include/gtest/gtest.h" -namespace base { +namespace crypto { class RSAPrivateKeyNSSTest : public testing::Test { public: @@ -20,7 +20,7 @@ class RSAPrivateKeyNSSTest : public testing::Test { virtual void SetUp() { #if defined(OS_CHROMEOS) - base::OpenPersistentNSSDB(); + OpenPersistentNSSDB(); #endif } @@ -30,20 +30,20 @@ class RSAPrivateKeyNSSTest : public testing::Test { TEST_F(RSAPrivateKeyNSSTest, FindFromPublicKey) { // Create a keypair, which will put the keys in the user's NSSDB. - scoped_ptr<base::RSAPrivateKey> key_pair(base::RSAPrivateKey::Create(256)); + scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256)); std::vector<uint8> public_key; ASSERT_TRUE(key_pair->ExportPublicKey(&public_key)); - scoped_ptr<base::RSAPrivateKey> key_pair_2( - base::RSAPrivateKey::FindFromPublicKeyInfo(public_key)); + scoped_ptr<crypto::RSAPrivateKey> key_pair_2( + crypto::RSAPrivateKey::FindFromPublicKeyInfo(public_key)); EXPECT_EQ(key_pair->key_->pkcs11ID, key_pair_2->key_->pkcs11ID); } TEST_F(RSAPrivateKeyNSSTest, FailedFindFromPublicKey) { // Create a keypair, which will put the keys in the user's NSSDB. - scoped_ptr<base::RSAPrivateKey> key_pair(base::RSAPrivateKey::Create(256)); + scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256)); std::vector<uint8> public_key; ASSERT_TRUE(key_pair->ExportPublicKey(&public_key)); @@ -58,7 +58,7 @@ TEST_F(RSAPrivateKeyNSSTest, FailedFindFromPublicKey) { key_pair->public_key_->pkcs11ID); } - EXPECT_EQ(NULL, base::RSAPrivateKey::FindFromPublicKeyInfo(public_key)); + EXPECT_EQ(NULL, crypto::RSAPrivateKey::FindFromPublicKeyInfo(public_key)); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/rsa_private_key_openssl.cc b/crypto/rsa_private_key_openssl.cc index 3dc6223..f39b718 100644 --- a/base/crypto/rsa_private_key_openssl.cc +++ b/crypto/rsa_private_key_openssl.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <openssl/evp.h> #include <openssl/pkcs12.h> @@ -10,10 +10,10 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" #include "base/stl_util-inl.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { namespace { @@ -132,4 +132,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) { return ExportKey(key_, i2d_PUBKEY_bio, output); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/rsa_private_key_unittest.cc b/crypto/rsa_private_key_unittest.cc index 1d9a249..1fbc03e 100644 --- a/base/crypto/rsa_private_key_unittest.cc +++ b/crypto/rsa_private_key_unittest.cc @@ -2,15 +2,18 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" + #include "base/memory/scoped_ptr.h" #include "testing/gtest/include/gtest/gtest.h" // Generate random private keys with two different sizes. Reimport, then // export them again. We should get back the same exact bytes. TEST(RSAPrivateKeyUnitTest, InitRandomTest) { - scoped_ptr<base::RSAPrivateKey> keypair1(base::RSAPrivateKey::Create(1024)); - scoped_ptr<base::RSAPrivateKey> keypair2(base::RSAPrivateKey::Create(2048)); + scoped_ptr<crypto::RSAPrivateKey> keypair1( + crypto::RSAPrivateKey::Create(1024)); + scoped_ptr<crypto::RSAPrivateKey> keypair2( + crypto::RSAPrivateKey::Create(2048)); ASSERT_TRUE(keypair1.get()); ASSERT_TRUE(keypair2.get()); @@ -24,10 +27,10 @@ TEST(RSAPrivateKeyUnitTest, InitRandomTest) { ASSERT_TRUE(keypair1->ExportPublicKey(&pubkey1)); ASSERT_TRUE(keypair2->ExportPublicKey(&pubkey2)); - scoped_ptr<base::RSAPrivateKey> keypair3( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey1)); - scoped_ptr<base::RSAPrivateKey> keypair4( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey2)); + scoped_ptr<crypto::RSAPrivateKey> keypair3( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey1)); + scoped_ptr<crypto::RSAPrivateKey> keypair4( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey2)); ASSERT_TRUE(keypair3.get()); ASSERT_TRUE(keypair4.get()); @@ -159,8 +162,8 @@ TEST(RSAPrivateKeyUnitTest, PublicKeyTest) { input.resize(sizeof(private_key_info)); memcpy(&input.front(), private_key_info, sizeof(private_key_info)); - scoped_ptr<base::RSAPrivateKey> key( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(input)); + scoped_ptr<crypto::RSAPrivateKey> key( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input)); ASSERT_TRUE(key.get()); std::vector<uint8> output; @@ -362,10 +365,10 @@ TEST(RSAPrivateKeyUnitTest, ShortIntegers) { memcpy(&input2.front(), short_integer_without_high_bit, sizeof(short_integer_without_high_bit)); - scoped_ptr<base::RSAPrivateKey> keypair1( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(input1)); - scoped_ptr<base::RSAPrivateKey> keypair2( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(input2)); + scoped_ptr<crypto::RSAPrivateKey> keypair1( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input1)); + scoped_ptr<crypto::RSAPrivateKey> keypair2( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input2)); ASSERT_TRUE(keypair1.get()); ASSERT_TRUE(keypair2.get()); diff --git a/base/crypto/rsa_private_key_win.cc b/crypto/rsa_private_key_win.cc index 20e91a9..293e4d66 100644 --- a/base/crypto/rsa_private_key_win.cc +++ b/crypto/rsa_private_key_win.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include <list> @@ -19,7 +19,7 @@ namespace { } } // namespace -namespace base { +namespace crypto { // static RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { @@ -226,4 +226,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) { return true; } -} // namespace base +} // namespace crypto diff --git a/crypto/run_all_unittests.cc b/crypto/run_all_unittests.cc new file mode 100644 index 0000000..6f37e66 --- /dev/null +++ b/crypto/run_all_unittests.cc @@ -0,0 +1,17 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/test/test_suite.h" +#include "crypto/nss_util.h" + +int main(int argc, char** argv) { +#if defined(USE_NSS) + // This is most likely not needed, but it basically replaces a similar call + // that was performed on test_support_base. + TODO(rvargas) Bug 79359: remove this. + crypto::EnsureNSSInit(); +#endif // defined(USE_NSS) + + return base::TestSuite(argc, argv).Run(); +} diff --git a/base/crypto/scoped_capi_types.h b/crypto/scoped_capi_types.h index d6582a7b..f565121 100644 --- a/base/crypto/scoped_capi_types.h +++ b/crypto/scoped_capi_types.h @@ -1,9 +1,9 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_SCOPED_CAPI_TYPES_H_ -#define BASE_CRYPTO_SCOPED_CAPI_TYPES_H_ +#ifndef CRYPTO_SCOPED_CAPI_TYPES_H_ +#define CRYPTO_SCOPED_CAPI_TYPES_H_ #pragma once #include <windows.h> @@ -13,7 +13,7 @@ #include "base/logging.h" -namespace base { +namespace crypto { // Simple destructor for the Free family of CryptoAPI functions, such as // CryptDestroyHash, which take only a single argument to release. @@ -120,6 +120,6 @@ typedef ScopedCAPIHandle< typedef ScopedCAPIHandle< HCRYPTHASH, CAPIDestroyer<HCRYPTHASH, CryptDestroyHash> > ScopedHCRYPTHASH; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_SCOPED_CAPI_TYPES_H_ +#endif // CRYPTO_SCOPED_CAPI_TYPES_H_ diff --git a/base/crypto/scoped_nss_types.h b/crypto/scoped_nss_types.h index 4a77f88..3e84cb0 100644 --- a/base/crypto/scoped_nss_types.h +++ b/crypto/scoped_nss_types.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_SCOPED_NSS_TYPES_H_ -#define BASE_SCOPED_NSS_TYPES_H_ +#ifndef CRYPTO_SCOPED_NSS_TYPES_H_ +#define CRYPTO_SCOPED_NSS_TYPES_H_ #pragma once #include <nss.h> @@ -11,7 +11,7 @@ #include "base/memory/scoped_ptr.h" -namespace base { +namespace crypto { template <typename Type, void (*Destroyer)(Type*)> struct NSSDestroyer { @@ -47,6 +47,6 @@ typedef scoped_ptr_malloc< SECITEM_FreeItem, PR_TRUE> > ScopedSECItem; -} // namespace base +} // namespace crypto -#endif // BASE_SCOPED_NSS_TYPES_H_ +#endif // CRYPTO_SCOPED_NSS_TYPES_H_ diff --git a/base/crypto/secure_hash.h b/crypto/secure_hash.h index 904d163..35a2f8b 100644 --- a/base/crypto/secure_hash.h +++ b/crypto/secure_hash.h @@ -2,18 +2,17 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_SECURE_HASH_H_ -#define BASE_CRYPTO_SECURE_HASH_H_ +#ifndef CRYPTO_SECURE_HASH_H_ +#define CRYPTO_SECURE_HASH_H_ #pragma once -#include "base/base_api.h" #include "base/basictypes.h" -namespace base { +namespace crypto { // A wrapper to calculate secure hashes incrementally, allowing to // be used when the full input is not known in advance. -class BASE_API SecureHash { +class SecureHash { public: enum Algorithm { SHA256, @@ -32,6 +31,6 @@ class BASE_API SecureHash { DISALLOW_COPY_AND_ASSIGN(SecureHash); }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_SECURE_HASH_H_ +#endif // CRYPTO_SECURE_HASH_H_ diff --git a/base/crypto/secure_hash_default.cc b/crypto/secure_hash_default.cc index 436867e..b24221b 100644 --- a/base/crypto/secure_hash_default.cc +++ b/crypto/secure_hash_default.cc @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/secure_hash.h" +#include "crypto/secure_hash.h" #include "base/logging.h" -#include "base/third_party/nss/blapi.h" -#include "base/third_party/nss/sha256.h" +#include "crypto/third_party/nss/blapi.h" +#include "crypto/third_party/nss/sha256.h" -namespace base { +namespace crypto { namespace { @@ -46,4 +46,4 @@ SecureHash* SecureHash::Create(Algorithm algorithm) { } } -} // namespace base +} // namespace crypto diff --git a/base/crypto/secure_hash_openssl.cc b/crypto/secure_hash_openssl.cc index 8087279..8e2f128 100644 --- a/base/crypto/secure_hash_openssl.cc +++ b/crypto/secure_hash_openssl.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/secure_hash.h" +#include "crypto/secure_hash.h" #include <openssl/ssl.h> #include "base/basictypes.h" #include "base/logging.h" -#include "base/openssl_util.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { namespace { @@ -50,4 +50,4 @@ SecureHash* SecureHash::Create(Algorithm algorithm) { } } -} // namespace base +} // namespace crypto diff --git a/base/crypto/secure_hash_unittest.cc b/crypto/secure_hash_unittest.cc index ca46dac..49b9da5 100644 --- a/base/crypto/secure_hash_unittest.cc +++ b/crypto/secure_hash_unittest.cc @@ -2,11 +2,11 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/secure_hash.h" +#include "crypto/secure_hash.h" #include "base/basictypes.h" #include "base/memory/scoped_ptr.h" -#include "base/sha2.h" +#include "crypto/sha2.h" #include "testing/gtest/include/gtest/gtest.h" TEST(SecureHashTest, TestUpdate) { @@ -21,14 +21,14 @@ TEST(SecureHashTest, TestUpdate) { 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0 }; - uint8 output3[base::SHA256_LENGTH]; + uint8 output3[crypto::SHA256_LENGTH]; - scoped_ptr<base::SecureHash> ctx(base::SecureHash::Create( - base::SecureHash::SHA256)); + scoped_ptr<crypto::SecureHash> ctx(crypto::SecureHash::Create( + crypto::SecureHash::SHA256)); ctx->Update(input3.data(), input3.size()); ctx->Update(input3.data(), input3.size()); ctx->Finish(output3, sizeof(output3)); - for (size_t i = 0; i < base::SHA256_LENGTH; i++) + for (size_t i = 0; i < crypto::SHA256_LENGTH; i++) EXPECT_EQ(expected3[i], static_cast<int>(output3[i])); } diff --git a/base/sha2.cc b/crypto/sha2.cc index e8c922c..7c9b9d2 100644 --- a/base/sha2.cc +++ b/crypto/sha2.cc @@ -2,17 +2,16 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/sha2.h" +#include "crypto/sha2.h" -#include "base/crypto/secure_hash.h" #include "base/scoped_ptr.h" #include "base/stl_util-inl.h" +#include "crypto/secure_hash.h" -namespace base { +namespace crypto { void SHA256HashString(const std::string& str, void* output, size_t len) { - scoped_ptr<base::SecureHash> ctx(base::SecureHash::Create( - base::SecureHash::SHA256)); + scoped_ptr<SecureHash> ctx(SecureHash::Create(SecureHash::SHA256)); ctx->Update(str.data(), str.length()); ctx->Finish(output, len); } @@ -23,4 +22,4 @@ std::string SHA256HashString(const std::string& str) { return output; } -} // namespace base +} // namespace crypto diff --git a/base/sha2.h b/crypto/sha2.h index b10b9f0..349a606 100644 --- a/base/sha2.h +++ b/crypto/sha2.h @@ -2,15 +2,13 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_SHA2_H_ -#define BASE_SHA2_H_ +#ifndef CRYPTO_SHA2_H_ +#define CRYPTO_SHA2_H_ #pragma once #include <string> -#include "base/base_api.h" - -namespace base { +namespace crypto { // These functions perform SHA-256 operations. // @@ -23,13 +21,13 @@ enum { // Computes the SHA-256 hash of the input string 'str' and stores the first // 'len' bytes of the hash in the output buffer 'output'. If 'len' > 32, // only 32 bytes (the full hash) are stored in the 'output' buffer. -BASE_API void SHA256HashString(const std::string& str, - void* output, size_t len); +void SHA256HashString(const std::string& str, + void* output, size_t len); // Convenience version of the above that returns the result in a 32-byte // string. -BASE_API std::string SHA256HashString(const std::string& str); +std::string SHA256HashString(const std::string& str); -} // namespace base +} // namespace crypto -#endif // BASE_SHA2_H_ +#endif // CRYPTO_SHA2_H_ diff --git a/base/sha2_unittest.cc b/crypto/sha2_unittest.cc index b0321e8..8a28a5b 100644 --- a/base/sha2_unittest.cc +++ b/crypto/sha2_unittest.cc @@ -1,8 +1,8 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/sha2.h" +#include "crypto/sha2.h" #include "base/basictypes.h" #include "testing/gtest/include/gtest/gtest.h" @@ -19,13 +19,14 @@ TEST(Sha256Test, Test1) { 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }; - uint8 output1[base::SHA256_LENGTH]; - base::SHA256HashString(input1, output1, sizeof(output1)); - for (size_t i = 0; i < base::SHA256_LENGTH; i++) + uint8 output1[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(input1, output1, sizeof(output1)); + for (size_t i = 0; i < crypto::SHA256_LENGTH; i++) EXPECT_EQ(expected1[i], static_cast<int>(output1[i])); uint8 output_truncated1[4]; // 4 bytes == 32 bits - base::SHA256HashString(input1, output_truncated1, sizeof(output_truncated1)); + crypto::SHA256HashString(input1, + output_truncated1, sizeof(output_truncated1)); for (size_t i = 0; i < sizeof(output_truncated1); i++) EXPECT_EQ(expected1[i], static_cast<int>(output_truncated1[i])); } @@ -43,9 +44,9 @@ TEST(Sha256Test, Test1_String) { 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }; - std::string output1 = base::SHA256HashString(input1); - ASSERT_EQ(base::SHA256_LENGTH, output1.size()); - for (size_t i = 0; i < base::SHA256_LENGTH; i++) + std::string output1 = crypto::SHA256HashString(input1); + ASSERT_EQ(crypto::SHA256_LENGTH, output1.size()); + for (size_t i = 0; i < crypto::SHA256_LENGTH; i++) EXPECT_EQ(expected1[i], static_cast<uint8>(output1[i])); } @@ -62,13 +63,14 @@ TEST(Sha256Test, Test2) { 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }; - uint8 output2[base::SHA256_LENGTH]; - base::SHA256HashString(input2, output2, sizeof(output2)); - for (size_t i = 0; i < base::SHA256_LENGTH; i++) + uint8 output2[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(input2, output2, sizeof(output2)); + for (size_t i = 0; i < crypto::SHA256_LENGTH; i++) EXPECT_EQ(expected2[i], static_cast<int>(output2[i])); uint8 output_truncated2[6]; - base::SHA256HashString(input2, output_truncated2, sizeof(output_truncated2)); + crypto::SHA256HashString(input2, + output_truncated2, sizeof(output_truncated2)); for (size_t i = 0; i < sizeof(output_truncated2); i++) EXPECT_EQ(expected2[i], static_cast<int>(output_truncated2[i])); } @@ -85,13 +87,14 @@ TEST(Sha256Test, Test3) { 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0 }; - uint8 output3[base::SHA256_LENGTH]; - base::SHA256HashString(input3, output3, sizeof(output3)); - for (size_t i = 0; i < base::SHA256_LENGTH; i++) + uint8 output3[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(input3, output3, sizeof(output3)); + for (size_t i = 0; i < crypto::SHA256_LENGTH; i++) EXPECT_EQ(expected3[i], static_cast<int>(output3[i])); uint8 output_truncated3[12]; - base::SHA256HashString(input3, output_truncated3, sizeof(output_truncated3)); + crypto::SHA256HashString(input3, + output_truncated3, sizeof(output_truncated3)); for (size_t i = 0; i < sizeof(output_truncated3); i++) EXPECT_EQ(expected3[i], static_cast<int>(output_truncated3[i])); } diff --git a/base/crypto/signature_creator.h b/crypto/signature_creator.h index 93cf83c..07be4b9 100644 --- a/base/crypto/signature_creator.h +++ b/crypto/signature_creator.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_SIGNATURE_CREATOR_H_ -#define BASE_CRYPTO_SIGNATURE_CREATOR_H_ +#ifndef CRYPTO_SIGNATURE_CREATOR_H_ +#define CRYPTO_SIGNATURE_CREATOR_H_ #pragma once #include "build/build_config.h" @@ -20,19 +20,18 @@ struct SGNContextStr; #include <vector> -#include "base/base_api.h" #include "base/basictypes.h" -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #if defined(OS_WIN) -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif -namespace base { +namespace crypto { // Signs data using a bare private key (as opposed to a full certificate). // Currently can only sign data using SHA-1 with RSA encryption. -class BASE_API SignatureCreator { +class SignatureCreator { public: ~SignatureCreator(); @@ -65,6 +64,6 @@ class BASE_API SignatureCreator { DISALLOW_COPY_AND_ASSIGN(SignatureCreator); }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_SIGNATURE_CREATOR_H_ +#endif // CRYPTO_SIGNATURE_CREATOR_H_ diff --git a/base/crypto/signature_creator_mac.cc b/crypto/signature_creator_mac.cc index 5c2d477..fa0bded 100644 --- a/base/crypto/signature_creator_mac.cc +++ b/crypto/signature_creator_mac.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_creator.h" +#include "crypto/signature_creator.h" #include <stdlib.h> -#include "base/crypto/cssm_init.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" +#include "crypto/cssm_init.h" -namespace base { +namespace crypto { // static SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { @@ -71,4 +71,4 @@ bool SignatureCreator::Final(std::vector<uint8>* signature) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_creator_nss.cc b/crypto/signature_creator_nss.cc index 92bf4d7..2614944 100644 --- a/base/crypto/signature_creator_nss.cc +++ b/crypto/signature_creator_nss.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_creator.h" +#include "crypto/signature_creator.h" #include <cryptohi.h> #include <keyhi.h> @@ -10,9 +10,9 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" -namespace base { +namespace crypto { SignatureCreator::~SignatureCreator() { if (sign_context_) { @@ -73,4 +73,4 @@ SignatureCreator::SignatureCreator() : sign_context_(NULL) { EnsureNSSInit(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_creator_openssl.cc b/crypto/signature_creator_openssl.cc index cdf351f..e6aa422 100644 --- a/base/crypto/signature_creator_openssl.cc +++ b/crypto/signature_creator_openssl.cc @@ -2,16 +2,16 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_creator.h" +#include "crypto/signature_creator.h" #include <openssl/evp.h> #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" #include "base/stl_util-inl.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { // static SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { @@ -51,4 +51,4 @@ bool SignatureCreator::Final(std::vector<uint8>* signature) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_creator_unittest.cc b/crypto/signature_creator_unittest.cc index 644ab7f..623e9ed 100644 --- a/base/crypto/signature_creator_unittest.cc +++ b/crypto/signature_creator_unittest.cc @@ -4,25 +4,25 @@ #include <vector> -#include "base/crypto/signature_creator.h" -#include "base/crypto/signature_verifier.h" #include "base/memory/scoped_ptr.h" +#include "crypto/signature_creator.h" +#include "crypto/signature_verifier.h" #include "testing/gtest/include/gtest/gtest.h" TEST(SignatureCreatorTest, BasicTest) { // Do a verify round trip. - scoped_ptr<base::RSAPrivateKey> key_original( - base::RSAPrivateKey::Create(1024)); + scoped_ptr<crypto::RSAPrivateKey> key_original( + crypto::RSAPrivateKey::Create(1024)); ASSERT_TRUE(key_original.get()); std::vector<uint8> key_info; key_original->ExportPrivateKey(&key_info); - scoped_ptr<base::RSAPrivateKey> key( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_info)); + scoped_ptr<crypto::RSAPrivateKey> key( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_info)); ASSERT_TRUE(key.get()); - scoped_ptr<base::SignatureCreator> signer( - base::SignatureCreator::Create(key.get())); + scoped_ptr<crypto::SignatureCreator> signer( + crypto::SignatureCreator::Create(key.get())); ASSERT_TRUE(signer.get()); std::string data("Hello, World!"); @@ -41,7 +41,7 @@ TEST(SignatureCreatorTest, BasicTest) { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00 }; - base::SignatureVerifier verifier; + crypto::SignatureVerifier verifier; ASSERT_TRUE(verifier.VerifyInit( kSHA1WithRSAAlgorithmID, sizeof(kSHA1WithRSAAlgorithmID), &signature.front(), signature.size(), diff --git a/base/crypto/signature_creator_win.cc b/crypto/signature_creator_win.cc index 7102007..244b06a 100644 --- a/base/crypto/signature_creator_win.cc +++ b/crypto/signature_creator_win.cc @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_creator.h" +#include "crypto/signature_creator.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" -namespace base { +namespace crypto { // static SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { @@ -57,4 +57,4 @@ bool SignatureCreator::Final(std::vector<uint8>* signature) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_verifier.h b/crypto/signature_verifier.h index 1a2c3e7..fb6202c 100644 --- a/base/crypto/signature_verifier.h +++ b/crypto/signature_verifier.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_SIGNATURE_VERIFIER_H_ -#define BASE_CRYPTO_SIGNATURE_VERIFIER_H_ +#ifndef CRYPTO_SIGNATURE_VERIFIER_H_ +#define CRYPTO_SIGNATURE_VERIFIER_H_ #pragma once #include "build/build_config.h" @@ -16,18 +16,17 @@ #include <vector> -#include "base/base_api.h" #include "base/basictypes.h" #if defined(OS_WIN) -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif -namespace base { +namespace crypto { // The SignatureVerifier class verifies a signature using a bare public key // (as opposed to a certificate). -class BASE_API SignatureVerifier { +class SignatureVerifier { public: SignatureVerifier(); ~SignatureVerifier(); @@ -104,6 +103,6 @@ class BASE_API SignatureVerifier { #endif }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_SIGNATURE_VERIFIER_H_ +#endif // CRYPTO_SIGNATURE_VERIFIER_H_ diff --git a/base/crypto/signature_verifier_mac.cc b/crypto/signature_verifier_mac.cc index c8bfa8b..33cdfcf 100644 --- a/base/crypto/signature_verifier_mac.cc +++ b/crypto/signature_verifier_mac.cc @@ -1,15 +1,15 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_verifier.h" +#include "crypto/signature_verifier.h" #include <stdlib.h> -#include "base/crypto/cssm_init.h" #include "base/logging.h" +#include "crypto/cssm_init.h" -namespace base { +namespace crypto { SignatureVerifier::SignatureVerifier() : sig_handle_(0) { EnsureCSSMInit(); @@ -101,5 +101,5 @@ void SignatureVerifier::Reset() { // public_key_ manually. } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_verifier_nss.cc b/crypto/signature_verifier_nss.cc index 369f275..cf82785 100644 --- a/base/crypto/signature_verifier_nss.cc +++ b/crypto/signature_verifier_nss.cc @@ -1,17 +1,17 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_verifier.h" +#include "crypto/signature_verifier.h" #include <cryptohi.h> #include <keyhi.h> #include <stdlib.h> #include "base/logging.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" -namespace base { +namespace crypto { SignatureVerifier::SignatureVerifier() : vfy_context_(NULL) { EnsureNSSInit(); @@ -110,4 +110,4 @@ void SignatureVerifier::Reset() { signature_.clear(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc index abfb553..2a58155 100644 --- a/base/crypto/signature_verifier_openssl.cc +++ b/crypto/signature_verifier_openssl.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_verifier.h" +#include "crypto/signature_verifier.h" #include <openssl/evp.h> #include <openssl/x509.h> @@ -11,10 +11,10 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" #include "base/stl_util-inl.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { struct SignatureVerifier::VerifyContext { ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key; @@ -91,4 +91,4 @@ void SignatureVerifier::Reset() { signature_.clear(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/signature_verifier_unittest.cc b/crypto/signature_verifier_unittest.cc index e28395f..0294379 100644 --- a/base/crypto/signature_verifier_unittest.cc +++ b/crypto/signature_verifier_unittest.cc @@ -1,8 +1,8 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_verifier.h" +#include "crypto/signature_verifier.h" #include "testing/gtest/include/gtest/gtest.h" TEST(SignatureVerifierTest, BasicTest) { @@ -200,7 +200,7 @@ TEST(SignatureVerifierTest, BasicTest) { // We use the signature verifier to perform four signature verification // tests. - base::SignatureVerifier verifier; + crypto::SignatureVerifier verifier; bool ok; // Test 1: feed all of the data to the verifier at once (a single diff --git a/base/crypto/signature_verifier_win.cc b/crypto/signature_verifier_win.cc index c040d05..8bf094f 100644 --- a/base/crypto/signature_verifier_win.cc +++ b/crypto/signature_verifier_win.cc @@ -1,8 +1,8 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/signature_verifier.h" +#include "crypto/signature_verifier.h" #include "base/logging.h" @@ -22,7 +22,7 @@ void WINAPI MyCryptFree(void* p) { } // namespace -namespace base { +namespace crypto { SignatureVerifier::SignatureVerifier() : hash_object_(0), public_key_(0) { if (!CryptAcquireContext(provider_.receive(), NULL, NULL, @@ -130,5 +130,5 @@ void SignatureVerifier::Reset() { signature_.clear(); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/symmetric_key.h b/crypto/symmetric_key.h index b72c840..c5860b5 100644 --- a/base/crypto/symmetric_key.h +++ b/crypto/symmetric_key.h @@ -2,28 +2,27 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef BASE_CRYPTO_SYMMETRIC_KEY_H_ -#define BASE_CRYPTO_SYMMETRIC_KEY_H_ +#ifndef CRYPTO_SYMMETRIC_KEY_H_ +#define CRYPTO_SYMMETRIC_KEY_H_ #pragma once #include <string> -#include "base/base_api.h" #include "base/basictypes.h" #if defined(USE_NSS) -#include "base/crypto/scoped_nss_types.h" +#include "crypto/scoped_nss_types.h" #elif defined(OS_MACOSX) #include <Security/cssmtype.h> #elif defined(OS_WIN) -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif -namespace base { +namespace crypto { // Wraps a platform-specific symmetric key and allows it to be held in a // scoped_ptr. -class BASE_API SymmetricKey { +class SymmetricKey { public: // Defines the algorithm that a key will be used with. See also // classs Encrptor. @@ -100,6 +99,6 @@ class BASE_API SymmetricKey { DISALLOW_COPY_AND_ASSIGN(SymmetricKey); }; -} // namespace base +} // namespace crypto -#endif // BASE_CRYPTO_SYMMETRIC_KEY_H_ +#endif // CRYPTO_SYMMETRIC_KEY_H_ diff --git a/base/crypto/symmetric_key_mac.cc b/crypto/symmetric_key_mac.cc index 574f9d2..47193a08 100644 --- a/base/crypto/symmetric_key_mac.cc +++ b/crypto/symmetric_key_mac.cc @@ -1,21 +1,21 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" #include <CommonCrypto/CommonCryptor.h> #include <CoreFoundation/CFString.h> #include <Security/cssm.h> -#include "base/crypto/cssm_init.h" #include "base/logging.h" +#include "crypto/cssm_init.h" namespace { -CSSM_KEY_TYPE CheckKeyParams(base::SymmetricKey::Algorithm algorithm, +CSSM_KEY_TYPE CheckKeyParams(crypto::SymmetricKey::Algorithm algorithm, size_t key_size_in_bits) { - if (algorithm == base::SymmetricKey::AES) { + if (algorithm == crypto::SymmetricKey::AES) { CHECK(key_size_in_bits == 128 || key_size_in_bits == 192 || key_size_in_bits == 256) @@ -25,7 +25,7 @@ CSSM_KEY_TYPE CheckKeyParams(base::SymmetricKey::Algorithm algorithm, // FIPS 198 Section 3 requires a HMAC-SHA-1 derived keys to be at least // (HMAC-SHA-1 output size / 2) to be compliant. Since the ouput size of // HMAC-SHA-1 is 160 bits, we require at least 80 bits here. - CHECK(algorithm == base::SymmetricKey::HMAC_SHA1); + CHECK(algorithm == crypto::SymmetricKey::HMAC_SHA1); CHECK(key_size_in_bits >= 80 && (key_size_in_bits % 8) == 0) << "Invalid key size " << key_size_in_bits << " bits"; return CSSM_ALGID_SHA1HMAC_LEGACY; @@ -35,18 +35,18 @@ CSSM_KEY_TYPE CheckKeyParams(base::SymmetricKey::Algorithm algorithm, void* CreateRandomBytes(size_t size) { CSSM_RETURN err; CSSM_CC_HANDLE ctx; - err = CSSM_CSP_CreateRandomGenContext(base::GetSharedCSPHandle(), + err = CSSM_CSP_CreateRandomGenContext(crypto::GetSharedCSPHandle(), CSSM_ALGID_APPLE_YARROW, NULL, size, &ctx); if (err) { - base::LogCSSMError("CSSM_CSP_CreateRandomGenContext", err); + crypto::LogCSSMError("CSSM_CSP_CreateRandomGenContext", err); return NULL; } CSSM_DATA random_data = {}; err = CSSM_GenerateRandom(ctx, &random_data); if (err) { - base::LogCSSMError("CSSM_GenerateRandom", err); + crypto::LogCSSMError("CSSM_GenerateRandom", err); random_data.Data = NULL; } CSSM_DeleteContext(ctx); @@ -63,7 +63,7 @@ inline CSSM_DATA StringToData(const std::string& str) { } // namespace -namespace base { +namespace crypto { SymmetricKey::~SymmetricKey() {} @@ -152,4 +152,4 @@ CSSM_DATA SymmetricKey::cssm_data() const { return StringToData(key_); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/symmetric_key_nss.cc b/crypto/symmetric_key_nss.cc index 1e3551d..9690265 100644 --- a/base/crypto/symmetric_key_nss.cc +++ b/crypto/symmetric_key_nss.cc @@ -1,16 +1,16 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" #include <nss.h> #include <pk11pub.h> -#include "base/nss_util.h" #include "base/logging.h" +#include "crypto/nss_util.h" -namespace base { +namespace crypto { SymmetricKey::~SymmetricKey() {} @@ -124,4 +124,4 @@ SymmetricKey::SymmetricKey(PK11SymKey* key) : key_(key) { DCHECK(key); } -} // namespace base +} // namespace crypto diff --git a/base/crypto/symmetric_key_openssl.cc b/crypto/symmetric_key_openssl.cc index d055b61..1d1ad23 100644 --- a/base/crypto/symmetric_key_openssl.cc +++ b/crypto/symmetric_key_openssl.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" #include <openssl/evp.h> #include <openssl/rand.h> @@ -11,10 +11,10 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" #include "base/string_util.h" +#include "crypto/openssl_util.h" -namespace base { +namespace crypto { SymmetricKey::~SymmetricKey() { std::fill(key_.begin(), key_.end(), '\0'); // Zero out the confidential key. @@ -73,4 +73,4 @@ bool SymmetricKey::GetRawKey(std::string* raw_key) { return true; } -} // namespace base +} // namespace crypto diff --git a/base/crypto/symmetric_key_unittest.cc b/crypto/symmetric_key_unittest.cc index f9e9419..a07194e 100644 --- a/base/crypto/symmetric_key_unittest.cc +++ b/crypto/symmetric_key_unittest.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" #include <string> @@ -12,8 +12,8 @@ #include "testing/gtest/include/gtest/gtest.h" TEST(SymmetricKeyTest, GenerateRandomKey) { - scoped_ptr<base::SymmetricKey> key( - base::SymmetricKey::GenerateRandomKey(base::SymmetricKey::AES, 256)); + scoped_ptr<crypto::SymmetricKey> key( + crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); ASSERT_TRUE(NULL != key.get()); std::string raw_key; EXPECT_TRUE(key->GetRawKey(&raw_key)); @@ -21,8 +21,8 @@ TEST(SymmetricKeyTest, GenerateRandomKey) { // Do it again and check that the keys are different. // (Note: this has a one-in-10^77 chance of failure!) - scoped_ptr<base::SymmetricKey> key2( - base::SymmetricKey::GenerateRandomKey(base::SymmetricKey::AES, 256)); + scoped_ptr<crypto::SymmetricKey> key2( + crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); ASSERT_TRUE(NULL != key2.get()); std::string raw_key2; EXPECT_TRUE(key2->GetRawKey(&raw_key2)); @@ -31,14 +31,14 @@ TEST(SymmetricKeyTest, GenerateRandomKey) { } TEST(SymmetricKeyTest, ImportGeneratedKey) { - scoped_ptr<base::SymmetricKey> key1( - base::SymmetricKey::GenerateRandomKey(base::SymmetricKey::AES, 256)); + scoped_ptr<crypto::SymmetricKey> key1( + crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); ASSERT_TRUE(NULL != key1.get()); std::string raw_key1; EXPECT_TRUE(key1->GetRawKey(&raw_key1)); - scoped_ptr<base::SymmetricKey> key2( - base::SymmetricKey::Import(base::SymmetricKey::AES, raw_key1)); + scoped_ptr<crypto::SymmetricKey> key2( + crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, raw_key1)); ASSERT_TRUE(NULL != key2.get()); std::string raw_key2; @@ -48,16 +48,15 @@ TEST(SymmetricKeyTest, ImportGeneratedKey) { } TEST(SymmetricKeyTest, ImportDerivedKey) { - scoped_ptr<base::SymmetricKey> key1( - base::SymmetricKey::DeriveKeyFromPassword(base::SymmetricKey::HMAC_SHA1, - "password", "somesalt", 1024, - 160)); + scoped_ptr<crypto::SymmetricKey> key1( + crypto::SymmetricKey::DeriveKeyFromPassword( + crypto::SymmetricKey::HMAC_SHA1, "password", "somesalt", 1024, 160)); ASSERT_TRUE(NULL != key1.get()); std::string raw_key1; EXPECT_TRUE(key1->GetRawKey(&raw_key1)); - scoped_ptr<base::SymmetricKey> key2( - base::SymmetricKey::Import(base::SymmetricKey::HMAC_SHA1, raw_key1)); + scoped_ptr<crypto::SymmetricKey> key2( + crypto::SymmetricKey::Import(crypto::SymmetricKey::HMAC_SHA1, raw_key1)); ASSERT_TRUE(NULL != key2.get()); std::string raw_key2; @@ -67,7 +66,7 @@ TEST(SymmetricKeyTest, ImportDerivedKey) { } struct PBKDF2TestVector { - base::SymmetricKey::Algorithm algorithm; + crypto::SymmetricKey::Algorithm algorithm; const char* password; const char* salt; unsigned int rounds; @@ -90,8 +89,8 @@ TEST_P(SymmetricKeyDeriveKeyFromPasswordTest, DeriveKeyFromPassword) { } #endif // OS_MACOSX - scoped_ptr<base::SymmetricKey> key( - base::SymmetricKey::DeriveKeyFromPassword( + scoped_ptr<crypto::SymmetricKey> key( + crypto::SymmetricKey::DeriveKeyFromPassword( test_data.algorithm, test_data.password, test_data.salt, test_data.rounds, test_data.key_size_in_bits)); @@ -109,7 +108,7 @@ static const PBKDF2TestVector kTestVectors[] = { // These tests come from // http://www.ietf.org/id/draft-josefsson-pbkdf2-test-vectors-00.txt { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "salt", 1, @@ -117,7 +116,7 @@ static const PBKDF2TestVector kTestVectors[] = { "0c60c80f961f0e71f3a9b524af6012062fe037a6", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "salt", 2, @@ -125,7 +124,7 @@ static const PBKDF2TestVector kTestVectors[] = { "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "salt", 4096, @@ -135,7 +134,7 @@ static const PBKDF2TestVector kTestVectors[] = { // This test takes over 30s to run on the trybots. #if 0 { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "salt", 16777216, @@ -147,7 +146,7 @@ static const PBKDF2TestVector kTestVectors[] = { // These tests come from RFC 3962, via BSD source code at // http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/bioctl/pbkdf2.c?rev=HEAD&content-type=text/plain { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "ATHENA.MIT.EDUraeburn", 1, @@ -155,7 +154,7 @@ static const PBKDF2TestVector kTestVectors[] = { "cdedb5281bb2f801565a1122b25635150ad1f7a0", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "ATHENA.MIT.EDUraeburn", 2, @@ -163,7 +162,7 @@ static const PBKDF2TestVector kTestVectors[] = { "01dbee7f4a9e243e988b62c73cda935da05378b9", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "ATHENA.MIT.EDUraeburn", 1200, @@ -171,7 +170,7 @@ static const PBKDF2TestVector kTestVectors[] = { "5c08eb61fdf71e4e4ec3cf6ba1f5512ba7e52ddb", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "password", "\0224VxxV4\022", /* 0x1234567878563412 */ 5, @@ -179,7 +178,7 @@ static const PBKDF2TestVector kTestVectors[] = { "d1daa78615f287e6a1c8b120d7062a493f98d203", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "pass phrase equals block size", 1200, @@ -187,7 +186,7 @@ static const PBKDF2TestVector kTestVectors[] = { "139c30c0966bc32ba55fdbf212530ac9c5ec59f1", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "pass phrase exceeds block size", 1200, @@ -195,7 +194,7 @@ static const PBKDF2TestVector kTestVectors[] = { "9ccad6d468770cd51b10e6a68721be611a8b4d28", }, { - base::SymmetricKey::HMAC_SHA1, + crypto::SymmetricKey::HMAC_SHA1, "\360\235\204\236", /* g-clef (0xf09d849e) */ "EXAMPLE.COMpianist", 50, @@ -205,7 +204,7 @@ static const PBKDF2TestVector kTestVectors[] = { // Regression tests for AES keys, derived from the Linux NSS implementation. { - base::SymmetricKey::AES, + crypto::SymmetricKey::AES, "A test password", "saltsalt", 1, @@ -213,7 +212,7 @@ static const PBKDF2TestVector kTestVectors[] = { "44899a7777f0e6e8b752f875f02044b8ac593de146de896f2e8a816e315a36de", }, { - base::SymmetricKey::AES, + crypto::SymmetricKey::AES, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "pass phrase exceeds block size", 20, diff --git a/base/crypto/symmetric_key_win.cc b/crypto/symmetric_key_win.cc index 0a1c234..d2034e0 100644 --- a/base/crypto/symmetric_key_win.cc +++ b/crypto/symmetric_key_win.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/symmetric_key.h" +#include "crypto/symmetric_key.h" #include <winsock2.h> // For htonl. @@ -11,7 +11,7 @@ // TODO(wtc): replace scoped_array by std::vector. #include "base/memory/scoped_ptr.h" -namespace base { +namespace crypto { namespace { @@ -533,4 +533,4 @@ SymmetricKey::SymmetricKey(HCRYPTPROV provider, } } -} // namespace base +} // namespace crypto diff --git a/base/third_party/nss/LICENSE b/crypto/third_party/nss/LICENSE index 0367164..0367164 100644 --- a/base/third_party/nss/LICENSE +++ b/crypto/third_party/nss/LICENSE diff --git a/base/third_party/nss/README.chromium b/crypto/third_party/nss/README.chromium index 9b466c8..9b466c8 100644 --- a/base/third_party/nss/README.chromium +++ b/crypto/third_party/nss/README.chromium diff --git a/base/third_party/nss/blapi.h b/crypto/third_party/nss/blapi.h index b1f8dc0..3b0c60a 100644 --- a/base/third_party/nss/blapi.h +++ b/crypto/third_party/nss/blapi.h @@ -42,7 +42,7 @@ #ifndef _BLAPI_H_ #define _BLAPI_H_ -#include "base/third_party/nss/blapit.h" +#include "crypto/third_party/nss/blapit.h" /******************************************/ diff --git a/base/third_party/nss/blapit.h b/crypto/third_party/nss/blapit.h index e16a084..e16a084 100644 --- a/base/third_party/nss/blapit.h +++ b/crypto/third_party/nss/blapit.h diff --git a/base/third_party/nss/sha256.h b/crypto/third_party/nss/sha256.h index e641b49..e641b49 100644 --- a/base/third_party/nss/sha256.h +++ b/crypto/third_party/nss/sha256.h diff --git a/base/third_party/nss/sha512.cc b/crypto/third_party/nss/sha512.cc index 6ad0645..6c04674 100644 --- a/base/third_party/nss/sha512.cc +++ b/crypto/third_party/nss/sha512.cc @@ -47,8 +47,8 @@ #define NOUNROLL512 1 #undef HAVE_LONG_LONG #endif -#include "base/third_party/nss/blapi.h" -#include "base/third_party/nss/sha256.h" /* for struct SHA256ContextStr */ +#include "crypto/third_party/nss/blapi.h" +#include "crypto/third_party/nss/sha256.h" /* for struct SHA256ContextStr */ #include <stdlib.h> #include <string.h> @@ -1,4 +1,5 @@ include_rules = [ + "+crypto", "+third_party/libevent", "+third_party/nss", "+third_party/zlib", diff --git a/net/base/cert_database_mac.cc b/net/base/cert_database_mac.cc index 05854fc..06b036f 100644 --- a/net/base/cert_database_mac.cc +++ b/net/base/cert_database_mac.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -6,9 +6,9 @@ #include <Security/Security.h> -#include "base/crypto/mac_security_services_lock.h" #include "base/logging.h" #include "base/synchronization/lock.h" +#include "crypto/mac_security_services_lock.h" #include "net/base/net_errors.h" #include "net/base/x509_certificate.h" @@ -43,7 +43,7 @@ int CertDatabase::CheckUserCert(X509Certificate* cert) { int CertDatabase::AddUserCert(X509Certificate* cert) { OSStatus err; { - base::AutoLock locked(base::GetMacSecurityServicesLock()); + base::AutoLock locked(crypto::GetMacSecurityServicesLock()); err = SecCertificateAddToKeychain(cert->os_cert_handle(), NULL); } switch (err) { diff --git a/net/base/cert_database_nss.cc b/net/base/cert_database_nss.cc index 1cc5bfb..1e753de 100644 --- a/net/base/cert_database_nss.cc +++ b/net/base/cert_database_nss.cc @@ -12,8 +12,8 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" -#include "base/nss_util_internal.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" #include "net/base/crypto_module.h" #include "net/base/net_errors.h" #include "net/base/x509_certificate.h" @@ -27,7 +27,7 @@ namespace psm = mozilla_security_manager; namespace net { CertDatabase::CertDatabase() { - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); psm::EnsurePKCS12Init(); } @@ -78,7 +78,7 @@ int CertDatabase::AddUserCert(X509Certificate* cert_obj) { nickname = username + "'s " + ca_name + " ID"; { - base::AutoNSSWriteLock lock; + crypto::AutoNSSWriteLock lock; slot = PK11_ImportCertForKey(cert, const_cast<char*>(nickname.c_str()), NULL); @@ -111,7 +111,7 @@ void CertDatabase::ListCerts(CertificateList* certs) { CryptoModule* CertDatabase::GetPublicModule() const { CryptoModule* module = - CryptoModule::CreateFromHandle(base::GetPublicNSSKeySlot()); + CryptoModule::CreateFromHandle(crypto::GetPublicNSSKeySlot()); // The module is already referenced when returned from // GetPublicNSSKeySlot, so we need to deref it once. PK11_FreeSlot(module->os_module_handle()); @@ -121,7 +121,7 @@ CryptoModule* CertDatabase::GetPublicModule() const { CryptoModule* CertDatabase::GetPrivateModule() const { CryptoModule* module = - CryptoModule::CreateFromHandle(base::GetPrivateNSSKeySlot()); + CryptoModule::CreateFromHandle(crypto::GetPrivateNSSKeySlot()); // The module is already referenced when returned from // GetPrivateNSSKeySlot, so we need to deref it once. PK11_FreeSlot(module->os_module_handle()); diff --git a/net/base/cert_database_nss_unittest.cc b/net/base/cert_database_nss_unittest.cc index 6d47260b..0bdc61a 100644 --- a/net/base/cert_database_nss_unittest.cc +++ b/net/base/cert_database_nss_unittest.cc @@ -7,16 +7,16 @@ #include <algorithm> -#include "base/crypto/scoped_nss_types.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/lazy_instance.h" #include "base/memory/scoped_temp_dir.h" -#include "base/nss_util.h" -#include "base/nss_util_internal.h" #include "base/path_service.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" +#include "crypto/scoped_nss_types.h" #include "net/base/cert_database.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verify_result.h" @@ -108,8 +108,8 @@ class CertDatabaseNSSTest : public testing::Test { if (!temp_db_initialized_) { ASSERT_TRUE(temp_db_dir_.Get().CreateUniqueTempDir()); ASSERT_TRUE( - base::OpenTestNSSDB(temp_db_dir_.Get().path(), - "CertDatabaseNSSTest db")); + crypto::OpenTestNSSDB(temp_db_dir_.Get().path(), + "CertDatabaseNSSTest db")); temp_db_initialized_ = true; } slot_ = cert_db_.GetPublicModule(); diff --git a/net/base/dnssec_chain_verifier.cc b/net/base/dnssec_chain_verifier.cc index a915686..e3eeee7 100644 --- a/net/base/dnssec_chain_verifier.cc +++ b/net/base/dnssec_chain_verifier.cc @@ -7,8 +7,8 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/sha1.h" -#include "base/sha2.h" #include "base/string_util.h" +#include "crypto/sha2.h" #include "net/base/dns_util.h" #include "net/base/dnssec_keyset.h" @@ -516,7 +516,7 @@ bool DNSSECChainVerifier::DigestKey(base::StringPiece* out, uint16 keyid, uint8 algorithm) { std::string temp; - uint8 temp2[base::SHA256_LENGTH]; + uint8 temp2[crypto::SHA256_LENGTH]; const uint8* digest; unsigned digest_len; @@ -527,7 +527,7 @@ bool DNSSECChainVerifier::DigestKey(base::StringPiece* out, digest = reinterpret_cast<const uint8*>(temp.data()); digest_len = base::SHA1_LENGTH; } else if (digest_type == kDNSSEC_SHA256) { - base::SHA256HashString(input, temp2, sizeof(temp2)); + crypto::SHA256HashString(input, temp2, sizeof(temp2)); digest = temp2; digest_len = sizeof(temp2); } else { diff --git a/net/base/dnssec_keyset.cc b/net/base/dnssec_keyset.cc index 29dfc86..1cb8c73 100644 --- a/net/base/dnssec_keyset.cc +++ b/net/base/dnssec_keyset.cc @@ -10,8 +10,8 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/nss_util.h" #include "base/time.h" +#include "crypto/nss_util.h" #include "net/base/dns_util.h" namespace { @@ -193,13 +193,13 @@ bool DNSSECKeySet::VerifySignature( base::StringPiece public_key, base::StringPiece signed_data) { // This code is largely a copy-and-paste from - // base/crypto/signature_verifier_nss.cc. We can't change - // base::SignatureVerifier to always use NSS because we want the ability to - // be FIPS 140-2 compliant. However, we can't use base::SignatureVerifier + // crypto/signature_verifier_nss.cc. We can't change + // crypto::SignatureVerifier to always use NSS because we want the ability to + // be FIPS 140-2 compliant. However, we can't use crypto::SignatureVerifier // here because some platforms don't support SHA256 signatures. Therefore, we // use NSS directly. - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); CERTSubjectPublicKeyInfo* spki = NULL; SECItem spki_der; diff --git a/net/base/dnssec_keyset.h b/net/base/dnssec_keyset.h index 58bd288..968063f 100644 --- a/net/base/dnssec_keyset.h +++ b/net/base/dnssec_keyset.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,7 +12,7 @@ namespace net { -// DNSSECKeySet function wraps base/crypto/signature_verifier.h to accept +// DNSSECKeySet function wraps crypto/signature_verifier.h to accept // DNSSEC encodings. (See RFC 4043) class DNSSECKeySet { public: diff --git a/net/base/keygen_handler.cc b/net/base/keygen_handler.cc index 8c88b4d..7d63f4d 100644 --- a/net/base/keygen_handler.cc +++ b/net/base/keygen_handler.cc @@ -1,13 +1,9 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/base/keygen_handler.h" -#if defined(USE_NSS) -#include "base/crypto/crypto_module_blocking_password_delegate.h" -#endif - namespace net { // The constructor and destructor must be defined in a .cc file so that diff --git a/net/base/keygen_handler.h b/net/base/keygen_handler.h index 4dd7bbf..6927763 100644 --- a/net/base/keygen_handler.h +++ b/net/base/keygen_handler.h @@ -13,9 +13,7 @@ #include "googleurl/src/gurl.h" #if defined(USE_NSS) -namespace base { -class CryptoModuleBlockingPasswordDelegate; -}; +#include "crypto/crypto_module_blocking_password_delegate.h" #endif // defined(USE_NSS) namespace net { @@ -48,7 +46,7 @@ class KeygenHandler { // password callback is okay here. // Takes ownership of the delegate. void set_crypto_module_password_delegate( - base::CryptoModuleBlockingPasswordDelegate* delegate); + crypto::CryptoModuleBlockingPasswordDelegate* delegate); #endif // defined(USE_NSS) private: @@ -58,7 +56,7 @@ class KeygenHandler { bool stores_key_; // should the generated key-pair be stored persistently? #if defined(USE_NSS) // The callback for requesting a password to the PKCS#11 token. - scoped_ptr<base::CryptoModuleBlockingPasswordDelegate> + scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> crypto_module_password_delegate_; #endif // defined(USE_NSS) }; diff --git a/net/base/keygen_handler_mac.cc b/net/base/keygen_handler_mac.cc index cfd72bb..1bb4038 100644 --- a/net/base/keygen_handler_mac.cc +++ b/net/base/keygen_handler_mac.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,13 +9,13 @@ #include <Security/Security.h> #include "base/base64.h" -#include "base/crypto/cssm_init.h" -#include "base/crypto/mac_security_services_lock.h" #include "base/logging.h" #include "base/mac/scoped_cftyperef.h" #include "base/string_util.h" #include "base/synchronization/lock.h" #include "base/sys_string_conversions.h" +#include "crypto/cssm_init.h" +#include "crypto/mac_security_services_lock.h" // These are in Security.framework but not declared in a public header. extern const SecAsn1Template kSecAsn1AlgorithmIDTemplate[]; @@ -121,7 +121,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { err = SecAccessCreate(label, NULL, &initial_access); // If we fail, just continue without a label. if (err) - base::LogCSSMError("SecAccessCreate", err); + crypto::LogCSSMError("SecAccessCreate", err); } // Create the key-pair. @@ -135,7 +135,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { err = SecKeychainItemExport(public_key, kSecFormatBSAFE, 0, NULL, &key_data); if (err) { - base::LogCSSMError("SecKeychainItemExpor", err); + crypto::LogCSSMError("SecKeychainItemExpor", err); goto failure; } base::mac::ScopedCFTypeRef<CFDataRef> scoped_key_data(key_data); @@ -143,7 +143,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { // Create an ASN.1 encoder. err = SecAsn1CoderCreate(&coder); if (err) { - base::LogCSSMError("SecAsn1CoderCreate", err); + crypto::LogCSSMError("SecAsn1CoderCreate", err); goto failure; } @@ -163,7 +163,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { err = SecAsn1EncodeItem(coder, &spkac.pkac, kPublicKeyAndChallengeTemplate, &encoded); if (err) { - base::LogCSSMError("SecAsn1EncodeItem", err); + crypto::LogCSSMError("SecAsn1EncodeItem", err); goto failure; } @@ -181,7 +181,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { err = SecAsn1EncodeItem(coder, &spkac, kSignedPublicKeyAndChallengeTemplate, &encoded); if (err) { - base::LogCSSMError("SecAsn1EncodeItem", err); + crypto::LogCSSMError("SecAsn1EncodeItem", err); goto failure; } @@ -230,12 +230,12 @@ static OSStatus CreateRSAKeyPair(int size_in_bits, SecKeychainRef keychain; err = SecKeychainCopyDefault(&keychain); if (err) { - base::LogCSSMError("SecKeychainCopyDefault", err); + crypto::LogCSSMError("SecKeychainCopyDefault", err); return err; } base::mac::ScopedCFTypeRef<SecKeychainRef> scoped_keychain(keychain); { - base::AutoLock locked(base::GetMacSecurityServicesLock()); + base::AutoLock locked(crypto::GetMacSecurityServicesLock()); err = SecKeyCreatePair( keychain, CSSM_ALGID_RSA, @@ -252,7 +252,7 @@ static OSStatus CreateRSAKeyPair(int size_in_bits, out_pub_key, out_priv_key); } if (err) - base::LogCSSMError("SecKeyCreatePair", err); + crypto::LogCSSMError("SecKeyCreatePair", err); return err; } @@ -262,34 +262,34 @@ static OSStatus CreateSignatureContext(SecKeyRef key, OSStatus err; const CSSM_ACCESS_CREDENTIALS* credentials = NULL; { - base::AutoLock locked(base::GetMacSecurityServicesLock()); + base::AutoLock locked(crypto::GetMacSecurityServicesLock()); err = SecKeyGetCredentials(key, CSSM_ACL_AUTHORIZATION_SIGN, kSecCredentialTypeDefault, &credentials); } if (err) { - base::LogCSSMError("SecKeyGetCredentials", err); + crypto::LogCSSMError("SecKeyGetCredentials", err); return err; } CSSM_CSP_HANDLE csp_handle = 0; { - base::AutoLock locked(base::GetMacSecurityServicesLock()); + base::AutoLock locked(crypto::GetMacSecurityServicesLock()); err = SecKeyGetCSPHandle(key, &csp_handle); } if (err) { - base::LogCSSMError("SecKeyGetCSPHandle", err); + crypto::LogCSSMError("SecKeyGetCSPHandle", err); return err; } const CSSM_KEY* cssm_key = NULL; { - base::AutoLock locked(base::GetMacSecurityServicesLock()); + base::AutoLock locked(crypto::GetMacSecurityServicesLock()); err = SecKeyGetCSSMKey(key, &cssm_key); } if (err) { - base::LogCSSMError("SecKeyGetCSSMKey", err); + crypto::LogCSSMError("SecKeyGetCSSMKey", err); return err; } @@ -299,7 +299,7 @@ static OSStatus CreateSignatureContext(SecKeyRef key, cssm_key, out_cc_handle); if (err) - base::LogCSSMError("CSSM_CSP_CreateSignatureContext", err); + crypto::LogCSSMError("CSSM_CSP_CreateSignatureContext", err); return err; } @@ -311,12 +311,12 @@ static OSStatus SignData(CSSM_DATA data, CSSM_ALGID_MD5WithRSA, &cc_handle); if (err) { - base::LogCSSMError("CreateSignatureContext", err); + crypto::LogCSSMError("CreateSignatureContext", err); return err; } err = CSSM_SignData(cc_handle, &data, 1, CSSM_ALGID_NONE, signature); if (err) - base::LogCSSMError("CSSM_SignData", err); + crypto::LogCSSMError("CSSM_SignData", err); CSSM_DeleteContext(cc_handle); return err; } diff --git a/net/base/keygen_handler_nss.cc b/net/base/keygen_handler_nss.cc index 80af39e..5e97807 100644 --- a/net/base/keygen_handler_nss.cc +++ b/net/base/keygen_handler_nss.cc @@ -4,11 +4,11 @@ #include "net/base/keygen_handler.h" -#include "base/crypto/crypto_module_blocking_password_delegate.h" -#include "base/crypto/scoped_nss_types.h" #include "base/logging.h" -#include "base/nss_util.h" -#include "base/nss_util_internal.h" +#include "crypto/crypto_module_blocking_password_delegate.h" +#include "crypto/nss_util.h" +#include "crypto/nss_util_internal.h" +#include "crypto/scoped_nss_types.h" #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" // PSM = Mozilla's Personal Security Manager. @@ -18,10 +18,10 @@ namespace net { std::string KeygenHandler::GenKeyAndSignChallenge() { // Ensure NSS is initialized. - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); // TODO(mattm): allow choosing which slot to generate and store the key. - base::ScopedPK11Slot slot(base::GetPrivateNSSKeySlot()); + crypto::ScopedPK11Slot slot(crypto::GetPrivateNSSKeySlot()); if (!slot.get()) { LOG(ERROR) << "Couldn't get private key slot from NSS!"; return std::string(); @@ -39,7 +39,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { } void KeygenHandler::set_crypto_module_password_delegate( - base::CryptoModuleBlockingPasswordDelegate* delegate) { + crypto::CryptoModuleBlockingPasswordDelegate* delegate) { crypto_module_password_delegate_.reset(delegate); } diff --git a/net/base/keygen_handler_openssl.cc b/net/base/keygen_handler_openssl.cc index 0bfa734..cc6be2d 100644 --- a/net/base/keygen_handler_openssl.cc +++ b/net/base/keygen_handler_openssl.cc @@ -6,23 +6,23 @@ #include <openssl/ssl.h> -#include "base/crypto/rsa_private_key.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" -#include "base/openssl_util.h" +#include "crypto/openssl_util.h" +#include "crypto/rsa_private_key.h" #include "net/base/openssl_private_key_store.h" namespace net { std::string KeygenHandler::GenKeyAndSignChallenge() { - scoped_ptr<base::RSAPrivateKey> key( - base::RSAPrivateKey::Create(key_size_in_bits_)); + scoped_ptr<crypto::RSAPrivateKey> key( + crypto::RSAPrivateKey::Create(key_size_in_bits_)); EVP_PKEY* pkey = key->key(); if (stores_key_) OpenSSLPrivateKeyStore::GetInstance()->StorePrivateKey(url_, pkey); - base::ScopedOpenSSL<NETSCAPE_SPKI, NETSCAPE_SPKI_free> spki( + crypto::ScopedOpenSSL<NETSCAPE_SPKI, NETSCAPE_SPKI_free> spki( NETSCAPE_SPKI_new()); ASN1_STRING_set(spki.get()->spkac->challenge, challenge_.data(), challenge_.size()); diff --git a/net/base/keygen_handler_unittest.cc b/net/base/keygen_handler_unittest.cc index ee60cee..52c7edf 100644 --- a/net/base/keygen_handler_unittest.cc +++ b/net/base/keygen_handler_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,11 +9,11 @@ #include "build/build_config.h" #include "base/base64.h" #include "base/logging.h" -#include "base/nss_util.h" #include "base/task.h" #include "base/threading/worker_pool.h" #include "base/threading/thread_restrictions.h" #include "base/synchronization/waitable_event.h" +#include "crypto/nss_util.h" #include "testing/gtest/include/gtest/gtest.h" #if defined(USE_NSS) @@ -31,7 +31,7 @@ class KeygenHandlerTest : public ::testing::Test { virtual void SetUp() { #if defined(OS_CHROMEOS) - base::OpenPersistentNSSDB(); + crypto::OpenPersistentNSSDB(); #endif } }; diff --git a/net/base/keygen_handler_win.cc b/net/base/keygen_handler_win.cc index 6d30da6..bbe86f0 100644 --- a/net/base/keygen_handler_win.cc +++ b/net/base/keygen_handler_win.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -16,12 +16,13 @@ #include "base/base64.h" #include "base/basictypes.h" -#include "base/crypto/capi_util.h" -#include "base/crypto/scoped_capi_types.h" #include "base/logging.h" #include "base/string_piece.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" +#include "crypto/capi_util.h" +#include "crypto/scoped_capi_types.h" + namespace net { @@ -143,13 +144,13 @@ struct KeyContainer { provider_.reset(); if (delete_keyset_ && !key_id_.empty()) { HCRYPTPROV provider; - base::CryptAcquireContextLocked(&provider, key_id_.c_str(), NULL, + crypto::CryptAcquireContextLocked(&provider, key_id_.c_str(), NULL, PROV_RSA_FULL, CRYPT_SILENT | CRYPT_DELETEKEYSET); } } } - base::ScopedHCRYPTPROV provider_; + crypto::ScopedHCRYPTPROV provider_; std::wstring key_id_; private: @@ -176,9 +177,9 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { // Only create new key containers, so that existing key containers are not // overwritten. - if (base::CryptAcquireContextLocked(key_container.provider_.receive(), - key_container.key_id_.c_str(), NULL, PROV_RSA_FULL, - CRYPT_SILENT | CRYPT_NEWKEYSET)) + if (crypto::CryptAcquireContextLocked(key_container.provider_.receive(), + key_container.key_id_.c_str(), NULL, PROV_RSA_FULL, + CRYPT_SILENT | CRYPT_NEWKEYSET)) break; if (GetLastError() != NTE_BAD_KEYSET) { @@ -194,7 +195,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() { } { - base::ScopedHCRYPTKEY key; + crypto::ScopedHCRYPTKEY key; if (!CryptGenKey(key_container.provider_, CALG_RSA_KEYX, (key_size_in_bits_ << 16) | CRYPT_EXPORTABLE, key.receive())) { LOG(ERROR) << "Keygen failed: Couldn't generate an RSA key"; diff --git a/net/base/openssl_memory_private_key_store.cc b/net/base/openssl_memory_private_key_store.cc index 2d42e3e..92716f2 100644 --- a/net/base/openssl_memory_private_key_store.cc +++ b/net/base/openssl_memory_private_key_store.cc @@ -10,7 +10,6 @@ #include "base/logging.h" #include "base/memory/singleton.h" -#include "base/openssl_util.h" #include "base/synchronization/lock.h" #include "net/base/x509_certificate.h" diff --git a/net/base/run_all_unittests.cc b/net/base/run_all_unittests.cc index bec0da2..a844354 100644 --- a/net/base/run_all_unittests.cc +++ b/net/base/run_all_unittests.cc @@ -4,7 +4,7 @@ #include "build/build_config.h" #include "base/metrics/histogram.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" #include "net/base/net_test_suite.h" #include "net/socket/client_socket_pool_base.h" @@ -18,7 +18,7 @@ int main(int argc, char** argv) { #if defined(OS_WIN) // We want to be sure to init NSPR on the main thread. - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); #endif return test_suite.Run(); diff --git a/net/base/sdch_manager.cc b/net/base/sdch_manager.cc index 9d4d496..0c16455 100644 --- a/net/base/sdch_manager.cc +++ b/net/base/sdch_manager.cc @@ -7,9 +7,9 @@ #include "base/base64.h" #include "base/logging.h" #include "base/metrics/histogram.h" -#include "base/sha2.h" #include "base/string_number_conversions.h" #include "base/string_util.h" +#include "crypto/sha2.h" #include "net/base/registry_controlled_domain.h" #include "net/url_request/url_request_http_job.h" @@ -496,7 +496,7 @@ void SdchManager::GetAvailDictionaryList(const GURL& target_url, void SdchManager::GenerateHash(const std::string& dictionary_text, std::string* client_hash, std::string* server_hash) { char binary_hash[32]; - base::SHA256HashString(dictionary_text, binary_hash, sizeof(binary_hash)); + crypto::SHA256HashString(dictionary_text, binary_hash, sizeof(binary_hash)); std::string first_48_bits(&binary_hash[0], 6); std::string second_48_bits(&binary_hash[6], 6); diff --git a/net/base/test_root_certs_nss.cc b/net/base/test_root_certs_nss.cc index ae5ff5c..70c8133 100644 --- a/net/base/test_root_certs_nss.cc +++ b/net/base/test_root_certs_nss.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -7,8 +7,8 @@ #include <cert.h> #include "base/logging.h" -#include "base/nss_util.h" #include "base/stl_util-inl.h" +#include "crypto/nss_util.h" #include "net/base/x509_certificate.h" namespace net { @@ -113,7 +113,7 @@ TestRootCerts::~TestRootCerts() { } void TestRootCerts::Init() { - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); } } // namespace net diff --git a/net/base/test_root_certs_openssl.cc b/net/base/test_root_certs_openssl.cc index 8307703..6016e33 100644 --- a/net/base/test_root_certs_openssl.cc +++ b/net/base/test_root_certs_openssl.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,8 +8,8 @@ #include <openssl/x509v3.h> #include "base/logging.h" -#include "base/openssl_util.h" #include "base/tracked.h" +#include "crypto/openssl_util.h" #include "net/base/x509_certificate.h" namespace net { @@ -20,7 +20,7 @@ bool TestRootCerts::Add(X509Certificate* certificate) { unsigned long error_code = ERR_peek_error(); if (ERR_GET_LIB(error_code) != ERR_LIB_X509 || ERR_GET_REASON(error_code) != X509_R_CERT_ALREADY_IN_HASH_TABLE) { - base::ClearOpenSSLERRStack(FROM_HERE); + crypto::ClearOpenSSLERRStack(FROM_HERE); return false; } ERR_clear_error(); diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc index 78f3227..8644032 100644 --- a/net/base/transport_security_state.cc +++ b/net/base/transport_security_state.cc @@ -10,12 +10,12 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/sha1.h" -#include "base/sha2.h" #include "base/string_number_conversions.h" #include "base/string_tokenizer.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" #include "base/values.h" +#include "crypto/sha2.h" #include "googleurl/src/gurl.h" #include "net/base/dns_util.h" @@ -40,8 +40,8 @@ void TransportSecurityState::EnableHost(const std::string& host, if (IsPreloadedSTS(canonicalized_host, true, &temp)) return; - char hashed[base::SHA256_LENGTH]; - base::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); + char hashed[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); // Use the original creation date if we already have this host. DomainState state_copy(state); @@ -62,8 +62,8 @@ bool TransportSecurityState::DeleteHost(const std::string& host) { if (canonicalized_host.empty()) return false; - char hashed[base::SHA256_LENGTH]; - base::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); + char hashed[crypto::SHA256_LENGTH]; + crypto::SHA256HashString(canonicalized_host, hashed, sizeof(hashed)); std::map<std::string, DomainState>::iterator i = enabled_hosts_.find( std::string(hashed, sizeof(hashed))); @@ -103,10 +103,10 @@ bool TransportSecurityState::IsEnabledForHost(DomainState* result, base::Time current_time(base::Time::Now()); for (size_t i = 0; canonicalized_host[i]; i += canonicalized_host[i] + 1) { - char hashed_domain[base::SHA256_LENGTH]; + char hashed_domain[crypto::SHA256_LENGTH]; - base::SHA256HashString(IncludeNUL(&canonicalized_host[i]), &hashed_domain, - sizeof(hashed_domain)); + crypto::SHA256HashString(IncludeNUL(&canonicalized_host[i]), &hashed_domain, + sizeof(hashed_domain)); std::map<std::string, DomainState>::iterator j = enabled_hosts_.find(std::string(hashed_domain, sizeof(hashed_domain))); if (j == enabled_hosts_.end()) @@ -285,7 +285,7 @@ static std::string HashedDomainToExternalString(const std::string& hashed) { static std::string ExternalStringToHashedDomain(const std::string& external) { std::string out; if (!base::Base64Decode(external, &out) || - out.size() != base::SHA256_LENGTH) { + out.size() != crypto::SHA256_LENGTH) { return std::string(); } diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h index a6896e9..7f2c881 100644 --- a/net/base/x509_certificate.h +++ b/net/base/x509_certificate.h @@ -36,10 +36,10 @@ struct CERTCertificateStr; class Pickle; -namespace base { +namespace crypto { class StringPiece; class RSAPrivateKey; -} // namespace base +} // namespace crypto namespace net { @@ -176,7 +176,7 @@ class X509Certificate : public base::RefCountedThreadSafe<X509Certificate> { // 2. Self-signed certificates cannot be revoked. // // Use this certificate only after the above risks are acknowledged. - static X509Certificate* CreateSelfSigned(base::RSAPrivateKey* key, + static X509Certificate* CreateSelfSigned(crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration); diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc index 3156e56..a60b240 100644 --- a/net/base/x509_certificate_mac.cc +++ b/net/base/x509_certificate_mac.cc @@ -10,16 +10,16 @@ #include <vector> -#include "base/crypto/cssm_init.h" -#include "base/crypto/rsa_private_key.h" #include "base/lazy_instance.h" #include "base/logging.h" #include "base/mac/scoped_cftyperef.h" #include "base/memory/singleton.h" -#include "base/nss_util.h" #include "base/pickle.h" #include "base/sha1.h" #include "base/sys_string_conversions.h" +#include "crypto/cssm_init.h" +#include "crypto/nss_util.h" +#include "crypto/rsa_private_key.h" #include "net/base/asn1_util.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verify_result.h" @@ -485,11 +485,11 @@ class ScopedEncodedCertResults { CSSM_ENCODED_CERT* encCert = reinterpret_cast<CSSM_ENCODED_CERT*>(results_->Results); for (uint32 i = 0; i < results_->NumberOfResults; i++) { - base::CSSMFree(encCert[i].CertBlob.Data); + crypto::CSSMFree(encCert[i].CertBlob.Data); } } - base::CSSMFree(results_->Results); - base::CSSMFree(results_); + crypto::CSSMFree(results_->Results); + crypto::CSSMFree(results_); } private: @@ -566,7 +566,7 @@ X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, // static X509Certificate* X509Certificate::CreateSelfSigned( - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration) { @@ -588,7 +588,7 @@ X509Certificate* X509Certificate::CreateSelfSigned( // NSS is used to parse the subject string into a set of // CSSM_OID/string pairs. There doesn't appear to be a system routine for // parsing Distinguished Name strings. - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); CSSMOIDStringVector subject_name_oids; ScopedCertName subject_name( @@ -617,8 +617,8 @@ X509Certificate* X509Certificate::CreateSelfSigned( // Set up a certificate request. CSSM_APPLE_TP_CERT_REQUEST certReq; memset(&certReq, 0, sizeof(certReq)); - certReq.cspHand = base::GetSharedCSPHandle(); - certReq.clHand = base::GetSharedCLHandle(); + certReq.cspHand = crypto::GetSharedCSPHandle(); + certReq.clHand = crypto::GetSharedCLHandle(); // See comment about serial numbers above. certReq.serialNumber = serial_number & 0x7fffffff; certReq.numSubjectNames = cssm_subject_names.size(); @@ -650,7 +650,7 @@ X509Certificate* X509Certificate::CreateSelfSigned( callerAuthContext.Policy.NumberOfPolicyIds = 1; callerAuthContext.Policy.PolicyIds = &policyId; - CSSM_TP_HANDLE tp_handle = base::GetSharedTPHandle(); + CSSM_TP_HANDLE tp_handle = crypto::GetSharedTPHandle(); CSSM_DATA refId; memset(&refId, 0, sizeof(refId)); sint32 estTime; @@ -667,7 +667,7 @@ X509Certificate* X509Certificate::CreateSelfSigned( crtn = CSSM_TP_RetrieveCredResult(tp_handle, &refId, NULL, &estTime, &confirmRequired, &resultSet); ScopedEncodedCertResults scopedResults(resultSet); - base::CSSMFree(refId.Data); + crypto::CSSMFree(refId.Data); if (crtn) { DLOG(ERROR) << "CSSM_TP_RetrieveCredResult failed " << crtn; return NULL; diff --git a/net/base/x509_certificate_nss.cc b/net/base/x509_certificate_nss.cc index 4b39f9e..56035fa 100644 --- a/net/base/x509_certificate_nss.cc +++ b/net/base/x509_certificate_nss.cc @@ -16,12 +16,12 @@ #include <sechash.h> #include <sslerr.h> -#include "base/crypto/rsa_private_key.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/pickle.h" #include "base/time.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" +#include "crypto/rsa_private_key.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verify_result.h" #include "net/base/ev_root_ca_metadata.h" @@ -278,7 +278,7 @@ void ParseDate(SECItem* der_date, base::Time* result) { PRTime prtime; SECStatus rv = DER_DecodeTimeChoice(&prtime, der_date); DCHECK(rv == SECSuccess); - *result = base::PRTimeToBaseTime(prtime); + *result = crypto::PRTimeToBaseTime(prtime); } void GetCertSubjectAltNamesOfType(X509Certificate::OSCertHandle cert_handle, @@ -662,7 +662,7 @@ X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, // static X509Certificate* X509Certificate::CreateSelfSigned( - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration) { @@ -926,7 +926,7 @@ X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( if (length < 0) return NULL; - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); if (!NSS_IsInitialized()) return NULL; @@ -948,7 +948,7 @@ X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes( if (length < 0) return results; - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); if (!NSS_IsInitialized()) return results; diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc index 687cfb5..52d9d4e 100644 --- a/net/base/x509_certificate_openssl.cc +++ b/net/base/x509_certificate_openssl.cc @@ -14,10 +14,10 @@ #include <openssl/x509v3.h> #include "base/memory/singleton.h" -#include "base/openssl_util.h" #include "base/pickle.h" #include "base/sha1.h" #include "base/string_number_conversions.h" +#include "crypto/openssl_util.h" #include "net/base/asn1_util.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verify_result.h" @@ -33,9 +33,9 @@ namespace { void CreateOSCertHandlesFromPKCS7Bytes( const char* data, int length, X509Certificate::OSCertHandles* handles) { - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); const unsigned char* der_data = reinterpret_cast<const unsigned char*>(data); - base::ScopedOpenSSL<PKCS7, PKCS7_free> pkcs7_cert( + crypto::ScopedOpenSSL<PKCS7, PKCS7_free> pkcs7_cert( d2i_PKCS7(NULL, &der_data, length)); if (!pkcs7_cert.get()) return; @@ -101,7 +101,7 @@ void ParseSubjectAltNames(X509Certificate::OSCertHandle cert, if (!alt_name_ext) return; - base::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names( + crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names( reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(alt_name_ext))); if (!alt_names.get()) return; @@ -228,14 +228,14 @@ class X509InitSingleton { private: friend struct DefaultSingletonTraits<X509InitSingleton>; X509InitSingleton() { - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); der_cache_ex_index_ = X509_get_ex_new_index(0, 0, 0, 0, DERCache_free); DCHECK_NE(der_cache_ex_index_, -1); ResetCertStore(); } int der_cache_ex_index_; - base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; + crypto::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); }; @@ -310,7 +310,7 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { } void X509Certificate::Initialize() { - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); fingerprint_ = CalculateFingerprint(cert_handle_); ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_); @@ -348,7 +348,7 @@ X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( const char* data, int length) { if (length < 0) return NULL; - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); const unsigned char* d2i_data = reinterpret_cast<const unsigned char*>(data); // Don't cache this data via SetDERCache as this wire format may be not be @@ -397,7 +397,7 @@ X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, // static X509Certificate* X509Certificate::CreateSelfSigned( - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration) { @@ -446,10 +446,10 @@ int X509Certificate::Verify(const std::string& hostname, if (!VerifyHostname(hostname, cert_names)) verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; - base::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( + crypto::ScopedOpenSSL<X509_STORE_CTX, X509_STORE_CTX_free> ctx( X509_STORE_CTX_new()); - base::ScopedOpenSSL<STACK_OF(X509), sk_X509_free_fn> intermediates( + crypto::ScopedOpenSSL<STACK_OF(X509), sk_X509_free_fn> intermediates( sk_X509_new_null()); if (!intermediates.get()) return ERR_OUT_OF_MEMORY; diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc index e7f924f..f49e035 100644 --- a/net/base/x509_certificate_unittest.cc +++ b/net/base/x509_certificate_unittest.cc @@ -2,7 +2,6 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" #include "base/file_util.h" #include "base/path_service.h" @@ -10,6 +9,7 @@ #include "base/sha1.h" #include "base/string_number_conversions.h" #include "base/string_split.h" +#include "crypto/rsa_private_key.h" #include "net/base/asn1_util.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_test_util.h" @@ -831,8 +831,8 @@ TEST(X509CertificateTest, IsIssuedBy) { // This test creates a self-signed cert from a private key and then verify the // content of the certificate. TEST(X509CertificateTest, CreateSelfSigned) { - scoped_ptr<base::RSAPrivateKey> private_key( - base::RSAPrivateKey::Create(1024)); + scoped_ptr<crypto::RSAPrivateKey> private_key( + crypto::RSAPrivateKey::Create(1024)); scoped_refptr<X509Certificate> cert = X509Certificate::CreateSelfSigned( private_key.get(), "CN=subject", 1, base::TimeDelta::FromDays(1)); @@ -927,7 +927,7 @@ TEST(X509CertificateTest, CreateSelfSigned) { input.resize(sizeof(private_key_info)); memcpy(&input.front(), private_key_info, sizeof(private_key_info)); - private_key.reset(base::RSAPrivateKey::CreateFromPrivateKeyInfo(input)); + private_key.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input)); ASSERT_TRUE(private_key.get()); cert = X509Certificate::CreateSelfSigned( @@ -938,8 +938,8 @@ TEST(X509CertificateTest, CreateSelfSigned) { } TEST(X509CertificateTest, GetDEREncoded) { - scoped_ptr<base::RSAPrivateKey> private_key( - base::RSAPrivateKey::Create(1024)); + scoped_ptr<crypto::RSAPrivateKey> private_key( + crypto::RSAPrivateKey::Create(1024)); scoped_refptr<X509Certificate> cert = X509Certificate::CreateSelfSigned( private_key.get(), "CN=subject", 0, base::TimeDelta::FromDays(1)); diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc index f42fdc4..a1a3eae 100644 --- a/net/base/x509_certificate_win.cc +++ b/net/base/x509_certificate_win.cc @@ -4,8 +4,6 @@ #include "net/base/x509_certificate.h" -#include "base/crypto/rsa_private_key.h" -#include "base/crypto/scoped_capi_types.h" #include "base/lazy_instance.h" #include "base/logging.h" #include "base/pickle.h" @@ -13,6 +11,8 @@ #include "base/string_tokenizer.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" +#include "crypto/rsa_private_key.h" +#include "crypto/scoped_capi_types.h" #include "net/base/asn1_util.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verify_result.h" @@ -30,10 +30,10 @@ namespace net { namespace { -typedef base::ScopedCAPIHandle< +typedef crypto::ScopedCAPIHandle< HCERTSTORE, - base::CAPIDestroyerWithFlags<HCERTSTORE, - CertCloseStore, 0> > ScopedHCERTSTORE; + crypto::CAPIDestroyerWithFlags<HCERTSTORE, + CertCloseStore, 0> > ScopedHCERTSTORE; struct FreeChainEngineFunctor { void operator()(HCERTCHAINENGINE engine) const { @@ -42,7 +42,7 @@ struct FreeChainEngineFunctor { } }; -typedef base::ScopedCAPIHandle<HCERTCHAINENGINE, FreeChainEngineFunctor> +typedef crypto::ScopedCAPIHandle<HCERTCHAINENGINE, FreeChainEngineFunctor> ScopedHCERTCHAINENGINE; //----------------------------------------------------------------------------- @@ -574,7 +574,7 @@ X509Certificate* X509Certificate::CreateFromPickle(const Pickle& pickle, // static X509Certificate* X509Certificate::CreateSelfSigned( - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration) { diff --git a/net/http/des.cc b/net/http/des.cc index 30706e9..e9d6388 100644 --- a/net/http/des.cc +++ b/net/http/des.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,17 +8,17 @@ #if defined(USE_OPENSSL) #include <openssl/des.h> -#include "base/openssl_util.h" +#include "crypto/openssl_util.h" #elif defined(USE_NSS) #include <nss.h> #include <pk11pub.h> -#include "base/nss_util.h" +#include "crypto/nss_util.h" #elif defined(OS_MACOSX) #include <CommonCrypto/CommonCryptor.h> #elif defined(OS_WIN) #include <windows.h> #include <wincrypt.h> -#include "base/crypto/scoped_capi_types.h" +#include "crypto/scoped_capi_types.h" #endif // The Mac and Windows (CryptoAPI) versions of DESEncrypt are our own code. @@ -90,7 +90,7 @@ void DESMakeKey(const uint8* raw, uint8* key) { #if defined(USE_OPENSSL) void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); DES_key_schedule ks; DES_set_key_unchecked( @@ -112,7 +112,7 @@ void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { SECStatus rv; unsigned int n; - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); slot = PK11_GetBestSlot(cipher_mech, NULL); if (!slot) @@ -171,7 +171,7 @@ void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { #elif defined(OS_WIN) void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { - base::ScopedHCRYPTPROV provider; + crypto::ScopedHCRYPTPROV provider; if (!CryptAcquireContext(provider.receive(), NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) return; @@ -191,7 +191,7 @@ void DESEncrypt(const uint8* key, const uint8* src, uint8* hash) { key_blob.key_size = 8; // 64 bits memcpy(key_blob.key_data, key, 8); - base::ScopedHCRYPTKEY key; + crypto::ScopedHCRYPTKEY key; BOOL import_ok = CryptImportKey(provider, reinterpret_cast<BYTE*>(&key_blob), sizeof key_blob, 0, 0, key.receive()); diff --git a/net/net.gyp b/net/net.gyp index 6b9aca0..1c8b595 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -15,6 +15,7 @@ '../base/base.gyp:base_i18n', '../base/third_party/dynamic_annotations/dynamic_annotations.gyp:dynamic_annotations', '../build/temp_gyp/googleurl.gyp:googleurl', + '../crypto/crypto.gyp:crypto', '../sdch/sdch.gyp:sdch', '../third_party/icu/icu.gyp:icui18n', '../third_party/icu/icu.gyp:icuuc', @@ -357,6 +358,7 @@ '../base/base.gyp:base', '../base/base.gyp:base_i18n', '../build/temp_gyp/googleurl.gyp:googleurl', + '../crypto/crypto.gyp:crypto', '../sdch/sdch.gyp:sdch', '../third_party/icu/icu.gyp:icui18n', '../third_party/icu/icu.gyp:icuuc', @@ -867,6 +869,7 @@ 'net_test_support', '../base/base.gyp:base', '../base/base.gyp:base_i18n', + '../crypto/crypto.gyp:crypto', '../testing/gmock.gyp:gmock', '../testing/gtest.gyp:gtest', '../third_party/zlib/zlib.gyp:zlib', diff --git a/net/socket/dns_cert_provenance_checker.cc b/net/socket/dns_cert_provenance_checker.cc index dfa86d2..5ab0631 100644 --- a/net/socket/dns_cert_provenance_checker.cc +++ b/net/socket/dns_cert_provenance_checker.cc @@ -18,12 +18,12 @@ #include "base/base64.h" #include "base/basictypes.h" -#include "base/crypto/encryptor.h" -#include "base/crypto/symmetric_key.h" #include "base/lazy_instance.h" #include "base/memory/scoped_ptr.h" #include "base/pickle.h" #include "base/threading/non_thread_safe.h" +#include "crypto/encryptor.h" +#include "crypto/symmetric_key.h" #include "net/base/completion_callback.h" #include "net/base/dns_util.h" #include "net/base/dnsrr_resolver.h" @@ -302,12 +302,12 @@ std::string DnsCertProvenanceChecker::BuildEncryptedReport( DCHECK_GE(sizeof(key_data), kKeySizeInBytes + kIVSizeInBytes); std::string raw_key(key_data, kKeySizeInBytes); - scoped_ptr<base::SymmetricKey> symkey( - base::SymmetricKey::Import(base::SymmetricKey::AES, raw_key)); + scoped_ptr<crypto::SymmetricKey> symkey( + crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, raw_key)); std::string iv(key_data + kKeySizeInBytes, kIVSizeInBytes); - base::Encryptor encryptor; - bool r = encryptor.Init(symkey.get(), base::Encryptor::CBC, iv); + crypto::Encryptor encryptor; + bool r = encryptor.Init(symkey.get(), crypto::Encryptor::CBC, iv); CHECK(r); std::string plaintext(reinterpret_cast<const char*>(p.data()), p.size()); diff --git a/net/socket/nss_ssl_util.cc b/net/socket/nss_ssl_util.cc index 3c8a7e1..daed00f 100644 --- a/net/socket/nss_ssl_util.cc +++ b/net/socket/nss_ssl_util.cc @@ -14,9 +14,9 @@ #include "base/lazy_instance.h" #include "base/logging.h" #include "base/memory/singleton.h" -#include "base/nss_util.h" #include "base/threading/thread_restrictions.h" #include "base/values.h" +#include "crypto/nss_util.h" #include "net/base/net_errors.h" #include "net/base/net_log.h" @@ -25,7 +25,7 @@ namespace net { class NSSSSLInitSingleton { public: NSSSSLInitSingleton() { - base::EnsureNSSInit(); + crypto::EnsureNSSInit(); NSS_SetDomesticPolicy(); diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 37e93f2..a2396b1 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -68,7 +68,6 @@ #include "base/logging.h" #include "base/memory/singleton.h" #include "base/metrics/histogram.h" -#include "base/nss_util.h" #include "base/string_number_conversions.h" #include "base/string_util.h" #include "base/stringprintf.h" diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc index 13af0c6..395c067 100644 --- a/net/socket/ssl_client_socket_openssl.cc +++ b/net/socket/ssl_client_socket_openssl.cc @@ -12,8 +12,8 @@ #include "base/memory/singleton.h" #include "base/metrics/histogram.h" -#include "base/openssl_util.h" #include "base/synchronization/lock.h" +#include "crypto/openssl_util.h" #include "net/base/cert_verifier.h" #include "net/base/net_errors.h" #include "net/base/openssl_private_key_store.h" @@ -172,7 +172,7 @@ int MapOpenSSLErrorSSL() { // error stack if needed. Note that |tracer| is not currently used in the // implementation, but is passed in anyway as this ensures the caller will clear // any residual codes left on the error stack. -int MapOpenSSLError(int err, const base::OpenSSLErrStackTracer& tracer) { +int MapOpenSSLError(int err, const crypto::OpenSSLErrStackTracer& tracer) { switch (err) { case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: @@ -206,7 +206,7 @@ class SSLSessionCache { void OnSessionAdded(const HostPortPair& host_and_port, SSL_SESSION* session) { // Declare the session cleaner-upper before the lock, so any call into // OpenSSL to free the session will happen after the lock is released. - base::ScopedOpenSSL<SSL_SESSION, SSL_SESSION_free> session_to_free; + crypto::ScopedOpenSSL<SSL_SESSION, SSL_SESSION_free> session_to_free; base::AutoLock lock(lock_); DCHECK_EQ(0U, session_map_.count(session)); @@ -228,7 +228,7 @@ class SSLSessionCache { void OnSessionRemoved(SSL_SESSION* session) { // Declare the session cleaner-upper before the lock, so any call into // OpenSSL to free the session will happen after the lock is released. - base::ScopedOpenSSL<SSL_SESSION, SSL_SESSION_free> session_to_free; + crypto::ScopedOpenSSL<SSL_SESSION, SSL_SESSION_free> session_to_free; base::AutoLock lock(lock_); SessionMap::iterator it = session_map_.find(session); @@ -301,7 +301,7 @@ class SSLContext { friend struct DefaultSingletonTraits<SSLContext>; SSLContext() { - base::EnsureOpenSSLInit(); + crypto::EnsureOpenSSLInit(); ssl_socket_data_index_ = SSL_get_ex_new_index(0, 0, 0, 0, 0); DCHECK_NE(ssl_socket_data_index_, -1); ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method())); @@ -358,7 +358,7 @@ class SSLContext { // SSLClientSocketOpenSSL object from an SSL instance. int ssl_socket_data_index_; - base::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ssl_ctx_; + crypto::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ssl_ctx_; SSLSessionCache session_cache_; }; @@ -415,7 +415,7 @@ bool SSLClientSocketOpenSSL::Init() { DCHECK(!transport_bio_); SSLContext* context = SSLContext::GetInstance(); - base::OpenSSLErrStackTracer err_tracer(FROM_HERE); + crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); ssl_ = SSL_new(context->ssl_ctx()); if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this)) @@ -727,7 +727,7 @@ int SSLClientSocketOpenSSL::DoHandshakeLoop(int last_io_result) { } int SSLClientSocketOpenSSL::DoHandshake() { - base::OpenSSLErrStackTracer err_tracer(FROM_HERE); + crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); int net_error = net::OK; int rv = SSL_do_handshake(ssl_); @@ -859,7 +859,7 @@ X509Certificate* SSLClientSocketOpenSSL::UpdateServerCert() { if (server_cert_) return server_cert_; - base::ScopedOpenSSL<X509, X509_free> cert(SSL_get_peer_certificate(ssl_)); + crypto::ScopedOpenSSL<X509, X509_free> cert(SSL_get_peer_certificate(ssl_)); if (!cert.get()) { LOG(WARNING) << "SSL_get_peer_certificate returned NULL"; return NULL; @@ -1169,7 +1169,7 @@ bool SSLClientSocketOpenSSL::SetSendBufferSize(int32 size) { } int SSLClientSocketOpenSSL::DoPayloadRead() { - base::OpenSSLErrStackTracer err_tracer(FROM_HERE); + crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); int rv = SSL_read(ssl_, user_read_buf_->data(), user_read_buf_len_); // We don't need to invalidate the non-client-authenticated SSL session // because the server will renegotiate anyway. @@ -1184,7 +1184,7 @@ int SSLClientSocketOpenSSL::DoPayloadRead() { } int SSLClientSocketOpenSSL::DoPayloadWrite() { - base::OpenSSLErrStackTracer err_tracer(FROM_HERE); + crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); int rv = SSL_write(ssl_, user_write_buf_->data(), user_write_buf_len_); if (rv >= 0) diff --git a/net/socket/ssl_server_socket.h b/net/socket/ssl_server_socket.h index b689c71..33ade01 100644 --- a/net/socket/ssl_server_socket.h +++ b/net/socket/ssl_server_socket.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,7 +9,7 @@ #include "net/base/completion_callback.h" #include "net/socket/socket.h" -namespace base { +namespace crypto { class RSAPrivateKey; } // namespace base @@ -45,7 +45,7 @@ class SSLServerSocket : public Socket { // TODO(hclam): Defines ServerSocketFactory to create SSLServerSocket. This will // make mocking easier. SSLServerSocket* CreateSSLServerSocket( - Socket* socket, X509Certificate* certificate, base::RSAPrivateKey* key, + Socket* socket, X509Certificate* certificate, crypto::RSAPrivateKey* key, const SSLConfig& ssl_config); } // namespace net diff --git a/net/socket/ssl_server_socket_nss.cc b/net/socket/ssl_server_socket_nss.cc index 024290a..de212e2 100644 --- a/net/socket/ssl_server_socket_nss.cc +++ b/net/socket/ssl_server_socket_nss.cc @@ -29,9 +29,9 @@ #include <limits> -#include "base/crypto/rsa_private_key.h" #include "base/memory/ref_counted.h" -#include "base/nss_util_internal.h" +#include "crypto/rsa_private_key.h" +#include "crypto/nss_util_internal.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" #include "net/base/net_log.h" @@ -46,7 +46,7 @@ static const int kRecvBufferSize = 4096; namespace net { SSLServerSocket* CreateSSLServerSocket( - Socket* socket, X509Certificate* cert, base::RSAPrivateKey* key, + Socket* socket, X509Certificate* cert, crypto::RSAPrivateKey* key, const SSLConfig& ssl_config) { return new SSLServerSocketNSS(socket, cert, key, ssl_config); } @@ -54,7 +54,7 @@ SSLServerSocket* CreateSSLServerSocket( SSLServerSocketNSS::SSLServerSocketNSS( Socket* transport_socket, scoped_refptr<X509Certificate> cert, - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const SSLConfig& ssl_config) : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_( this, &SSLServerSocketNSS::BufferSendComplete)), @@ -79,7 +79,7 @@ SSLServerSocketNSS::SSLServerSocketNSS( // TODO(hclam): Need a better way to clone a key. std::vector<uint8> key_bytes; CHECK(key->ExportPrivateKey(&key_bytes)); - key_.reset(base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); + key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); CHECK(key_.get()); } @@ -302,7 +302,7 @@ int SSLServerSocketNSS::InitializeSSLOptions() { } SECKEYPrivateKeyStr* private_key = NULL; - PK11SlotInfo *slot = base::GetPrivateNSSKeySlot(); + PK11SlotInfo* slot = crypto::GetPrivateNSSKeySlot(); if (!slot) { CERT_DestroyCertificate(cert); return ERR_UNEXPECTED; diff --git a/net/socket/ssl_server_socket_nss.h b/net/socket/ssl_server_socket_nss.h index 4f18916..7953c38 100644 --- a/net/socket/ssl_server_socket_nss.h +++ b/net/socket/ssl_server_socket_nss.h @@ -32,7 +32,7 @@ class SSLServerSocketNSS : public SSLServerSocket { // |key| - The private key used by the server. SSLServerSocketNSS(Socket* transport_socket, scoped_refptr<X509Certificate> cert, - base::RSAPrivateKey* key, + crypto::RSAPrivateKey* key, const SSLConfig& ssl_config); virtual ~SSLServerSocketNSS(); @@ -121,7 +121,7 @@ class SSLServerSocketNSS : public SSLServerSocket { scoped_refptr<X509Certificate> cert_; // Private key used by the server. - scoped_ptr<base::RSAPrivateKey> key_; + scoped_ptr<crypto::RSAPrivateKey> key_; State next_handshake_state_; bool completed_handshake_; diff --git a/net/socket/ssl_server_socket_unittest.cc b/net/socket/ssl_server_socket_unittest.cc index 1668bfe..6269282 100644 --- a/net/socket/ssl_server_socket_unittest.cc +++ b/net/socket/ssl_server_socket_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -17,11 +17,11 @@ #include <queue> -#include "base/crypto/rsa_private_key.h" #include "base/file_path.h" #include "base/file_util.h" -#include "base/nss_util.h" #include "base/path_service.h" +#include "crypto/nss_util.h" +#include "crypto/rsa_private_key.h" #include "net/base/address_list.h" #include "net/base/cert_status_flags.h" #include "net/base/cert_verifier.h" @@ -234,8 +234,8 @@ class SSLServerSocketTest : public PlatformTest { reinterpret_cast<const uint8*>(key_string.data() + key_string.length())); - scoped_ptr<base::RSAPrivateKey> private_key( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); + scoped_ptr<crypto::RSAPrivateKey> private_key( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); net::SSLConfig ssl_config; ssl_config.false_start_enabled = false; diff --git a/net/third_party/mozilla_security_manager/nsKeygenHandler.cpp b/net/third_party/mozilla_security_manager/nsKeygenHandler.cpp index c00e58a..51e4861 100644 --- a/net/third_party/mozilla_security_manager/nsKeygenHandler.cpp +++ b/net/third_party/mozilla_security_manager/nsKeygenHandler.cpp @@ -49,7 +49,7 @@ #include "base/base64.h" #include "base/logging.h" -#include "base/nss_util.h" +#include "crypto/nss_util.h" #include "googleurl/src/gurl.h" namespace { @@ -136,7 +136,7 @@ std::string GenKeyAndSignChallenge(int key_size_in_bits, VLOG(1) << "Creating key pair..."; { - base::AutoNSSWriteLock lock; + crypto::AutoNSSWriteLock lock; privateKey = PK11_GenerateKeyPair(slot, keyGenMechanism, keyGenParams, @@ -159,7 +159,7 @@ std::string GenKeyAndSignChallenge(int key_size_in_bits, // example.com", but localize it. const std::string& label = url.host(); { - base::AutoNSSWriteLock lock; + crypto::AutoNSSWriteLock lock; PK11_SetPublicKeyNickname(publicKey, label.c_str()); PK11_SetPrivateKeyNickname(privateKey, label.c_str()); } @@ -235,7 +235,7 @@ std::string GenKeyAndSignChallenge(int key_size_in_bits, // On successful keygen we need to keep the private key, of course, // or we won't be able to use the client certificate. if (!isSuccess || !stores_key) { - base::AutoNSSWriteLock lock; + crypto::AutoNSSWriteLock lock; PK11_DestroyTokenObject(privateKey->pkcs11Slot, privateKey->pkcs11ID); } SECKEY_DestroyPrivateKey(privateKey); @@ -243,7 +243,7 @@ std::string GenKeyAndSignChallenge(int key_size_in_bits, if (publicKey) { if (!isSuccess || !stores_key) { - base::AutoNSSWriteLock lock; + crypto::AutoNSSWriteLock lock; PK11_DestroyTokenObject(publicKey->pkcs11Slot, publicKey->pkcs11ID); } SECKEY_DestroyPublicKey(publicKey); diff --git a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp index f8d4a45..a430889 100644 --- a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp +++ b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp @@ -42,9 +42,9 @@ #include <pk11pub.h> #include <secerr.h> -#include "base/crypto/scoped_nss_types.h" #include "base/logging.h" -#include "base/nss_util_internal.h" +#include "crypto/nss_util_internal.h" +#include "crypto/scoped_nss_types.h" #include "net/base/net_errors.h" #include "net/base/x509_certificate.h" #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" @@ -56,7 +56,7 @@ bool ImportCACerts(const net::CertificateList& certificates, net::X509Certificate* root, unsigned int trustBits, net::CertDatabase::ImportCertFailureList* not_imported) { - base::ScopedPK11Slot slot(base::GetPublicNSSKeySlot()); + crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot()); if (!slot.get()) { LOG(ERROR) << "Couldn't get internal key slot!"; return false; @@ -163,7 +163,7 @@ bool ImportCACerts(const net::CertificateList& certificates, // Based on nsNSSCertificateDB::ImportServerCertificate. bool ImportServerCert(const net::CertificateList& certificates, net::CertDatabase::ImportCertFailureList* not_imported) { - base::ScopedPK11Slot slot(base::GetPublicNSSKeySlot()); + crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot()); if (!slot.get()) { LOG(ERROR) << "Couldn't get internal key slot!"; return false; diff --git a/net/third_party/mozilla_security_manager/nsPKCS12Blob.cpp b/net/third_party/mozilla_security_manager/nsPKCS12Blob.cpp index 0cf9562..1175ca0 100644 --- a/net/third_party/mozilla_security_manager/nsPKCS12Blob.cpp +++ b/net/third_party/mozilla_security_manager/nsPKCS12Blob.cpp @@ -42,11 +42,10 @@ #include <p12plcy.h> #include <secerr.h> -#include "base/crypto/scoped_nss_types.h" #include "base/lazy_instance.h" #include "base/logging.h" -#include "base/nss_util_internal.h" #include "base/string_util.h" +#include "crypto/nss_util_internal.h" #include "net/base/net_errors.h" #include "net/base/x509_certificate.h" diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc index 394f813..4a21059 100644 --- a/net/url_request/url_request_unittest.cc +++ b/net/url_request/url_request_unittest.cc @@ -7,8 +7,6 @@ #if defined(OS_WIN) #include <shlobj.h> #include <windows.h> -#elif defined(USE_NSS) -#include "base/nss_util.h" #endif #include <algorithm> diff --git a/remoting/DEPS b/remoting/DEPS index c4ae789..05db1ed 100644 --- a/remoting/DEPS +++ b/remoting/DEPS @@ -1,4 +1,5 @@ include_rules = [ + "+crypto", "+media/base", "-remoting", diff --git a/remoting/host/host_key_pair.cc b/remoting/host/host_key_pair.cc index ad3d59b..948b4ad 100644 --- a/remoting/host/host_key_pair.cc +++ b/remoting/host/host_key_pair.cc @@ -9,12 +9,12 @@ #include <vector> #include "base/base64.h" -#include "base/crypto/rsa_private_key.h" -#include "base/crypto/signature_creator.h" #include "base/logging.h" #include "base/rand_util.h" #include "base/task.h" #include "base/time.h" +#include "crypto/rsa_private_key.h" +#include "crypto/signature_creator.h" #include "net/base/x509_certificate.h" #include "remoting/host/host_config.h" @@ -25,7 +25,7 @@ HostKeyPair::HostKeyPair() { } HostKeyPair::~HostKeyPair() { } void HostKeyPair::Generate() { - key_.reset(base::RSAPrivateKey::Create(2048)); + key_.reset(crypto::RSAPrivateKey::Create(2048)); } bool HostKeyPair::LoadFromString(const std::string& key_base64) { @@ -36,7 +36,7 @@ bool HostKeyPair::LoadFromString(const std::string& key_base64) { } std::vector<uint8> key_buf(key_str.begin(), key_str.end()); - key_.reset(base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_buf)); + key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_buf)); if (key_.get() == NULL) { LOG(ERROR) << "Invalid private key."; return false; @@ -76,8 +76,8 @@ std::string HostKeyPair::GetPublicKey() const { } std::string HostKeyPair::GetSignature(const std::string& message) const { - scoped_ptr<base::SignatureCreator> signature_creator( - base::SignatureCreator::Create(key_.get())); + scoped_ptr<crypto::SignatureCreator> signature_creator( + crypto::SignatureCreator::Create(key_.get())); signature_creator->Update(reinterpret_cast<const uint8*>(message.c_str()), message.length()); std::vector<uint8> signature_buf; @@ -88,10 +88,10 @@ std::string HostKeyPair::GetSignature(const std::string& message) const { return signature_base64; } -base::RSAPrivateKey* HostKeyPair::CopyPrivateKey() const { +crypto::RSAPrivateKey* HostKeyPair::CopyPrivateKey() const { std::vector<uint8> key_bytes; CHECK(key_->ExportPrivateKey(&key_bytes)); - return base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes); + return crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes); } net::X509Certificate* HostKeyPair::GenerateCertificate() const { diff --git a/remoting/host/host_key_pair.h b/remoting/host/host_key_pair.h index b087e1f..c1f6082 100644 --- a/remoting/host/host_key_pair.h +++ b/remoting/host/host_key_pair.h @@ -11,7 +11,7 @@ #include "base/memory/scoped_ptr.h" #include "base/task.h" -namespace base { +namespace crypto { class RSAPrivateKey; } // namespace base @@ -38,11 +38,11 @@ class HostKeyPair { std::string GetSignature(const std::string& message) const; // Make a new copy of private key. Caller will own the generated private key. - base::RSAPrivateKey* CopyPrivateKey() const; + crypto::RSAPrivateKey* CopyPrivateKey() const; net::X509Certificate* GenerateCertificate() const; private: - scoped_ptr<base::RSAPrivateKey> key_; + scoped_ptr<crypto::RSAPrivateKey> key_; }; } // namespace remoting diff --git a/remoting/host/keygen_main.cc b/remoting/host/keygen_main.cc index 73b1aa2..9102756 100644 --- a/remoting/host/keygen_main.cc +++ b/remoting/host/keygen_main.cc @@ -13,13 +13,13 @@ #include "base/at_exit.h" #include "base/base64.h" -#include "base/crypto/rsa_private_key.h" +#include "crypto/rsa_private_key.h" #include "base/memory/scoped_ptr.h" int main(int argc, char** argv) { base::AtExitManager exit_manager; - scoped_ptr<base::RSAPrivateKey> key(base::RSAPrivateKey::Create(2048)); + scoped_ptr<crypto::RSAPrivateKey> key(crypto::RSAPrivateKey::Create(2048)); std::vector<uint8> private_key_buf; key->ExportPrivateKey(&private_key_buf); diff --git a/remoting/host/simple_host_process.cc b/remoting/host/simple_host_process.cc index 7c3a595..c10c2c5 100644 --- a/remoting/host/simple_host_process.cc +++ b/remoting/host/simple_host_process.cc @@ -24,10 +24,10 @@ #include "base/file_path.h" #include "base/logging.h" #include "base/mac/scoped_nsautorelease_pool.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/test/mock_chrome_application_mac.h" #include "base/threading/thread.h" +#include "crypto/nss_util.h" #include "media/base/media.h" #include "remoting/base/tracer.h" #include "remoting/host/capturer_fake.h" @@ -83,7 +83,7 @@ int main(int argc, char** argv) { const CommandLine* cmd_line = CommandLine::ForCurrentProcess(); base::AtExitManager exit_manager; - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); // Allocate a chromoting context and starts it. #if defined(TOOLKIT_USES_GTK) diff --git a/remoting/protocol/jingle_session.cc b/remoting/protocol/jingle_session.cc index 701ee9d..78cfbae 100644 --- a/remoting/protocol/jingle_session.cc +++ b/remoting/protocol/jingle_session.cc @@ -4,8 +4,8 @@ #include "remoting/protocol/jingle_session.h" -#include "base/crypto/rsa_private_key.h" #include "base/message_loop.h" +#include "crypto/rsa_private_key.h" #include "jingle/glue/channel_socket_adapter.h" #include "jingle/glue/stream_socket_adapter.h" #include "net/base/cert_status_flags.h" @@ -83,13 +83,13 @@ JingleSession* JingleSession::CreateClientSession( JingleSession* JingleSession::CreateServerSession( JingleSessionManager* manager, scoped_refptr<net::X509Certificate> certificate, - base::RSAPrivateKey* key) { + crypto::RSAPrivateKey* key) { return new JingleSession(manager, certificate, key); } JingleSession::JingleSession( JingleSessionManager* jingle_session_manager, - scoped_refptr<net::X509Certificate> server_cert, base::RSAPrivateKey* key) + scoped_refptr<net::X509Certificate> server_cert, crypto::RSAPrivateKey* key) : jingle_session_manager_(jingle_session_manager), server_cert_(server_cert), state_(INITIALIZING), @@ -105,7 +105,7 @@ JingleSession::JingleSession( if (key) { std::vector<uint8> key_bytes; CHECK(key->ExportPrivateKey(&key_bytes)); - key_.reset(base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); + key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); CHECK(key_.get()); } } diff --git a/remoting/protocol/jingle_session.h b/remoting/protocol/jingle_session.h index 74b0efe..caaa82f 100644 --- a/remoting/protocol/jingle_session.h +++ b/remoting/protocol/jingle_session.h @@ -5,8 +5,8 @@ #ifndef REMOTING_PROTOCOL_JINGLE_SESSION_H_ #define REMOTING_PROTOCOL_JINGLE_SESSION_H_ -#include "base/crypto/rsa_private_key.h" #include "base/memory/ref_counted.h" +#include "crypto/rsa_private_key.h" #include "net/base/completion_callback.h" #include "remoting/protocol/session.h" #include "third_party/libjingle/source/talk/base/sigslot.h" @@ -53,7 +53,7 @@ class JingleSession : public protocol::Session, static JingleSession* CreateServerSession( JingleSessionManager* manager, scoped_refptr<net::X509Certificate> certificate, - base::RSAPrivateKey* key); + crypto::RSAPrivateKey* key); // Chromotocol Session interface. virtual void SetStateChangeCallback(StateChangeCallback* callback); @@ -86,7 +86,7 @@ class JingleSession : public protocol::Session, JingleSession(JingleSessionManager* client, scoped_refptr<net::X509Certificate> server_cert, - base::RSAPrivateKey* key); + crypto::RSAPrivateKey* key); virtual ~JingleSession(); // Called by JingleSessionManager. @@ -129,7 +129,7 @@ class JingleSession : public protocol::Session, scoped_refptr<net::X509Certificate> server_cert_; // Private key used in SSL server sockets. - scoped_ptr<base::RSAPrivateKey> key_; + scoped_ptr<crypto::RSAPrivateKey> key_; State state_; scoped_ptr<StateChangeCallback> state_change_callback_; diff --git a/remoting/protocol/jingle_session_manager.cc b/remoting/protocol/jingle_session_manager.cc index 22ec733..29eacd7 100644 --- a/remoting/protocol/jingle_session_manager.cc +++ b/remoting/protocol/jingle_session_manager.cc @@ -178,7 +178,7 @@ void JingleSessionManager::Init( const std::string& local_jid, cricket::SessionManager* cricket_session_manager, IncomingSessionCallback* incoming_session_callback, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, scoped_refptr<net::X509Certificate> certificate) { if (MessageLoop::current() != message_loop()) { message_loop()->PostTask( diff --git a/remoting/protocol/jingle_session_manager.h b/remoting/protocol/jingle_session_manager.h index 96f3cc9..943edf6 100644 --- a/remoting/protocol/jingle_session_manager.h +++ b/remoting/protocol/jingle_session_manager.h @@ -18,7 +18,7 @@ class MessageLoop; -namespace base { +namespace crypto { class RSAPrivateKey; } // namespace base @@ -84,7 +84,7 @@ class JingleSessionManager virtual void Init(const std::string& local_jid, cricket::SessionManager* cricket_session_manager, IncomingSessionCallback* incoming_session_callback, - base::RSAPrivateKey* private_key, + crypto::RSAPrivateKey* private_key, scoped_refptr<net::X509Certificate> certificate); // SessionManager interface. @@ -149,7 +149,7 @@ class JingleSessionManager std::list<scoped_refptr<JingleSession> > sessions_; scoped_refptr<net::X509Certificate> certificate_; - scoped_ptr<base::RSAPrivateKey> private_key_; + scoped_ptr<crypto::RSAPrivateKey> private_key_; DISALLOW_COPY_AND_ASSIGN(JingleSessionManager); }; diff --git a/remoting/protocol/jingle_session_unittest.cc b/remoting/protocol/jingle_session_unittest.cc index 692b2f0..e11721a 100644 --- a/remoting/protocol/jingle_session_unittest.cc +++ b/remoting/protocol/jingle_session_unittest.cc @@ -4,11 +4,11 @@ #include "base/file_path.h" #include "base/file_util.h" -#include "base/nss_util.h" #include "base/path_service.h" #include "base/time.h" #include "base/synchronization/waitable_event.h" #include "base/test/test_timeouts.h" +#include "crypto/nss_util.h" #include "net/base/completion_callback.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" @@ -138,8 +138,8 @@ class JingleSessionTest : public testing::Test { reinterpret_cast<const uint8*>(key_string.data()), reinterpret_cast<const uint8*>(key_string.data() + key_string.length())); - scoped_ptr<base::RSAPrivateKey> private_key( - base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); + scoped_ptr<crypto::RSAPrivateKey> private_key( + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); session_manager_pair_ = new SessionManagerPair(&thread_); session_manager_pair_->Init(); diff --git a/remoting/protocol/protocol_test_client.cc b/remoting/protocol/protocol_test_client.cc index 6a5881e..c481ca5 100644 --- a/remoting/protocol/protocol_test_client.cc +++ b/remoting/protocol/protocol_test_client.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -15,9 +15,9 @@ extern "C" { #include "base/at_exit.h" #include "base/command_line.h" -#include "base/nss_util.h" #include "base/test/mock_chrome_application_mac.h" #include "base/time.h" +#include "crypto/nss_util.h" #include "net/base/completion_callback.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" @@ -357,8 +357,8 @@ int main(int argc, char** argv) { base::AtExitManager exit_manager; - base::EnsureNSPRInit(); - base::EnsureNSSInit(); + crypto::EnsureNSPRInit(); + crypto::EnsureNSSInit(); #if defined(OS_MACOSX) mock_cr_app::RegisterMockCrApp(); diff --git a/remoting/remoting.gyp b/remoting/remoting.gyp index 74c5817..aea875d 100644 --- a/remoting/remoting.gyp +++ b/remoting/remoting.gyp @@ -189,6 +189,7 @@ 'chromoting_jingle_glue', 'chromoting_protocol', 'differ_block', + '../crypto/crypto.gyp:crypto', ], 'sources': [ 'host/access_verifier.cc', @@ -319,6 +320,7 @@ 'chromoting_base', '../base/base.gyp:base', '../base/base.gyp:base_i18n', + '../crypto/crypto.gyp:crypto', ], 'sources': [ 'host/keygen_main.cc', @@ -363,6 +365,7 @@ 'dependencies': [ 'chromoting_base', 'chromoting_jingle_glue', + '../crypto/crypto.gyp:crypto', '../jingle/jingle.gyp:jingle_glue', ], 'export_dependent_settings': [ diff --git a/webkit/DEPS b/webkit/DEPS index 66b7100..b8011c6 100644 --- a/webkit/DEPS +++ b/webkit/DEPS @@ -20,6 +20,7 @@ include_rules = [ "+app/gfx", # TODO(brettw) - review these; move up if it's ok, or remove the dependency + "+crypto", "+net/base", "+net/ftp", "+net/http", diff --git a/webkit/support/webkit_support.gypi b/webkit/support/webkit_support.gypi index f457de8..f86b821 100644 --- a/webkit/support/webkit_support.gypi +++ b/webkit/support/webkit_support.gypi @@ -73,6 +73,7 @@ 'target_name': 'webkit_support_common', 'type': '<(library)', 'dependencies': [ + '<(DEPTH)/crypto/crypto.gyp:crypto', '<(DEPTH)/skia/skia.gyp:skia', 'glue', ], diff --git a/webkit/tools/test_shell/simple_resource_loader_bridge.cc b/webkit/tools/test_shell/simple_resource_loader_bridge.cc index 7f278bd..ea2a78b 100644 --- a/webkit/tools/test_shell/simple_resource_loader_bridge.cc +++ b/webkit/tools/test_shell/simple_resource_loader_bridge.cc @@ -37,9 +37,6 @@ #include "base/logging.h" #include "base/message_loop.h" #include "base/message_loop_proxy.h" -#if defined(OS_MACOSX) || defined(OS_WIN) -#include "base/nss_util.h" -#endif #include "base/memory/ref_counted.h" #include "base/time.h" #include "base/timer.h" @@ -73,6 +70,10 @@ #include "webkit/tools/test_shell/test_shell_request_context.h" #include "webkit/tools/test_shell/test_shell_webblobregistry_impl.h" +#if defined(OS_MACOSX) || defined(OS_WIN) +#include "crypto/nss_util.h" +#endif + using webkit_glue::ResourceLoaderBridge; using webkit_glue::ResourceResponseInfo; using net::StaticCookiePolicy; @@ -912,7 +913,7 @@ bool SimpleResourceLoaderBridge::EnsureIOThread() { #if defined(OS_MACOSX) || defined(OS_WIN) // We want to be sure to init NSPR on the main thread. - base::EnsureNSPRInit(); + crypto::EnsureNSPRInit(); #endif // Create the cache thread. We want the cache thread to outlive the IO thread, |