summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-12-04 00:50:35 +0000
committerwtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-12-04 00:50:35 +0000
commit673266c4267a4bee5c8e63934d65f9accd534f42 (patch)
tree4bff6f58cddc30a7e7206fd37d9ed50f3b43bd21
parent62e832e0f78a47a64d2a9e19757d89f144e04993 (diff)
downloadchromium_src-673266c4267a4bee5c8e63934d65f9accd534f42.zip
chromium_src-673266c4267a4bee5c8e63934d65f9accd534f42.tar.gz
chromium_src-673266c4267a4bee5c8e63934d65f9accd534f42.tar.bz2
Use size_t as the type of the key_length and digest_length arguments
of HMAC::Init() and HMAC::Sign(). R=agl@chromium.org,bradnelson@chromium.org,thakis@chromium.org BUG=none TEST=none Review URL: https://chromiumcodereview.appspot.com/11419270 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170852 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r--chrome/browser/internal_auth.cc2
-rw-r--r--chrome/nacl/nacl_validation_query.cc7
-rw-r--r--chrome/nacl/nacl_validation_query.h4
-rw-r--r--crypto/hmac.cc2
-rw-r--r--crypto/hmac.h8
-rw-r--r--crypto/hmac_nss.cc4
-rw-r--r--crypto/hmac_openssl.cc5
-rw-r--r--crypto/hmac_unittest.cc2
-rw-r--r--crypto/hmac_win.cc8
9 files changed, 19 insertions, 23 deletions
diff --git a/chrome/browser/internal_auth.cc b/chrome/browser/internal_auth.cc
index aa7fe72..b610832 100644
--- a/chrome/browser/internal_auth.cc
+++ b/chrome/browser/internal_auth.cc
@@ -65,7 +65,7 @@ const char kItemSeparator = '\n';
const char kVarValueSeparator = '=';
const size_t kKeySizeInBytes = 128 / 8;
-const int kHMACSizeInBytes = 256 / 8;
+const size_t kHMACSizeInBytes = 256 / 8;
// Length of base64 string required to encode given number of raw octets.
#define BASE64_PER_RAW(X) (X > 0 ? ((X - 1) / 3 + 1) * 4 : 0)
diff --git a/chrome/nacl/nacl_validation_query.cc b/chrome/nacl/nacl_validation_query.cc
index e4ee7ff..37d9b78 100644
--- a/chrome/nacl/nacl_validation_query.cc
+++ b/chrome/nacl/nacl_validation_query.cc
@@ -50,12 +50,11 @@ NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db,
void NaClValidationQuery::AddData(const char* data, size_t length) {
CHECK(state_ == READY);
- CHECK(buffer_length_ >= 0);
- CHECK(buffer_length_ <= (int) sizeof(buffer_));
+ CHECK(buffer_length_ <= sizeof(buffer_));
// Chrome's HMAC class doesn't support incremental signing. Work around
// this by using a (small) temporary buffer to accumulate data.
// Check if there is space in the buffer.
- if (buffer_length_ + kDigestLength > (int) sizeof(buffer_)) {
+ if (buffer_length_ + kDigestLength > sizeof(buffer_)) {
// Hash the buffer to make space.
CompressBuffer();
}
@@ -79,7 +78,7 @@ int NaClValidationQuery::QueryKnownToValidate() {
CHECK(state_ == READY);
// It is suspicious if we have less than a digest's worth of data.
CHECK(buffer_length_ >= kDigestLength);
- CHECK(buffer_length_ <= (int) sizeof(buffer_));
+ CHECK(buffer_length_ <= sizeof(buffer_));
state_ = GET_CALLED;
// Ensure the buffer contains only one digest worth of data.
CompressBuffer();
diff --git a/chrome/nacl/nacl_validation_query.h b/chrome/nacl/nacl_validation_query.h
index 6e4230e..e5b02f9 100644
--- a/chrome/nacl/nacl_validation_query.h
+++ b/chrome/nacl/nacl_validation_query.h
@@ -38,7 +38,7 @@ class NaClValidationQueryContext {
class NaClValidationQuery {
public:
// SHA256 digest size.
- static const int kDigestLength = 32;
+ static const size_t kDigestLength = 32;
NaClValidationQuery(NaClValidationDB* db, const std::string& profile_key);
@@ -77,7 +77,7 @@ class NaClValidationQuery {
// code), so 4 times digest length means the buffer will not need to be
// compressed as an intermediate step in the expected use cases.
char buffer_[kDigestLength * 4];
- int buffer_length_;
+ size_t buffer_length_;
DISALLOW_COPY_AND_ASSIGN(NaClValidationQuery);
};
diff --git a/crypto/hmac.cc b/crypto/hmac.cc
index 7176248..126d124 100644
--- a/crypto/hmac.cc
+++ b/crypto/hmac.cc
@@ -47,7 +47,7 @@ bool HMAC::VerifyTruncated(const base::StringPiece& data,
size_t digest_length = DigestLength();
scoped_array<unsigned char> computed_digest(
new unsigned char[digest_length]);
- if (!Sign(data, computed_digest.get(), static_cast<int>(digest_length)))
+ if (!Sign(data, computed_digest.get(), digest_length))
return false;
return SecureMemEqual(digest.data(), computed_digest.get(),
diff --git a/crypto/hmac.h b/crypto/hmac.h
index c9bae65..d527d16 100644
--- a/crypto/hmac.h
+++ b/crypto/hmac.h
@@ -38,7 +38,6 @@ class CRYPTO_EXPORT HMAC {
// Initializes this instance using |key| of the length |key_length|. Call Init
// only once. It returns false on the second or later calls.
- // TODO(abarth): key_length should be a size_t.
//
// NOTE: the US Federal crypto standard FIPS 198, Section 3 says:
// The size of the key, K, shall be equal to or greater than L/2, where L
@@ -47,7 +46,7 @@ class CRYPTO_EXPORT HMAC {
// this requirement is gone. But a system crypto library may still enforce
// this old requirement. If the key is shorter than this recommended value,
// Init() may fail.
- bool Init(const unsigned char* key, int key_length) WARN_UNUSED_RESULT;
+ bool Init(const unsigned char* key, size_t key_length) WARN_UNUSED_RESULT;
// Initializes this instance using |key|. Call Init
// only once. It returns false on the second or later calls.
@@ -57,15 +56,14 @@ class CRYPTO_EXPORT HMAC {
// false on the second or later calls.
bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT {
return Init(reinterpret_cast<const unsigned char*>(key.data()),
- static_cast<int>(key.size()));
+ key.size());
}
// Calculates the HMAC for the message in |data| using the algorithm supplied
// to the constructor and the key supplied to the Init method. The HMAC is
// returned in |digest|, which has |digest_length| bytes of storage available.
- // TODO(abarth): digest_length should be a size_t.
bool Sign(const base::StringPiece& data, unsigned char* digest,
- int digest_length) const WARN_UNUSED_RESULT;
+ size_t digest_length) const WARN_UNUSED_RESULT;
// Verifies that the HMAC for the message in |data| equals the HMAC provided
// in |digest|, using the algorithm supplied to the constructor and the key
diff --git a/crypto/hmac_nss.cc b/crypto/hmac_nss.cc
index 2dbbce4..e14282c 100644
--- a/crypto/hmac_nss.cc
+++ b/crypto/hmac_nss.cc
@@ -39,7 +39,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
HMAC::~HMAC() {
}
-bool HMAC::Init(const unsigned char *key, int key_length) {
+bool HMAC::Init(const unsigned char *key, size_t key_length) {
EnsureNSSInit();
if (plat_->slot_.get()) {
@@ -75,7 +75,7 @@ bool HMAC::Init(const unsigned char *key, int key_length) {
bool HMAC::Sign(const base::StringPiece& data,
unsigned char* digest,
- int digest_length) const {
+ size_t digest_length) const {
if (!plat_->sym_key_.get()) {
// Init has not been called before Sign.
NOTREACHED();
diff --git a/crypto/hmac_openssl.cc b/crypto/hmac_openssl.cc
index 3ea1c6a..f7010c8 100644
--- a/crypto/hmac_openssl.cc
+++ b/crypto/hmac_openssl.cc
@@ -26,7 +26,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
}
-bool HMAC::Init(const unsigned char* key, int key_length) {
+bool HMAC::Init(const unsigned char* key, size_t key_length) {
// Init must not be called more than once on the same HMAC object.
DCHECK(plat_->key.empty());
@@ -42,8 +42,7 @@ HMAC::~HMAC() {
bool HMAC::Sign(const base::StringPiece& data,
unsigned char* digest,
- int digest_length) const {
- DCHECK_GE(digest_length, 0);
+ size_t digest_length) const {
DCHECK(!plat_->key.empty()); // Init must be called before Sign.
ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);
diff --git a/crypto/hmac_unittest.cc b/crypto/hmac_unittest.cc
index f5d9906..f0844a9 100644
--- a/crypto/hmac_unittest.cc
+++ b/crypto/hmac_unittest.cc
@@ -16,7 +16,7 @@ static const char* kSimpleKey =
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
-static const int kSimpleKeyLength = 80;
+static const size_t kSimpleKeyLength = 80;
static const struct {
const char *data;
diff --git a/crypto/hmac_win.cc b/crypto/hmac_win.cc
index ef3e261..ba7d827 100644
--- a/crypto/hmac_win.cc
+++ b/crypto/hmac_win.cc
@@ -109,7 +109,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
}
-bool HMAC::Init(const unsigned char* key, int key_length) {
+bool HMAC::Init(const unsigned char* key, size_t key_length) {
if (plat_->provider_ || plat_->key_ || !plat_->raw_key_.empty()) {
// Init must not be called more than once on the same HMAC object.
NOTREACHED();
@@ -147,7 +147,7 @@ bool HMAC::Init(const unsigned char* key, int key_length) {
key_blob->header.bVersion = CUR_BLOB_VERSION;
key_blob->header.reserved = 0;
key_blob->header.aiKeyAlg = CALG_RC2;
- key_blob->key_size = key_length;
+ key_blob->key_size = static_cast<DWORD>(key_length);
memcpy(key_blob->key_data, key, key_length);
if (!CryptImportKey(plat_->provider_, &key_blob_storage[0],
@@ -168,7 +168,7 @@ HMAC::~HMAC() {
bool HMAC::Sign(const base::StringPiece& data,
unsigned char* digest,
- int digest_length) const {
+ size_t digest_length) const {
if (hash_alg_ == SHA256) {
if (plat_->raw_key_.empty())
return false;
@@ -202,7 +202,7 @@ bool HMAC::Sign(const base::StringPiece& data,
static_cast<DWORD>(data.size()), 0))
return false;
- DWORD sha1_size = digest_length;
+ DWORD sha1_size = static_cast<DWORD>(digest_length);
return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0);
}