diff options
| author | albertb@chromium.org <albertb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-31 16:18:30 +0000 |
|---|---|---|
| committer | albertb@chromium.org <albertb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-31 16:18:30 +0000 |
| commit | 1b47ce2e8d25023f531f4afa8f05b044c4cef111 (patch) | |
| tree | 7b4875711b3b1aea46b06ad0d2bb84194d0301c7 /base/hmac_nss.cc | |
| parent | 61ee6287a14aed0235a40488394fb700e9c5c43c (diff) | |
| download | chromium_src-1b47ce2e8d25023f531f4afa8f05b044c4cef111.zip chromium_src-1b47ce2e8d25023f531f4afa8f05b044c4cef111.tar.gz chromium_src-1b47ce2e8d25023f531f4afa8f05b044c4cef111.tar.bz2 | |
First pass of a Nigori implementation for Chrome. Only unassisted key
derivation is supported and there is no support for server authentication.
BUG=37363
TEST=unit tests
Review URL: http://codereview.chromium.org/1357003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43220 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/hmac_nss.cc')
| -rw-r--r-- | base/hmac_nss.cc | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/base/hmac_nss.cc b/base/hmac_nss.cc index 8f63d04..b3c0c67 100644 --- a/base/hmac_nss.cc +++ b/base/hmac_nss.cc @@ -15,31 +15,36 @@ namespace base { struct HMACPlatformData { + CK_MECHANISM_TYPE mechanism_; ScopedPK11Slot slot_; ScopedPK11SymKey sym_key_; }; HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg), plat_(new HMACPlatformData()) { - // Only SHA-1 digest is supported now. - DCHECK(hash_alg_ == SHA1); + // Only SHA-1 and SHA-256 hash algorithms are supported. + switch (hash_alg_) { + case SHA1: + plat_->mechanism_ = CKM_SHA_1_HMAC; + break; + case SHA256: + plat_->mechanism_ = CKM_SHA256_HMAC; + break; + default: + NOTREACHED() << "Unsupported hash algorithm"; + } } bool HMAC::Init(const unsigned char *key, int key_length) { base::EnsureNSSInit(); - if (hash_alg_ != SHA1) { - NOTREACHED(); - return false; - } - if (plat_->slot_.get()) { // Init must not be called more than twice on the same HMAC object. NOTREACHED(); return false; } - plat_->slot_.reset(PK11_GetBestSlot(CKM_SHA_1_HMAC, NULL)); + plat_->slot_.reset(PK11_GetBestSlot(plat_->mechanism_, NULL)); if (!plat_->slot_.get()) { NOTREACHED(); return false; @@ -51,7 +56,7 @@ bool HMAC::Init(const unsigned char *key, int key_length) { key_item.len = key_length; plat_->sym_key_.reset(PK11_ImportSymKey(plat_->slot_.get(), - CKM_SHA_1_HMAC, + plat_->mechanism_, PK11_OriginUnwrap, CKA_SIGN, &key_item, @@ -77,7 +82,7 @@ bool HMAC::Sign(const std::string& data, } SECItem param = { siBuffer, NULL, 0 }; - ScopedPK11Context context(PK11_CreateContextBySymKey(CKM_SHA_1_HMAC, + ScopedPK11Context context(PK11_CreateContextBySymKey(plat_->mechanism_, CKA_SIGN, plat_->sym_key_.get(), ¶m)); |