diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-05 23:55:59 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-05 23:55:59 +0000 |
| commit | d91f84376fe8dd249770ac19b7c08f8fcc20f446 (patch) | |
| tree | 8d66a665eac06063bfcf50236fca05f2e4f8f1ea /base/hmac_nss.cc | |
| parent | a92b86497b6ee02c99a2e4b4a8cf7fb458ab6310 (diff) | |
| download | chromium_src-d91f84376fe8dd249770ac19b7c08f8fcc20f446.zip chromium_src-d91f84376fe8dd249770ac19b7c08f8fcc20f446.tar.gz chromium_src-d91f84376fe8dd249770ac19b7c08f8fcc20f446.tar.bz2 | |
Separate the key setting code in the constructor of HMAC class into the Init
method.
Overload the Init method for char* and std::string.
Add DCHECKs to the destruction methods in ~HMAC in hmac_win.cc.
The patch is written by Takeshi Yoshino <tyoshino@google.com>.
Original code review: http://codereview.chromium.org/88062
R=wtc
http://crbug.com/2297
TEST=base_unittests should pass. Safe browsing should continue to work.
Review URL: http://codereview.chromium.org/113001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@15353 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/hmac_nss.cc')
| -rw-r--r-- | base/hmac_nss.cc | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/base/hmac_nss.cc b/base/hmac_nss.cc index 293f61d..f56a9fc 100644 --- a/base/hmac_nss.cc +++ b/base/hmac_nss.cc @@ -42,14 +42,31 @@ struct HMACPlatformData { ScopedNSSSymKey sym_key_; }; -HMAC::HMAC(HashAlgorithm hash_alg, const unsigned char* key, int key_length) +HMAC::HMAC(HashAlgorithm hash_alg) : hash_alg_(hash_alg), plat_(new HMACPlatformData()) { + // Only SHA-1 digest is supported now. DCHECK(hash_alg_ == SHA1); +} +bool HMAC::Init(const unsigned char *key, int key_length) { base::EnsureNSSInit(); + if (hash_alg_ != SHA1) { + NOTREACHED(); + return false; + } + + if (plat_->slot_.get() || plat_->slot_.get()) { + // Init must not be called more than twice on the same HMAC object. + NOTREACHED(); + return false; + } + plat_->slot_.reset(PK11_GetBestSlot(CKM_SHA_1_HMAC, NULL)); - CHECK(plat_->slot_.get()); + if (!plat_->slot_.get()) { + NOTREACHED(); + return false; + } SECItem key_item; key_item.type = siBuffer; @@ -62,7 +79,12 @@ HMAC::HMAC(HashAlgorithm hash_alg, const unsigned char* key, int key_length) CKA_SIGN, &key_item, NULL)); - CHECK(plat_->sym_key_.get()); + if (!plat_->sym_key_.get()) { + NOTREACHED(); + return false; + } + + return true; } HMAC::~HMAC() { @@ -71,6 +93,12 @@ HMAC::~HMAC() { bool HMAC::Sign(const std::string& data, unsigned char* digest, int digest_length) { + if (!plat_->sym_key_.get()) { + // Init has not been called before Sign. + NOTREACHED(); + return false; + } + SECItem param = { siBuffer, NULL, 0 }; ScopedNSSContext context(PK11_CreateContextBySymKey(CKM_SHA_1_HMAC, CKA_SIGN, |