diff options
| -rw-r--r-- | DEPS | 2 | ||||
| -rw-r--r-- | base/metrics/field_trial.cc | 2 | ||||
| -rw-r--r-- | base/sha1.h | 9 | ||||
| -rw-r--r-- | base/sha1_unittest.cc | 20 | ||||
| -rw-r--r-- | base/sha1_win.cc | 16 | ||||
| -rw-r--r-- | chrome/app/client_util.cc | 2 | ||||
| -rw-r--r-- | crypto/sha2.h | 2 | ||||
| -rw-r--r-- | net/base/dnssec_chain_verifier.cc | 2 | ||||
| -rw-r--r-- | net/base/transport_security_state.cc | 7 | ||||
| -rw-r--r-- | net/base/x509_certificate.cc | 12 | ||||
| -rw-r--r-- | net/base/x509_certificate_unittest.cc | 9 |
11 files changed, 37 insertions, 46 deletions
@@ -327,7 +327,7 @@ deps_os = { Var("nacl_tools_revision")), "src/rlz": - (Var("googlecode_url") % "rlz") + "/trunk@48", + (Var("googlecode_url") % "rlz") + "/trunk@49", # Dependencies used by libjpeg-turbo "src/third_party/yasm/binaries": diff --git a/base/metrics/field_trial.cc b/base/metrics/field_trial.cc index 99dce41..a18d72c 100644 --- a/base/metrics/field_trial.cc +++ b/base/metrics/field_trial.cc @@ -170,7 +170,7 @@ double FieldTrial::HashClientId(const std::string& client_id, // and trial_name we get into something with a uniform distribution, which // is desirable so that we don't skew any part of the 0-100% spectrum. std::string input(client_id + trial_name); - unsigned char sha1_hash[SHA1_LENGTH]; + unsigned char sha1_hash[kSHA1Length]; SHA1HashBytes(reinterpret_cast<const unsigned char*>(input.c_str()), input.size(), sha1_hash); diff --git a/base/sha1.h b/base/sha1.h index ade46cd..80195ce 100644 --- a/base/sha1.h +++ b/base/sha1.h @@ -12,19 +12,16 @@ namespace base { -// This function performs SHA-1 operations. +// These functions perform SHA-1 operations. -enum { - SHA1_LENGTH = 20 // Length in bytes of a SHA-1 hash. -}; -static const size_t kSHA1Length = 20; // TODO(pkasting): Replace above w/this +static const size_t kSHA1Length = 20; // Length in bytes of a SHA-1 hash. // Computes the SHA-1 hash of the input string |str| and returns the full // hash. BASE_EXPORT std::string SHA1HashString(const std::string& str); // Computes the SHA-1 hash of the |len| bytes in |data| and puts the hash -// in |hash|. |hash| must be SHA1_LENGTH bytes long. +// in |hash|. |hash| must be kSHA1Length bytes long. BASE_EXPORT void SHA1HashBytes(const unsigned char* data, size_t len, unsigned char* hash); diff --git a/base/sha1_unittest.cc b/base/sha1_unittest.cc index 406150b..b29fe46 100644 --- a/base/sha1_unittest.cc +++ b/base/sha1_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -20,7 +20,7 @@ TEST(SHA1Test, Test1) { 0x9c, 0xd0, 0xd8, 0x9d }; std::string output = base::SHA1HashString(input); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i] & 0xFF); } @@ -36,7 +36,7 @@ TEST(SHA1Test, Test2) { 0xe5, 0x46, 0x70, 0xf1 }; std::string output = base::SHA1HashString(input); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i] & 0xFF); } @@ -51,14 +51,14 @@ TEST(SHA1Test, Test3) { 0x65, 0x34, 0x01, 0x6f }; std::string output = base::SHA1HashString(input); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i] & 0xFF); } TEST(SHA1Test, Test1Bytes) { // Example A.1 from FIPS 180-2: one-block message. std::string input = "abc"; - unsigned char output[base::SHA1_LENGTH]; + unsigned char output[base::kSHA1Length]; unsigned char expected[] = { 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, @@ -68,7 +68,7 @@ TEST(SHA1Test, Test1Bytes) { base::SHA1HashBytes(reinterpret_cast<const unsigned char*>(input.c_str()), input.length(), output); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i]); } @@ -76,7 +76,7 @@ TEST(SHA1Test, Test2Bytes) { // Example A.2 from FIPS 180-2: multi-block message. std::string input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - unsigned char output[base::SHA1_LENGTH]; + unsigned char output[base::kSHA1Length]; unsigned char expected[] = { 0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, @@ -86,14 +86,14 @@ TEST(SHA1Test, Test2Bytes) { base::SHA1HashBytes(reinterpret_cast<const unsigned char*>(input.c_str()), input.length(), output); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i]); } TEST(SHA1Test, Test3Bytes) { // Example A.3 from FIPS 180-2: long message. std::string input(1000000, 'a'); - unsigned char output[base::SHA1_LENGTH]; + unsigned char output[base::kSHA1Length]; unsigned char expected[] = { 0x34, 0xaa, 0x97, 0x3c, 0xd4, 0xc4, 0xda, 0xa4, @@ -103,6 +103,6 @@ TEST(SHA1Test, Test3Bytes) { base::SHA1HashBytes(reinterpret_cast<const unsigned char*>(input.c_str()), input.length(), output); - for (size_t i = 0; i < base::SHA1_LENGTH; i++) + for (size_t i = 0; i < base::kSHA1Length; i++) EXPECT_EQ(expected[i], output[i]); } diff --git a/base/sha1_win.cc b/base/sha1_win.cc index 233749b5..2edfb3d 100644 --- a/base/sha1_win.cc +++ b/base/sha1_win.cc @@ -19,20 +19,20 @@ std::string SHA1HashString(const std::string& str) { if (!CryptAcquireContext(provider.receive(), NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { LOG(ERROR) << "CryptAcquireContext failed: " << GetLastError(); - return std::string(SHA1_LENGTH, '\0'); + return std::string(kSHA1Length, '\0'); } { ScopedHCRYPTHASH hash; if (!CryptCreateHash(provider, CALG_SHA1, 0, 0, hash.receive())) { LOG(ERROR) << "CryptCreateHash failed: " << GetLastError(); - return std::string(SHA1_LENGTH, '\0'); + return std::string(kSHA1Length, '\0'); } if (!CryptHashData(hash, reinterpret_cast<CONST BYTE*>(str.data()), static_cast<DWORD>(str.length()), 0)) { LOG(ERROR) << "CryptHashData failed: " << GetLastError(); - return std::string(SHA1_LENGTH, '\0'); + return std::string(kSHA1Length, '\0'); } DWORD hash_len = 0; @@ -41,7 +41,7 @@ std::string SHA1HashString(const std::string& str) { reinterpret_cast<unsigned char*>(&hash_len), &buffer_size, 0)) { LOG(ERROR) << "CryptGetHashParam(HP_HASHSIZE) failed: " << GetLastError(); - return std::string(SHA1_LENGTH, '\0'); + return std::string(kSHA1Length, '\0'); } std::string result; @@ -51,13 +51,13 @@ std::string SHA1HashString(const std::string& str) { reinterpret_cast<BYTE*>(WriteInto(&result, hash_len + 1)), &hash_len, 0))) { LOG(ERROR) << "CryptGetHashParam(HP_HASHVAL) failed: " << GetLastError(); - return std::string(SHA1_LENGTH, '\0'); + return std::string(kSHA1Length, '\0'); } - if (hash_len != SHA1_LENGTH) { + if (hash_len != kSHA1Length) { LOG(ERROR) << "Returned hash value is wrong length: " << hash_len - << " should be " << SHA1_LENGTH; - return std::string(SHA1_LENGTH, '\0'); + << " should be " << kSHA1Length; + return std::string(kSHA1Length, '\0'); } return result; diff --git a/chrome/app/client_util.cc b/chrome/app/client_util.cc index 79d92d1..e753725 100644 --- a/chrome/app/client_util.cc +++ b/chrome/app/client_util.cc @@ -145,7 +145,7 @@ bool GetPreReadExperimentGroup(DWORD* pre_read) { return false; // We use the same technique as FieldTrial::HashClientId. - unsigned char sha1_hash[base::SHA1_LENGTH]; + unsigned char sha1_hash[base::kSHA1Length]; base::SHA1HashBytes( reinterpret_cast<const unsigned char*>(metrics_id.c_str()), metrics_id.size() * sizeof(metrics_id[0]), diff --git a/crypto/sha2.h b/crypto/sha2.h index 6b2f83c..0ca1008 100644 --- a/crypto/sha2.h +++ b/crypto/sha2.h @@ -16,7 +16,7 @@ namespace crypto { // // Functions for SHA-384 and SHA-512 can be added when the need arises. -static const size_t kSHA256Length = 32; // length in bytes of a SHA-256 hash +static const size_t kSHA256Length = 32; // Length in bytes of a SHA-256 hash. // Computes the SHA-256 hash of the input string 'str' and stores the first // 'len' bytes of the hash in the output buffer 'output'. If 'len' > 32, diff --git a/net/base/dnssec_chain_verifier.cc b/net/base/dnssec_chain_verifier.cc index 7be383d..5104545 100644 --- a/net/base/dnssec_chain_verifier.cc +++ b/net/base/dnssec_chain_verifier.cc @@ -437,7 +437,7 @@ bool DNSSECChainVerifier::DigestKey(base::StringPiece* out, if (digest_type == kDNSSEC_SHA1) { temp = base::SHA1HashString(input); digest = reinterpret_cast<const uint8*>(temp.data()); - digest_len = base::SHA1_LENGTH; + digest_len = base::kSHA1Length; } else if (digest_type == kDNSSEC_SHA256) { crypto::SHA256HashString(input, temp2, sizeof(temp2)); digest = temp2; diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc index fd6f11b..31454fd 100644 --- a/net/base/transport_security_state.cc +++ b/net/base/transport_security_state.cc @@ -11,11 +11,6 @@ #include <keyhi.h> #include <pk11pub.h> -// NSS leaks #defines from its headers which will upset base/sha1.h. -#if defined(SHA1_LENGTH) -#undef SHA1_LENGTH -#endif - #include "base/base64.h" #include "base/json/json_reader.h" #include "base/json/json_writer.h" @@ -597,7 +592,7 @@ static bool AddHash(const std::string& type_and_base64, if (type_and_base64.find("sha1/") == 0 && base::Base64Decode(type_and_base64.substr(5, type_and_base64.size() - 5), &hash_str) && - hash_str.size() == base::SHA1_LENGTH) { + hash_str.size() == base::kSHA1Length) { SHA1Fingerprint hash; memcpy(hash.data, hash_str.data(), sizeof(hash.data)); out->push_back(hash); diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc index 6e08d8e..881adb8 100644 --- a/net/base/x509_certificate.cc +++ b/net/base/x509_certificate.cc @@ -187,7 +187,7 @@ void X509CertificateCache::Remove(X509Certificate::OSCertHandle cert_handle) { // CompareSHA1Hashes is a helper function for using bsearch() with an array of // SHA1 hashes. int CompareSHA1Hashes(const void* a, const void* b) { - return memcmp(a, b, base::SHA1_LENGTH); + return memcmp(a, b, base::kSHA1Length); } // Utility to split |src| on the first occurrence of |c|, if any. |right| will @@ -959,7 +959,7 @@ bool X509Certificate::IsBlacklisted() const { bool X509Certificate::IsPublicKeyBlacklisted( const std::vector<SHA1Fingerprint>& public_key_hashes) { static const unsigned kNumHashes = 5; - static const uint8 kHashes[kNumHashes][base::SHA1_LENGTH] = { + static const uint8 kHashes[kNumHashes][base::kSHA1Length] = { // Subject: CN=DigiNotar Root CA // Issuer: CN=Entrust.net x2 and self-signed {0x41, 0x0f, 0x36, 0x36, 0x32, 0x58, 0xf3, 0x0b, 0x34, 0x7d, @@ -985,7 +985,7 @@ bool X509Certificate::IsPublicKeyBlacklisted( for (unsigned i = 0; i < kNumHashes; i++) { for (std::vector<SHA1Fingerprint>::const_iterator j = public_key_hashes.begin(); j != public_key_hashes.end(); ++j) { - if (memcmp(j->data, kHashes[i], base::SHA1_LENGTH) == 0) + if (memcmp(j->data, kHashes[i], base::kSHA1Length) == 0) return true; } } @@ -997,9 +997,9 @@ bool X509Certificate::IsPublicKeyBlacklisted( bool X509Certificate::IsSHA1HashInSortedArray(const SHA1Fingerprint& hash, const uint8* array, size_t array_byte_len) { - DCHECK_EQ(0u, array_byte_len % base::SHA1_LENGTH); - const unsigned arraylen = array_byte_len / base::SHA1_LENGTH; - return NULL != bsearch(hash.data, array, arraylen, base::SHA1_LENGTH, + DCHECK_EQ(0u, array_byte_len % base::kSHA1Length); + const size_t arraylen = array_byte_len / base::kSHA1Length; + return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length, CompareSHA1Hashes); } diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc index 6bf9146..ca6cfa6 100644 --- a/net/base/x509_certificate_unittest.cc +++ b/net/base/x509_certificate_unittest.cc @@ -37,7 +37,6 @@ #endif using base::HexEncode; -using base::SHA1_LENGTH; using base::Time; namespace net { @@ -613,7 +612,7 @@ TEST(X509CertificateTest, ExtractSPKIFromDERCert) { base::StringPiece spkiBytes; EXPECT_TRUE(asn1::ExtractSPKIFromDERCert(derBytes, &spkiBytes)); - uint8 hash[base::SHA1_LENGTH]; + uint8 hash[base::kSHA1Length]; base::SHA1HashBytes(reinterpret_cast<const uint8*>(spkiBytes.data()), spkiBytes.size(), hash); @@ -668,10 +667,10 @@ TEST(X509CertificateTest, PublicKeyHashes) { EXPECT_EQ(OK, error); EXPECT_EQ(0U, verify_result.cert_status); ASSERT_LE(2u, verify_result.public_key_hashes.size()); - EXPECT_EQ(HexEncode(nistSPKIHash, base::SHA1_LENGTH), - HexEncode(verify_result.public_key_hashes[0].data, SHA1_LENGTH)); + EXPECT_EQ(HexEncode(nistSPKIHash, base::kSHA1Length), + HexEncode(verify_result.public_key_hashes[0].data, base::kSHA1Length)); EXPECT_EQ("83244223D6CBF0A26FC7DE27CEBCA4BDA32612AD", - HexEncode(verify_result.public_key_hashes[1].data, SHA1_LENGTH)); + HexEncode(verify_result.public_key_hashes[1].data, base::kSHA1Length)); TestRootCerts::GetInstance()->Clear(); } |