1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/390223051): Remove C-library calls to fix the errors.
#pragma allow_unsafe_libc_calls
#endif
#include "crypto/secure_hash.h"
#include <stddef.h>
#include "base/memory/ptr_util.h"
#include "base/notreached.h"
#include "base/pickle.h"
#include "crypto/openssl_util.h"
#include "third_party/boringssl/src/include/openssl/mem.h"
#include "third_party/boringssl/src/include/openssl/sha.h"
namespace crypto {
namespace {
class SecureHashSHA256 : public SecureHash {
public:
SecureHashSHA256() { SHA256_Init(&ctx_); }
SecureHashSHA256(const SecureHashSHA256& other) {
memcpy(&ctx_, &other.ctx_, sizeof(ctx_));
}
~SecureHashSHA256() override {
OPENSSL_cleanse(&ctx_, sizeof(ctx_));
}
void Update(base::span<const uint8_t> input) override {
SHA256_Update(&ctx_, input.data(), input.size());
}
void Finish(base::span<uint8_t> output) override {
ScopedOpenSSLSafeSizeBuffer<SHA256_DIGEST_LENGTH> result(output.data(),
output.size());
SHA256_Final(result.safe_buffer(), &ctx_);
}
std::unique_ptr<SecureHash> Clone() const override {
return std::make_unique<SecureHashSHA256>(*this);
}
size_t GetHashLength() const override { return SHA256_DIGEST_LENGTH; }
private:
SHA256_CTX ctx_;
};
class SecureHashSHA512 : public SecureHash {
public:
SecureHashSHA512() { SHA512_Init(&ctx_); }
SecureHashSHA512(const SecureHashSHA512& other) {
memcpy(&ctx_, &other.ctx_, sizeof(ctx_));
}
~SecureHashSHA512() override { OPENSSL_cleanse(&ctx_, sizeof(ctx_)); }
void Update(base::span<const uint8_t> input) override {
SHA512_Update(&ctx_, input.data(), input.size());
}
void Finish(base::span<uint8_t> output) override {
ScopedOpenSSLSafeSizeBuffer<SHA512_DIGEST_LENGTH> result(output.data(),
output.size());
SHA512_Final(result.safe_buffer(), &ctx_);
}
std::unique_ptr<SecureHash> Clone() const override {
return std::make_unique<SecureHashSHA512>(*this);
}
size_t GetHashLength() const override { return SHA512_DIGEST_LENGTH; }
private:
SHA512_CTX ctx_;
};
} // namespace
std::unique_ptr<SecureHash> SecureHash::Create(Algorithm algorithm) {
switch (algorithm) {
case SHA256:
return std::make_unique<SecureHashSHA256>();
case SHA512:
return std::make_unique<SecureHashSHA512>();
default:
NOTIMPLEMENTED();
return nullptr;
}
}
void SecureHash::Update(const void* input, size_t len) {
// SAFETY: This API is deprecated & being migrated away from. It can't be
// safely implemented at the moment.
// TODO(https://crbug.com/364687923): Remove this.
return Update(UNSAFE_BUFFERS(
base::span<const uint8_t>(static_cast<const uint8_t*>(input), len)));
}
void SecureHash::Finish(void* output, size_t len) {
// SAFETY: This API is deprecated & being migrated away from. It can't be
// safely implemented at the moment.
// TODO(https://crbug.com/364687923): Remove this.
return Finish(
UNSAFE_BUFFERS(base::span<uint8_t>(static_cast<uint8_t*>(output), len)));
}
} // namespace crypto
|
