1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "crypto/secure_hash.h"
6
7 #include <stddef.h>
8
9 #include "base/memory/ptr_util.h"
10 #include "base/notreached.h"
11 #include "base/pickle.h"
12 #include "crypto/openssl_util.h"
13 #include "third_party/boringssl/src/include/openssl/mem.h"
14 #include "third_party/boringssl/src/include/openssl/sha.h"
15
16 namespace crypto {
17
18 namespace {
19
20 class SecureHashSHA256 : public SecureHash {
21 public:
SecureHashSHA256()22 SecureHashSHA256() { SHA256_Init(&ctx_); }
23
SecureHashSHA256(const SecureHashSHA256 & other)24 SecureHashSHA256(const SecureHashSHA256& other) {
25 memcpy(&ctx_, &other.ctx_, sizeof(ctx_));
26 }
27
~SecureHashSHA256()28 ~SecureHashSHA256() override {
29 OPENSSL_cleanse(&ctx_, sizeof(ctx_));
30 }
31
Update(base::span<const uint8_t> input)32 void Update(base::span<const uint8_t> input) override {
33 SHA256_Update(&ctx_, input.data(), input.size());
34 }
35
Finish(base::span<uint8_t> output)36 void Finish(base::span<uint8_t> output) override {
37 ScopedOpenSSLSafeSizeBuffer<SHA256_DIGEST_LENGTH> result(output.data(),
38 output.size());
39 SHA256_Final(result.safe_buffer(), &ctx_);
40 }
41
Clone() const42 std::unique_ptr<SecureHash> Clone() const override {
43 return std::make_unique<SecureHashSHA256>(*this);
44 }
45
GetHashLength() const46 size_t GetHashLength() const override { return SHA256_DIGEST_LENGTH; }
47
48 private:
49 SHA256_CTX ctx_;
50 };
51
52 class SecureHashSHA512 : public SecureHash {
53 public:
SecureHashSHA512()54 SecureHashSHA512() { SHA512_Init(&ctx_); }
55
SecureHashSHA512(const SecureHashSHA512 & other)56 SecureHashSHA512(const SecureHashSHA512& other) {
57 memcpy(&ctx_, &other.ctx_, sizeof(ctx_));
58 }
59
~SecureHashSHA512()60 ~SecureHashSHA512() override { OPENSSL_cleanse(&ctx_, sizeof(ctx_)); }
61
Update(base::span<const uint8_t> input)62 void Update(base::span<const uint8_t> input) override {
63 SHA512_Update(&ctx_, input.data(), input.size());
64 }
65
Finish(base::span<uint8_t> output)66 void Finish(base::span<uint8_t> output) override {
67 ScopedOpenSSLSafeSizeBuffer<SHA512_DIGEST_LENGTH> result(output.data(),
68 output.size());
69 SHA512_Final(result.safe_buffer(), &ctx_);
70 }
71
Clone() const72 std::unique_ptr<SecureHash> Clone() const override {
73 return std::make_unique<SecureHashSHA512>(*this);
74 }
75
GetHashLength() const76 size_t GetHashLength() const override { return SHA512_DIGEST_LENGTH; }
77
78 private:
79 SHA512_CTX ctx_;
80 };
81
82 } // namespace
83
Create(Algorithm algorithm)84 std::unique_ptr<SecureHash> SecureHash::Create(Algorithm algorithm) {
85 switch (algorithm) {
86 case SHA256:
87 return std::make_unique<SecureHashSHA256>();
88 case SHA512:
89 return std::make_unique<SecureHashSHA512>();
90 default:
91 NOTIMPLEMENTED();
92 return nullptr;
93 }
94 }
95
Update(const void * input,size_t len)96 void SecureHash::Update(const void* input, size_t len) {
97 // SAFETY: This API is deprecated & being migrated away from. It can't be
98 // safely implemented at the moment.
99 // TODO(https://crbug.com/364687923): Remove this.
100 return Update(UNSAFE_BUFFERS(
101 base::span<const uint8_t>(static_cast<const uint8_t*>(input), len)));
102 }
103
Finish(void * output,size_t len)104 void SecureHash::Finish(void* output, size_t len) {
105 // SAFETY: This API is deprecated & being migrated away from. It can't be
106 // safely implemented at the moment.
107 // TODO(https://crbug.com/364687923): Remove this.
108 return Finish(
109 UNSAFE_BUFFERS(base::span<uint8_t>(static_cast<uint8_t*>(output), len)));
110 }
111
112 } // namespace crypto
113