Return vector from from CRYPT_SHA*Generate() functions.
Make convenience routine more convenient by removing output buffer
allocation requirements from callers.
Change-Id: If65dfdfa1bf6513ebbe9a38dc1c20b1d960fb2d4
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/120792
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Thomas Sepez <tsepez@google.com>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fdrm/fx_crypt_sha.cpp b/core/fdrm/fx_crypt_sha.cpp
index 33faec5..963a0da 100644
--- a/core/fdrm/fx_crypt_sha.cpp
+++ b/core/fdrm/fx_crypt_sha.cpp
@@ -428,12 +428,14 @@
}
}
-void CRYPT_SHA1Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 20> digest) {
+DataVector<uint8_t> CRYPT_SHA1Generate(pdfium::span<const uint8_t> data) {
CRYPT_sha1_context s;
CRYPT_SHA1Start(&s);
CRYPT_SHA1Update(&s, data);
+
+ DataVector<uint8_t> digest(20);
CRYPT_SHA1Finish(&s, digest);
+ return digest;
}
void CRYPT_SHA256Start(CRYPT_sha2_context* context) {
@@ -492,12 +494,14 @@
SHA_PUT_UINT32(context->state[7], digest, 28);
}
-void CRYPT_SHA256Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 32> digest) {
+DataVector<uint8_t> CRYPT_SHA256Generate(pdfium::span<const uint8_t> data) {
CRYPT_sha2_context ctx;
CRYPT_SHA256Start(&ctx);
CRYPT_SHA256Update(&ctx, data);
+
+ DataVector<uint8_t> digest(32);
CRYPT_SHA256Finish(&ctx, digest);
+ return digest;
}
void CRYPT_SHA384Start(CRYPT_sha2_context* context) {
@@ -555,12 +559,14 @@
SHA_PUT_UINT64(context->state[5], digest, 40);
}
-void CRYPT_SHA384Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 48> digest) {
+DataVector<uint8_t> CRYPT_SHA384Generate(pdfium::span<const uint8_t> data) {
CRYPT_sha2_context context;
CRYPT_SHA384Start(&context);
CRYPT_SHA384Update(&context, data);
+
+ DataVector<uint8_t> digest(48);
CRYPT_SHA384Finish(&context, digest);
+ return digest;
}
void CRYPT_SHA512Start(CRYPT_sha2_context* context) {
@@ -601,10 +607,12 @@
SHA_PUT_UINT64(context->state[7], digest, 56);
}
-void CRYPT_SHA512Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 64> digest) {
+DataVector<uint8_t> CRYPT_SHA512Generate(pdfium::span<const uint8_t> data) {
CRYPT_sha2_context context;
CRYPT_SHA512Start(&context);
CRYPT_SHA512Update(&context, data);
+
+ DataVector<uint8_t> digest(64);
CRYPT_SHA512Finish(&context, digest);
+ return digest;
}
diff --git a/core/fdrm/fx_crypt_sha.h b/core/fdrm/fx_crypt_sha.h
index 4e08e1a..c6e4def 100644
--- a/core/fdrm/fx_crypt_sha.h
+++ b/core/fdrm/fx_crypt_sha.h
@@ -11,6 +11,7 @@
#include <array>
+#include "core/fxcrt/data_vector.h"
#include "core/fxcrt/span.h"
struct CRYPT_sha1_context {
@@ -31,31 +32,27 @@
pdfium::span<const uint8_t> data);
void CRYPT_SHA1Finish(CRYPT_sha1_context* context,
pdfium::span<uint8_t, 20> digest);
-void CRYPT_SHA1Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 20> digest);
+DataVector<uint8_t> CRYPT_SHA1Generate(pdfium::span<const uint8_t> data);
void CRYPT_SHA256Start(CRYPT_sha2_context* context);
void CRYPT_SHA256Update(CRYPT_sha2_context* context,
pdfium::span<const uint8_t> data);
void CRYPT_SHA256Finish(CRYPT_sha2_context* context,
pdfium::span<uint8_t, 32> digest);
-void CRYPT_SHA256Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 32> digest);
+DataVector<uint8_t> CRYPT_SHA256Generate(pdfium::span<const uint8_t> data);
void CRYPT_SHA384Start(CRYPT_sha2_context* context);
void CRYPT_SHA384Update(CRYPT_sha2_context* context,
pdfium::span<const uint8_t> data);
void CRYPT_SHA384Finish(CRYPT_sha2_context* context,
pdfium::span<uint8_t, 48> digest);
-void CRYPT_SHA384Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 48> digest);
+DataVector<uint8_t> CRYPT_SHA384Generate(pdfium::span<const uint8_t> data);
void CRYPT_SHA512Start(CRYPT_sha2_context* context);
void CRYPT_SHA512Update(CRYPT_sha2_context* context,
pdfium::span<const uint8_t> data);
void CRYPT_SHA512Finish(CRYPT_sha2_context* context,
pdfium::span<uint8_t, 64> digest);
-void CRYPT_SHA512Generate(pdfium::span<const uint8_t> data,
- pdfium::span<uint8_t, 64> digest);
+DataVector<uint8_t> CRYPT_SHA512Generate(pdfium::span<const uint8_t> data);
#endif // CORE_FDRM_FX_CRYPT_SHA_H_
diff --git a/core/fdrm/fx_crypt_unittest.cpp b/core/fdrm/fx_crypt_unittest.cpp
index aa19922..f4ae16b 100644
--- a/core/fdrm/fx_crypt_unittest.cpp
+++ b/core/fdrm/fx_crypt_unittest.cpp
@@ -9,6 +9,7 @@
#include <vector>
#include "core/fxcrt/bytestring.h"
+#include "core/fxcrt/data_vector.h"
#include "core/fxcrt/fx_memcpy_wrappers.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -178,8 +179,8 @@
TEST(FXCRYPT, Sha1Empty) {
static const char kInput[] = "";
- uint8_t actual[20];
- CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual, ElementsAre(0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b,
0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60,
0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09));
@@ -189,8 +190,8 @@
TEST(FXCRYPT, Sha1TestA1) {
// Example A.1 from FIPS 180-2: one-block message.
static const char kInput[] = "abc";
- uint8_t actual[20];
- CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual, ElementsAre(0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81,
0x6a, 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50,
0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d));
@@ -200,8 +201,8 @@
// Example A.2 from FIPS 180-2: multi-block message.
static const char kInput[] =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- uint8_t actual[20];
- CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA1Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual, ElementsAre(0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2,
0x6e, 0xba, 0xae, 0x4a, 0xa1, 0xf9, 0x51,
0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1));
@@ -209,8 +210,9 @@
TEST(FXCRYPT, Sha256Empty) {
static const char kInput[] = "";
- uint8_t actual[32];
- CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+
+ CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual,
ElementsAre(0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a,
0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae,
@@ -221,8 +223,8 @@
TEST(FXCRYPT, Sha256TestB1) {
// Example B.1 from FIPS 180-2: one-block message.
static const char kInput[] = "abc";
- uint8_t actual[32];
- CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual,
ElementsAre(0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41,
0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03,
@@ -234,8 +236,8 @@
// Example B.2 from FIPS 180-2: multi-block message.
static const char kInput[] =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- uint8_t actual[32];
- CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA256Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(actual,
ElementsAre(0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5,
0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c,
@@ -491,8 +493,8 @@
TEST(FXCRYPT, Sha384Empty) {
static const char kInput[] = "";
- uint8_t actual[48];
- CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9,
@@ -506,8 +508,8 @@
TEST(FXCRYPT, Sha384Test) {
static const char kInput[] =
"This is a simple test. To see whether it is getting correct value.";
- uint8_t actual[48];
- CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0x95, 0x54, 0xff, 0xd3, 0x89, 0xf0, 0xd6, 0x42, 0xe9, 0x33,
@@ -522,9 +524,9 @@
static const char kInput[] =
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
- uint8_t actual[48];
EXPECT_EQ(112u, strlen(kInput));
- CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA384Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0x18, 0x7d, 0x4e, 0x07, 0xcb, 0x30, 0x61, 0x03, 0xc6, 0x99,
@@ -536,8 +538,8 @@
TEST(FXCRYPT, Sha512Empty) {
static const char kInput[] = "";
- uint8_t actual[64];
- CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd, 0xf1, 0x54,
@@ -553,8 +555,8 @@
TEST(FXCRYPT, Sha512Test) {
static const char kInput[] =
"This is a simple test. To see whether it is getting correct value.";
- uint8_t actual[64];
- CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0x86, 0xB5, 0x05, 0x63, 0xA2, 0x6F, 0xD6, 0xFA, 0xEB, 0x9B,
@@ -572,8 +574,8 @@
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
EXPECT_EQ(112u, strlen(kInput));
- uint8_t actual[64];
- CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span(), actual);
+ DataVector<uint8_t> actual =
+ CRYPT_SHA512Generate(ByteStringView(kInput).unsigned_span());
EXPECT_THAT(
actual,
ElementsAre(0xc0, 0x1d, 0x08, 0x0e, 0xfd, 0x49, 0x27, 0x76, 0xa1, 0xc4,
diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp
index 25b8645..57fc974 100644
--- a/core/fpdfapi/parser/cpdf_security_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_security_handler.cpp
@@ -155,30 +155,22 @@
CRYPT_AESSetIV(&aes, iv);
CRYPT_AESEncrypt(&aes, encrypted_output_span.data(), content.data(),
encrypted_output_span.size());
- int iHash = 0;
+
switch (BigOrder64BitsMod3(encrypted_output_span)) {
case 0:
- iHash = 0;
block_size = 32;
+ inter_digest = CRYPT_SHA256Generate(encrypted_output_span);
break;
case 1:
- iHash = 1;
block_size = 48;
+ inter_digest = CRYPT_SHA384Generate(encrypted_output_span);
break;
default:
- iHash = 2;
block_size = 64;
+ inter_digest = CRYPT_SHA512Generate(encrypted_output_span);
break;
}
- inter_digest.resize(block_size);
input = inter_digest.data();
- if (iHash == 0) {
- CRYPT_SHA256Generate(encrypted_output_span, inter_digest);
- } else if (iHash == 1) {
- CRYPT_SHA384Generate(encrypted_output_span, inter_digest);
- } else if (iHash == 2) {
- CRYPT_SHA512Generate(encrypted_output_span, inter_digest);
- }
key = input;
iv = UNSAFE_TODO(input + 16);
++i;
diff --git a/core/fpdfapi/parser/cpdf_stream_acc.cpp b/core/fpdfapi/parser/cpdf_stream_acc.cpp
index ffa0567..8e18336 100644
--- a/core/fpdfapi/parser/cpdf_stream_acc.cpp
+++ b/core/fpdfapi/parser/cpdf_stream_acc.cpp
@@ -85,9 +85,7 @@
}
DataVector<uint8_t> CPDF_StreamAcc::ComputeDigest() const {
- DataVector<uint8_t> digest(20);
- CRYPT_SHA1Generate(GetSpan(), digest);
- return digest;
+ return CRYPT_SHA1Generate(GetSpan());
}
DataVector<uint8_t> CPDF_StreamAcc::DetachData() {
