diff --git a/chrome/browser/browsing_data/browsing_data_channel_id_helper_unittest.cc b/chrome/browser/browsing_data/browsing_data_channel_id_helper_unittest.cc index e5ef6c66ac0c752a6703ce9e16fbc722e5b30356..efbdcd3ba1da1e211812ae594070736871f1e912 100644 --- a/chrome/browser/browsing_data/browsing_data_channel_id_helper_unittest.cc +++ b/chrome/browser/browsing_data/browsing_data_channel_id_helper_unittest.cc @@ -44,11 +44,11 @@ class BrowsingDataChannelIDHelperTest channel_id_store->SetChannelID( base::WrapUnique(new net::ChannelIDStore::ChannelID( "https://www.google.com:443", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + crypto::ECPrivateKey::Create()))); channel_id_store->SetChannelID( base::WrapUnique(new net::ChannelIDStore::ChannelID( "https://www.youtube.com:443", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + crypto::ECPrivateKey::Create()))); } void FetchCallback( @@ -142,7 +142,7 @@ TEST_F(BrowsingDataChannelIDHelperTest, CannedEmpty) { ASSERT_TRUE(helper->empty()); helper->AddChannelID(net::ChannelIDStore::ChannelID( - origin, base::Time(), base::WrapUnique(crypto::ECPrivateKey::Create()))); + origin, base::Time(), crypto::ECPrivateKey::Create())); ASSERT_FALSE(helper->empty()); helper->Reset(); ASSERT_TRUE(helper->empty()); diff --git a/chrome/browser/browsing_data/browsing_data_remover_unittest.cc b/chrome/browser/browsing_data/browsing_data_remover_unittest.cc index 5c02dcb9dd46d2b4b8c2a55ded720ff975bc1472..b02dc5b04c259d50c05658b7460e3c2a5823cc8d 100644 --- a/chrome/browser/browsing_data/browsing_data_remover_unittest.cc +++ b/chrome/browser/browsing_data/browsing_data_remover_unittest.cc @@ -493,8 +493,7 @@ class RemoveChannelIDTester : public net::SSLConfigService::Observer { base::Time creation_time) { GetChannelIDStore()->SetChannelID( base::WrapUnique(new net::ChannelIDStore::ChannelID( - server_identifier, creation_time, - base::WrapUnique(crypto::ECPrivateKey::Create())))); + server_identifier, creation_time, crypto::ECPrivateKey::Create()))); } // Add a server bound cert for |server|, with the current time as the diff --git a/chrome/browser/chromeos/login/profile_auth_data_unittest.cc b/chrome/browser/chromeos/login/profile_auth_data_unittest.cc index 2de25a14d7f34d093f6ab866006ed318dd1bb1d1..e5fb43f60138848f882308daebc74ec4266703e9 100644 --- a/chrome/browser/chromeos/login/profile_auth_data_unittest.cc +++ b/chrome/browser/chromeos/login/profile_auth_data_unittest.cc @@ -110,17 +110,15 @@ class ProfileAuthDataTest : public testing::Test { }; void ProfileAuthDataTest::SetUp() { - channel_id_key1_.reset(crypto::ECPrivateKey::Create()); - channel_id_key2_.reset(crypto::ECPrivateKey::Create()); + channel_id_key1_ = crypto::ECPrivateKey::Create(); + channel_id_key2_ = crypto::ECPrivateKey::Create(); PopulateBrowserContext(&login_browser_context_, kProxyAuthPassword1, - kCookieValue1, - base::WrapUnique(channel_id_key1_->Copy())); + kCookieValue1, channel_id_key1_->Copy()); } void ProfileAuthDataTest::PopulateUserBrowserContext() { PopulateBrowserContext(&user_browser_context_, kProxyAuthPassword2, - kCookieValue2, - base::WrapUnique(channel_id_key2_->Copy())); + kCookieValue2, channel_id_key2_->Copy()); } void ProfileAuthDataTest::Transfer( diff --git a/chrome/browser/chromeos/settings/token_encryptor.cc b/chrome/browser/chromeos/settings/token_encryptor.cc index 8ff42eeb724d524d884923644cd3ea7e2858589d..100622122c83a077791d076d7dcc71d01519eb19 100644 --- a/chrome/browser/chromeos/settings/token_encryptor.cc +++ b/chrome/browser/chromeos/settings/token_encryptor.cc @@ -31,7 +31,7 @@ CryptohomeTokenEncryptor::CryptohomeTokenEncryptor( DCHECK(!system_salt.empty()); // TODO(davidroche): should this use the system salt for both the password // and the salt value, or should this use a separate salt value? - system_salt_key_.reset(PassphraseToKey(system_salt_, system_salt_)); + system_salt_key_ = PassphraseToKey(system_salt_, system_salt_); } CryptohomeTokenEncryptor::~CryptohomeTokenEncryptor() { @@ -67,7 +67,7 @@ std::string CryptohomeTokenEncryptor::DecryptWithSystemSalt( encrypted_token_hex); } -crypto::SymmetricKey* CryptohomeTokenEncryptor::PassphraseToKey( +std::unique_ptr CryptohomeTokenEncryptor::PassphraseToKey( const std::string& passphrase, const std::string& salt) { return crypto::SymmetricKey::DeriveKeyFromPassword( diff --git a/chrome/browser/chromeos/settings/token_encryptor.h b/chrome/browser/chromeos/settings/token_encryptor.h index 0ef1008bd56c81b54b2ee3d5711238d0a2cebe4a..d4d5e392bd62e93db7fcabb9de8100a622751633 100644 --- a/chrome/browser/chromeos/settings/token_encryptor.h +++ b/chrome/browser/chromeos/settings/token_encryptor.h @@ -47,8 +47,9 @@ class CryptohomeTokenEncryptor : public TokenEncryptor { private: // Converts |passphrase| to a SymmetricKey using the given |salt|. - crypto::SymmetricKey* PassphraseToKey(const std::string& passphrase, - const std::string& salt); + std::unique_ptr PassphraseToKey( + const std::string& passphrase, + const std::string& salt); // Encrypts (AES) the token given |key| and |salt|. std::string EncryptTokenWithKey(crypto::SymmetricKey* key, diff --git a/chrome/browser/extensions/updater/local_extension_cache_unittest.cc b/chrome/browser/extensions/updater/local_extension_cache_unittest.cc index efcf267cb2530c2f9f15e6204d501c552b7047bc..1ef40a4b77bef938fa2307d1302386729d4cafb5 100644 --- a/chrome/browser/extensions/updater/local_extension_cache_unittest.cc +++ b/chrome/browser/extensions/updater/local_extension_cache_unittest.cc @@ -98,14 +98,13 @@ class LocalExtensionCacheTest : public testing::Test { base::FilePath* filename) { std::string data(size, 0); - crypto::SecureHash* hash = + std::unique_ptr hash = crypto::SecureHash::Create(crypto::SecureHash::SHA256); hash->Update(data.c_str(), size); uint8_t output[crypto::kSHA256Length]; hash->Finish(output, sizeof(output)); const std::string hex_hash = base::ToLowerASCII(base::HexEncode(output, sizeof(output))); - delete hash; const base::FilePath file = GetExtensionFileName(dir, id, version, hex_hash); diff --git a/chrome/browser/net/quota_policy_channel_id_store_unittest.cc b/chrome/browser/net/quota_policy_channel_id_store_unittest.cc index 8092326868b2adc41aa3f99d75e0380142949b4c..cbf00f61561ddb1f1d747ce8ffa2460f05ea59b6 100644 --- a/chrome/browser/net/quota_policy_channel_id_store_unittest.cc +++ b/chrome/browser/net/quota_policy_channel_id_store_unittest.cc @@ -9,7 +9,6 @@ #include "base/bind.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" -#include "base/memory/ptr_util.h" #include "base/memory/ref_counted.h" #include "base/memory/scoped_vector.h" #include "base/message_loop/message_loop.h" @@ -84,11 +83,9 @@ TEST_F(QuotaPolicyChannelIDStoreTest, TestPersistence) { crypto::ECPrivateKey::Create()); std::unique_ptr foo_key(crypto::ECPrivateKey::Create()); store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( - "google.com", base::Time::FromInternalValue(1), - base::WrapUnique(goog_key->Copy()))); + "google.com", base::Time::FromInternalValue(1), goog_key->Copy())); store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( - "foo.com", base::Time::FromInternalValue(3), - base::WrapUnique(foo_key->Copy()))); + "foo.com", base::Time::FromInternalValue(3), foo_key->Copy())); std::vector> channel_ids; @@ -143,10 +140,10 @@ TEST_F(QuotaPolicyChannelIDStoreTest, TestPersistence) { TEST_F(QuotaPolicyChannelIDStoreTest, TestPolicy) { store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( "google.com", base::Time::FromInternalValue(1), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + crypto::ECPrivateKey::Create())); store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( "nonpersistent.com", base::Time::FromInternalValue(3), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + crypto::ECPrivateKey::Create())); std::vector> channel_ids; @@ -176,10 +173,10 @@ TEST_F(QuotaPolicyChannelIDStoreTest, TestPolicy) { // being committed to disk. store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( "nonpersistent.com", base::Time::FromInternalValue(5), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + crypto::ECPrivateKey::Create())); store_->AddChannelID(net::DefaultChannelIDStore::ChannelID( "persistent.com", base::Time::FromInternalValue(7), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + crypto::ECPrivateKey::Create())); // Now close the store, and the nonpersistent.com channel IDs should be // deleted according to policy. diff --git a/components/crx_file/crx_file.cc b/components/crx_file/crx_file.cc index 7a310aca98828693d9b2bc4e235fbb76b7b7b36f..2445ef1e6629bf5c439bfe0551acddde6d53ce60 100644 --- a/components/crx_file/crx_file.cc +++ b/components/crx_file/crx_file.cc @@ -111,7 +111,7 @@ CrxFile::ValidateError CrxFile::ValidateSignature( base::ScopedFILE file(base::OpenFile(crx_path, "rb")); std::unique_ptr hash; if (!expected_hash.empty()) - hash.reset(crypto::SecureHash::Create(crypto::SecureHash::SHA256)); + hash = crypto::SecureHash::Create(crypto::SecureHash::SHA256); if (!file.get()) return ValidateError::CRX_FILE_NOT_READABLE; diff --git a/components/os_crypt/os_crypt_mac.mm b/components/os_crypt/os_crypt_mac.mm index 66f77c296754393677dac5350cf3b1b2e35d37ac..5b97726ae83f4ebe2b183446d3314fbbdd1f50b1 100644 --- a/components/os_crypt/os_crypt_mac.mm +++ b/components/os_crypt/os_crypt_mac.mm @@ -77,12 +77,10 @@ crypto::SymmetricKey* GetEncryptionKey() { // Create an encryption key from our password and salt. The key is // intentionally leaked. - cached_encryption_key = - crypto::SymmetricKey::DeriveKeyFromPassword(crypto::SymmetricKey::AES, - password, - salt, - kEncryptionIterations, - kDerivedKeySizeInBits); + cached_encryption_key = crypto::SymmetricKey::DeriveKeyFromPassword( + crypto::SymmetricKey::AES, password, salt, + kEncryptionIterations, kDerivedKeySizeInBits) + .release(); ANNOTATE_LEAKING_OBJECT_PTR(cached_encryption_key); DCHECK(cached_encryption_key); return cached_encryption_key; diff --git a/content/browser/download/base_file.cc b/content/browser/download/base_file.cc index e34970f786875d077c112a20aaf70f03cff69dd8..735793270ff8a18994792f7b0355f7ab5e140ee0 100644 --- a/content/browser/download/base_file.cc +++ b/content/browser/download/base_file.cc @@ -208,7 +208,7 @@ std::string BaseFile::DebugString() const { DownloadInterruptReason BaseFile::CalculatePartialHash( const std::string& hash_to_expect) { - secure_hash_.reset(crypto::SecureHash::Create(crypto::SecureHash::SHA256)); + secure_hash_ = crypto::SecureHash::Create(crypto::SecureHash::SHA256); if (bytes_so_far_ == 0) return DOWNLOAD_INTERRUPT_REASON_NONE; diff --git a/content/browser/download/download_item_impl.cc b/content/browser/download/download_item_impl.cc index 972a9570e1b384e7bdeb50f2f215f912dc4b439a..be68b07963be50a400d3e0fab3e445127ce1b8c0 100644 --- a/content/browser/download/download_item_impl.cc +++ b/content/browser/download/download_item_impl.cc @@ -31,7 +31,6 @@ #include "base/format_macros.h" #include "base/guid.h" #include "base/logging.h" -#include "base/memory/ptr_util.h" #include "base/metrics/histogram.h" #include "base/stl_util.h" #include "base/strings/string_util.h" @@ -1175,9 +1174,9 @@ void DownloadItemImpl::Start( int64_t offset = new_create_info.save_info->offset; std::unique_ptr hash_state = - base::WrapUnique(new_create_info.save_info->hash_state - ? new_create_info.save_info->hash_state->Clone() - : nullptr); + new_create_info.save_info->hash_state + ? new_create_info.save_info->hash_state->Clone() + : nullptr; // Interrupted downloads also need a target path. if (target_path_.empty()) { diff --git a/crypto/ec_private_key.cc b/crypto/ec_private_key.cc index 176c9796fc86273bf148f0c00245a07bc1c18b21..8f3c4110ace794241dd5d22af79f60346027159c 100644 --- a/crypto/ec_private_key.cc +++ b/crypto/ec_private_key.cc @@ -13,8 +13,6 @@ #include #include -#include - #include "base/logging.h" #include "crypto/auto_cbb.h" #include "crypto/openssl_util.h" @@ -43,13 +41,13 @@ bool ExportKeyWithBio(const void* key, return false; ScopedBIO bio(BIO_new(BIO_s_mem())); - if (!bio.get()) + if (!bio) return false; if (!export_fn(bio.get(), key)) return false; - char* data = NULL; + char* data = nullptr; long len = BIO_get_mem_data(bio.get(), &data); if (!data || len < 0) return false; @@ -65,28 +63,21 @@ ECPrivateKey::~ECPrivateKey() { EVP_PKEY_free(key_); } -ECPrivateKey* ECPrivateKey::Copy() const { - std::unique_ptr copy(new ECPrivateKey); - if (key_) - copy->key_ = EVP_PKEY_up_ref(key_); - return copy.release(); -} - // static -ECPrivateKey* ECPrivateKey::Create() { +std::unique_ptr ECPrivateKey::Create() { OpenSSLErrStackTracer err_tracer(FROM_HERE); ScopedEC_KEY ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); - if (!ec_key.get() || !EC_KEY_generate_key(ec_key.get())) - return NULL; + if (!ec_key || !EC_KEY_generate_key(ec_key.get())) + return nullptr; std::unique_ptr result(new ECPrivateKey()); result->key_ = EVP_PKEY_new(); if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get())) - return NULL; + return nullptr; CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_)); - return result.release(); + return result; } // static @@ -100,13 +91,13 @@ std::unique_ptr ECPrivateKey::CreateFromPrivateKeyInfo( if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) return nullptr; - std::unique_ptr result(new ECPrivateKey); + std::unique_ptr result(new ECPrivateKey()); result->key_ = pkey.release(); return result; } // static -ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( +std::unique_ptr ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( const std::string& password, const std::vector& encrypted_private_key_info, const std::vector& subject_public_key_info) { @@ -114,16 +105,16 @@ ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( // useful for the NSS implementation (which uses the public key's SHA1 // as a lookup key when storing the private one in its store). if (encrypted_private_key_info.empty()) - return NULL; + return nullptr; OpenSSLErrStackTracer err_tracer(FROM_HERE); const uint8_t* data = &encrypted_private_key_info[0]; const uint8_t* ptr = data; ScopedX509_SIG p8_encrypted( - d2i_X509_SIG(NULL, &ptr, encrypted_private_key_info.size())); + d2i_X509_SIG(nullptr, &ptr, encrypted_private_key_info.size())); if (!p8_encrypted || ptr != data + encrypted_private_key_info.size()) - return NULL; + return nullptr; ScopedPKCS8_PRIV_KEY_INFO p8_decrypted; if (password.empty()) { @@ -142,15 +133,22 @@ ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( } if (!p8_decrypted) - return NULL; + return nullptr; // Create a new EVP_PKEY for it. - std::unique_ptr result(new ECPrivateKey); + std::unique_ptr result(new ECPrivateKey()); result->key_ = EVP_PKCS82PKEY(p8_decrypted.get()); if (!result->key_ || EVP_PKEY_id(result->key_) != EVP_PKEY_EC) - return NULL; + return nullptr; - return result.release(); + return result; +} + +std::unique_ptr ECPrivateKey::Copy() const { + std::unique_ptr copy(new ECPrivateKey()); + if (key_) + copy->key_ = EVP_PKEY_up_ref(key_); + return copy; } bool ECPrivateKey::ExportPrivateKey(std::vector* output) const { @@ -174,7 +172,7 @@ bool ECPrivateKey::ExportEncryptedPrivateKey( OpenSSLErrStackTracer err_tracer(FROM_HERE); // Convert into a PKCS#8 object. ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(key_)); - if (!pkcs8.get()) + if (!pkcs8) return false; // Encrypt the object. @@ -190,7 +188,7 @@ bool ECPrivateKey::ExportEncryptedPrivateKey( 0, iterations, pkcs8.get())); - if (!encrypted.get()) + if (!encrypted) return false; // Write it into |*output| @@ -236,6 +234,6 @@ bool ECPrivateKey::ExportRawPublicKey(std::string* output) const { return true; } -ECPrivateKey::ECPrivateKey() : key_(NULL) {} +ECPrivateKey::ECPrivateKey() : key_(nullptr) {} } // namespace crypto diff --git a/crypto/ec_private_key.h b/crypto/ec_private_key.h index 3e543d3db18a3d818851963ce1bb97ae5a20c037..9cdb453e1d3de1913a58492468155eabf08fb225 100644 --- a/crypto/ec_private_key.h +++ b/crypto/ec_private_key.h @@ -30,10 +30,10 @@ class CRYPTO_EXPORT ECPrivateKey { public: ~ECPrivateKey(); - // Creates a new random instance. Can return NULL if initialization fails. + // Creates a new random instance. Can return nullptr if initialization fails. // The created key will use the NIST P-256 curve. // TODO(mattm): Add a curve parameter. - static ECPrivateKey* Create(); + static std::unique_ptr Create(); // Create a new instance by importing an existing private key. The format is // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return @@ -44,17 +44,17 @@ class CRYPTO_EXPORT ECPrivateKey { // Creates a new instance by importing an existing key pair. // The key pair is given as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo // block and an X.509 SubjectPublicKeyInfo block. - // Returns NULL if initialization fails. + // Returns nullptr if initialization fails. // // This function is deprecated. Use CreateFromPrivateKeyInfo for new code. // See https://crbug.com/603319. - static ECPrivateKey* CreateFromEncryptedPrivateKeyInfo( + static std::unique_ptr CreateFromEncryptedPrivateKeyInfo( const std::string& password, const std::vector& encrypted_private_key_info, const std::vector& subject_public_key_info); // Returns a copy of the object. - ECPrivateKey* Copy() const; + std::unique_ptr Copy() const; EVP_PKEY* key() { return key_; } diff --git a/crypto/ec_private_key_unittest.cc b/crypto/ec_private_key_unittest.cc index 450ed1592ab13a7f9335d40ac1af5f514bc2190e..386844cd5a65b2f77c8a31d9a08257f214dcc398 100644 --- a/crypto/ec_private_key_unittest.cc +++ b/crypto/ec_private_key_unittest.cc @@ -45,7 +45,7 @@ TEST(ECPrivateKeyUnitTest, InitRandomTest) { static const char kPassword2[] = "test"; std::unique_ptr keypair(crypto::ECPrivateKey::Create()); - ASSERT_TRUE(keypair.get()); + ASSERT_TRUE(keypair); // Re-import as a PrivateKeyInfo. std::vector privkey; @@ -61,16 +61,16 @@ TEST(ECPrivateKeyUnitTest, InitRandomTest) { EXPECT_TRUE( keypair->ExportEncryptedPrivateKey(kPassword1, 1, &encrypted_privkey)); EXPECT_TRUE(keypair->ExportPublicKey(&pubkey)); - keypair_copy.reset(crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( - kPassword1, encrypted_privkey, pubkey)); + keypair_copy = crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( + kPassword1, encrypted_privkey, pubkey); ASSERT_TRUE(keypair_copy); ExpectKeysEqual(keypair.get(), keypair_copy.get()); // Re-import as an EncryptedPrivateKeyInfo with kPassword2. EXPECT_TRUE( keypair->ExportEncryptedPrivateKey(kPassword2, 1, &encrypted_privkey)); - keypair_copy.reset(crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( - kPassword2, encrypted_privkey, pubkey)); + keypair_copy = crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( + kPassword2, encrypted_privkey, pubkey); ASSERT_TRUE(keypair_copy); ExpectKeysEqual(keypair.get(), keypair_copy.get()); } @@ -79,8 +79,8 @@ TEST(ECPrivateKeyUnitTest, Copy) { std::unique_ptr keypair1( crypto::ECPrivateKey::Create()); std::unique_ptr keypair2(keypair1->Copy()); - ASSERT_TRUE(keypair1.get()); - ASSERT_TRUE(keypair2.get()); + ASSERT_TRUE(keypair1); + ASSERT_TRUE(keypair2); ExpectKeysEqual(keypair1.get(), keypair2.get()); } @@ -206,7 +206,7 @@ TEST(ECPrivateKeyUnitTest, BadPasswordTest) { std::unique_ptr keypair1( crypto::ECPrivateKey::Create()); - ASSERT_TRUE(keypair1.get()); + ASSERT_TRUE(keypair1); std::vector privkey1; std::vector pubkey1; @@ -217,7 +217,7 @@ TEST(ECPrivateKeyUnitTest, BadPasswordTest) { std::unique_ptr keypair2( crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( password2, privkey1, pubkey1)); - ASSERT_FALSE(keypair2.get()); + ASSERT_FALSE(keypair2); } TEST(ECPrivateKeyUnitTest, LoadNSSKeyTest) { @@ -256,7 +256,7 @@ TEST(ECPrivateKeyUnitTest, LoadNSSKeyTest) { std::vector(std::begin(kNSSPublicKey), std::end(kNSSPublicKey)))); - EXPECT_TRUE(keypair_nss.get()); + EXPECT_TRUE(keypair_nss); } TEST(ECPrivateKeyUnitTest, LoadOpenSSLKeyTest) { @@ -303,7 +303,7 @@ TEST(ECPrivateKeyUnitTest, LoadOpenSSLKeyTest) { std::vector(std::begin(kOpenSSLPublicKey), std::end(kOpenSSLPublicKey)))); - EXPECT_TRUE(keypair_openssl.get()); + EXPECT_TRUE(keypair_openssl); std::vector public_key; EXPECT_TRUE(keypair_openssl->ExportPublicKey(&public_key)); @@ -398,5 +398,5 @@ TEST(ECPrivateKeyUnitTest, LoadOldOpenSSLKeyTest) { std::vector(std::begin(kOpenSSLPublicKey), std::end(kOpenSSLPublicKey)))); - EXPECT_TRUE(keypair_openssl.get()); + EXPECT_TRUE(keypair_openssl); } diff --git a/crypto/ec_signature_creator.cc b/crypto/ec_signature_creator.cc index a6887bc117b7f5e7206e42d62367a9c3be571ad3..34e5181d518972bc1b51cf768d56ff72e8ef0d96 100644 --- a/crypto/ec_signature_creator.cc +++ b/crypto/ec_signature_creator.cc @@ -5,21 +5,23 @@ #include "crypto/ec_signature_creator.h" #include "base/logging.h" +#include "base/memory/ptr_util.h" #include "crypto/ec_signature_creator_impl.h" namespace crypto { namespace { -ECSignatureCreatorFactory* g_factory_ = NULL; +ECSignatureCreatorFactory* g_factory_ = nullptr; } // namespace // static -ECSignatureCreator* ECSignatureCreator::Create(ECPrivateKey* key) { +std::unique_ptr ECSignatureCreator::Create( + ECPrivateKey* key) { if (g_factory_) return g_factory_->Create(key); - return new ECSignatureCreatorImpl(key); + return base::MakeUnique(key); } // static diff --git a/crypto/ec_signature_creator.h b/crypto/ec_signature_creator.h index 47128fed1b88116f4a754f0ad865845c516c605d..72e09dfe9d7941598c894fd3bc2ffc2aac082314 100644 --- a/crypto/ec_signature_creator.h +++ b/crypto/ec_signature_creator.h @@ -7,6 +7,7 @@ #include +#include #include #include @@ -21,7 +22,7 @@ class CRYPTO_EXPORT ECSignatureCreatorFactory { public: virtual ~ECSignatureCreatorFactory() {} - virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0; + virtual std::unique_ptr Create(ECPrivateKey* key) = 0; }; // Signs data using a bare private key (as opposed to a full certificate). @@ -35,7 +36,7 @@ class CRYPTO_EXPORT ECSignatureCreator { // instance outlives the created ECSignatureCreator. // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should // pass in the hash algorithm identifier. - static ECSignatureCreator* Create(ECPrivateKey* key); + static std::unique_ptr Create(ECPrivateKey* key); // Set a factory to make the Create function return non-standard // ECSignatureCreator objects. Because the ECDSA algorithm involves diff --git a/crypto/ec_signature_creator_impl.cc b/crypto/ec_signature_creator_impl.cc index e80a7fbc09f70d05b384b96fbb6dc2f2c9b5cf8c..c22efdab4b476ce40ed19afff53c279b7e317d99 100644 --- a/crypto/ec_signature_creator_impl.cc +++ b/crypto/ec_signature_creator_impl.cc @@ -33,9 +33,10 @@ bool ECSignatureCreatorImpl::Sign(const uint8_t* data, ScopedEVP_MD_CTX ctx(EVP_MD_CTX_create()); size_t sig_len = 0; if (!ctx.get() || - !EVP_DigestSignInit(ctx.get(), NULL, EVP_sha256(), NULL, key_->key()) || + !EVP_DigestSignInit(ctx.get(), nullptr, EVP_sha256(), nullptr, + key_->key()) || !EVP_DigestSignUpdate(ctx.get(), data, data_len) || - !EVP_DigestSignFinal(ctx.get(), NULL, &sig_len)) { + !EVP_DigestSignFinal(ctx.get(), nullptr, &sig_len)) { return false; } @@ -43,9 +44,9 @@ bool ECSignatureCreatorImpl::Sign(const uint8_t* data, if (!EVP_DigestSignFinal(ctx.get(), &signature->front(), &sig_len)) return false; - // NOTE: A call to EVP_DigestSignFinal() with a NULL second parameter returns - // a maximum allocation size, while the call without a NULL returns the real - // one, which may be smaller. + // NOTE: A call to EVP_DigestSignFinal() with a nullptr second parameter + // returns a maximum allocation size, while the call without a nullptr + // returns the real one, which may be smaller. signature->resize(sig_len); return true; } diff --git a/crypto/encryptor.cc b/crypto/encryptor.cc index a9f9a9d5dcea15fe2e9341e14138da45f8467ba3..06bf00cce94bc608bf2a79aa14f4565177bd942d 100644 --- a/crypto/encryptor.cc +++ b/crypto/encryptor.cc @@ -23,7 +23,8 @@ const EVP_CIPHER* GetCipherForKey(SymmetricKey* key) { switch (key->key().length()) { case 16: return EVP_aes_128_cbc(); case 32: return EVP_aes_256_cbc(); - default: return NULL; + default: + return nullptr; } } @@ -84,10 +85,7 @@ size_t Encryptor::Counter::GetLengthInBytes() const { ///////////////////////////////////////////////////////////////////////////// // Encryptor Implementation. -Encryptor::Encryptor() - : key_(NULL), - mode_(CBC) { -} +Encryptor::Encryptor() : key_(nullptr), mode_(CBC) {} Encryptor::~Encryptor() { } @@ -102,7 +100,7 @@ bool Encryptor::Init(SymmetricKey* key, if (mode == CBC && iv.size() != AES_BLOCK_SIZE) return false; - if (GetCipherForKey(key) == NULL) + if (GetCipherForKey(key) == nullptr) return false; key_ = key; @@ -191,9 +189,10 @@ bool Encryptor::Crypt(bool do_encrypt, DCHECK_EQ(EVP_CIPHER_key_length(cipher), key.length()); ScopedCipherCTX ctx; - if (!EVP_CipherInit_ex( - ctx.get(), cipher, NULL, reinterpret_cast(key.data()), - reinterpret_cast(iv_.data()), do_encrypt)) + if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, + reinterpret_cast(key.data()), + reinterpret_cast(iv_.data()), + do_encrypt)) return false; // When encrypting, add another block size of space to allow for any padding. diff --git a/crypto/hmac.cc b/crypto/hmac.cc index c3c43da84e5c7f1265fff7bb81f431b570c18761..fa91628e33bac62c94a2247b6ddad327a785ed8d 100644 --- a/crypto/hmac.cc +++ b/crypto/hmac.cc @@ -63,10 +63,10 @@ bool HMAC::Sign(const base::StringPiece& data, DCHECK(initialized_); ScopedOpenSSLSafeSizeBuffer result(digest, digest_length); - return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(), - key_.data(), key_.size(), + return !!::HMAC(hash_alg_ == SHA1 ? EVP_sha1() : EVP_sha256(), key_.data(), + key_.size(), reinterpret_cast(data.data()), - data.size(), result.safe_buffer(), NULL); + data.size(), result.safe_buffer(), nullptr); } bool HMAC::Verify(const base::StringPiece& data, diff --git a/crypto/hmac_unittest.cc b/crypto/hmac_unittest.cc index f8dbd5a6ffe6080defb804c6db53f48b30446406..9c42dad2b41fe5f5fcd25e576878341e51c7d969 100644 --- a/crypto/hmac_unittest.cc +++ b/crypto/hmac_unittest.cc @@ -287,7 +287,7 @@ TEST(HMACTest, EmptyKey) { base::StringPiece data(""); crypto::HMAC hmac(crypto::HMAC::SHA1); - ASSERT_TRUE(hmac.Init(NULL, 0)); + ASSERT_TRUE(hmac.Init(nullptr, 0)); unsigned char digest[kSHA1DigestSize]; EXPECT_TRUE(hmac.Sign(data, digest, kSHA1DigestSize)); diff --git a/crypto/mock_apple_keychain.h b/crypto/mock_apple_keychain.h index f36e982dc0990df4b9f9b8d315de2dd27a17c856..db4fcd8e043845470004de0750bc1dca86d9414f 100644 --- a/crypto/mock_apple_keychain.h +++ b/crypto/mock_apple_keychain.h @@ -209,7 +209,7 @@ class CRYPTO_EXPORT MockAppleKeychain : public AppleKeychain { bool locked_; typedef struct KeychainPasswordData { - KeychainPasswordData() : data(NULL), length(0) {} + KeychainPasswordData() : data(nullptr), length(0) {} void* data; UInt32 length; } KeychainPasswordData; diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc index afca2ecf2891f93d6f25de55da79629da508e490..66114cd0e0cd17f95c813a100b25f9e16ec0e95b 100644 --- a/crypto/nss_util.cc +++ b/crypto/nss_util.cc @@ -126,13 +126,13 @@ char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { retry != PR_FALSE, &cancelled); if (cancelled) - return NULL; + return nullptr; char* result = PORT_Strdup(password.c_str()); password.replace(0, password.size(), password.size(), 0); return result; } - DLOG(ERROR) << "PK11 password requested with NULL arg"; - return NULL; + DLOG(ERROR) << "PK11 password requested with nullptr arg"; + return nullptr; } // NSS creates a local cache of the sqlite database if it detects that the @@ -218,8 +218,8 @@ class ChromeOSUserData { } ScopedPK11Slot GetPublicSlot() { - return ScopedPK11Slot( - public_slot_ ? PK11_ReferenceSlot(public_slot_.get()) : NULL); + return ScopedPK11Slot(public_slot_ ? PK11_ReferenceSlot(public_slot_.get()) + : nullptr); } ScopedPK11Slot GetPrivateSlot( @@ -353,7 +353,7 @@ class NSSInitSingleton { // If everything is already initialized, then return true. // Note that only |tpm_slot_| is checked, since |chaps_module_| could be - // NULL in tests while |tpm_slot_| has been set to the test DB. + // nullptr in tests while |tpm_slot_| has been set to the test DB. if (tpm_slot_) { base::ThreadTaskRunnerHandle::Get()->PostTask(FROM_HERE, base::Bind(callback, true)); @@ -608,7 +608,7 @@ class NSSInitSingleton { void SetSystemKeySlotForTesting(ScopedPK11Slot slot) { // Ensure that a previous value of test_system_slot_ is not overwritten. - // Unsetting, i.e. setting a NULL, however is allowed. + // Unsetting, i.e. setting a nullptr, however is allowed. DCHECK(!slot || !test_system_slot_); test_system_slot_ = std::move(slot); if (test_system_slot_) { @@ -644,7 +644,7 @@ class NSSInitSingleton { // TODO(mattm): chromeos::TPMTokenloader always calls // InitializeTPMTokenAndSystemSlot with slot 0. If the system slot is // disabled, tpm_slot_ will be the first user's slot instead. Can that be - // detected and return NULL instead? + // detected and return nullptr instead? base::Closure wrapped_callback; if (!callback.is_null()) { @@ -669,8 +669,8 @@ class NSSInitSingleton { NSSInitSingleton() : tpm_token_enabled_for_nss_(false), initializing_tpm_token_(false), - chaps_module_(NULL), - root_(NULL) { + chaps_module_(nullptr), + root_(nullptr) { // It's safe to construct on any thread, since LazyInstance will prevent any // other threads from accessing until the constructor is done. thread_checker_.DetachFromThread(); @@ -717,7 +717,7 @@ class NSSInitSingleton { } if (status != SECSuccess) { VLOG(1) << "Initializing NSS without a persistent database."; - status = NSS_NoDB_Init(NULL); + status = NSS_NoDB_Init(nullptr); if (status != SECSuccess) { CrashOnNSSInitFailure(); return; @@ -734,7 +734,7 @@ class NSSInitSingleton { // PK11_InitPin may write to the keyDB, but no other thread can use NSS // yet, so we don't need to lock. if (PK11_NeedUserInit(slot)) - PK11_InitPin(slot, NULL, NULL); + PK11_InitPin(slot, nullptr, nullptr); PK11_FreeSlot(slot); } @@ -758,12 +758,12 @@ class NSSInitSingleton { if (root_) { SECMOD_UnloadUserModule(root_); SECMOD_DestroyModule(root_); - root_ = NULL; + root_ = nullptr; } if (chaps_module_) { SECMOD_UnloadUserModule(chaps_module_); SECMOD_DestroyModule(chaps_module_); - chaps_module_ = NULL; + chaps_module_ = nullptr; } SECStatus status = NSS_Shutdown(); @@ -776,14 +776,14 @@ class NSSInitSingleton { // Load nss's built-in root certs. SECMODModule* InitDefaultRootCerts() { - SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", NULL); + SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", nullptr); if (root) return root; // Aw, snap. Can't find/load root cert shared library. // This will make it hard to talk to anybody via https. // TODO(mattm): Re-add the NOTREACHED here when crbug.com/310972 is fixed. - return NULL; + return nullptr; } // Load the given module for this NSS session. @@ -799,17 +799,17 @@ class NSSInitSingleton { // https://bugzilla.mozilla.org/show_bug.cgi?id=642546 was filed // on NSS codebase to address this. SECMODModule* module = SECMOD_LoadUserModule( - const_cast(modparams.c_str()), NULL, PR_FALSE); + const_cast(modparams.c_str()), nullptr, PR_FALSE); if (!module) { LOG(ERROR) << "Error loading " << name << " module into NSS: " << GetNSSErrorMessage(); - return NULL; + return nullptr; } if (!module->loaded) { LOG(ERROR) << "After loading " << name << ", loaded==false: " << GetNSSErrorMessage(); SECMOD_DestroyModule(module); - return NULL; + return nullptr; } return module; } @@ -846,7 +846,7 @@ ScopedPK11Slot OpenSoftwareNSSDB(const base::FilePath& path, PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str()); if (db_slot) { if (PK11_NeedUserInit(db_slot)) - PK11_InitPin(db_slot, NULL, NULL); + PK11_InitPin(db_slot, nullptr, nullptr); } else { LOG(ERROR) << "Error opening persistent database (" << modspec << "): " << GetNSSErrorMessage(); @@ -881,7 +881,7 @@ base::Lock* GetNSSWriteLock() { } AutoNSSWriteLock::AutoNSSWriteLock() : lock_(GetNSSWriteLock()) { - // May be NULL if the lock is not needed in our version of NSS. + // May be nullptr if the lock is not needed in our version of NSS. if (lock_) lock_->Acquire(); } diff --git a/crypto/nss_util_internal.h b/crypto/nss_util_internal.h index 0982a6e8c74c97fa012ebb1ac521db7e009be097..697e376e5a587ceeb8f4137b8dbb2d2ea0b923e1 100644 --- a/crypto/nss_util_internal.h +++ b/crypto/nss_util_internal.h @@ -24,7 +24,7 @@ namespace crypto { // Opens an NSS software database in folder |path|, with the (potentially) // user-visible description |description|. Returns the slot for the opened -// database, or NULL if the database could not be opened. +// database, or nullptr if the database could not be opened. CRYPTO_EXPORT ScopedPK11Slot OpenSoftwareNSSDB(const base::FilePath& path, const std::string& description); @@ -57,8 +57,8 @@ CRYPTO_EXPORT ScopedPK11Slot GetSystemNSSKeySlot( // through |GetSystemNSSKeySlot| and |IsTPMTokenReady| will return true. // |InitializeTPMTokenAndSystemSlot|, which triggers the TPM initialization, // does not have to be called if the test system slot is set. -// This must must not be called consecutively with a |slot| != NULL. If |slot| -// is NULL, the test system slot is unset. +// This must must not be called consecutively with a |slot| != nullptr. If +// |slot| is nullptr, the test system slot is unset. CRYPTO_EXPORT void SetSystemKeySlotForTesting(ScopedPK11Slot slot); // Prepare per-user NSS slot mapping. It is safe to call this function multiple diff --git a/crypto/secure_hash.cc b/crypto/secure_hash.cc index 2a5a1f02089e6f1ddd24523ab6f39fd31bea744a..76d42d33f72a00aa6d84dea35d5a6c4a41ccbeb2 100644 --- a/crypto/secure_hash.cc +++ b/crypto/secure_hash.cc @@ -9,6 +9,7 @@ #include #include "base/logging.h" +#include "base/memory/ptr_util.h" #include "base/pickle.h" #include "crypto/openssl_util.h" @@ -40,8 +41,8 @@ class SecureHashSHA256 : public SecureHash { SHA256_Final(result.safe_buffer(), &ctx_); } - SecureHash* Clone() const override { - return new SecureHashSHA256(*this); + std::unique_ptr Clone() const override { + return base::MakeUnique(*this); } size_t GetHashLength() const override { return SHA256_DIGEST_LENGTH; } @@ -52,13 +53,13 @@ class SecureHashSHA256 : public SecureHash { } // namespace -SecureHash* SecureHash::Create(Algorithm algorithm) { +std::unique_ptr SecureHash::Create(Algorithm algorithm) { switch (algorithm) { case SHA256: - return new SecureHashSHA256(); + return base::MakeUnique(); default: NOTIMPLEMENTED(); - return NULL; + return nullptr; } } diff --git a/crypto/secure_hash.h b/crypto/secure_hash.h index a5590e5d0b5879a14e81b75402cabd3dcc836928..30b9fdc5f283fa3f5bfb6c3056c16c8f85201c35 100644 --- a/crypto/secure_hash.h +++ b/crypto/secure_hash.h @@ -7,6 +7,8 @@ #include +#include + #include "base/macros.h" #include "crypto/crypto_export.h" @@ -21,7 +23,7 @@ class CRYPTO_EXPORT SecureHash { }; virtual ~SecureHash() {} - static SecureHash* Create(Algorithm type); + static std::unique_ptr Create(Algorithm type); virtual void Update(const void* input, size_t len) = 0; virtual void Finish(void* output, size_t len) = 0; @@ -30,7 +32,7 @@ class CRYPTO_EXPORT SecureHash { // Create a clone of this SecureHash. The returned clone and this both // represent the same hash state. But from this point on, calling // Update()/Finish() on either doesn't affect the state of the other. - virtual SecureHash* Clone() const = 0; + virtual std::unique_ptr Clone() const = 0; protected: SecureHash() {} diff --git a/crypto/signature_creator.cc b/crypto/signature_creator.cc index 6543e63186b777c4bc2745215ad2ae6c84600285..bb4019ef729c4880976591b847b454c94a13593e 100644 --- a/crypto/signature_creator.cc +++ b/crypto/signature_creator.cc @@ -9,8 +9,6 @@ #include #include -#include - #include "base/logging.h" #include "crypto/openssl_util.h" #include "crypto/rsa_private_key.h" @@ -27,7 +25,7 @@ const EVP_MD* ToOpenSSLDigest(SignatureCreator::HashAlgorithm hash_alg) { case SignatureCreator::SHA256: return EVP_sha256(); } - return NULL; + return nullptr; } int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) { @@ -42,21 +40,26 @@ int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) { } // namespace +SignatureCreator::~SignatureCreator() { + EVP_MD_CTX_destroy(sign_context_); +} + // static -SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key, - HashAlgorithm hash_alg) { +std::unique_ptr SignatureCreator::Create( + RSAPrivateKey* key, + HashAlgorithm hash_alg) { OpenSSLErrStackTracer err_tracer(FROM_HERE); std::unique_ptr result(new SignatureCreator); const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); DCHECK(digest); if (!digest) { - return NULL; + return nullptr; } - if (!EVP_DigestSignInit(result->sign_context_, NULL, digest, NULL, + if (!EVP_DigestSignInit(result->sign_context_, nullptr, digest, nullptr, key->key())) { - return NULL; + return nullptr; } - return result.release(); + return result; } // static @@ -80,14 +83,6 @@ bool SignatureCreator::Sign(RSAPrivateKey* key, return true; } -SignatureCreator::SignatureCreator() - : sign_context_(EVP_MD_CTX_create()) { -} - -SignatureCreator::~SignatureCreator() { - EVP_MD_CTX_destroy(sign_context_); -} - bool SignatureCreator::Update(const uint8_t* data_part, int data_part_len) { OpenSSLErrStackTracer err_tracer(FROM_HERE); return !!EVP_DigestSignUpdate(sign_context_, data_part, data_part_len); @@ -98,7 +93,7 @@ bool SignatureCreator::Final(std::vector* signature) { // Determine the maximum length of the signature. size_t len = 0; - if (!EVP_DigestSignFinal(sign_context_, NULL, &len)) { + if (!EVP_DigestSignFinal(sign_context_, nullptr, &len)) { signature->clear(); return false; } @@ -113,4 +108,6 @@ bool SignatureCreator::Final(std::vector* signature) { return true; } +SignatureCreator::SignatureCreator() : sign_context_(EVP_MD_CTX_create()) {} + } // namespace crypto diff --git a/crypto/signature_creator.h b/crypto/signature_creator.h index 98329b883a75c4a7046ede6ea436a4741bd9375c..674bd4cccb241253629856ee238d7723220844fd 100644 --- a/crypto/signature_creator.h +++ b/crypto/signature_creator.h @@ -7,6 +7,7 @@ #include +#include #include #include "base/macros.h" @@ -35,8 +36,8 @@ class CRYPTO_EXPORT SignatureCreator { // Create an instance. The caller must ensure that the provided PrivateKey // instance outlives the created SignatureCreator. Uses the HashAlgorithm // specified. - static SignatureCreator* Create(RSAPrivateKey* key, HashAlgorithm hash_alg); - + static std::unique_ptr Create(RSAPrivateKey* key, + HashAlgorithm hash_alg); // Signs the precomputed |hash_alg| digest |data| using private |key| as // specified in PKCS #1 v1.5. diff --git a/crypto/signature_verifier.cc b/crypto/signature_verifier.cc index f4a3d4f0f19845299f676dde7c8913dd4b2eb538..236b64c594d14de25342cfbb41d36866f1da2298 100644 --- a/crypto/signature_verifier.cc +++ b/crypto/signature_verifier.cc @@ -27,7 +27,7 @@ const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) { case SignatureVerifier::SHA256: return EVP_sha256(); } - return NULL; + return nullptr; } } // namespace @@ -36,9 +36,7 @@ struct SignatureVerifier::VerifyContext { ScopedEVP_MD_CTX ctx; }; -SignatureVerifier::SignatureVerifier() - : verify_context_(NULL) { -} +SignatureVerifier::SignatureVerifier() : verify_context_(nullptr) {} SignatureVerifier::~SignatureVerifier() { Reset(); @@ -153,7 +151,7 @@ bool SignatureVerifier::CommonInit(int pkey_type, void SignatureVerifier::Reset() { delete verify_context_; - verify_context_ = NULL; + verify_context_ = nullptr; signature_.clear(); } diff --git a/crypto/symmetric_key.cc b/crypto/symmetric_key.cc index 4da8bd8662f85490a9148c62fb7879044ffdbc05..e3ecf624bcd28fd4d19d464d4c691ff6ed76a3d4 100644 --- a/crypto/symmetric_key.cc +++ b/crypto/symmetric_key.cc @@ -10,7 +10,7 @@ #include #include -#include +#include #include "base/logging.h" #include "base/strings/string_util.h" @@ -23,21 +23,22 @@ SymmetricKey::~SymmetricKey() { } // static -SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, - size_t key_size_in_bits) { +std::unique_ptr SymmetricKey::GenerateRandomKey( + Algorithm algorithm, + size_t key_size_in_bits) { DCHECK_EQ(AES, algorithm); // Whitelist supported key sizes to avoid accidentaly relying on // algorithms available in NSS but not BoringSSL and vice // versa. Note that BoringSSL does not support AES-192. if (key_size_in_bits != 128 && key_size_in_bits != 256) - return NULL; + return nullptr; size_t key_size_in_bytes = key_size_in_bits / 8; DCHECK_EQ(key_size_in_bits, key_size_in_bytes * 8); if (key_size_in_bytes == 0) - return NULL; + return nullptr; OpenSSLErrStackTracer err_tracer(FROM_HERE); std::unique_ptr key(new SymmetricKey); @@ -45,15 +46,16 @@ SymmetricKey* SymmetricKey::GenerateRandomKey(Algorithm algorithm, base::WriteInto(&key->key_, key_size_in_bytes + 1)); int rv = RAND_bytes(key_data, static_cast(key_size_in_bytes)); - return rv == 1 ? key.release() : NULL; + return rv == 1 ? std::move(key) : nullptr; } // static -SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm, - const std::string& password, - const std::string& salt, - size_t iterations, - size_t key_size_in_bits) { +std::unique_ptr SymmetricKey::DeriveKeyFromPassword( + Algorithm algorithm, + const std::string& password, + const std::string& salt, + size_t iterations, + size_t key_size_in_bits) { DCHECK(algorithm == AES || algorithm == HMAC_SHA1); if (algorithm == AES) { @@ -61,14 +63,14 @@ SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm, // algorithms available in NSS but not BoringSSL and vice // versa. Note that BoringSSL does not support AES-192. if (key_size_in_bits != 128 && key_size_in_bits != 256) - return NULL; + return nullptr; } size_t key_size_in_bytes = key_size_in_bits / 8; DCHECK_EQ(key_size_in_bits, key_size_in_bytes * 8); if (key_size_in_bytes == 0) - return NULL; + return nullptr; OpenSSLErrStackTracer err_tracer(FROM_HERE); std::unique_ptr key(new SymmetricKey); @@ -79,23 +81,23 @@ SymmetricKey* SymmetricKey::DeriveKeyFromPassword(Algorithm algorithm, reinterpret_cast(salt.data()), salt.length(), static_cast(iterations), key_size_in_bytes, key_data); - return rv == 1 ? key.release() : NULL; + return rv == 1 ? std::move(key) : nullptr; } // static -SymmetricKey* SymmetricKey::Import(Algorithm algorithm, - const std::string& raw_key) { +std::unique_ptr SymmetricKey::Import(Algorithm algorithm, + const std::string& raw_key) { if (algorithm == AES) { // Whitelist supported key sizes to avoid accidentaly relying on // algorithms available in NSS but not BoringSSL and vice // versa. Note that BoringSSL does not support AES-192. if (raw_key.size() != 128/8 && raw_key.size() != 256/8) - return NULL; + return nullptr; } std::unique_ptr key(new SymmetricKey); key->key_ = raw_key; - return key.release(); + return key; } bool SymmetricKey::GetRawKey(std::string* raw_key) { @@ -103,4 +105,6 @@ bool SymmetricKey::GetRawKey(std::string* raw_key) { return true; } +SymmetricKey::SymmetricKey() = default; + } // namespace crypto diff --git a/crypto/symmetric_key.h b/crypto/symmetric_key.h index 2b2e2ce304fbb3c8f066cbf586663766ec063852..7494634b5ef5ad25693d87e82323234d6d05b853 100644 --- a/crypto/symmetric_key.h +++ b/crypto/symmetric_key.h @@ -7,6 +7,7 @@ #include +#include #include #include "base/macros.h" @@ -31,25 +32,28 @@ class CRYPTO_EXPORT SymmetricKey { // Generates a random key suitable to be used with |algorithm| and of // |key_size_in_bits| bits. |key_size_in_bits| must be a multiple of 8. // The caller is responsible for deleting the returned SymmetricKey. - static SymmetricKey* GenerateRandomKey(Algorithm algorithm, - size_t key_size_in_bits); + static std::unique_ptr GenerateRandomKey( + Algorithm algorithm, + size_t key_size_in_bits); // Derives a key from the supplied password and salt using PBKDF2, suitable // for use with specified |algorithm|. Note |algorithm| is not the algorithm // used to derive the key from the password. |key_size_in_bits| must be a // multiple of 8. The caller is responsible for deleting the returned // SymmetricKey. - static SymmetricKey* DeriveKeyFromPassword(Algorithm algorithm, - const std::string& password, - const std::string& salt, - size_t iterations, - size_t key_size_in_bits); + static std::unique_ptr DeriveKeyFromPassword( + Algorithm algorithm, + const std::string& password, + const std::string& salt, + size_t iterations, + size_t key_size_in_bits); // Imports an array of key bytes in |raw_key|. This key may have been // generated by GenerateRandomKey or DeriveKeyFromPassword and exported with // GetRawKey, or via another compatible method. The key must be of suitable // size for use with |algorithm|. The caller owns the returned SymmetricKey. - static SymmetricKey* Import(Algorithm algorithm, const std::string& raw_key); + static std::unique_ptr Import(Algorithm algorithm, + const std::string& raw_key); const std::string& key() { return key_; } @@ -59,7 +63,8 @@ class CRYPTO_EXPORT SymmetricKey { bool GetRawKey(std::string* raw_key); private: - SymmetricKey() {} + SymmetricKey(); + std::string key_; DISALLOW_COPY_AND_ASSIGN(SymmetricKey); diff --git a/crypto/symmetric_key_unittest.cc b/crypto/symmetric_key_unittest.cc index 468759b0423c7680779f7b61e207f3ebb0f97fe2..d954761d75a561efe5203e697f0576b37da3df9c 100644 --- a/crypto/symmetric_key_unittest.cc +++ b/crypto/symmetric_key_unittest.cc @@ -14,7 +14,7 @@ TEST(SymmetricKeyTest, GenerateRandomKey) { std::unique_ptr key( crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); - ASSERT_TRUE(NULL != key.get()); + ASSERT_TRUE(key); std::string raw_key; EXPECT_TRUE(key->GetRawKey(&raw_key)); EXPECT_EQ(32U, raw_key.size()); @@ -23,7 +23,7 @@ TEST(SymmetricKeyTest, GenerateRandomKey) { // (Note: this has a one-in-10^77 chance of failure!) std::unique_ptr key2( crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); - ASSERT_TRUE(NULL != key2.get()); + ASSERT_TRUE(key2); std::string raw_key2; EXPECT_TRUE(key2->GetRawKey(&raw_key2)); EXPECT_EQ(32U, raw_key2.size()); @@ -33,13 +33,13 @@ TEST(SymmetricKeyTest, GenerateRandomKey) { TEST(SymmetricKeyTest, ImportGeneratedKey) { std::unique_ptr key1( crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 256)); - ASSERT_TRUE(NULL != key1.get()); + ASSERT_TRUE(key1); std::string raw_key1; EXPECT_TRUE(key1->GetRawKey(&raw_key1)); std::unique_ptr key2( crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, raw_key1)); - ASSERT_TRUE(NULL != key2.get()); + ASSERT_TRUE(key2); std::string raw_key2; EXPECT_TRUE(key2->GetRawKey(&raw_key2)); @@ -51,13 +51,13 @@ TEST(SymmetricKeyTest, ImportDerivedKey) { std::unique_ptr key1( crypto::SymmetricKey::DeriveKeyFromPassword( crypto::SymmetricKey::HMAC_SHA1, "password", "somesalt", 1024, 160)); - ASSERT_TRUE(NULL != key1.get()); + ASSERT_TRUE(key1); std::string raw_key1; EXPECT_TRUE(key1->GetRawKey(&raw_key1)); std::unique_ptr key2( crypto::SymmetricKey::Import(crypto::SymmetricKey::HMAC_SHA1, raw_key1)); - ASSERT_TRUE(NULL != key2.get()); + ASSERT_TRUE(key2); std::string raw_key2; EXPECT_TRUE(key2->GetRawKey(&raw_key2)); @@ -84,7 +84,7 @@ TEST_P(SymmetricKeyDeriveKeyFromPasswordTest, DeriveKeyFromPassword) { crypto::SymmetricKey::DeriveKeyFromPassword( test_data.algorithm, test_data.password, test_data.salt, test_data.rounds, test_data.key_size_in_bits)); - ASSERT_TRUE(NULL != key.get()); + ASSERT_TRUE(key); std::string raw_key; key->GetRawKey(&raw_key); diff --git a/crypto/wincrypt_shim.h b/crypto/wincrypt_shim.h index 799ac49feeb55dcb1363b1614b93ac37dd9e3da0..48d4b5c5fabd9fef74b8dd3d4fc6be22f8ba06ca 100644 --- a/crypto/wincrypt_shim.h +++ b/crypto/wincrypt_shim.h @@ -22,4 +22,4 @@ #define WINCRYPT_X509_EXTENSIONS ((LPCSTR) 5) #define WINCRYPT_X509_NAME ((LPCSTR) 7) -#endif // NET_CRYPTO_WINCRYPT_SHIM_H_ \ No newline at end of file +#endif // NET_CRYPTO_WINCRYPT_SHIM_H_ diff --git a/extensions/browser/content_verify_job.cc b/extensions/browser/content_verify_job.cc index 80dfcf0d240c046ed76bcb5ecf08a74fe8cd4d9b..e10f8637420d8fc6d0bb79b5f22f39d92ccb927d 100644 --- a/extensions/browser/content_verify_job.cc +++ b/extensions/browser/content_verify_job.cc @@ -96,10 +96,9 @@ void ContentVerifyJob::BytesRead(int count, const char* data) { if (current_block_ >= hash_reader_->block_count()) return DispatchFailureCallback(HASH_MISMATCH); - if (!current_hash_.get()) { + if (!current_hash_) { current_hash_byte_count_ = 0; - current_hash_.reset( - crypto::SecureHash::Create(crypto::SecureHash::SHA256)); + current_hash_ = crypto::SecureHash::Create(crypto::SecureHash::SHA256); } // Compute how many bytes we should hash, and add them to the current hash. int bytes_to_hash = diff --git a/media/cast/common/transport_encryption_handler.cc b/media/cast/common/transport_encryption_handler.cc index 41d2b357653dc753af862deeb830cf8032c25a59..bcf2cf5c3331a82b6158df792bcc20936527ea7f 100644 --- a/media/cast/common/transport_encryption_handler.cc +++ b/media/cast/common/transport_encryption_handler.cc @@ -51,8 +51,7 @@ bool TransportEncryptionHandler::Initialize(const std::string& aes_key, is_activated_ = false; if (aes_iv_mask.size() == kAesKeySize && aes_key.size() == kAesKeySize) { iv_mask_ = aes_iv_mask; - key_.reset( - crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, aes_key)); + key_ = crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, aes_key); encryptor_.reset(new crypto::Encryptor()); encryptor_->Init(key_.get(), crypto::Encryptor::CTR, std::string()); is_activated_ = true; diff --git a/media/cdm/aes_decryptor.cc b/media/cdm/aes_decryptor.cc index bb5baa48c93c48efa9a5f02b4e7717d3121676a9..af7182f1097ab3fdbaeebe8180c97bb95d690802 100644 --- a/media/cdm/aes_decryptor.cc +++ b/media/cdm/aes_decryptor.cc @@ -481,9 +481,8 @@ void AesDecryptor::Decrypt(StreamType stream_type, return; } - crypto::SymmetricKey* decryption_key = key->decryption_key(); - decrypted = DecryptData(*encrypted.get(), decryption_key); - if (!decrypted.get()) { + decrypted = DecryptData(*encrypted.get(), key->decryption_key()); + if (!decrypted) { DVLOG(1) << "Decryption failed."; decrypt_cb.Run(kError, NULL); return; @@ -607,8 +606,8 @@ AesDecryptor::DecryptionKey::~DecryptionKey() {} bool AesDecryptor::DecryptionKey::Init() { CHECK(!secret_.empty()); - decryption_key_.reset(crypto::SymmetricKey::Import( - crypto::SymmetricKey::AES, secret_)); + decryption_key_ = + crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, secret_); if (!decryption_key_) return false; return true; diff --git a/net/extras/sqlite/sqlite_channel_id_store_unittest.cc b/net/extras/sqlite/sqlite_channel_id_store_unittest.cc index f3c5f9bf8c2cd5cfb5eaa5bc0106673c0982ad33..98c2d96c1d5bf0d8398baeeebdf3ebdc377a4074 100644 --- a/net/extras/sqlite/sqlite_channel_id_store_unittest.cc +++ b/net/extras/sqlite/sqlite_channel_id_store_unittest.cc @@ -10,7 +10,6 @@ #include "base/bind.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" -#include "base/memory/ptr_util.h" #include "base/memory/ref_counted.h" #include "base/run_loop.h" #include "base/threading/thread_task_runner_handle.h" @@ -66,8 +65,8 @@ class SQLiteChannelIDStoreTest : public testing::Test { ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(*cert_data, &spki)); std::vector public_key(spki.size()); memcpy(public_key.data(), spki.data(), spki.size()); - key->reset(crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( - ChannelIDService::kEPKIPassword, private_key, public_key)); + *key = crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( + ChannelIDService::kEPKIPassword, private_key, public_key); } static base::Time GetTestCertExpirationTime() { @@ -111,10 +110,9 @@ class SQLiteChannelIDStoreTest : public testing::Test { Load(&channel_ids); ASSERT_EQ(0u, channel_ids.size()); // Make sure the store gets written at least once. - google_key_.reset(crypto::ECPrivateKey::Create()); + google_key_ = crypto::ECPrivateKey::Create(); store_->AddChannelID(DefaultChannelIDStore::ChannelID( - "google.com", base::Time::FromInternalValue(1), - base::WrapUnique(google_key_->Copy()))); + "google.com", base::Time::FromInternalValue(1), google_key_->Copy())); } base::ScopedTempDir temp_dir_; @@ -127,8 +125,7 @@ class SQLiteChannelIDStoreTest : public testing::Test { TEST_F(SQLiteChannelIDStoreTest, TestPersistence) { std::unique_ptr foo_key(crypto::ECPrivateKey::Create()); store_->AddChannelID(DefaultChannelIDStore::ChannelID( - "foo.com", base::Time::FromInternalValue(3), - base::WrapUnique(foo_key->Copy()))); + "foo.com", base::Time::FromInternalValue(3), foo_key->Copy())); std::vector> channel_ids; // Replace the store effectively destroying the current one and forcing it @@ -184,7 +181,7 @@ TEST_F(SQLiteChannelIDStoreTest, TestPersistence) { TEST_F(SQLiteChannelIDStoreTest, TestDeleteAll) { store_->AddChannelID(DefaultChannelIDStore::ChannelID( "foo.com", base::Time::FromInternalValue(3), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + crypto::ECPrivateKey::Create())); std::vector> channel_ids; // Replace the store effectively destroying the current one and forcing it diff --git a/net/spdy/spdy_test_util_common.cc b/net/spdy/spdy_test_util_common.cc index af8fa353c1fdefcb3cfc88b6e5c102c7985eb97b..ca5592c9f5f9e9ff068012b1c6f1a00c77035a29 100644 --- a/net/spdy/spdy_test_util_common.cc +++ b/net/spdy/spdy_test_util_common.cc @@ -7,7 +7,6 @@ #include #include -#include #include #include "base/compiler_specific.h" @@ -324,12 +323,12 @@ MockECSignatureCreatorFactory::MockECSignatureCreatorFactory() { } MockECSignatureCreatorFactory::~MockECSignatureCreatorFactory() { - crypto::ECSignatureCreator::SetFactoryForTesting(NULL); + crypto::ECSignatureCreator::SetFactoryForTesting(nullptr); } -crypto::ECSignatureCreator* MockECSignatureCreatorFactory::Create( - crypto::ECPrivateKey* key) { - return new MockECSignatureCreator(key); +std::unique_ptr +MockECSignatureCreatorFactory::Create(crypto::ECPrivateKey* key) { + return base::MakeUnique(key); } SpdySessionDependencies::SpdySessionDependencies(NextProto protocol) diff --git a/net/spdy/spdy_test_util_common.h b/net/spdy/spdy_test_util_common.h index 110feb828afc6f4aa7624a5f5d41c1663835aff2..622d7ddc44abf7ac0bf0f4f739644af501d9b55e 100644 --- a/net/spdy/spdy_test_util_common.h +++ b/net/spdy/spdy_test_util_common.h @@ -164,7 +164,8 @@ class MockECSignatureCreatorFactory : public crypto::ECSignatureCreatorFactory { ~MockECSignatureCreatorFactory() override; // crypto::ECSignatureCreatorFactory - crypto::ECSignatureCreator* Create(crypto::ECPrivateKey* key) override; + std::unique_ptr Create( + crypto::ECPrivateKey* key) override; private: DISALLOW_COPY_AND_ASSIGN(MockECSignatureCreatorFactory); diff --git a/net/ssl/channel_id_service.cc b/net/ssl/channel_id_service.cc index 8c0ace195efa37a2377de4c146027c9acae59700..500a7400a4fc9318bfaa65255b4da276b4c635fa 100644 --- a/net/ssl/channel_id_service.cc +++ b/net/ssl/channel_id_service.cc @@ -192,7 +192,7 @@ class ChannelIDServiceJob { i != requests.end(); i++) { std::unique_ptr key_copy; if (key) - key_copy.reset(key->Copy()); + key_copy = key->Copy(); (*i)->Post(error, std::move(key_copy)); } } @@ -439,7 +439,7 @@ void ChannelIDService::GeneratedChannelID( std::unique_ptr key; if (error == OK) { - key.reset(channel_id->key()->Copy()); + key = channel_id->key()->Copy(); channel_id_store_->SetChannelID(std::move(channel_id)); } HandleResult(error, server_identifier, std::move(key)); diff --git a/net/ssl/channel_id_service_unittest.cc b/net/ssl/channel_id_service_unittest.cc index ce69ac14c288653b28c735bf83b9d8fc81f6b12a..c1833fa2f4ff0382be43947c0de1a2724444b4ee 100644 --- a/net/ssl/channel_id_service_unittest.cc +++ b/net/ssl/channel_id_service_unittest.cc @@ -11,7 +11,6 @@ #include "base/bind.h" #include "base/location.h" #include "base/macros.h" -#include "base/memory/ptr_util.h" #include "base/run_loop.h" #include "base/single_thread_task_runner.h" #include "base/strings/string_number_conversions.h" @@ -100,9 +99,8 @@ void MockChannelIDStoreWithAsyncGet::CallGetChannelIDCallbackWithResult( if (err == OK) channel_id_count_ = 1; base::ThreadTaskRunnerHandle::Get()->PostTask( - FROM_HERE, - base::Bind(callback_, err, server_identifier_, - base::Passed(base::WrapUnique(key ? key->Copy() : nullptr)))); + FROM_HERE, base::Bind(callback_, err, server_identifier_, + base::Passed(key ? key->Copy() : nullptr))); } class ChannelIDServiceTest : public testing::Test { diff --git a/net/ssl/channel_id_store.cc b/net/ssl/channel_id_store.cc index 1d0078b968f38f7977423d8186d824618c1675b1..9545585e87c3dc20fca31e810d02b2a044bbebe2 100644 --- a/net/ssl/channel_id_store.cc +++ b/net/ssl/channel_id_store.cc @@ -33,7 +33,7 @@ ChannelIDStore::ChannelID& ChannelIDStore::ChannelID::operator=( server_identifier_ = other.server_identifier_; creation_time_ = other.creation_time_; if (other.key_) - key_.reset(other.key_->Copy()); + key_ = other.key_->Copy(); return *this; } diff --git a/net/ssl/default_channel_id_store.cc b/net/ssl/default_channel_id_store.cc index ebac855e3600f64b6987565b81cc321b0f5d574c..d8d5d793d0bd15d75537cc994a1b1adde1c08527 100644 --- a/net/ssl/default_channel_id_store.cc +++ b/net/ssl/default_channel_id_store.cc @@ -242,7 +242,7 @@ int DefaultChannelIDStore::GetChannelID( return ERR_FILE_NOT_FOUND; ChannelID* channel_id = it->second; - key_result->reset(channel_id->key()->Copy()); + *key_result = channel_id->key()->Copy(); return OK; } @@ -290,7 +290,7 @@ void DefaultChannelIDStore::SetForceKeepSessionState() { DCHECK(CalledOnValidThread()); InitIfNecessary(); - if (store_.get()) + if (store_) store_->SetForceKeepSessionState(); } @@ -310,7 +310,7 @@ void DefaultChannelIDStore::DeleteAllInMemory() { void DefaultChannelIDStore::InitStore() { DCHECK(CalledOnValidThread()); - DCHECK(store_.get()) << "Store must exist to initialize"; + DCHECK(store_) << "Store must exist to initialize"; DCHECK(!loaded_); store_->Load(base::Bind(&DefaultChannelIDStore::OnLoaded, @@ -381,7 +381,7 @@ void DefaultChannelIDStore::SyncDeleteForDomainsCreatedBetween( channel_id->creation_time() >= delete_begin) && (delete_end.is_null() || channel_id->creation_time() < delete_end) && domain_predicate.Run(channel_id->server_identifier())) { - if (store_.get()) + if (store_) store_->DeleteChannelID(*channel_id); delete channel_id; channel_ids_.erase(cur); @@ -428,7 +428,7 @@ void DefaultChannelIDStore::InternalDeleteChannelID( return; // There is nothing to delete. ChannelID* channel_id = it->second; - if (store_.get()) + if (store_) store_->DeleteChannelID(*channel_id); channel_ids_.erase(it); delete channel_id; @@ -439,14 +439,14 @@ void DefaultChannelIDStore::InternalInsertChannelID( DCHECK(CalledOnValidThread()); DCHECK(loaded_); - if (store_.get()) - store_->AddChannelID(*(channel_id.get())); + if (store_) + store_->AddChannelID(*channel_id); const std::string& server_identifier = channel_id->server_identifier(); channel_ids_[server_identifier] = channel_id.release(); } bool DefaultChannelIDStore::IsEphemeral() { - return store_.get() == nullptr; + return !store_; } DefaultChannelIDStore::PersistentStore::PersistentStore() {} diff --git a/net/ssl/default_channel_id_store_unittest.cc b/net/ssl/default_channel_id_store_unittest.cc index b1b96e4106a60ed33f71884da2821ec7fc5bf408..9a74ee9fadb0e074a8f1ea8068dfef99c16cb1b5 100644 --- a/net/ssl/default_channel_id_store_unittest.cc +++ b/net/ssl/default_channel_id_store_unittest.cc @@ -132,25 +132,21 @@ TEST(DefaultChannelIDStoreTest, TestLoading) { scoped_refptr persistent_store(new MockPersistentStore); persistent_store->AddChannelID(DefaultChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + "google.com", base::Time(), crypto::ECPrivateKey::Create())); persistent_store->AddChannelID(DefaultChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create())); // Make sure channel_ids load properly. DefaultChannelIDStore store(persistent_store.get()); // Load has not occurred yet. EXPECT_EQ(0, store.GetChannelIDCount()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set task. base::RunLoop().RunUntilIdle(); EXPECT_EQ(2, store.GetChannelIDCount()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "twitter.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "twitter.com", base::Time(), crypto::ECPrivateKey::Create()))); // Set should be synchronous now that load is done. EXPECT_EQ(3, store.GetChannelIDCount()); } @@ -170,7 +166,7 @@ TEST(DefaultChannelIDStoreTest, TestSettingAndGetting) { EXPECT_FALSE(key); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( "verisign.com", base::Time::FromInternalValue(123), - base::WrapUnique(expected_key->Copy())))); + expected_key->Copy()))); EXPECT_EQ(OK, store.GetChannelID("verisign.com", &key, base::Bind(&GetChannelIDCallbackNotCalled))); EXPECT_TRUE(KeysEqual(expected_key.get(), key.get())); @@ -186,10 +182,10 @@ TEST(DefaultChannelIDStoreTest, TestDuplicateChannelIds) { EXPECT_EQ(0, store.GetChannelIDCount()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( "verisign.com", base::Time::FromInternalValue(123), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( "verisign.com", base::Time::FromInternalValue(456), - base::WrapUnique(expected_key->Copy())))); + expected_key->Copy()))); // Wait for load & queued set tasks. base::RunLoop().RunUntilIdle(); @@ -205,7 +201,7 @@ TEST(DefaultChannelIDStoreTest, TestAsyncGet) { crypto::ECPrivateKey::Create()); persistent_store->AddChannelID(ChannelIDStore::ChannelID( "verisign.com", base::Time::FromInternalValue(123), - base::WrapUnique(expected_key->Copy()))); + expected_key->Copy())); DefaultChannelIDStore store(persistent_store.get()); AsyncGetChannelIDHelper helper; @@ -231,14 +227,11 @@ TEST(DefaultChannelIDStoreTest, TestDeleteAll) { DefaultChannelIDStore store(persistent_store.get()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "google.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "harvard.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "harvard.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set tasks. base::RunLoop().RunUntilIdle(); @@ -254,14 +247,11 @@ TEST(DefaultChannelIDStoreTest, TestDeleteForDomains) { DefaultChannelIDStore store(persistent_store.get()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "google.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "harvard.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "harvard.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set tasks. base::RunLoop().RunUntilIdle(); EXPECT_EQ(3, store.GetChannelIDCount()); @@ -293,11 +283,9 @@ TEST(DefaultChannelIDStoreTest, TestDeleteForDomains) { TEST(DefaultChannelIDStoreTest, TestAsyncGetAndDeleteAll) { scoped_refptr persistent_store(new MockPersistentStore); persistent_store->AddChannelID(ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create())); persistent_store->AddChannelID(ChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + "google.com", base::Time(), crypto::ECPrivateKey::Create())); ChannelIDStore::ChannelIDList pre_channel_ids; ChannelIDStore::ChannelIDList post_channel_ids; @@ -323,14 +311,12 @@ TEST(DefaultChannelIDStoreTest, TestDelete) { std::unique_ptr key; EXPECT_EQ(0, store.GetChannelIDCount()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set task. base::RunLoop().RunUntilIdle(); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "google.com", base::Time(), crypto::ECPrivateKey::Create()))); EXPECT_EQ(2, store.GetChannelIDCount()); int delete_finished = 0; @@ -357,12 +343,11 @@ TEST(DefaultChannelIDStoreTest, TestAsyncDelete) { scoped_refptr persistent_store(new MockPersistentStore); std::unique_ptr expected_key( crypto::ECPrivateKey::Create()); - persistent_store->AddChannelID(ChannelIDStore::ChannelID( - "a.com", base::Time::FromInternalValue(1), - base::WrapUnique(crypto::ECPrivateKey::Create()))); persistent_store->AddChannelID( - ChannelIDStore::ChannelID("b.com", base::Time::FromInternalValue(3), - base::WrapUnique(expected_key->Copy()))); + ChannelIDStore::ChannelID("a.com", base::Time::FromInternalValue(1), + crypto::ECPrivateKey::Create())); + persistent_store->AddChannelID(ChannelIDStore::ChannelID( + "b.com", base::Time::FromInternalValue(3), expected_key->Copy())); DefaultChannelIDStore store(persistent_store.get()); int delete_finished = 0; store.DeleteChannelID("a.com", @@ -405,17 +390,13 @@ TEST(DefaultChannelIDStoreTest, TestGetAll) { EXPECT_EQ(0, store.GetChannelIDCount()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "verisign.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "verisign.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "google.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "google.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "harvard.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "harvard.com", base::Time(), crypto::ECPrivateKey::Create()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "mit.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "mit.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set tasks. base::RunLoop().RunUntilIdle(); @@ -436,11 +417,9 @@ TEST(DefaultChannelIDStoreTest, TestInitializeFrom) { crypto::ECPrivateKey::Create()); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "preexisting.com", base::Time(), - base::WrapUnique(preexisting_key->Copy())))); + "preexisting.com", base::Time(), preexisting_key->Copy()))); store.SetChannelID(base::WrapUnique(new ChannelIDStore::ChannelID( - "both.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create())))); + "both.com", base::Time(), crypto::ECPrivateKey::Create()))); // Wait for load & queued set tasks. base::RunLoop().RunUntilIdle(); EXPECT_EQ(2, store.GetChannelIDCount()); @@ -449,9 +428,9 @@ TEST(DefaultChannelIDStoreTest, TestInitializeFrom) { source_channel_ids.push_back(ChannelIDStore::ChannelID( "both.com", base::Time(), // Key differs from above to test that existing entries are overwritten. - base::WrapUnique(both_key->Copy()))); + both_key->Copy())); source_channel_ids.push_back(ChannelIDStore::ChannelID( - "copied.com", base::Time(), base::WrapUnique(copied_key->Copy()))); + "copied.com", base::Time(), copied_key->Copy())); store.InitializeFrom(source_channel_ids); EXPECT_EQ(3, store.GetChannelIDCount()); @@ -481,21 +460,19 @@ TEST(DefaultChannelIDStoreTest, TestAsyncInitializeFrom) { std::unique_ptr copied_key( crypto::ECPrivateKey::Create()); - persistent_store->AddChannelID( - ChannelIDStore::ChannelID("preexisting.com", base::Time(), - base::WrapUnique(preexisting_key->Copy()))); persistent_store->AddChannelID(ChannelIDStore::ChannelID( - "both.com", base::Time(), - base::WrapUnique(crypto::ECPrivateKey::Create()))); + "preexisting.com", base::Time(), preexisting_key->Copy())); + persistent_store->AddChannelID(ChannelIDStore::ChannelID( + "both.com", base::Time(), crypto::ECPrivateKey::Create())); DefaultChannelIDStore store(persistent_store.get()); ChannelIDStore::ChannelIDList source_channel_ids; source_channel_ids.push_back(ChannelIDStore::ChannelID( "both.com", base::Time(), // Key differs from above to test that existing entries are overwritten. - base::WrapUnique(both_key->Copy()))); + both_key->Copy())); source_channel_ids.push_back(ChannelIDStore::ChannelID( - "copied.com", base::Time(), base::WrapUnique(copied_key->Copy()))); + "copied.com", base::Time(), copied_key->Copy())); store.InitializeFrom(source_channel_ids); EXPECT_EQ(0, store.GetChannelIDCount()); // Wait for load & queued tasks. diff --git a/sync/util/nigori.cc b/sync/util/nigori.cc index 2bd5b702dfbc5043163326568bf5c68468c2f8f6..78ed2876e6537b0d08c8ae797fd2a497d7d370e8 100644 --- a/sync/util/nigori.cc +++ b/sync/util/nigori.cc @@ -77,45 +77,46 @@ bool Nigori::InitByDerivation(const std::string& hostname, std::unique_ptr user_salt(SymmetricKey::DeriveKeyFromPassword( SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations, kSaltKeySizeInBits)); - DCHECK(user_salt.get()); + DCHECK(user_salt); std::string raw_user_salt; if (!user_salt->GetRawKey(&raw_user_salt)) return false; // Kuser = PBKDF2(P, Suser, Nuser, 16) - user_key_.reset(SymmetricKey::DeriveKeyFromPassword(SymmetricKey::AES, - password, raw_user_salt, kUserIterations, kDerivedKeySizeInBits)); - DCHECK(user_key_.get()); + user_key_ = SymmetricKey::DeriveKeyFromPassword( + SymmetricKey::AES, password, raw_user_salt, kUserIterations, + kDerivedKeySizeInBits); + DCHECK(user_key_); // Kenc = PBKDF2(P, Suser, Nenc, 16) - encryption_key_.reset(SymmetricKey::DeriveKeyFromPassword(SymmetricKey::AES, - password, raw_user_salt, kEncryptionIterations, kDerivedKeySizeInBits)); - DCHECK(encryption_key_.get()); + encryption_key_ = SymmetricKey::DeriveKeyFromPassword( + SymmetricKey::AES, password, raw_user_salt, kEncryptionIterations, + kDerivedKeySizeInBits); + DCHECK(encryption_key_); // Kmac = PBKDF2(P, Suser, Nmac, 16) - mac_key_.reset(SymmetricKey::DeriveKeyFromPassword( + mac_key_ = SymmetricKey::DeriveKeyFromPassword( SymmetricKey::HMAC_SHA1, password, raw_user_salt, kSigningIterations, - kDerivedKeySizeInBits)); - DCHECK(mac_key_.get()); + kDerivedKeySizeInBits); + DCHECK(mac_key_); - return user_key_.get() && encryption_key_.get() && mac_key_.get(); + return user_key_ && encryption_key_ && mac_key_; } bool Nigori::InitByImport(const std::string& user_key, const std::string& encryption_key, const std::string& mac_key) { - user_key_.reset(SymmetricKey::Import(SymmetricKey::AES, user_key)); - DCHECK(user_key_.get()); + user_key_ = SymmetricKey::Import(SymmetricKey::AES, user_key); + DCHECK(user_key_); - encryption_key_.reset(SymmetricKey::Import(SymmetricKey::AES, - encryption_key)); - DCHECK(encryption_key_.get()); + encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key); + DCHECK(encryption_key_); - mac_key_.reset(SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key)); - DCHECK(mac_key_.get()); + mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key); + DCHECK(mac_key_); - return user_key_.get() && encryption_key_.get() && mac_key_.get(); + return user_key_ && encryption_key_ && mac_key_; } // Permute[Kenc,Kmac](type || name)