1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CRYPTO_OPENSSL_UTIL_H_
6 #define CRYPTO_OPENSSL_UTIL_H_
7 
8 #include <stddef.h>
9 
10 #include "base/location.h"
11 #include "base/macros.h"
12 #include "crypto/crypto_export.h"
13 
14 namespace crypto {
15 
16 // Provides a buffer of at least MIN_SIZE bytes, for use when calling OpenSSL's
17 // SHA256, HMAC, etc functions, adapting the buffer sizing rules to meet those
18 // of our base wrapper APIs.
19 // This allows the library to write directly to the caller's buffer if it is of
20 // sufficient size, but if not it will write to temporary |min_sized_buffer_|
21 // of required size and then its content is automatically copied out on
22 // destruction, with truncation as appropriate.
23 template<int MIN_SIZE>
24 class ScopedOpenSSLSafeSizeBuffer {
25  public:
ScopedOpenSSLSafeSizeBuffer(unsigned char * output,size_t output_len)26   ScopedOpenSSLSafeSizeBuffer(unsigned char* output, size_t output_len)
27       : output_(output),
28         output_len_(output_len) {
29   }
30 
~ScopedOpenSSLSafeSizeBuffer()31   ~ScopedOpenSSLSafeSizeBuffer() {
32     if (output_len_ < MIN_SIZE) {
33       // Copy the temporary buffer out, truncating as needed.
34       memcpy(output_, min_sized_buffer_, output_len_);
35     }
36     // else... any writing already happened directly into |output_|.
37   }
38 
safe_buffer()39   unsigned char* safe_buffer() {
40     return output_len_ < MIN_SIZE ? min_sized_buffer_ : output_;
41   }
42 
43  private:
44   // Pointer to the caller's data area and its associated size, where data
45   // written via safe_buffer() will [eventually] end up.
46   unsigned char* output_;
47   size_t output_len_;
48 
49   // Temporary buffer writen into in the case where the caller's
50   // buffer is not of sufficient size.
51   unsigned char min_sized_buffer_[MIN_SIZE];
52 
53   DISALLOW_COPY_AND_ASSIGN(ScopedOpenSSLSafeSizeBuffer);
54 };
55 
56 // Initialize OpenSSL if it isn't already initialized. This must be called
57 // before any other OpenSSL functions though it is safe and cheap to call this
58 // multiple times.
59 // This function is thread-safe, and OpenSSL will only ever be initialized once.
60 // OpenSSL will be properly shut down on program exit.
61 CRYPTO_EXPORT void EnsureOpenSSLInit();
62 
63 // Drains the OpenSSL ERR_get_error stack. On a debug build the error codes
64 // are send to VLOG(1), on a release build they are disregarded. In most
65 // cases you should pass FROM_HERE as the |location|.
66 CRYPTO_EXPORT void ClearOpenSSLERRStack(const base::Location& location);
67 
68 // Place an instance of this class on the call stack to automatically clear
69 // the OpenSSL error stack on function exit.
70 class OpenSSLErrStackTracer {
71  public:
72   // Pass FROM_HERE as |location|, to help track the source of OpenSSL error
73   // messages. Note any diagnostic emitted will be tagged with the location of
74   // the constructor call as it's not possible to trace a destructor's callsite.
OpenSSLErrStackTracer(const base::Location & location)75   explicit OpenSSLErrStackTracer(const base::Location& location)
76       : location_(location) {
77     EnsureOpenSSLInit();
78   }
~OpenSSLErrStackTracer()79   ~OpenSSLErrStackTracer() {
80     ClearOpenSSLERRStack(location_);
81   }
82 
83  private:
84   const base::Location location_;
85 
86   DISALLOW_IMPLICIT_CONSTRUCTORS(OpenSSLErrStackTracer);
87 };
88 
89 }  // namespace crypto
90 
91 #endif  // CRYPTO_OPENSSL_UTIL_H_
92