crypto/openssl_util.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CRYPTO_OPENSSL_UTIL_H_
   6 #define CRYPTO_OPENSSL_UTIL_H_
   7
   8 #include "base/basictypes.h"
   9 #include "base/location.h"
  10 #include "crypto/crypto_export.h"
  11
  12 namespace crypto {
  13
  14 // Provides a buffer of at least MIN_SIZE bytes, for use when calling OpenSSL's
  15 // SHA256, HMAC, etc functions, adapting the buffer sizing rules to meet those
  16 // of the our base wrapper APIs.
  17 // This allows the library to write directly to the caller's buffer if it is of
  18 // sufficient size, but if not it will write to temporary |min_sized_buffer_|
  19 // of required size and then its content is automatically copied out on
  20 // destruction, with truncation as appropriate.
  21 template<int MIN_SIZE>
  22 class ScopedOpenSSLSafeSizeBuffer {
  23  public:
  24   ScopedOpenSSLSafeSizeBuffer(unsigned char* output, size_t output_len)
  25       : output_(output),
  26         output_len_(output_len) {
  27   }
  28
  29   ~ScopedOpenSSLSafeSizeBuffer() {
  30     if (output_len_ < MIN_SIZE) {
  31       // Copy the temporary buffer out, truncating as needed.
  32       memcpy(output_, min_sized_buffer_, output_len_);
  33     }
  34     // else... any writing already happened directly into |output_|.
  35   }
  36
  37   unsigned char* safe_buffer() {
  38     return output_len_ < MIN_SIZE ? min_sized_buffer_ : output_;
  39   }
  40
  41  private:
  42   // Pointer to the caller's data area and its associated size, where data
  43   // written via safe_buffer() will [eventually] end up.
  44   unsigned char* output_;
  45   size_t output_len_;
  46
  47   // Temporary buffer writen into in the case where the caller's
  48   // buffer is not of sufficient size.
  49   unsigned char min_sized_buffer_[MIN_SIZE];
  50
  51   DISALLOW_COPY_AND_ASSIGN(ScopedOpenSSLSafeSizeBuffer);
  52 };
  53
  54 // Initialize OpenSSL if it isn't already initialized. This must be called
  55 // before any other OpenSSL functions though it is safe and cheap to call this
  56 // multiple times.
  57 // This function is thread-safe, and OpenSSL will only ever be initialized once.
  58 // OpenSSL will be properly shut down on program exit.
  59 void CRYPTO_EXPORT EnsureOpenSSLInit();
  60
  61 // Drains the OpenSSL ERR_get_error stack. On a debug build the error codes
  62 // are send to VLOG(1), on a release build they are disregarded. In most
  63 // cases you should pass FROM_HERE as the |location|.
  64 void CRYPTO_EXPORT ClearOpenSSLERRStack(
  65     const tracked_objects::Location& location);
  66
  67 // Place an instance of this class on the call stack to automatically clear
  68 // the OpenSSL error stack on function exit.
  69 class OpenSSLErrStackTracer {
  70  public:
  71   // Pass FROM_HERE as |location|, to help track the source of OpenSSL error
  72   // messages. Note any diagnostic emitted will be tagged with the location of
  73   // the constructor call as it's not possible to trace a destructor's callsite.
  74   explicit OpenSSLErrStackTracer(const tracked_objects::Location& location)
  75       : location_(location) {
  76     EnsureOpenSSLInit();
  77   }
  78   ~OpenSSLErrStackTracer() {
  79     ClearOpenSSLERRStack(location_);
  80   }
  81
  82  private:
  83   const tracked_objects::Location location_;
  84
  85   DISALLOW_IMPLICIT_CONSTRUCTORS(OpenSSLErrStackTracer);
  86 };
  87
  88 }  // namespace crypto
  89
  90 #endif  // CRYPTO_OPENSSL_UTIL_H_