1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CRYPTO_OPENSSL_UTIL_H_
6 #define CRYPTO_OPENSSL_UTIL_H_
11 #include "base/location.h"
12 #include "base/memory/raw_ptr.h"
13 #include "crypto/crypto_export.h"
17 // Provides a buffer of at least MIN_SIZE bytes, for use when calling OpenSSL's
18 // SHA256, HMAC, etc functions, adapting the buffer sizing rules to meet those
19 // of our base wrapper APIs.
20 // This allows the library to write directly to the caller's buffer if it is of
21 // sufficient size, but if not it will write to temporary |min_sized_buffer_|
22 // of required size and then its content is automatically copied out on
23 // destruction, with truncation as appropriate.
24 template<int MIN_SIZE>
25 class ScopedOpenSSLSafeSizeBuffer {
27 ScopedOpenSSLSafeSizeBuffer(unsigned char* output, size_t output_len)
29 output_len_(output_len) {
32 ScopedOpenSSLSafeSizeBuffer(const ScopedOpenSSLSafeSizeBuffer&) = delete;
33 ScopedOpenSSLSafeSizeBuffer& operator=(const ScopedOpenSSLSafeSizeBuffer&) =
36 ~ScopedOpenSSLSafeSizeBuffer() {
37 if (output_len_ < MIN_SIZE) {
38 // Copy the temporary buffer out, truncating as needed.
39 memcpy(output_, min_sized_buffer_, output_len_);
41 // else... any writing already happened directly into |output_|.
44 unsigned char* safe_buffer() {
45 return output_len_ < MIN_SIZE ? min_sized_buffer_ : output_.get();
49 // Pointer to the caller's data area and its associated size, where data
50 // written via safe_buffer() will [eventually] end up.
51 raw_ptr<unsigned char> output_;
54 // Temporary buffer writen into in the case where the caller's
55 // buffer is not of sufficient size.
56 unsigned char min_sized_buffer_[MIN_SIZE];
59 // Initialize OpenSSL if it isn't already initialized. This must be called
60 // before any other OpenSSL functions though it is safe and cheap to call this
62 // This function is thread-safe, and OpenSSL will only ever be initialized once.
63 // OpenSSL will be properly shut down on program exit.
64 CRYPTO_EXPORT void EnsureOpenSSLInit();
66 // Drains the OpenSSL ERR_get_error stack. On a debug build the error codes
67 // are send to VLOG(1), on a release build they are disregarded. In most
68 // cases you should pass FROM_HERE as the |location|.
69 CRYPTO_EXPORT void ClearOpenSSLERRStack(const base::Location& location);
71 // Place an instance of this class on the call stack to automatically clear
72 // the OpenSSL error stack on function exit.
73 class OpenSSLErrStackTracer {
75 OpenSSLErrStackTracer() = delete;
77 // Pass FROM_HERE as |location|, to help track the source of OpenSSL error
78 // messages. Note any diagnostic emitted will be tagged with the location of
79 // the constructor call as it's not possible to trace a destructor's callsite.
80 explicit OpenSSLErrStackTracer(const base::Location& location)
81 : location_(location) {
85 OpenSSLErrStackTracer(const OpenSSLErrStackTracer&) = delete;
86 OpenSSLErrStackTracer& operator=(const OpenSSLErrStackTracer&) = delete;
88 ~OpenSSLErrStackTracer() {
89 ClearOpenSSLERRStack(location_);
93 const base::Location location_;
98 #endif // CRYPTO_OPENSSL_UTIL_H_