Add CreateSHA256Hash() to fido_parsing_utils

As hashing function is used frequently in converting parsing device response, add CreateSHA256Hash() to fido_parsing_utils scope. Bug: 798573 Change-Id: Ifc6ed40db6aca682548a75068701f6c0af7cfdce Reviewed-on: https://chromium-review.googlesource.com/1024924 Commit-Queue: Jun Choi <hongjunchoi@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Cr-Commit-Position: refs/heads/master@{#553785}

Add CreateSHA256Hash() to fido_parsing_utils
As hashing function is used frequently in converting parsing device response, add CreateSHA256Hash() to fido_parsing_utils scope. Bug: 798573 Change-Id: Ifc6ed40db6aca682548a75068701f6c0af7cfdce Reviewed-on: https://chromium-review.googlesource.com/1024924 Commit-Queue: Jun Choi <hongjunchoi@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Cr-Commit-Position: refs/heads/master@{#553785}
2fc05b8e · Jun Choi · Commit Bot · c73b82c4 · 2fc05b8e · 2fc05b8e
Commit 2fc05b8e authored Apr 25, 2018 by Jun Choi Committed by Commit Bot Apr 25, 2018
8 changed files
--- a/device/fido/fido_parsing_utils.cc
+++ b/device/fido/fido_parsing_utils.cc
@@ -5,6 +5,7 @@
 #include "device/fido/fido_parsing_utils.h"
 #include "base/logging.h"
+#include "crypto/sha2.h"
 namespace device {
 namespace fido_parsing_utils {
@@ -79,5 +80,11 @@ std::vector<base::span<const uint8_t>> SplitSpan(base::span<const uint8_t> span,
  return chunks;
 }
+std::vector<uint8_t> CreateSHA256Hash(base::StringPiece data) {
+  std::vector<uint8_t> hashed_data(crypto::kSHA256Length);
+  crypto::SHA256HashString(data, hashed_data.data(), hashed_data.size());
+  return hashed_data;
+}
 }  // namespace fido_parsing_utils
 }  // namespace device
--- a/device/fido/fido_parsing_utils.h
+++ b/device/fido/fido_parsing_utils.h
@@ -7,6 +7,7 @@
 #include <stddef.h>
 #include <stdint.h>
 #include <algorithm>
 #include <array>
 #include <utility>
@@ -15,6 +16,7 @@
 #include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/optional.h"
+#include "base/strings/string_piece.h"
 namespace device {
 namespace fido_parsing_utils {
@@ -95,6 +97,9 @@ COMPONENT_EXPORT(DEVICE_FIDO)
 std::vector<base::span<const uint8_t>> SplitSpan(base::span<const uint8_t> span,
                                                 size_t max_chunk_size);
+COMPONENT_EXPORT(DEVICE_FIDO)
+std::vector<uint8_t> CreateSHA256Hash(base::StringPiece data);
 }  // namespace fido_parsing_utils
 }  // namespace device

--- a/device/fido/fido_parsing_utils_unittest.cc
+++ b/device/fido/fido_parsing_utils_unittest.cc
@@ -4,6 +4,7 @@
 #include "device/fido/fido_parsing_utils.h"
+#include "device/fido/fido_test_data.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -248,5 +249,10 @@ TEST(U2fParsingUtils, SplitSpan) {
      ::testing::ElementsAre(::testing::ElementsAreArray(kOneTwoThree)));
 }
+TEST(U2fParsingUtils, CreateSHA256Hash) {
+  EXPECT_THAT(CreateSHA256Hash("acme.com"),
+              ::testing::ElementsAreArray(test_data::kApplicationParameter));
+}
 }  // namespace fido_parsing_utils
 }  // namespace device
--- a/device/fido/response_data.cc
+++ b/device/fido/response_data.cc
@@ -8,7 +8,7 @@
 #include "base/base64url.h"
 #include "base/strings/string_piece.h"
-#include "crypto/sha2.h"
+#include "device/fido/fido_parsing_utils.h"
 namespace device {
@@ -33,11 +33,7 @@ std::string ResponseData::GetId() const {
 }
 bool ResponseData::CheckRpIdHash(const std::string& rp_id) const {
-  const auto& response_rp_id_hash = GetRpIdHash();
+  return GetRpIdHash() == fido_parsing_utils::CreateSHA256Hash(rp_id);
-  std::vector<uint8_t> request_rp_id_hash(crypto::kSHA256Length);
-  crypto::SHA256HashString(rp_id, request_rp_id_hash.data(),
-                           request_rp_id_hash.size());
-  return response_rp_id_hash == request_rp_id_hash;
 }
 }  // namespace device
--- a/device/fido/u2f_command_constructor.cc
+++ b/device/fido/u2f_command_constructor.cc
@@ -8,21 +8,10 @@
 #include <utility>
 #include "components/apdu/apdu_command.h"
-#include "crypto/sha2.h"
 #include "device/fido/fido_parsing_utils.h"
 namespace device {
-namespace {
-std::vector<uint8_t> CreateHash(const std::string& data) {
-  std::vector<uint8_t> hashed_data(crypto::kSHA256Length);
-  crypto::SHA256HashString(data, hashed_data.data(), hashed_data.size());
-  return hashed_data;
-}
-}  // namespace
 bool IsConvertibleToU2fRegisterCommand(
    const CtapMakeCredentialRequest& request) {
  if (request.user_verification_required() || request.resident_key_supported())
@@ -50,7 +39,8 @@ base::Optional<std::vector<uint8_t>> ConvertToU2fRegisterCommand(
  if (!IsConvertibleToU2fRegisterCommand(request))
    return base::nullopt;
-  return ConstructU2fRegisterCommand(CreateHash(request.rp().rp_id()),
+  return ConstructU2fRegisterCommand(
+      fido_parsing_utils::CreateSHA256Hash(request.rp().rp_id()),
      request.client_data_hash());
 }
@@ -64,7 +54,7 @@ base::Optional<std::vector<uint8_t>> ConvertToU2fSignCommand(
  auto application_parameter =
      application_parameter_type == ApplicationParameterType::kPrimary
-          ? CreateHash(request.rp_id())
+          ? fido_parsing_utils::CreateSHA256Hash(request.rp_id())
          : std::vector<uint8_t>();
  return ConstructU2fSignCommand(std::move(application_parameter),

--- a/device/fido/u2f_sign_unittest.cc
+++ b/device/fido/u2f_sign_unittest.cc
@@ -9,7 +9,6 @@
 #include "base/run_loop.h"
 #include "base/test/scoped_task_environment.h"
 #include "crypto/ec_private_key.h"
-#include "crypto/sha2.h"
 #include "device/fido/authenticator_data.h"
 #include "device/fido/authenticator_get_assertion_response.h"
 #include "device/fido/fake_fido_discovery.h"
@@ -154,9 +153,8 @@ TEST_F(U2fSignTest, TestSignSuccessWithFake) {
  auto private_key = crypto::ECPrivateKey::Create();
  std::string public_key;
  private_key->ExportRawPublicKey(&public_key);
-  std::vector<uint8_t> key_handle(32);
-  crypto::SHA256HashString(public_key, key_handle.data(), key_handle.size());
+  auto key_handle = fido_parsing_utils::CreateSHA256Hash(public_key);
  std::vector<std::vector<uint8_t>> handles{key_handle};
  auto request = CreateSignRequestWithKeys(handles);
  request->Start();

--- a/device/fido/virtual_fido_device.cc
+++ b/device/fido/virtual_fido_device.cc
@@ -9,7 +9,6 @@
 #include "crypto/ec_private_key.h"
 #include "crypto/ec_signature_creator.h"
-#include "crypto/sha2.h"
 #include "device/fido/fido_parsing_utils.h"
 namespace device {
@@ -63,10 +62,8 @@ VirtualFidoDevice::State::~State() = default;
 bool VirtualFidoDevice::State::InjectRegistration(
    const std::vector<uint8_t>& credential_id,
    const std::string& relying_party_id) {
-  std::vector<uint8_t> application_parameter(crypto::kSHA256Length);
+  auto application_parameter =
-  crypto::SHA256HashString(relying_party_id, application_parameter.data(),
+      fido_parsing_utils::CreateSHA256Hash(relying_party_id);
-                           application_parameter.size());
  auto private_key = crypto::ECPrivateKey::Create();
  if (!private_key)
    return false;

--- a/device/fido/virtual_u2f_device.cc
+++ b/device/fido/virtual_u2f_device.cc
@@ -18,7 +18,6 @@
 #include "components/apdu/apdu_command.h"
 #include "components/apdu/apdu_response.h"
 #include "crypto/ec_private_key.h"
-#include "crypto/sha2.h"
 #include "device/fido/fido_constants.h"
 #include "device/fido/fido_parsing_utils.h"
@@ -119,8 +118,7 @@ base::Optional<std::vector<uint8_t>> VirtualU2fDevice::DoRegister(
  DCHECK_EQ(public_key.size(), 65ul);
  // Our key handles are simple hashes of the public key.
-  std::vector<uint8_t> key_handle(32);
+  auto key_handle = fido_parsing_utils::CreateSHA256Hash(public_key);
-  crypto::SHA256HashString(public_key, key_handle.data(), key_handle.size());
  // Data to be signed.
  std::vector<uint8_t> sign_buffer;