Use size_t as the type of the key_length and digest_length arguments

of HMAC::Init() and HMAC::Sign().

R=agl@chromium.org,bradnelson@chromium.org,thakis@chromium.org
BUG=none
TEST=none

Review URL: https://chromiumcodereview.appspot.com/11419270

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170852 0039d316-1c4b-4281-b951-d872f2087c98

chrome/browser/internal_auth.cc

@@ -65,7 +65,7 @@ const char kItemSeparator = '\n';
 const char kVarValueSeparator = '=';
 
 const size_t kKeySizeInBytes = 128 / 8;
-const int kHMACSizeInBytes = 256 / 8;
+const size_t kHMACSizeInBytes = 256 / 8;
 
 // Length of base64 string required to encode given number of raw octets.
 #define BASE64_PER_RAW(X) (X > 0 ? ((X - 1) / 3 + 1) * 4 : 0)

chrome/nacl/nacl_validation_query.cc

@@ -50,12 +50,11 @@ NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db,
 
 void NaClValidationQuery::AddData(const char* data, size_t length) {
   CHECK(state_ == READY);
-  CHECK(buffer_length_ >= 0);
-  CHECK(buffer_length_ <= (int) sizeof(buffer_));
+  CHECK(buffer_length_ <= sizeof(buffer_));
   // Chrome's HMAC class doesn't support incremental signing.  Work around
   // this by using a (small) temporary buffer to accumulate data.
   // Check if there is space in the buffer.
-  if (buffer_length_ + kDigestLength > (int) sizeof(buffer_)) {
+  if (buffer_length_ + kDigestLength > sizeof(buffer_)) {
     // Hash the buffer to make space.
     CompressBuffer();
   }
@@ -79,7 +78,7 @@ int NaClValidationQuery::QueryKnownToValidate() {
   CHECK(state_ == READY);
   // It is suspicious if we have less than a digest's worth of data.
   CHECK(buffer_length_ >= kDigestLength);
-  CHECK(buffer_length_ <= (int) sizeof(buffer_));
+  CHECK(buffer_length_ <= sizeof(buffer_));
   state_ = GET_CALLED;
   // Ensure the buffer contains only one digest worth of data.
   CompressBuffer();

chrome/nacl/nacl_validation_query.h

@@ -38,7 +38,7 @@ class NaClValidationQueryContext {
 class NaClValidationQuery {
  public:
   // SHA256 digest size.
-  static const int kDigestLength = 32;
+  static const size_t kDigestLength = 32;
 
   NaClValidationQuery(NaClValidationDB* db, const std::string& profile_key);
 
@@ -77,7 +77,7 @@ class NaClValidationQuery {
   // code), so 4 times digest length means the buffer will not need to be
   // compressed as an intermediate step in the expected use cases.
   char buffer_[kDigestLength * 4];
-  int buffer_length_;
+  size_t buffer_length_;
 
   DISALLOW_COPY_AND_ASSIGN(NaClValidationQuery);
 };

crypto/hmac.cc

@@ -47,7 +47,7 @@ bool HMAC::VerifyTruncated(const base::StringPiece& data,
   size_t digest_length = DigestLength();
   scoped_array<unsigned char> computed_digest(
       new unsigned char[digest_length]);
-  if (!Sign(data, computed_digest.get(), static_cast<int>(digest_length)))
+  if (!Sign(data, computed_digest.get(), digest_length))
     return false;
 
   return SecureMemEqual(digest.data(), computed_digest.get(),

crypto/hmac.h

@@ -38,7 +38,6 @@ class CRYPTO_EXPORT HMAC {
 
   // Initializes this instance using |key| of the length |key_length|. Call Init
   // only once. It returns false on the second or later calls.
-  // TODO(abarth): key_length should be a size_t.
   //
   // NOTE: the US Federal crypto standard FIPS 198, Section 3 says:
   //   The size of the key, K, shall be equal to or greater than L/2, where L
@@ -47,7 +46,7 @@ class CRYPTO_EXPORT HMAC {
   // this requirement is gone.  But a system crypto library may still enforce
   // this old requirement.  If the key is shorter than this recommended value,
   // Init() may fail.
-  bool Init(const unsigned char* key, int key_length) WARN_UNUSED_RESULT;
+  bool Init(const unsigned char* key, size_t key_length) WARN_UNUSED_RESULT;
 
   // Initializes this instance using |key|. Call Init
   // only once. It returns false on the second or later calls.
@@ -57,15 +56,14 @@ class CRYPTO_EXPORT HMAC {
   // false on the second or later calls.
   bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT {
     return Init(reinterpret_cast<const unsigned char*>(key.data()),
-                static_cast<int>(key.size()));
+                key.size());
   }
 
   // Calculates the HMAC for the message in |data| using the algorithm supplied
   // to the constructor and the key supplied to the Init method. The HMAC is
   // returned in |digest|, which has |digest_length| bytes of storage available.
-  // TODO(abarth): digest_length should be a size_t.
   bool Sign(const base::StringPiece& data, unsigned char* digest,
-            int digest_length) const WARN_UNUSED_RESULT;
+            size_t digest_length) const WARN_UNUSED_RESULT;
 
   // Verifies that the HMAC for the message in |data| equals the HMAC provided
   // in |digest|, using the algorithm supplied to the constructor and the key

crypto/hmac_nss.cc

@@ -39,7 +39,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
 HMAC::~HMAC() {
 }
 
-bool HMAC::Init(const unsigned char *key, int key_length) {
+bool HMAC::Init(const unsigned char *key, size_t key_length) {
   EnsureNSSInit();
 
   if (plat_->slot_.get()) {
@@ -75,7 +75,7 @@ bool HMAC::Init(const unsigned char *key, int key_length) {
 
 bool HMAC::Sign(const base::StringPiece& data,
                 unsigned char* digest,
-                int digest_length) const {
+                size_t digest_length) const {
   if (!plat_->sym_key_.get()) {
     // Init has not been called before Sign.
     NOTREACHED();

crypto/hmac_openssl.cc

@@ -26,7 +26,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
   DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
 }
 
-bool HMAC::Init(const unsigned char* key, int key_length) {
+bool HMAC::Init(const unsigned char* key, size_t key_length) {
   // Init must not be called more than once on the same HMAC object.
   DCHECK(plat_->key.empty());
 
@@ -42,8 +42,7 @@ HMAC::~HMAC() {
 
 bool HMAC::Sign(const base::StringPiece& data,
                 unsigned char* digest,
-                int digest_length) const {
-  DCHECK_GE(digest_length, 0);
+                size_t digest_length) const {
   DCHECK(!plat_->key.empty());  // Init must be called before Sign.
 
   ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> result(digest, digest_length);

crypto/hmac_unittest.cc

@@ -16,7 +16,7 @@ static const char* kSimpleKey =
     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
-static const int kSimpleKeyLength = 80;
+static const size_t kSimpleKeyLength = 80;
 
 static const struct {
   const char *data;

crypto/hmac_win.cc

@@ -109,7 +109,7 @@ HMAC::HMAC(HashAlgorithm hash_alg)
   DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
 }
 
-bool HMAC::Init(const unsigned char* key, int key_length) {
+bool HMAC::Init(const unsigned char* key, size_t key_length) {
   if (plat_->provider_ || plat_->key_ || !plat_->raw_key_.empty()) {
     // Init must not be called more than once on the same HMAC object.
     NOTREACHED();
@@ -147,7 +147,7 @@ bool HMAC::Init(const unsigned char* key, int key_length) {
   key_blob->header.bVersion = CUR_BLOB_VERSION;
   key_blob->header.reserved = 0;
   key_blob->header.aiKeyAlg = CALG_RC2;
-  key_blob->key_size = key_length;
+  key_blob->key_size = static_cast<DWORD>(key_length);
   memcpy(key_blob->key_data, key, key_length);
 
   if (!CryptImportKey(plat_->provider_, &key_blob_storage[0],
@@ -168,7 +168,7 @@ HMAC::~HMAC() {
 
 bool HMAC::Sign(const base::StringPiece& data,
                 unsigned char* digest,
-                int digest_length) const {
+                size_t digest_length) const {
   if (hash_alg_ == SHA256) {
     if (plat_->raw_key_.empty())
       return false;
@@ -202,7 +202,7 @@ bool HMAC::Sign(const base::StringPiece& data,
                      static_cast<DWORD>(data.size()), 0))
     return false;
 
-  DWORD sha1_size = digest_length;
+  DWORD sha1_size = static_cast<DWORD>(digest_length);
   return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0);
 }