Replace memcmp() with HMAC.VerifyTruncated() in aes_decryptor.cc

media/crypto/aes_decryptor.cc

Index: media/crypto/aes_decryptor.cc
diff --git a/media/crypto/aes_decryptor.cc b/media/crypto/aes_decryptor.cc
index e69f4062a8afb3f00ee9d609a19785da40269efe..aeb03a2812b01fa14bfd3560f441fb17ff42c1a1 100644
--- a/media/crypto/aes_decryptor.cc
+++ b/media/crypto/aes_decryptor.cc
@@ -66,21 +66,19 @@ static bool CheckData(const DecoderBuffer& input,
   if (!hmac.Init(hmac_key))
     return false;
 
-  // The HMAC covers the IV and the frame data.
+  // The component that initializes |input.GetDecryptConfig()| is responsible
+  // for checking that |input.GetDecryptConfig()->checksum_size()| matches
+  // what is defined by the format.

[ddorwin, 2012/07/24 18:09:40]

Thanks. One might assume this is related to the next line. To avoid that, you
might say something like, "Here, just confirm that the size is not bigger than
the cypher's digest length."

[fgalligan1, 2012/07/24 18:38:33]

Done. PTAL.

+  DCHECK_LE(input.GetDecryptConfig()->checksum_size(),
+            static_cast<int>(hmac.DigestLength()));
+
   base::StringPiece data_to_check(
       reinterpret_cast<const char*>(input.GetData()), input.GetDataSize());
+  base::StringPiece digest(
+      reinterpret_cast<const char*>(input.GetDecryptConfig()->checksum()),
+      input.GetDecryptConfig()->checksum_size());
 
-  scoped_array<uint8> calculated_hmac(new uint8[hmac.DigestLength()]);
-  if (!hmac.Sign(data_to_check, calculated_hmac.get(), hmac.DigestLength()))
-    return false;
-
-  DCHECK(input.GetDecryptConfig()->checksum_size() <=
-         static_cast<int>(hmac.DigestLength()));
-  if (memcmp(input.GetDecryptConfig()->checksum(),
-             calculated_hmac.get(),
-             input.GetDecryptConfig()->checksum_size()) != 0)
-    return false;
-  return true;
+  return hmac.VerifyTruncated(data_to_check, digest);
 }
 
 // Decrypts |input| using |key|. |encrypted_data_offset| is the number of bytes