1 files changed, 21 insertions, 4 deletions

diff --git a/chromium/crypto/hmac.h b/chromium/crypto/hmac.h
index 760a97341a8..716ab25d2ca 100644
--- a/chromium/crypto/hmac.h
+++ b/chromium/crypto/hmac.h
@@ -2,8 +2,10 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-// Utility class for calculating the HMAC for a given message. We currently
-// only support SHA1 for the hash algorithm, but this can be extended easily.
+// Utility class for calculating the HMAC for a given message. We currently only
+// support SHA-1 and SHA-256 for the hash algorithm, but this can be extended
+// easily. Prefer the base::span and std::vector overloads over the
+// base::StringPiece and std::string overloads.
 
 #ifndef CRYPTO_HMAC_H_
 #define CRYPTO_HMAC_H_
@@ -14,6 +16,7 @@
 #include <vector>
 
 #include "base/compiler_specific.h"
+#include "base/containers/span.h"
 #include "base/macros.h"
 #include "base/strings/string_piece.h"
 #include "crypto/crypto_export.h"
@@ -58,16 +61,25 @@ class CRYPTO_EXPORT HMAC {
   // Initializes this instance using |key|. Call Init only once. It returns
   // false on the second or later calls.
   bool Init(base::StringPiece key) WARN_UNUSED_RESULT {
-    return Init(reinterpret_cast<const unsigned char*>(key.data()),
-                key.size());
+    return Init(base::as_bytes(base::make_span(key)));
+  }
+
+  // Initializes this instance using |key|. Call Init only once. It returns
+  // false on the second or later calls.
+  bool Init(base::span<const uint8_t> key) WARN_UNUSED_RESULT {
+    return Init(key.data(), key.size());
   }
 
   // Calculates the HMAC for the message in |data| using the algorithm supplied
   // to the constructor and the key supplied to the Init method. The HMAC is
   // returned in |digest|, which has |digest_length| bytes of storage available.
+  // If |digest_length| is smaller than DigestLength(), the output will be
+  // truncated. If it is larger, this method will fail.
   bool Sign(base::StringPiece data,
             unsigned char* digest,
             size_t digest_length) const WARN_UNUSED_RESULT;
+  bool Sign(base::span<const uint8_t> data,
+            base::span<uint8_t> digest) const WARN_UNUSED_RESULT;
 
   // Verifies that the HMAC for the message in |data| equals the HMAC provided
   // in |digest|, using the algorithm supplied to the constructor and the key
@@ -78,11 +90,16 @@ class CRYPTO_EXPORT HMAC {
   // |DigestLength()| bytes long.
   bool Verify(base::StringPiece data,
               base::StringPiece digest) const WARN_UNUSED_RESULT;
+  bool Verify(base::span<const uint8_t> data,
+              base::span<const uint8_t> digest) const WARN_UNUSED_RESULT;
 
   // Verifies a truncated HMAC, behaving identical to Verify(), except
   // that |digest| is allowed to be smaller than |DigestLength()|.
   bool VerifyTruncated(base::StringPiece data,
                        base::StringPiece digest) const WARN_UNUSED_RESULT;
+  bool VerifyTruncated(base::span<const uint8_t> data,
+                       base::span<const uint8_t> digest) const
+      WARN_UNUSED_RESULT;
 
  private:
   HashAlgorithm hash_alg_;