Rephrase some comments in crypto::SymmetricKey

The comment is out-of-date and it's unclear to me what this class really does at this point (it's just a wrapper over a string), but update it slightly. Bug: none Change-Id: I42a15eeff39d3a2a64758d0ec8fc09c0ec27375d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3497962 Commit-Queue: David Benjamin <davidben@chromium.org> Auto-Submit: David Benjamin <davidben@chromium.org> Reviewed-by: Matt Mueller <mattm@chromium.org> Commit-Queue: Matt Mueller <mattm@chromium.org> Cr-Commit-Position: refs/heads/main@{#976466}
marcosholgado · Mar 1, 2022 · 9f83245 · 9f83245
1 parent 73a71c2
commit 9f83245
Showing 1 changed file with 6 additions and 9 deletions.
diff --git a/crypto/symmetric_key.cc b/crypto/symmetric_key.cc
@@ -25,9 +25,8 @@ bool CheckDerivationParameters(SymmetricKey::Algorithm algorithm,
                                size_t key_size_in_bits) {
   switch (algorithm) {
     case SymmetricKey::AES:
-      // Whitelist supported key sizes to avoid accidentally relying on
-      // algorithms available in NSS but not BoringSSL and vice
-      // versa. Note that BoringSSL does not support AES-192.
+      // Check for supported key sizes. Historically, NSS supported AES-192
+      // while BoringSSL did not and this check aligned their behavior.
       return key_size_in_bits == 128 || key_size_in_bits == 256;
     case SymmetricKey::HMAC_SHA1:
       return key_size_in_bits % 8 == 0 && key_size_in_bits != 0;
@@ -49,9 +48,8 @@ std::unique_ptr<SymmetricKey> SymmetricKey::GenerateRandomKey(
     size_t key_size_in_bits) {
   DCHECK_EQ(AES, algorithm);
 
-  // Whitelist supported key sizes to avoid accidentaly relying on
-  // algorithms available in NSS but not BoringSSL and vice
-  // versa. Note that BoringSSL does not support AES-192.
+  // Check for supported key sizes. Historically, NSS supported AES-192 while
+  // BoringSSL did not and this check aligned their behavior.
   if (key_size_in_bits != 128 && key_size_in_bits != 256)
     return nullptr;
 
@@ -127,9 +125,8 @@ std::unique_ptr<SymmetricKey> SymmetricKey::DeriveKeyFromPasswordUsingScrypt(
 std::unique_ptr<SymmetricKey> SymmetricKey::Import(Algorithm algorithm,
                                                    const std::string& raw_key) {
   if (algorithm == AES) {
-    // Whitelist supported key sizes to avoid accidentaly relying on
-    // algorithms available in NSS but not BoringSSL and vice
-    // versa. Note that BoringSSL does not support AES-192.
+    // Check for supported key sizes. Historically, NSS supported AES-192 while
+    // BoringSSL did not and this check aligned their behavior.
     if (raw_key.size() != 128/8 && raw_key.size() != 256/8)
       return nullptr;
   }