libweave: Remove use of chromeos::Blob and chromeos::SecureBlob

Replaced with std::vector<uint8_t>

BUG=brillo:1257
TEST=`FEATURES=test emerge-gizmo libweave buffet`

Change-Id: I4ba2c23d84cb50815da056b1d75d322d8b365846
Reviewed-on: https://chromium-review.googlesource.com/293611
Reviewed-by: Vitaly Buka <vitalybuka@chromium.org>
Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>
Tested-by: Vitaly Buka <vitalybuka@chromium.org>
diff --git a/libweave/include/weave/http_server.h b/libweave/include/weave/http_server.h
index 59e7542..9e5f276 100644
--- a/libweave/include/weave/http_server.h
+++ b/libweave/include/weave/http_server.h
@@ -8,8 +8,6 @@
 #include <string>
 #include <vector>
 
-#include <chromeos/secure_blob.h>
-
 #include <base/callback.h>
 
 namespace weave {
@@ -46,7 +44,8 @@
 
   virtual uint16_t GetHttpPort() const = 0;
   virtual uint16_t GetHttpsPort() const = 0;
-  virtual const chromeos::Blob& GetHttpsCertificateFingerprint() const = 0;
+  virtual const std::vector<uint8_t>& GetHttpsCertificateFingerprint()
+      const = 0;
 
  protected:
   virtual ~HttpServer() = default;
diff --git a/libweave/src/data_encoding.cc b/libweave/src/data_encoding.cc
index 817cbfc..419e2d4 100644
--- a/libweave/src/data_encoding.cc
+++ b/libweave/src/data_encoding.cc
@@ -122,7 +122,7 @@
   return wrapped;
 }
 
-bool Base64Decode(const std::string& input, chromeos::Blob* output) {
+bool Base64Decode(const std::string& input, std::vector<uint8_t>* output) {
   std::string temp_buffer;
   const std::string* data = &input;
   if (input.find_first_of("\r\n") != std::string::npos) {
diff --git a/libweave/src/data_encoding.h b/libweave/src/data_encoding.h
index ff6973d..f952fa1 100644
--- a/libweave/src/data_encoding.h
+++ b/libweave/src/data_encoding.h
@@ -9,8 +9,6 @@
 #include <utility>
 #include <vector>
 
-#include <chromeos/secure_blob.h>
-
 namespace weave {
 
 using WebParamList = std::vector<std::pair<std::string, std::string>>;
@@ -49,14 +47,14 @@
 std::string Base64EncodeWrapLines(const void* data, size_t size);
 
 // Decodes the input string from Base64.
-bool Base64Decode(const std::string& input, chromeos::Blob* output);
+bool Base64Decode(const std::string& input, std::vector<uint8_t>* output);
 
-// Helper wrappers to use std::string and chromeos::Blob as binary data
+// Helper wrappers to use std::string and std::vector<uint8_t> as binary data
 // containers.
-inline std::string Base64Encode(const chromeos::Blob& input) {
+inline std::string Base64Encode(const std::vector<uint8_t>& input) {
   return Base64Encode(input.data(), input.size());
 }
-inline std::string Base64EncodeWrapLines(const chromeos::Blob& input) {
+inline std::string Base64EncodeWrapLines(const std::vector<uint8_t>& input) {
   return Base64EncodeWrapLines(input.data(), input.size());
 }
 inline std::string Base64Encode(const std::string& input) {
@@ -66,7 +64,7 @@
   return Base64EncodeWrapLines(input.data(), input.size());
 }
 inline bool Base64Decode(const std::string& input, std::string* output) {
-  chromeos::Blob blob;
+  std::vector<uint8_t> blob;
   if (!Base64Decode(input, &blob))
     return false;
   *output = std::string{blob.begin(), blob.end()};
diff --git a/libweave/src/data_encoding_unittest.cc b/libweave/src/data_encoding_unittest.cc
index 28d6b85..76265cd 100644
--- a/libweave/src/data_encoding_unittest.cc
+++ b/libweave/src/data_encoding_unittest.cc
@@ -52,7 +52,7 @@
       "RlZ2VyIGVyYXQgaXBzdW0sIGludGVnZXIgbW9sZXN0aWUsIGFyY3UgaW4sIHNpdCBtYXVya"
       "XMgYWMgYSBzZWQgc2l0IGV0aWFtLg==";
 
-  chromeos::Blob data3(256);
+  std::vector<uint8_t> data3(256);
   std::iota(data3.begin(), data3.end(), 0);  // Fills the buffer with 0x00-0xFF.
   const std::string encoded3 =
       "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ"
@@ -80,7 +80,7 @@
       "bmNpZHVudCBpbnRlZ2VyIGVyYXQgaXBzdW0sIGludGVnZXIgbW9sZXN0aWUsIGFy\n"
       "Y3UgaW4sIHNpdCBtYXVyaXMgYWMgYSBzZWQgc2l0IGV0aWFtLg==\n";
 
-  chromeos::Blob data3(256);
+  std::vector<uint8_t> data3(256);
   std::iota(data3.begin(), data3.end(), 0);  // Fills the buffer with 0x00-0xFF.
   const std::string encoded3 =
       "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4v\n"
@@ -115,7 +115,7 @@
       "prbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en"
       "6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU"
       "1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==";
-  chromeos::Blob decoded3(256);
+  std::vector<uint8_t> decoded3(256);
   std::iota(decoded3.begin(), decoded3.end(), 0);  // Fill with 0x00..0xFF.
 
   std::string decoded;
@@ -125,7 +125,7 @@
   EXPECT_TRUE(Base64Decode(encoded2, &decoded));
   EXPECT_EQ(decoded2, decoded);
 
-  chromeos::Blob decoded_blob;
+  std::vector<uint8_t> decoded_blob;
   EXPECT_TRUE(Base64Decode(encoded3, &decoded_blob));
   EXPECT_EQ(decoded3, decoded_blob);
 
@@ -133,10 +133,10 @@
   EXPECT_TRUE(decoded_blob.empty());
 
   EXPECT_TRUE(Base64Decode("/w==", &decoded_blob));
-  EXPECT_EQ((chromeos::Blob{0xFF}), decoded_blob);
+  EXPECT_EQ((std::vector<uint8_t>{0xFF}), decoded_blob);
 
   EXPECT_TRUE(Base64Decode("//8=", &decoded_blob));
-  EXPECT_EQ((chromeos::Blob{0xFF, 0xFF}), decoded_blob);
+  EXPECT_EQ((std::vector<uint8_t>{0xFF, 0xFF}), decoded_blob);
 
   EXPECT_FALSE(Base64Decode("AAECAwQFB,cI", &decoded_blob));
   EXPECT_TRUE(decoded_blob.empty());
diff --git a/libweave/src/notification/xmpp_channel.cc b/libweave/src/notification/xmpp_channel.cc
index 2715dd9..de0ba44 100644
--- a/libweave/src/notification/xmpp_channel.cc
+++ b/libweave/src/notification/xmpp_channel.cc
@@ -6,6 +6,7 @@
 
 #include <string>
 
+#include <base/base64.h>
 #include <base/bind.h>
 #include <weave/network.h>
 #include <weave/task_runner.h>
@@ -15,6 +16,7 @@
 #include "libweave/src/notification/notification_delegate.h"
 #include "libweave/src/notification/notification_parser.h"
 #include "libweave/src/notification/xml_node.h"
+#include "libweave/src/privet/openssl_utils.h"
 #include "libweave/src/utils.h"
 
 namespace weave {
@@ -29,7 +31,7 @@
 
 std::string BuildXmppAuthenticateCommand(const std::string& account,
                                          const std::string& token) {
-  chromeos::Blob credentials;
+  std::vector<uint8_t> credentials;
   credentials.push_back(0);
   credentials.insert(credentials.end(), account.begin(), account.end());
   credentials.push_back(0);
diff --git a/libweave/src/privet/openssl_utils.cc b/libweave/src/privet/openssl_utils.cc
index 910b722..a7a4137 100644
--- a/libweave/src/privet/openssl_utils.cc
+++ b/libweave/src/privet/openssl_utils.cc
@@ -14,9 +14,9 @@
 namespace weave {
 namespace privet {
 
-chromeos::Blob HmacSha256(const chromeos::SecureBlob& key,
-                          const chromeos::Blob& data) {
-  chromeos::Blob mac(kSha256OutputSize);
+std::vector<uint8_t> HmacSha256(const std::vector<uint8_t>& key,
+                                const std::vector<uint8_t>& data) {
+  std::vector<uint8_t> mac(kSha256OutputSize);
   uint32_t len = 0;
   CHECK(HMAC(EVP_sha256(), key.data(), key.size(), data.data(), data.size(),
              mac.data(), &len));
diff --git a/libweave/src/privet/openssl_utils.h b/libweave/src/privet/openssl_utils.h
index bd7e637..0206681 100644
--- a/libweave/src/privet/openssl_utils.h
+++ b/libweave/src/privet/openssl_utils.h
@@ -8,16 +8,13 @@
 #include <string>
 #include <vector>
 
-#include <chromeos/secure_blob.h>
-
 namespace weave {
 namespace privet {
 
 const size_t kSha256OutputSize = 32;
 
-chromeos::Blob HmacSha256(const chromeos::SecureBlob& key,
-                          const chromeos::Blob& data);
-
+std::vector<uint8_t> HmacSha256(const std::vector<uint8_t>& key,
+                                const std::vector<uint8_t>& data);
 }  // namespace privet
 }  // namespace weave
 
diff --git a/libweave/src/privet/security_delegate.h b/libweave/src/privet/security_delegate.h
index d82ef4a..e168a87 100644
--- a/libweave/src/privet/security_delegate.h
+++ b/libweave/src/privet/security_delegate.h
@@ -10,7 +10,6 @@
 #include <string>
 
 #include <base/time/time.h>
-#include <chromeos/secure_blob.h>
 #include <weave/privet.h>
 
 #include "libweave/src/privet/privet_types.h"
diff --git a/libweave/src/privet/security_manager.cc b/libweave/src/privet/security_manager.cc
index 5888b41..2125744 100644
--- a/libweave/src/privet/security_manager.cc
+++ b/libweave/src/privet/security_manager.cc
@@ -157,24 +157,25 @@
 // Returns "base64([hmac]scope:id:time)".
 std::string SecurityManager::CreateAccessToken(const UserInfo& user_info,
                                                const base::Time& time) {
-  chromeos::SecureBlob data(CreateTokenData(user_info, time));
-  chromeos::Blob hash(HmacSha256(secret_, data));
-  return Base64Encode(chromeos::SecureBlob::Combine(
-      chromeos::SecureBlob(hash.begin(), hash.end()), data));
+  std::string data_str{CreateTokenData(user_info, time)};
+  std::vector<uint8_t> data{data_str.begin(), data_str.end()};
+  std::vector<uint8_t> hash{HmacSha256(secret_, data)};
+  hash.insert(hash.end(), data.begin(), data.end());
+  return Base64Encode(hash);
 }
 
 // Parses "base64([hmac]scope:id:time)".
 UserInfo SecurityManager::ParseAccessToken(const std::string& token,
                                            base::Time* time) const {
-  chromeos::Blob decoded;
+  std::vector<uint8_t> decoded;
   if (!Base64Decode(token, &decoded) || decoded.size() <= kSha256OutputSize) {
     return UserInfo{};
   }
-  chromeos::SecureBlob data(decoded.begin() + kSha256OutputSize, decoded.end());
+  std::vector<uint8_t> data(decoded.begin() + kSha256OutputSize, decoded.end());
   decoded.resize(kSha256OutputSize);
   if (decoded != HmacSha256(secret_, data))
     return UserInfo{};
-  return SplitTokenData(data.to_string(), time);
+  return SplitTokenData(std::string(data.begin(), data.end()), time);
 }
 
 std::set<PairingType> SecurityManager::GetPairingTypes() const {
@@ -191,13 +192,15 @@
 bool SecurityManager::IsValidPairingCode(const std::string& auth_code) const {
   if (is_security_disabled_)
     return true;
-  chromeos::Blob auth_decoded;
+  std::vector<uint8_t> auth_decoded;
   if (!Base64Decode(auth_code, &auth_decoded))
     return false;
   for (const auto& session : confirmed_sessions_) {
+    const std::string& key = session.second->GetKey();
+    const std::string& id = session.first;
     if (auth_decoded ==
-        HmacSha256(chromeos::SecureBlob{session.second->GetKey()},
-                   chromeos::SecureBlob{session.first})) {
+        HmacSha256(std::vector<uint8_t>(key.begin(), key.end()),
+                   std::vector<uint8_t>(id.begin(), id.end()))) {
       pairing_attemts_ = 0;
       block_pairing_until_ = base::Time{};
       return true;
@@ -317,7 +320,7 @@
   }
   CHECK(!certificate_fingerprint_.empty());
 
-  chromeos::Blob commitment;
+  std::vector<uint8_t> commitment;
   if (!Base64Decode(client_commitment, &commitment)) {
     ClosePendingSession(session_id);
     chromeos::Error::AddToPrintf(
@@ -335,13 +338,12 @@
     return false;
   }
 
-  std::string key = session->second->GetKey();
+  const std::string& key = session->second->GetKey();
   VLOG(3) << "KEY " << base::HexEncode(key.data(), key.size());
 
   *fingerprint = Base64Encode(certificate_fingerprint_);
-  chromeos::Blob cert_hmac =
-      HmacSha256(chromeos::SecureBlob(session->second->GetKey()),
-                 certificate_fingerprint_);
+  std::vector<uint8_t> cert_hmac = HmacSha256(
+      std::vector<uint8_t>(key.begin(), key.end()), certificate_fingerprint_);
   *signature = Base64Encode(cert_hmac);
   confirmed_sessions_.emplace(session->first, std::move(session->second));
   task_runner_->PostDelayedTask(
diff --git a/libweave/src/privet/security_manager.h b/libweave/src/privet/security_manager.h
index 5afeac5..3beacb6 100644
--- a/libweave/src/privet/security_manager.h
+++ b/libweave/src/privet/security_manager.h
@@ -15,7 +15,6 @@
 #include <base/files/file_path.h>
 #include <base/memory/weak_ptr.h>
 #include <chromeos/errors/error.h>
-#include <chromeos/secure_blob.h>
 
 #include "libweave/src/privet/security_delegate.h"
 
@@ -80,7 +79,7 @@
   void RegisterPairingListeners(const PairingStartListener& on_start,
                                 const PairingEndListener& on_end);
 
-  void SetCertificateFingerprint(const chromeos::Blob& fingerprint) {
+  void SetCertificateFingerprint(const std::vector<uint8_t>& fingerprint) {
     certificate_fingerprint_ = fingerprint;
   }
 
@@ -102,8 +101,8 @@
   std::map<std::string, std::unique_ptr<KeyExchanger>> confirmed_sessions_;
   mutable int pairing_attemts_{0};
   mutable base::Time block_pairing_until_;
-  chromeos::SecureBlob secret_;
-  chromeos::Blob certificate_fingerprint_;
+  std::vector<uint8_t> secret_;
+  std::vector<uint8_t> certificate_fingerprint_;
   PairingStartListener on_start_;
   PairingEndListener on_end_;
 
diff --git a/libweave/src/privet/security_manager_unittest.cc b/libweave/src/privet/security_manager_unittest.cc
index 44e01cf..a6ea288 100644
--- a/libweave/src/privet/security_manager_unittest.cc
+++ b/libweave/src/privet/security_manager_unittest.cc
@@ -66,7 +66,7 @@
 class SecurityManagerTest : public testing::Test {
  public:
   void SetUp() override {
-    chromeos::Blob fingerprint;
+    std::vector<uint8_t> fingerprint;
     fingerprint.resize(256 / 8);
     base::RandBytes(fingerprint.data(), fingerprint.size());
     security_.SetCertificateFingerprint(fingerprint);
@@ -99,14 +99,15 @@
     EXPECT_TRUE(IsBase64(*fingerprint));
     EXPECT_TRUE(IsBase64(*signature));
 
-    chromeos::Blob device_commitment;
+    std::vector<uint8_t> device_commitment;
     ASSERT_TRUE(Base64Decode(device_commitment_base64, &device_commitment));
     spake.ProcessMessage(
         chromeos::string_utils::GetBytesAsString(device_commitment));
 
-    chromeos::Blob auth_code{
-        HmacSha256(chromeos::SecureBlob{spake.GetUnverifiedKey()},
-                   chromeos::SecureBlob{session_id})};
+    const std::string& key = spake.GetUnverifiedKey();
+    std::vector<uint8_t> auth_code{
+        HmacSha256(std::vector<uint8_t>{key.begin(), key.end()},
+                   std::vector<uint8_t>{session_id.begin(), session_id.end()})};
 
     std::string auth_code_base64{Base64Encode(auth_code)};