Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/nss/aes_kw_nss.cc

Issue 1082123003: Rename USE_NSS to USE_NSS_CERTS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@use-nss-certs
Patch Set: long line Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« build/config/BUILD.gn ('K') | « content/app/content_main_runner.cc ('k') | content/child/webcrypto/nss/rsa_hashed_algorithm_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <secerr.h> 5 #include <secerr.h>
6 6
7 #include "base/numerics/safe_math.h" 7 #include "base/numerics/safe_math.h"
8 #include "content/child/webcrypto/crypto_data.h" 8 #include "content/child/webcrypto/crypto_data.h"
9 #include "content/child/webcrypto/nss/aes_algorithm_nss.h" 9 #include "content/child/webcrypto/nss/aes_algorithm_nss.h"
10 #include "content/child/webcrypto/nss/key_nss.h" 10 #include "content/child/webcrypto/nss/key_nss.h"
(...skipping 30 matching lines...) Expand all
41 crypto::ScopedSECItem param_item( 41 crypto::ScopedSECItem param_item(
42 PK11_ParamFromIV(CKM_NSS_AES_KEY_WRAP, &iv_item)); 42 PK11_ParamFromIV(CKM_NSS_AES_KEY_WRAP, &iv_item));
43 if (!param_item) 43 if (!param_item)
44 return Status::ErrorUnexpected(); 44 return Status::ErrorUnexpected();
45 45
46 SECItem cipher_text = MakeSECItemForBuffer(wrapped_key_data); 46 SECItem cipher_text = MakeSECItemForBuffer(wrapped_key_data);
47 47
48 // The plaintext length is always 64 bits less than the data size. 48 // The plaintext length is always 64 bits less than the data size.
49 const unsigned int plaintext_length = wrapped_key_data.byte_length() - 8; 49 const unsigned int plaintext_length = wrapped_key_data.byte_length() - 8;
50 50
51 #if defined(USE_NSS) 51 #if defined(USE_NSS_CERTS)
52 // Part of workaround for 52 // Part of workaround for
53 // https://bugzilla.mozilla.org/show_bug.cgi?id=981170. See the explanation 53 // https://bugzilla.mozilla.org/show_bug.cgi?id=981170. See the explanation
54 // later in this function. 54 // later in this function.
55 PORT_SetError(0); 55 PORT_SetError(0);
56 #endif 56 #endif
57 57
58 crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKeyWithFlags( 58 crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKeyWithFlags(
59 wrapping_key, CKM_NSS_AES_KEY_WRAP, param_item.get(), &cipher_text, 59 wrapping_key, CKM_NSS_AES_KEY_WRAP, param_item.get(), &cipher_text,
60 mechanism, CKA_FLAGS_ONLY, plaintext_length, flags)); 60 mechanism, CKA_FLAGS_ONLY, plaintext_length, flags));
61 61
62 // TODO(padolph): Use NSS PORT_GetError() and friends to report a more 62 // TODO(padolph): Use NSS PORT_GetError() and friends to report a more
63 // accurate error, providing if doesn't leak any information to web pages 63 // accurate error, providing if doesn't leak any information to web pages
64 // about other web crypto users, key details, etc. 64 // about other web crypto users, key details, etc.
65 if (!new_key) 65 if (!new_key)
66 return Status::OperationError(); 66 return Status::OperationError();
67 67
68 #if defined(USE_NSS) 68 #if defined(USE_NSS_CERTS)
69 // Workaround for https://bugzilla.mozilla.org/show_bug.cgi?id=981170 69 // Workaround for https://bugzilla.mozilla.org/show_bug.cgi?id=981170
70 // which was fixed in NSS 3.16.0. 70 // which was fixed in NSS 3.16.0.
71 // If unwrap fails, NSS nevertheless returns a valid-looking PK11SymKey, 71 // If unwrap fails, NSS nevertheless returns a valid-looking PK11SymKey,
72 // with a reasonable length but with key data pointing to uninitialized 72 // with a reasonable length but with key data pointing to uninitialized
73 // memory. 73 // memory.
74 // To understand this workaround see the fix for 981170: 74 // To understand this workaround see the fix for 981170:
75 // https://hg.mozilla.org/projects/nss/rev/753bb69e543c 75 // https://hg.mozilla.org/projects/nss/rev/753bb69e543c
76 if (!NSS_VersionCheck("3.16") && PORT_GetError() == SEC_ERROR_BAD_DATA) 76 if (!NSS_VersionCheck("3.16") && PORT_GetError() == SEC_ERROR_BAD_DATA)
77 return Status::OperationError(); 77 return Status::OperationError();
78 #endif 78 #endif
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after
181 181
182 } // namespace 182 } // namespace
183 183
184 AlgorithmImplementation* CreatePlatformAesKwImplementation() { 184 AlgorithmImplementation* CreatePlatformAesKwImplementation() {
185 return new AesKwCryptoAlgorithmNss; 185 return new AesKwCryptoAlgorithmNss;
186 } 186 }
187 187
188 } // namespace webcrypto 188 } // namespace webcrypto
189 189
190 } // namespace content 190 } // namespace content
OLDNEW
« build/config/BUILD.gn ('K') | « content/app/content_main_runner.cc ('k') | content/child/webcrypto/nss/rsa_hashed_algorithm_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698