Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/webcrypto/nss/aes_kw_nss.cc

Issue 1082123003: Rename USE_NSS to USE_NSS_CERTS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@use-nss-certs
Patch Set: rebase Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/ownership/owner_key_util_impl.cc ('k') | components/webcrypto/nss/rsa_hashed_algorithm_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <secerr.h> 5 #include <secerr.h>
6 6
7 #include "base/numerics/safe_math.h" 7 #include "base/numerics/safe_math.h"
8 #include "components/webcrypto/crypto_data.h" 8 #include "components/webcrypto/crypto_data.h"
9 #include "components/webcrypto/nss/aes_algorithm_nss.h" 9 #include "components/webcrypto/nss/aes_algorithm_nss.h"
10 #include "components/webcrypto/nss/key_nss.h" 10 #include "components/webcrypto/nss/key_nss.h"
(...skipping 28 matching lines...) Expand all
39 crypto::ScopedSECItem param_item( 39 crypto::ScopedSECItem param_item(
40 PK11_ParamFromIV(CKM_NSS_AES_KEY_WRAP, &iv_item)); 40 PK11_ParamFromIV(CKM_NSS_AES_KEY_WRAP, &iv_item));
41 if (!param_item) 41 if (!param_item)
42 return Status::ErrorUnexpected(); 42 return Status::ErrorUnexpected();
43 43
44 SECItem cipher_text = MakeSECItemForBuffer(wrapped_key_data); 44 SECItem cipher_text = MakeSECItemForBuffer(wrapped_key_data);
45 45
46 // The plaintext length is always 64 bits less than the data size. 46 // The plaintext length is always 64 bits less than the data size.
47 const unsigned int plaintext_length = wrapped_key_data.byte_length() - 8; 47 const unsigned int plaintext_length = wrapped_key_data.byte_length() - 8;
48 48
49 #if defined(USE_NSS) 49 #if defined(USE_NSS_CERTS)
50 // Part of workaround for 50 // Part of workaround for
51 // https://bugzilla.mozilla.org/show_bug.cgi?id=981170. See the explanation 51 // https://bugzilla.mozilla.org/show_bug.cgi?id=981170. See the explanation
52 // later in this function. 52 // later in this function.
53 PORT_SetError(0); 53 PORT_SetError(0);
54 #endif 54 #endif
55 55
56 crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKeyWithFlags( 56 crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKeyWithFlags(
57 wrapping_key, CKM_NSS_AES_KEY_WRAP, param_item.get(), &cipher_text, 57 wrapping_key, CKM_NSS_AES_KEY_WRAP, param_item.get(), &cipher_text,
58 mechanism, CKA_FLAGS_ONLY, plaintext_length, flags)); 58 mechanism, CKA_FLAGS_ONLY, plaintext_length, flags));
59 59
60 // TODO(padolph): Use NSS PORT_GetError() and friends to report a more 60 // TODO(padolph): Use NSS PORT_GetError() and friends to report a more
61 // accurate error, providing if doesn't leak any information to web pages 61 // accurate error, providing if doesn't leak any information to web pages
62 // about other web crypto users, key details, etc. 62 // about other web crypto users, key details, etc.
63 if (!new_key) 63 if (!new_key)
64 return Status::OperationError(); 64 return Status::OperationError();
65 65
66 #if defined(USE_NSS) 66 #if defined(USE_NSS_CERTS)
67 // Workaround for https://bugzilla.mozilla.org/show_bug.cgi?id=981170 67 // Workaround for https://bugzilla.mozilla.org/show_bug.cgi?id=981170
68 // which was fixed in NSS 3.16.0. 68 // which was fixed in NSS 3.16.0.
69 // If unwrap fails, NSS nevertheless returns a valid-looking PK11SymKey, 69 // If unwrap fails, NSS nevertheless returns a valid-looking PK11SymKey,
70 // with a reasonable length but with key data pointing to uninitialized 70 // with a reasonable length but with key data pointing to uninitialized
71 // memory. 71 // memory.
72 // To understand this workaround see the fix for 981170: 72 // To understand this workaround see the fix for 981170:
73 // https://hg.mozilla.org/projects/nss/rev/753bb69e543c 73 // https://hg.mozilla.org/projects/nss/rev/753bb69e543c
74 if (!NSS_VersionCheck("3.16") && PORT_GetError() == SEC_ERROR_BAD_DATA) 74 if (!NSS_VersionCheck("3.16") && PORT_GetError() == SEC_ERROR_BAD_DATA)
75 return Status::OperationError(); 75 return Status::OperationError();
76 #endif 76 #endif
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after
177 } 177 }
178 }; 178 };
179 179
180 } // namespace 180 } // namespace
181 181
182 AlgorithmImplementation* CreatePlatformAesKwImplementation() { 182 AlgorithmImplementation* CreatePlatformAesKwImplementation() {
183 return new AesKwCryptoAlgorithmNss; 183 return new AesKwCryptoAlgorithmNss;
184 } 184 }
185 185
186 } // namespace webcrypto 186 } // namespace webcrypto
OLDNEW
« no previous file with comments | « components/ownership/owner_key_util_impl.cc ('k') | components/webcrypto/nss/rsa_hashed_algorithm_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698