Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(417)

Unified Diff: components/ownership/owner_key_util_impl.cc

Issue 1106103003: Don't use RSAPrivateKey in NSS integration code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-refactor
Patch Set: avoid exposing NSS through net headers (unnecessary) Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: components/ownership/owner_key_util_impl.cc
diff --git a/components/ownership/owner_key_util_impl.cc b/components/ownership/owner_key_util_impl.cc
index bc7208e4642d21603513324d40236fddf4a4207c..cab5ffad2c759dc35ddc00cf211b37dc7b6438f8 100644
--- a/components/ownership/owner_key_util_impl.cc
+++ b/components/ownership/owner_key_util_impl.cc
@@ -8,7 +8,12 @@
#include "base/files/file_util.h"
#include "base/logging.h"
+
+#if defined(USE_NSS_CERTS)
+#include <keythi.h>
+#include "crypto/nss_key_util.h"
#include "crypto/rsa_private_key.h"
+#endif
namespace ownership {
@@ -54,7 +59,18 @@ bool OwnerKeyUtilImpl::ImportPublicKey(std::vector<uint8>* output) {
crypto::RSAPrivateKey* OwnerKeyUtilImpl::FindPrivateKeyInSlot(
const std::vector<uint8>& key,
PK11SlotInfo* slot) {
- return crypto::RSAPrivateKey::FindFromPublicKeyInfoInSlot(key, slot);
+ crypto::ScopedSECKEYPrivateKey private_key(
+ crypto::FindNSSKeyFromPublicKeyInfoInSlot(key, slot));
+ if (!private_key || SECKEY_GetPrivateKeyType(private_key.get()) != rsaKey)
+ return nullptr;
+#if defined(USE_OPENSSL)
+ // TODO(davidben): This assumes that crypto::RSAPrivateKey also uses NSS.
+ // https://crbug.com/478777
+ NOTIMPLEMENTED();
+ return nullptr;
davidben 2015/04/27 18:07:22 Leaving this for a follow-up since I'm not sure ye
Ryan Sleevi 2015/04/27 19:11:27 That seems less-desirable; I mean, the team is usi
davidben 2015/04/27 19:17:09 Yeah, that's also an option, which is why I set th
+#else
+ return crypto::RSAPrivateKey::CreateFromKey(private_key.get());
+#endif
}
#endif // defined(USE_NSS_CERTS)

Powered by Google App Engine
This is Rietveld 408576698