Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1077)

Issue 1118263003: Revert of Don't use RSAPrivateKey in NSS integration code. (Closed)

Created:
5 years, 7 months ago by spang
Modified:
5 years, 7 months ago
CC:
chromium-reviews, cbentzel+watch_chromium.org, dzhioev+watch_chromium.org, stevenjb+watch_chromium.org, oshima+watch_chromium.org, davemoore+watch_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@ocsp-refactor
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Revert of Don't use RSAPrivateKey in NSS integration code. (patchset #6 id:100001 of https://codereview.chromium.org/1106103003/) Reason for revert: Causes SEGV during login on Chrome OS BUG=483606 Original issue's description: > Don't use RSAPrivateKey in NSS integration code. > > Currently some NSS platform integration logic transits private keys through > RSAPrivateKey on CrOS. This prevents incrementally switching RSAPrivateKey to > BoringSSL while keeping platform integrations on NSS. > > The intent of this change is to clarify RSAPrivateKey as a BoringSSL vs NSS > internal crypto library (use_openssl=0 vs use_openssl=1) abstraction. It's > primarily to be used with SignatureCreator. Code which uses NSS based on > use_nss_certs rather than use_openssl because the underlying platform is NSS > should call NSS routines directly, or introduce different abstractions. > > Remove the problematic RSAPrivateKey methods and instead add > crypto/nss_key_util.h which contains some helper functions for manipulating NSS > keys. This is sufficient to allow consumers of the removed methods to use NSS > directly with about as much code. (This should not set back migrating that > logic to NSS as that code was already very NSS-specific; those APIs assumed > PK11SlotInfo.) > > nss_key_util.h, like nss_util.h, is built whenever NSS is used either > internally or for platform integrations. This is so rsa_private_key_nss.cc can > continue to use the helper functions to implement the NSS-agnostic interface. > > With this, the chimera CrOS configuration should build. The RSAPrivateKey logic > is functional with the exception of some logic in components/ownership. That > will be resolved in a future CL. > > BUG=478777 > > Committed: https://crrev.com/a46a990b2ccae2b66e87b5f76d2866044dc3182e > Cr-Commit-Position: refs/heads/master@{#327909} TBR=rsleevi@chromium.org,pneubeck@chromium.org,dpolukhin@chromium.org,caitkp@chromium.org,davidben@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=483606 Committed: https://crrev.com/9ce3458d9a03b38ca717291d08d564e12fd8254a Cr-Commit-Position: refs/heads/master@{#327978}

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+433 lines, -455 lines) Patch
M chrome/browser/chromeos/login/auth/cryptohome_authenticator_unittest.cc View 3 chunks +4 lines, -5 lines 0 comments Download
M chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.cc View 8 chunks +18 lines, -20 lines 0 comments Download
M chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc View 3 chunks +5 lines, -6 lines 0 comments Download
M chrome/browser/chromeos/platform_keys/platform_keys_nss.cc View 6 chunks +16 lines, -20 lines 0 comments Download
M components/ownership.gypi View 1 chunk +0 lines, -5 lines 0 comments Download
M components/ownership/BUILD.gn View 2 chunks +0 lines, -5 lines 0 comments Download
M components/ownership/owner_key_util_impl.cc View 2 chunks +1 line, -17 lines 0 comments Download
M crypto/BUILD.gn View 4 chunks +11 lines, -16 lines 0 comments Download
M crypto/crypto.gyp View 4 chunks +9 lines, -9 lines 0 comments Download
M crypto/crypto.gypi View 1 chunk +0 lines, -2 lines 0 comments Download
D crypto/nss_key_util.h View 1 chunk +0 lines, -58 lines 0 comments Download
D crypto/nss_key_util.cc View 1 chunk +0 lines, -161 lines 0 comments Download
D crypto/nss_key_util_unittest.cc View 1 chunk +0 lines, -87 lines 0 comments Download
M crypto/rsa_private_key.h View 2 chunks +68 lines, -1 line 0 comments Download
M crypto/rsa_private_key_nss.cc View 7 chunks +207 lines, -26 lines 0 comments Download
A crypto/rsa_private_key_nss_unittest.cc View 1 chunk +66 lines, -0 lines 0 comments Download
M net/net.gyp View 1 chunk +0 lines, -1 line 0 comments Download
M net/test/cert_test_util.h View 2 chunks +9 lines, -6 lines 0 comments Download
M net/test/cert_test_util_nss.cc View 2 chunks +19 lines, -10 lines 0 comments Download

Messages

Total messages: 8 (3 generated)
spang
Created Revert of Don't use RSAPrivateKey in NSS integration code.
5 years, 7 months ago (2015-05-01 21:00:23 UTC) #1
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1118263003/1
5 years, 7 months ago (2015-05-01 21:00:44 UTC) #2
commit-bot: I haz the power
Committed patchset #1 (id:1)
5 years, 7 months ago (2015-05-01 21:02:11 UTC) #5
commit-bot: I haz the power
Patchset 1 (id:??) landed as https://crrev.com/9ce3458d9a03b38ca717291d08d564e12fd8254a Cr-Commit-Position: refs/heads/master@{#327978}
5 years, 7 months ago (2015-05-01 21:03:11 UTC) #7
commit-bot: I haz the power
5 years, 7 months ago (2015-05-01 21:03:42 UTC) #8
Message was sent while issue was closed.
CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1118263003/1

Powered by Google App Engine
This is Rietveld 408576698