Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(534)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc

Issue 1128153003: Reland "Don't use RSAPrivateKey in NSS integration code." (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: various comments, fix test Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.cc ('K') | « chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h ('k') | chrome/browser/chromeos/platform_keys/platform_keys_nss.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
diff --git a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
index a96f0aab78e77370c4e8a1185c3974d22f99774d..20fdd78e8d435fccaeb0ae4fefbe0d16794675b4 100644
--- a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
+++ b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
@@ -4,6 +4,8 @@
#include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
+#include <keyhi.h>
+
#include <algorithm>
#include <string>
@@ -29,9 +31,9 @@
#include "content/public/browser/notification_service.h"
#include "content/public/browser/notification_source.h"
#include "content/public/common/content_switches.h"
+#include "crypto/nss_key_util.h"
#include "crypto/nss_util.h"
#include "crypto/nss_util_internal.h"
-#include "crypto/rsa_private_key.h"
#include "crypto/scoped_nss_types.h"
#include "crypto/signature_creator.h"
@@ -72,9 +74,14 @@ void LoadPrivateKeyByPublicKey(
crypto::ScopedPK11Slot private_slot = crypto::GetPrivateSlotForChromeOSUser(
username_hash, base::Callback<void(crypto::ScopedPK11Slot)>());
- // If private slot is already available, this will check it. If not,
- // we'll get called again later when the TPM Token is ready, and the
- // slot will be available then.
+ // If private slot is already available, this will check it. If not, we'll get
+ // called again later when the TPM Token is ready, and the slot will be
+ // available then. FindPrivateKeyInSlot internally checks for a null slot if
+ // needbe.
+ //
+ // TODO(davidben): The null check should be in the caller rather than
+ // internally in the OwnerKeyUtil implementation. The tests currently get a
+ // null private_slot and expect the mock OwnerKeyUtil to still be called.
scoped_refptr<PrivateKey> private_key(
new PrivateKey(owner_key_util->FindPrivateKeyInSlot(public_key->data(),
private_slot.get())));
@@ -124,10 +131,9 @@ bool DoesPrivateKeyExistAsyncHelper(
std::vector<uint8> public_key;
if (!owner_key_util->ImportPublicKey(&public_key))
return false;
- scoped_ptr<crypto::RSAPrivateKey> key(
- crypto::RSAPrivateKey::FindFromPublicKeyInfo(public_key));
- bool is_owner = key.get() != NULL;
- return is_owner;
+ crypto::ScopedSECKEYPrivateKey key =
+ crypto::FindNSSKeyFromPublicKeyInfo(public_key);
+ return key && SECKEY_GetPrivateKeyType(key.get()) == rsaKey;
}
// Checks whether NSS slots with private key are mounted or
« chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.cc ('K') | « chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h ('k') | chrome/browser/chromeos/platform_keys/platform_keys_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698