[webcrypto] Fix a bug where generated RSA private keys couldn't be exported.

content/child/webcrypto/platform_crypto_nss.cc

Index: content/child/webcrypto/platform_crypto_nss.cc
diff --git a/content/child/webcrypto/platform_crypto_nss.cc b/content/child/webcrypto/platform_crypto_nss.cc
index 13f5735bcc1c4354b3b8c19c6a5e9cc882af4dd7..99b27310a61395b9264f56195f4a896a1861b7f9 100644
--- a/content/child/webcrypto/platform_crypto_nss.cc
+++ b/content/child/webcrypto/platform_crypto_nss.cc
@@ -1153,7 +1153,11 @@ Status GenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm,
   }
   const CK_FLAGS operation_flags_mask =
       CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | CKF_VERIFY | CKF_WRAP | CKF_UNWRAP;
-  const PK11AttrFlags attribute_flags = 0;  // Default all PK11_ATTR_ flags.
+  // The private key must be marked as insensitive otherwise it cannot later be
+  // exported, or structured-cloned. Throw in extractable for good measure,
+  // however the tests pass without it too.

[wtc, 2014/03/27 19:38:24]

Summary: I suggest this comment:
  // The private key must be marked as insensitive and extractable, otherwise
  // it cannot later be exported in unencrypted form or structured-cloned.

Details:

Remove the "Throw in extractable for good measure ..." part. If you don't
specify PK11_ATTR_EXTRACTABLE or PK11_ATTR_UNEXTRACTABLE, you are relying on the
token's default. The fact that PK11_ATTR_EXTRACTABLE isn't necessary means the
NSS softoken defaults to extractable keys.

More info on the two attributes:
Extractable: whether the key can be extracted at all, regardless of the form.
Sensitive: the key can only be extracted in encrypted form (i.e., requires the
use of C_WrapKey).

If you need to export unencrypted PrivateKeyInfo, you need the key to be
insensitive and extractable.

+  const PK11AttrFlags attribute_flags =
+      PK11_ATTR_INSENSITIVE | PK11_ATTR_EXTRACTABLE;
 
   // Note: NSS does not generate an sec_public_key if the call below fails,
   // so there is no danger of a leaked sec_public_key.