Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(48)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2566273008: Use SecKeyCreateSignature on macOS 10.12 and later. (Closed)

Created:
4 years ago by davidben
Modified:
4 years ago
Reviewers:
Ryan Sleevi
CC:
chromium-reviews, cbentzel+watch_chromium.org, mac-reviews_chromium.org
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Use SecKeyCreateSignature on macOS 10.12 and later. macOS 10.12 breaks the CSSM code for smartcards. Switch to the new APIs. In the process, refactor the Android unit tests to be common on all platforms and unit test this stuff. SecKeychainCreate finally works, so we can unit test the entire path from certificate to key and compare signatures against OpenSSL. That second part probably bears repeating. Eight years into the project's lifetime, we FINALLY have unit tests for this code! BUG=666796, 673058 Committed: https://crrev.com/ebe0803de7a569dee0c7b0ab6b4685dc749b8f29 Cr-Commit-Position: refs/heads/master@{#438392}

Patch Set 1 #

Total comments: 24

Patch Set 2 : rsleevi comments #

Unified diffs Side-by-side diffs Delta from patch set Stats (+656 lines, -182 lines) Patch
M net/net.gypi View 1 chunk +3 lines, -0 lines 0 comments Download
M net/ssl/ssl_platform_key.h View 1 1 chunk +4 lines, -4 lines 0 comments Download
M net/ssl/ssl_platform_key_android.cc View 1 1 chunk +1 line, -1 line 0 comments Download
M net/ssl/ssl_platform_key_android_unittest.cc View 6 chunks +24 lines, -150 lines 0 comments Download
M net/ssl/ssl_platform_key_chromecast.cc View 1 1 chunk +1 line, -1 line 0 comments Download
A net/ssl/ssl_platform_key_mac.h View 1 1 chunk +27 lines, -0 lines 0 comments Download
M net/ssl/ssl_platform_key_mac.cc View 1 7 chunks +212 lines, -24 lines 0 comments Download
A net/ssl/ssl_platform_key_mac_unittest.cc View 1 1 chunk +137 lines, -0 lines 0 comments Download
M net/ssl/ssl_platform_key_nss.cc View 1 1 chunk +1 line, -1 line 0 comments Download
M net/ssl/ssl_platform_key_win.cc View 1 1 chunk +1 line, -1 line 0 comments Download
A net/ssl/ssl_private_key_test_util.h View 1 1 chunk +24 lines, -0 lines 0 comments Download
A net/ssl/ssl_private_key_test_util.cc View 1 1 chunk +221 lines, -0 lines 0 comments Download

Dependent Patchsets:

Issue 2572113002 Patch 1

Messages

Total messages: 23 (13 generated)
davidben
I feel like I am morally obligated to send this CL to you since you ...
4 years ago (2016-12-13 21:38:57 UTC) #4
Ryan Sleevi
Since most of these are nits or requests for further clarification, I'll go ahead and ...
4 years ago (2016-12-13 22:21:08 UTC) #7
davidben
https://codereview.chromium.org/2566273008/diff/1/net/ssl/ssl_platform_key_mac.cc File net/ssl/ssl_platform_key_mac.cc (right): https://codereview.chromium.org/2566273008/diff/1/net/ssl/ssl_platform_key_mac.cc#newcode127 net/ssl/ssl_platform_key_mac.cc:127: return; \ On 2016/12/13 22:21:07, Ryan Sleevi wrote: > ...
4 years ago (2016-12-14 00:59:43 UTC) #9
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2566273008/20001
4 years ago (2016-12-14 01:52:36 UTC) #14
commit-bot: I haz the power
Committed patchset #2 (id:20001)
4 years ago (2016-12-14 02:23:25 UTC) #17
commit-bot: I haz the power
Patchset 2 (id:??) landed as https://crrev.com/ebe0803de7a569dee0c7b0ab6b4685dc749b8f29 Cr-Commit-Position: refs/heads/master@{#438392}
4 years ago (2016-12-14 02:27:24 UTC) #19
Alexander Yashkin
On 2016/12/14 at 02:27:24, commit-bot wrote: > Patchset 2 (id:??) landed as https://crrev.com/ebe0803de7a569dee0c7b0ab6b4685dc749b8f29 > Cr-Commit-Position: ...
4 years ago (2016-12-14 12:29:11 UTC) #20
davidben
On 2016/12/14 12:29:11, Alexander Yashkin wrote: > On 2016/12/14 at 02:27:24, commit-bot wrote: > > ...
4 years ago (2016-12-14 12:45:19 UTC) #21
davidben
On 2016/12/14 12:45:19, davidben wrote: > On 2016/12/14 12:29:11, Alexander Yashkin wrote: > > On ...
4 years ago (2016-12-14 13:06:31 UTC) #22
Alexander Yashkin
4 years ago (2016-12-16 05:46:12 UTC) #23
Message was sent while issue was closed. 
On 2016/12/14 at 13:06:31, davidben wrote:
> On 2016/12/14 12:45:19, davidben wrote:
> > On 2016/12/14 12:29:11, Alexander Yashkin wrote:
> > > On 2016/12/14 at 02:27:24, commit-bot wrote:
> > > > Patchset 2 (id:??) landed as
> > > https://crrev.com/ebe0803de7a569dee0c7b0ab6b4685dc749b8f29
> > > > Cr-Commit-Position: refs/heads/master@{#438392}
> > > 
> > > Unfortunately this change breaks Chromium compilation on macos 10.11.6
> > (building
> > > at ab9d0bcb41c77781cf482f4937686cc604b41112).
> > > 
> > > 
> > > ../../net/ssl/ssl_platform_key_mac.cc:148:51: error: 'SecKeyAlgorithm' is
> > > partial: introduced in macOS 10.12 [-Werror,-Wunguarded-availability]
> > >                                                   SecKeyAlgorithm
algorithm,
> > >                                                   ^
> > >
> >
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/System/Library/Frameworks/Security.framework/Headers/SecKey.h:992:21:
> > > note: 'SecKeyAlgorithm' has been explicitly marked partial here
> > > typedef CFStringRef SecKeyAlgorithm CF_STRING_ENUM
> > >                     ^
> > > ../../net/ssl/ssl_platform_key_mac.cc:148:51: note: explicitly redeclare
> > > 'SecKeyAlgorithm' to silence this warning
> > >                                                   SecKeyAlgorithm
algorithm,
> > 
> > It looks like you're building against the 10.12 SDK, but we're not doing
that
> > yet. Are you not building using the usual Chromium setup?
> > 
> > Still that does suggest something other than that #ifdef is needed to manage
> > this. I'll go poke at that.
> 
> This resolve things? https://codereview.chromium.org/2572113002/

Yes, thanks, it helps.

Powered by Google App Engine
This is Rietveld 408576698