Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(334)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/gcm_driver/crypto/p256_key_util.cc

Issue 2608453002: Remove the password parameter for ECPrivateKey::ExportEncryptedPrivateKey. (Closed)
Patch Set: fmt Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | crypto/ec_private_key.h » ('j') | net/ssl/channel_id_service.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/gcm_driver/crypto/p256_key_util.h" 5 #include "components/gcm_driver/crypto/p256_key_util.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <memory> 10 #include <memory>
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 if (!key_pair.get()) { 44 if (!key_pair.get()) {
45 DLOG(ERROR) << "Unable to generate a new P-256 key pair."; 45 DLOG(ERROR) << "Unable to generate a new P-256 key pair.";
46 return false; 46 return false;
47 } 47 }
48 48
49 std::vector<uint8_t> private_key; 49 std::vector<uint8_t> private_key;
50 50
51 // Export the encrypted private key with an empty password. This is not done 51 // Export the encrypted private key with an empty password. This is not done
52 // to provide any security, but rather to achieve a consistent private key 52 // to provide any security, but rather to achieve a consistent private key
53 // storage between the BoringSSL and NSS implementations. 53 // storage between the BoringSSL and NSS implementations.
54 if (!key_pair->ExportEncryptedPrivateKey( 54 if (!key_pair->ExportEncryptedPrivateKey(&private_key)) {
55 "" /* password */, 1 /* iteration */, &private_key)) {
56 DLOG(ERROR) << "Unable to export the private key."; 55 DLOG(ERROR) << "Unable to export the private key.";
57 return false; 56 return false;
58 } 57 }
59 58
60 std::string candidate_public_key; 59 std::string candidate_public_key;
61 60
62 // ECPrivateKey::ExportRawPublicKey() returns the EC point in the uncompressed 61 // ECPrivateKey::ExportRawPublicKey() returns the EC point in the uncompressed
63 // point format, but does not include the leading byte of value 0x04 that 62 // point format, but does not include the leading byte of value 0x04 that
64 // indicates usage of uncompressed points, per SEC1 2.3.3. 63 // indicates usage of uncompressed points, per SEC1 2.3.3.
65 if (!key_pair->ExportRawPublicKey(&candidate_public_key) || 64 if (!key_pair->ExportRawPublicKey(&candidate_public_key) ||
(...skipping 27 matching lines...) Expand all
93 } 92 }
94 93
95 bool ComputeSharedP256Secret(const base::StringPiece& private_key, 94 bool ComputeSharedP256Secret(const base::StringPiece& private_key,
96 const base::StringPiece& public_key_x509, 95 const base::StringPiece& public_key_x509,
97 const base::StringPiece& peer_public_key, 96 const base::StringPiece& peer_public_key,
98 std::string* out_shared_secret) { 97 std::string* out_shared_secret) {
99 DCHECK(out_shared_secret); 98 DCHECK(out_shared_secret);
100 99
101 std::unique_ptr<crypto::ECPrivateKey> local_key_pair( 100 std::unique_ptr<crypto::ECPrivateKey> local_key_pair(
102 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( 101 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
103 "" /* no password */,
104 std::vector<uint8_t>(private_key.data(), 102 std::vector<uint8_t>(private_key.data(),
105 private_key.data() + private_key.size()), 103 private_key.data() + private_key.size()),
106 std::vector<uint8_t>( 104 std::vector<uint8_t>(
107 public_key_x509.data(), 105 public_key_x509.data(),
108 public_key_x509.data() + public_key_x509.size()))); 106 public_key_x509.data() + public_key_x509.size())));
109 107
110 if (!local_key_pair) { 108 if (!local_key_pair) {
111 DLOG(ERROR) << "Unable to create the local key pair."; 109 DLOG(ERROR) << "Unable to create the local key pair.";
112 return false; 110 return false;
113 } 111 }
(...skipping 21 matching lines...) Expand all
135 nullptr) != sizeof(result)) { 133 nullptr) != sizeof(result)) {
136 DLOG(ERROR) << "Unable to compute the ECDH shared secret."; 134 DLOG(ERROR) << "Unable to compute the ECDH shared secret.";
137 return false; 135 return false;
138 } 136 }
139 137
140 out_shared_secret->assign(reinterpret_cast<char*>(result), sizeof(result)); 138 out_shared_secret->assign(reinterpret_cast<char*>(result), sizeof(result));
141 return true; 139 return true;
142 } 140 }
143 141
144 } // namespace gcm 142 } // namespace gcm
OLDNEW
« no previous file with comments | « no previous file | crypto/ec_private_key.h » ('j') | net/ssl/channel_id_service.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698