crypto/ec_private_key.h - Issue 2608453002: Remove the password parameter for ECPrivateKey::ExportEncryptedPrivateKey.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: crypto/ec_private_key.h

Issue 2608453002: Remove the password parameter for ECPrivateKey::ExportEncryptedPrivateKey. (Closed)

Patch Set: fmt Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: crypto/ec_private_key.h

diff --git a/crypto/ec_private_key.h b/crypto/ec_private_key.h

index 8e5fe5e99bb89ecc4cb4120244f1f8ec37b3caaa..432019be5d7eb9610febd69e76df5beb4aac452f 100644

--- a/crypto/ec_private_key.h

+++ b/crypto/ec_private_key.h

@@ -41,13 +41,12 @@ class CRYPTO_EXPORT ECPrivateKey {

// Creates a new instance by importing an existing key pair.

// The key pair is given as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo

- // block and an X.509 SubjectPublicKeyInfo block.

+ // block with empty password and an X.509 SubjectPublicKeyInfo block.

// Returns nullptr if initialization fails.

// This function is deprecated. Use CreateFromPrivateKeyInfo for new code.

// See https://crbug.com/603319.

static std::unique_ptr<ECPrivateKey> CreateFromEncryptedPrivateKeyInfo(

- const std::string& password,

const std::vector<uint8_t>& encrypted_private_key_info,

const std::vector<uint8_t>& subject_public_key_info);

@@ -60,16 +59,12 @@ class CRYPTO_EXPORT ECPrivateKey {

bool ExportPrivateKey(std::vector<uint8_t>* output) const;

// Exports the private key as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo

- // block and the public key as an X.509 SubjectPublicKeyInfo block.

- // The |password| and |iterations| are used as inputs to the key derivation

- // function for generating the encryption key. PKCS #5 recommends a minimum

- // of 1000 iterations, on modern systems a larger value may be preferrable.

+ // block wth empty password. This was historically used as a workaround for

+ // NSS API deficiencies and does not provide security.

// This function is deprecated. Use ExportPrivateKey for new code. See

// https://crbug.com/603319.

- bool ExportEncryptedPrivateKey(const std::string& password,

- int iterations,

- std::vector<uint8_t>* output) const;

+ bool ExportEncryptedPrivateKey(std::vector<uint8_t>* output) const;

// Exports the public key to an X.509 SubjectPublicKeyInfo block.

bool ExportPublicKey(std::vector<uint8_t>* output) const;