| Index: content/child/webcrypto/platform_crypto_nss.cc
|
| diff --git a/content/child/webcrypto/platform_crypto_nss.cc b/content/child/webcrypto/platform_crypto_nss.cc
|
| index ffa62a54f788dcd5722dd57df683a42d2326af29..65dbb2f4643a255e013ab2686929aca57e1afc5c 100644
|
| --- a/content/child/webcrypto/platform_crypto_nss.cc
|
| +++ b/content/child/webcrypto/platform_crypto_nss.cc
|
| @@ -560,13 +560,16 @@ Status DoUnwrapSymKeyAesKw(const CryptoData& wrapped_key_data,
|
| PORT_SetError(0);
|
| #endif
|
|
|
| - crypto::ScopedPK11SymKey new_key(PK11_UnwrapSymKey(wrapping_key->key(),
|
| - CKM_NSS_AES_KEY_WRAP,
|
| - param_item.get(),
|
| - &cipher_text,
|
| - mechanism,
|
| - flags,
|
| - plaintext_length));
|
| + crypto::ScopedPK11SymKey new_key(
|
| + PK11_UnwrapSymKeyWithFlags(wrapping_key->key(),
|
| + CKM_NSS_AES_KEY_WRAP,
|
| + param_item.get(),
|
| + &cipher_text,
|
| + mechanism,
|
| + CKA_FLAGS_ONLY,
|
| + plaintext_length,
|
| + flags));
|
| +
|
| // TODO(padolph): Use NSS PORT_GetError() and friends to report a more
|
| // accurate error, providing if doesn't leak any information to web pages
|
| // about other web crypto users, key details, etc.
|
| @@ -1575,7 +1578,7 @@ Status DecryptAesKw(SymKey* wrapping_key,
|
| // temporarily viewed as a symmetric key to be unwrapped (decrypted).
|
| crypto::ScopedPK11SymKey decrypted;
|
| Status status = DoUnwrapSymKeyAesKw(
|
| - data, wrapping_key, CKK_GENERIC_SECRET, CKA_ENCRYPT, &decrypted);
|
| + data, wrapping_key, CKK_GENERIC_SECRET, 0, &decrypted);
|
| if (status.IsError())
|
| return status;
|
|
|
|
|
Chromium Code Reviews
Issue 269313004:
[webcrypto] Fix AES-KW unwrapping for symmetric keys (NSS). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src