net/ssl/ssl_platform_key_nss.cc - Issue 2898573002: Refactor client cert private key handling.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/ssl/ssl_platform_key_nss.cc

Issue 2898573002: Refactor client cert private key handling. (Closed)

Patch Set: . Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/ssl/ssl_platform_key_nss.cc

diff --git a/net/ssl/ssl_platform_key_nss.cc b/net/ssl/ssl_platform_key_nss.cc

index e63fb18fb5dad40a6bac116f0d74dd73b19fbd4b..93256ea2af9067b48e7197cd9ea072b755745ade 100644

--- a/net/ssl/ssl_platform_key_nss.cc

+++ b/net/ssl/ssl_platform_key_nss.cc

@@ -2,6 +2,8 @@

// Use of this source code is governed by a BSD-style license that can be

// found in the LICENSE file.

+#include "net/ssl/ssl_platform_key_nss.h"

#include <cert.h>

#include <keyhi.h>

#include <pk11pub.h>

@@ -12,10 +14,9 @@

#include "base/logging.h"

#include "base/macros.h"

#include "base/memory/ptr_util.h"

+#include "crypto/nss_crypto_module_delegate.h"

#include "crypto/scoped_nss_types.h"

#include "net/cert/x509_certificate.h"

-#include "net/ssl/client_key_store.h"

-#include "net/ssl/ssl_platform_key.h"

#include "net/ssl/ssl_platform_key_util.h"

#include "net/ssl/ssl_private_key.h"

#include "net/ssl/threaded_ssl_private_key.h"

@@ -153,13 +154,13 @@ class SSLPlatformKeyNSS : public ThreadedSSLPrivateKey::Delegate {

} // namespace

scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey(

- const X509Certificate* certificate) {

+ const X509Certificate* certificate,

+ crypto::CryptoModuleBlockingPasswordDelegate* password_delegate) {

+ void* wincx = password_delegate ? password_delegate->wincx() : nullptr;

crypto::ScopedSECKEYPrivateKey key(

- PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr));

- if (!key) {

- return ClientKeyStore::GetInstance()->FetchClientCertPrivateKey(

- *certificate);

- }

+ PK11_FindKeyByAnyCert(certificate->os_cert_handle(), wincx));

davidben 2017/06/01 23:41:25 Huh. We didn't manage to pass this in before, did

mattm 2017/06/02 04:04:20 Previously we had that ugly UnlockSlot thing where

+ if (!key)

+ return nullptr;

int type;

size_t max_length;

« net/ssl/ssl_cert_request_info.h ('K') | « net/ssl/ssl_platform_key_nss.h ('k') | net/ssl/ssl_platform_key_nss_unittest.cc » ('j') | no next file with comments »