Index: crypto/rsa_private_key_nss.cc |
diff --git a/crypto/rsa_private_key_nss.cc b/crypto/rsa_private_key_nss.cc |
index 35697abb4e721ed7fe14f0022cab16469b2676f1..2eeb822afcd51af57ea43d10ea7cbea829a03406 100644 |
--- a/crypto/rsa_private_key_nss.cc |
+++ b/crypto/rsa_private_key_nss.cc |
@@ -51,7 +51,10 @@ RSAPrivateKey::~RSAPrivateKey() { |
// static |
RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { |
- return CreateWithParams(num_bits, |
+ EnsureNSSInit(); |
+ |
+ return CreateWithParams(ScopedPK11Slot(PK11_GetInternalKeySlot()), |
wtc
2013/11/11 20:56:25
IMPORTANT: this should be PK11_GetInternalSlot().
mattm
2013/11/12 02:42:44
Thanks, fixed.
|
+ num_bits, |
false /* not permanent */, |
false /* not sensitive */); |
} |
@@ -59,23 +62,31 @@ RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { |
// static |
RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( |
const std::vector<uint8>& input) { |
- return CreateFromPrivateKeyInfoWithParams(input, |
- false /* not permanent */, |
- false /* not sensitive */); |
+ EnsureNSSInit(); |
+ |
+ return CreateFromPrivateKeyInfoWithParams( |
+ ScopedPK11Slot(PK11_GetInternalKeySlot()), |
wtc
2013/11/11 20:56:25
IMPORTANT: this should be PK11_GetInternalSlot().
mattm
2013/11/12 02:42:44
Done.
|
+ input, |
+ false /* not permanent */, |
+ false /* not sensitive */); |
} |
#if defined(USE_NSS) |
// static |
-RSAPrivateKey* RSAPrivateKey::CreateSensitive(uint16 num_bits) { |
- return CreateWithParams(num_bits, |
+RSAPrivateKey* RSAPrivateKey::CreateSensitive(ScopedPK11Slot slot, |
+ uint16 num_bits) { |
+ return CreateWithParams(slot.Pass(), |
+ num_bits, |
true /* permanent */, |
true /* sensitive */); |
} |
// static |
RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo( |
+ ScopedPK11Slot slot, |
const std::vector<uint8>& input) { |
- return CreateFromPrivateKeyInfoWithParams(input, |
+ return CreateFromPrivateKeyInfoWithParams(slot.Pass(), |
+ input, |
true /* permanent */, |
true /* sensitive */); |
} |
@@ -200,25 +211,15 @@ RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { |
} |
// static |
-RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits, |
+RSAPrivateKey* RSAPrivateKey::CreateWithParams(ScopedPK11Slot slot, |
+ uint16 num_bits, |
bool permanent, |
bool sensitive) { |
-#if !defined(USE_NSS) |
- if (permanent) { |
- NOTIMPLEMENTED(); |
+ if (!slot.get()) |
return NULL; |
- } |
-#endif |
wtc
2013/11/11 20:56:25
BUG?: it seems wrong to remove this check.
In thi
mattm
2013/11/12 02:42:44
Hm, yeah. I guess I was thinking that since Create
wtc
2013/11/12 18:49:42
I see. Yes, you are right, we can conclude the che
mattm
2013/11/12 22:27:03
Done.
|
- |
- EnsureNSSInit(); |
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); |
- ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() : |
- PK11_GetInternalSlot()); |
Ryan Sleevi
2013/11/09 02:26:47
Pretty sure ChromeOS is relying on this for TPM pr
mattm
2013/11/09 03:44:32
Hm, I found "platform/login_manager" uses RSAPriva
wtc
2013/11/11 20:58:20
Good. You already found the files that need to be
mattm
2013/11/12 02:42:44
So I don't know what the procedure is for rolling
wtc
2013/11/12 18:49:42
I don't know what the procedure is, either.
mattm
2013/11/12 22:27:03
Checked with cmasone and sent him an example patch
|
- if (!slot.get()) |
- return NULL; |
- |
PK11RSAGenParams param; |
param.keySizeInBits = num_bits; |
param.pe = 65537L; |
@@ -237,26 +238,15 @@ RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits, |
// static |
RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( |
- const std::vector<uint8>& input, bool permanent, bool sensitive) { |
-#if !defined(USE_NSS) |
- if (permanent) { |
- NOTIMPLEMENTED(); |
+ ScopedPK11Slot slot, |
+ const std::vector<uint8>& input, |
+ bool permanent, |
+ bool sensitive) { |
+ if (!slot.get()) |
return NULL; |
- } |
-#endif |
wtc
2013/11/11 20:56:25
BUG?: it seems wrong to remove this check.
mattm
2013/11/12 02:42:44
Done.
|
- |
- // This method currently leaks some memory. |
- // See http://crbug.com/34742. |
- ANNOTATE_SCOPED_MEMORY_LEAK; |
- EnsureNSSInit(); |
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); |
- ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() : |
- PK11_GetInternalSlot()); |
- if (!slot.get()) |
- return NULL; |
- |
SECItem der_private_key_info; |
der_private_key_info.data = const_cast<unsigned char*>(&input.front()); |
der_private_key_info.len = input.size(); |