Chromium Code Reviews Chromium Code Reviews
Issue 13843023:
Use CERT_GetCertKeyType to get KeyType for ssl3_PlatformSignHashes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: net/third_party/nss/ssl/sslplatf.c |
| diff --git a/net/third_party/nss/ssl/sslplatf.c b/net/third_party/nss/ssl/sslplatf.c |
| index 208956f8912a4664dec112bf1b5b98c57844cc2f..e64821e1f1c0f20b4c50629ce8d47b9f4bbc51d0 100644 |
| --- a/net/third_party/nss/ssl/sslplatf.c |
| +++ b/net/third_party/nss/ssl/sslplatf.c |
| @@ -111,14 +111,12 @@ ssl_FreePlatformKey(PlatformKey key) |
| SECStatus |
| ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| - PRBool isTLS) |
| + PRBool isTLS, KeyType keyType) |
| { |
| SECStatus rv = SECFailure; |
| PRBool doDerEncode = PR_FALSE; |
| SECItem hashItem; |
| - HCRYPTKEY hKey = 0; |
| DWORD argLen = 0; |
| - ALG_ID keyAlg = 0; |
| DWORD signatureLen = 0; |
| ALG_ID hashAlg = 0; |
| HCRYPTHASH hHash = 0; |
| @@ -126,31 +124,16 @@ ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| unsigned int i = 0; |
| buf->data = NULL; |
| - if (!CryptGetUserKey(key->hCryptProv, key->dwKeySpec, &hKey)) { |
| - if (GetLastError() == NTE_NO_KEY) { |
| - PORT_SetError(SEC_ERROR_NO_KEY); |
| - } else { |
| - PORT_SetError(SEC_ERROR_INVALID_KEY); |
| - } |
| - goto done; |
| - } |
| - argLen = sizeof(keyAlg); |
| - if (!CryptGetKeyParam(hKey, KP_ALGID, (BYTE*)&keyAlg, &argLen, 0)) { |
| - PORT_SetError(SEC_ERROR_INVALID_KEY); |
| - goto done; |
| - } |
| - |
| - switch (keyAlg) { |
| - case CALG_RSA_KEYX: |
| - case CALG_RSA_SIGN: |
| + switch (keyType) { |
| + case rsaKey: |
| hashAlg = CALG_SSL3_SHAMD5; |
| hashItem.data = hash->md5; |
| hashItem.len = sizeof(SSL3Hashes); |
| break; |
| - case CALG_DSS_SIGN: |
| - case CALG_ECDSA: |
| - if (keyAlg == CALG_ECDSA) { |
| + case dsaKey: |
| + case ecKey: |
| + if (keyType == ecKey) { |
| doDerEncode = PR_TRUE; |
| } else { |
| doDerEncode = isTLS; |
| @@ -223,8 +206,6 @@ ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| done: |
| if (hHash) |
| CryptDestroyHash(hHash); |
| - if (hKey) |
| - CryptDestroyKey(hKey); |
| if (rv != SECSuccess && buf->data) { |
| PORT_Free(buf->data); |
| buf->data = NULL; |
| @@ -243,7 +224,7 @@ ssl_FreePlatformKey(PlatformKey key) |
| SECStatus |
| ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| - PRBool isTLS) |
| + PRBool isTLS, KeyType keyType) |
| { |
| SECStatus rv = SECFailure; |
| PRBool doDerEncode = PR_FALSE; |
| @@ -287,18 +268,18 @@ ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| goto done; /* error code was set. */ |
| sigAlg = cssmKey->KeyHeader.AlgorithmId; |
| - switch (sigAlg) { |
| - case CSSM_ALGID_RSA: |
| + switch (keyType) { |
|
wtc
2013/04/26 17:38:03
Hmm... so we still need cssmKey and sigAlg in the
|
| + case rsaKey: |
| hashData.Data = hash->md5; |
| hashData.Length = sizeof(SSL3Hashes); |
| break; |
| - case CSSM_ALGID_ECDSA: |
| - case CSSM_ALGID_DSA: |
| - if (sigAlg == CSSM_ALGID_ECDSA) { |
| + case dsaKey: |
| + case ecKey: |
| + if (keyType == ecKey) { |
| doDerEncode = PR_TRUE; |
| } else { |
| doDerEncode = isTLS; |
| - } |
| + } |
|
wtc
2013/04/26 17:38:03
Delete the spaces at the end of the line.
|
| hashData.Data = hash->sha; |
| hashData.Length = sizeof(hash->sha); |
| break; |
| @@ -389,7 +370,7 @@ ssl_FreePlatformKey(PlatformKey key) |
| SECStatus |
| ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, |
| - PRBool isTLS) |
| + PRBool isTLS, KeyType keyType) |
| { |
| PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); |
| return SECFailure; |
