Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1098)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/sslplatf.c

Issue 14522022: Update NSS libSSL to NSS_3_15_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Make the changes rsleevi suggested Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/third_party/nss/ssl/sslauth.c ('K') | « net/third_party/nss/ssl/sslnonce.c ('k') | net/third_party/nss/ssl/sslproto.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Platform specific crypto wrappers 2 * Platform specific crypto wrappers
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after
103 { 103 {
104 if (key) { 104 if (key) {
105 if (key->dwKeySpec != CERT_NCRYPT_KEY_SPEC) 105 if (key->dwKeySpec != CERT_NCRYPT_KEY_SPEC)
106 CryptReleaseContext(key->hCryptProv, 0); 106 CryptReleaseContext(key->hCryptProv, 0);
107 /* FIXME(rsleevi): Close CNG keys. */ 107 /* FIXME(rsleevi): Close CNG keys. */
108 PORT_Free(key); 108 PORT_Free(key);
109 } 109 }
110 } 110 }
111 111
112 SECStatus 112 SECStatus
113 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, 113 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf,
114 PRBool isTLS, KeyType keyType) 114 PRBool isTLS, KeyType keyType)
115 { 115 {
116 SECStatus rv = SECFailure; 116 SECStatus rv = SECFailure;
117 PRBool doDerEncode = PR_FALSE; 117 PRBool doDerEncode = PR_FALSE;
118 SECItem hashItem; 118 SECItem hashItem;
119 DWORD argLen = 0; 119 DWORD argLen = 0;
120 DWORD signatureLen = 0; 120 DWORD signatureLen = 0;
121 ALG_ID hashAlg = 0; 121 ALG_ID hashAlg = 0;
122 HCRYPTHASH hHash = 0; 122 HCRYPTHASH hHash = 0;
123 DWORD hashLen = 0; 123 DWORD hashLen = 0;
(...skipping 19 matching lines...) Expand all
143 hashItem.len = sizeof(hash->sha); 143 hashItem.len = sizeof(hash->sha);
144 break; 144 break;
145 default: 145 default:
146 PORT_SetError(SEC_ERROR_INVALID_KEY); 146 PORT_SetError(SEC_ERROR_INVALID_KEY);
147 goto done; 147 goto done;
148 } 148 }
149 PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len)); 149 PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len));
150 150
151 if (!CryptCreateHash(key->hCryptProv, hashAlg, 0, 0, &hHash)) { 151 if (!CryptCreateHash(key->hCryptProv, hashAlg, 0, 0, &hHash)) {
152 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE); 152 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE);
153 goto done; 153 goto done;
154 } 154 }
155 argLen = sizeof(hashLen); 155 argLen = sizeof(hashLen);
156 if (!CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE*)&hashLen, &argLen, 0)) { 156 if (!CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE*)&hashLen, &argLen, 0)) {
157 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE); 157 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE);
158 goto done; 158 goto done;
159 } 159 }
160 if (hashLen != hashItem.len) { 160 if (hashLen != hashItem.len) {
161 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE); 161 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE);
162 goto done; 162 goto done;
163 } 163 }
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
216 #elif defined(XP_MACOSX) 216 #elif defined(XP_MACOSX)
217 #include <Security/cssm.h> 217 #include <Security/cssm.h>
218 218
219 void 219 void
220 ssl_FreePlatformKey(PlatformKey key) 220 ssl_FreePlatformKey(PlatformKey key)
221 { 221 {
222 CFRelease(key); 222 CFRelease(key);
223 } 223 }
224 224
225 SECStatus 225 SECStatus
226 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, 226 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf,
227 PRBool isTLS, KeyType keyType) 227 PRBool isTLS, KeyType keyType)
228 { 228 {
229 SECStatus rv = SECFailure; 229 SECStatus rv = SECFailure;
230 PRBool doDerEncode = PR_FALSE; 230 PRBool doDerEncode = PR_FALSE;
231 unsigned int signatureLen; 231 unsigned int signatureLen;
232 OSStatus status = noErr; 232 OSStatus status = noErr;
233 CSSM_CSP_HANDLE cspHandle = 0; 233 CSSM_CSP_HANDLE cspHandle = 0;
234 const CSSM_KEY *cssmKey = NULL; 234 const CSSM_KEY *cssmKey = NULL;
235 CSSM_ALGORITHMS sigAlg; 235 CSSM_ALGORITHMS sigAlg;
236 const CSSM_ACCESS_CREDENTIALS * cssmCreds = NULL; 236 const CSSM_ACCESS_CREDENTIALS * cssmCreds = NULL;
(...skipping 13 matching lines...) Expand all
250 status = SecKeyGetCSSMKey(key, &cssmKey); 250 status = SecKeyGetCSSMKey(key, &cssmKey);
251 if (status != noErr || !cssmKey) { 251 if (status != noErr || !cssmKey) {
252 PORT_SetError(SEC_ERROR_NO_KEY); 252 PORT_SetError(SEC_ERROR_NO_KEY);
253 goto done; 253 goto done;
254 } 254 }
255 255
256 /* SecKeyGetBlockSize wasn't addeded until OS X 10.6 - but the 256 /* SecKeyGetBlockSize wasn't addeded until OS X 10.6 - but the
257 * needed information is readily available on the key itself. 257 * needed information is readily available on the key itself.
258 */ 258 */
259 signatureLen = (cssmKey->KeyHeader.LogicalKeySizeInBits + 7) / 8; 259 signatureLen = (cssmKey->KeyHeader.LogicalKeySizeInBits + 7) / 8;
260 260
261 if (signatureLen == 0) { 261 if (signatureLen == 0) {
262 PORT_SetError(SEC_ERROR_INVALID_KEY); 262 PORT_SetError(SEC_ERROR_INVALID_KEY);
263 goto done; 263 goto done;
264 } 264 }
265 265
266 buf->data = (unsigned char *)PORT_Alloc(signatureLen); 266 buf->data = (unsigned char *)PORT_Alloc(signatureLen);
267 if (!buf->data) 267 if (!buf->data)
268 goto done; /* error code was set. */ 268 goto done; /* error code was set. */
269 269
270 sigAlg = cssmKey->KeyHeader.AlgorithmId; 270 sigAlg = cssmKey->KeyHeader.AlgorithmId;
(...skipping 27 matching lines...) Expand all
298 */ 298 */
299 status = SecKeyGetCredentials(key, CSSM_ACL_AUTHORIZATION_SIGN, 299 status = SecKeyGetCredentials(key, CSSM_ACL_AUTHORIZATION_SIGN,
300 kSecCredentialTypeDefault, &cssmCreds); 300 kSecCredentialTypeDefault, &cssmCreds);
301 if (status != noErr) { 301 if (status != noErr) {
302 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE); 302 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE);
303 goto done; 303 goto done;
304 } 304 }
305 305
306 signatureData.Length = signatureLen; 306 signatureData.Length = signatureLen;
307 signatureData.Data = (uint8*)buf->data; 307 signatureData.Data = (uint8*)buf->data;
308 308
309 cssmRv = CSSM_CSP_CreateSignatureContext(cspHandle, sigAlg, cssmCreds, 309 cssmRv = CSSM_CSP_CreateSignatureContext(cspHandle, sigAlg, cssmCreds,
310 cssmKey, &cssmSignature); 310 cssmKey, &cssmSignature);
311 if (cssmRv) { 311 if (cssmRv) {
312 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE); 312 PORT_SetError(SSL_ERROR_SIGN_HASHES_FAILURE);
313 goto done; 313 goto done;
314 } 314 }
315 315
316 /* See "Apple Cryptographic Service Provider Functional Specification" */ 316 /* See "Apple Cryptographic Service Provider Functional Specification" */
317 if (cssmKey->KeyHeader.AlgorithmId == CSSM_ALGID_RSA) { 317 if (cssmKey->KeyHeader.AlgorithmId == CSSM_ALGID_RSA) {
318 /* To set RSA blinding for RSA keys */ 318 /* To set RSA blinding for RSA keys */
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
374 SECStatus 374 SECStatus
375 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf, 375 ssl3_PlatformSignHashes(SSL3Hashes *hash, PlatformKey key, SECItem *buf,
376 PRBool isTLS, KeyType keyType) 376 PRBool isTLS, KeyType keyType)
377 { 377 {
378 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); 378 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
379 return SECFailure; 379 return SECFailure;
380 } 380 }
381 #endif 381 #endif
382 382
383 #endif /* NSS_PLATFORM_CLIENT_AUTH */ 383 #endif /* NSS_PLATFORM_CLIENT_AUTH */
OLDNEW
« net/third_party/nss/ssl/sslauth.c ('K') | « net/third_party/nss/ssl/sslnonce.c ('k') | net/third_party/nss/ssl/sslproto.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698