Remove unused crypto::GetSupplementalUserKey() method.

BUG=

Review URL: https://chromiumcodereview.appspot.com/16163008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@205374 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 0 insertions, 62 deletions

diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc
index 9cd0cd1..1db0f8e 100644
--- a/crypto/nss_util.cc
+++ b/crypto/nss_util.cc
@@ -37,10 +37,6 @@
 #include "base/threading/thread_restrictions.h"
 #include "build/build_config.h"
 
-#if defined(OS_CHROMEOS)
-#include "crypto/symmetric_key.h"
-#endif
-
 // USE_NSS means we use NSS for everything crypto-related.  If USE_NSS is not
 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't
 // use NSS for crypto or certificate verification, and we don't use the NSS
@@ -93,15 +89,6 @@ base::FilePath GetDefaultConfigDirectory() {
   return dir;
 }
 
-#if defined(OS_CHROMEOS)
-// Supplemental user key id.
-unsigned char kSupplementalUserKeyId[] = {
-  0xCC, 0x13, 0x19, 0xDE, 0x75, 0x5E, 0xFE, 0xFA,
-  0x5E, 0x71, 0xD4, 0xA6, 0xFB, 0x00, 0x00, 0xCC
-};
-#endif  // defined(OS_CHROMEOS)
-
-
 // On non-chromeos platforms, return the default config directory.
 // On chromeos, return a read-only directory with fake root CA certs for testing
 // (which will not exist on non-testing images).  These root CA certs are used
@@ -318,41 +305,6 @@ class NSSInitSingleton {
     GetTPMTokenInfo(&token_name, NULL);
     return FindSlotWithTokenName(token_name);
   }
-
-  SymmetricKey* GetSupplementalUserKey() {
-    DCHECK(chromeos_user_logged_in_);
-
-    PK11SlotInfo* slot = NULL;
-    PK11SymKey* key = NULL;
-    SECItem keyID;
-    CK_MECHANISM_TYPE type = CKM_AES_ECB;
-
-    slot = GetPublicNSSKeySlot();
-    if (!slot)
-      goto done;
-
-    if (PK11_Authenticate(slot, PR_TRUE, NULL) != SECSuccess)
-      goto done;
-
-    keyID.type = siBuffer;
-    keyID.data = kSupplementalUserKeyId;
-    keyID.len = static_cast<int>(sizeof(kSupplementalUserKeyId));
-
-    // Find/generate AES key.
-    key = PK11_FindFixedKey(slot, type, &keyID, NULL);
-    if (!key) {
-      const int kKeySizeInBytes = 32;
-      key = PK11_TokenKeyGen(slot, type, NULL,
-                             kKeySizeInBytes,
-                             &keyID, PR_TRUE, NULL);
-    }
-
-  done:
-    if (slot)
-      PK11_FreeSlot(slot);
-
-    return key ? SymmetricKey::CreateFromKey(key) : NULL;
-  }
 #endif  // defined(OS_CHROMEOS)
 
 
@@ -800,10 +752,6 @@ bool InitializeTPMToken(const std::string& token_name,
                         const std::string& user_pin) {
   return g_nss_singleton.Get().InitializeTPMToken(token_name, user_pin);
 }
-
-SymmetricKey* GetSupplementalUserKey() {
-  return g_nss_singleton.Get().GetSupplementalUserKey();
-}
 #endif  // defined(OS_CHROMEOS)
 
 base::Time PRTimeToBaseTime(PRTime prtime) {
diff --git a/crypto/nss_util.h b/crypto/nss_util.h
index 60b7778..77a9649 100644
--- a/crypto/nss_util.h
+++ b/crypto/nss_util.h
@@ -20,8 +20,6 @@ class Time;
 // initialization functions.
 namespace crypto {
 
-class SymmetricKey;
-
 #if defined(USE_NSS)
 // EarlySetupForNSSInit performs lightweight setup which must occur before the
 // process goes multithreaded. This does not initialise NSS. For test, see
@@ -116,14 +114,6 @@ CRYPTO_EXPORT bool IsTPMTokenReady();
 // Initialize the TPM token.  Does nothing if it is already initialized.
 CRYPTO_EXPORT bool InitializeTPMToken(const std::string& token_name,
                                       const std::string& user_pin);
-
-// Gets supplemental user key. Creates one in NSS database if it does not exist.
-// The supplemental user key is used for AES encryption of user data that is
-// stored and protected by cryptohome. This additional layer of encryption of
-// provided to ensure that sensitive data wouldn't be exposed in plain text in
-// case when an attacker would somehow gain access to all content within
-// cryptohome.
-CRYPTO_EXPORT SymmetricKey* GetSupplementalUserKey();
 #endif
 
 // Convert a NSS PRTime value into a base::Time object.