summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorrsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-21 16:29:43 +0000
committerrsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-06-21 16:29:43 +0000
commit8f7da7fcbb57babf2736d16df1912f4f4bf4b807 (patch)
tree046440832e4f1ce7385d710dce5eb1b95ba8737f /crypto
parent5bbabede9673d47ad169bdecd62103e2e297149d (diff)
downloadchromium_src-8f7da7fcbb57babf2736d16df1912f4f4bf4b807.zip
chromium_src-8f7da7fcbb57babf2736d16df1912f4f4bf4b807.tar.gz
chromium_src-8f7da7fcbb57babf2736d16df1912f4f4bf4b807.tar.bz2
On NSS, treat non-permanent RSA private keys as ephemeral
When generating/using a crypto::RSAPrivateKey with NSS, prefer the internal software slot over other modules (such as any TPMs [ChromeOS] or smart cards [Linux]) if the key being generated is not marked as a permanent key. BUG=none R=wtc Review URL: https://chromiumcodereview.appspot.com/17447009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207853 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
-rw-r--r--crypto/rsa_private_key_nss.cc6
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/rsa_private_key_nss.cc b/crypto/rsa_private_key_nss.cc
index a89454e..3574432 100644
--- a/crypto/rsa_private_key_nss.cc
+++ b/crypto/rsa_private_key_nss.cc
@@ -206,7 +206,8 @@ RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits,
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
- ScopedPK11Slot slot(GetPrivateNSSKeySlot());
+ ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
+ PK11_GetInternalSlot());
if (!slot.get())
return NULL;
@@ -236,7 +237,8 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams(
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
- ScopedPK11Slot slot(GetPrivateNSSKeySlot());
+ ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
+ PK11_GetInternalSlot());
if (!slot.get())
return NULL;