diff options
| author | davidben <davidben@chromium.org> | 2015-10-15 15:13:22 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-10-15 22:14:28 +0000 |
| commit | 24bb5a4b2e4d909c27740c5a12b3e167c49329f2 (patch) | |
| tree | 493bc7ae973b9de7c1776d7f5f11ac929b8f36d1 /crypto | |
| parent | c389c80986ff755aad066c9691d6613fd9ae111c (diff) | |
| download | chromium_src-24bb5a4b2e4d909c27740c5a12b3e167c49329f2.zip chromium_src-24bb5a4b2e4d909c27740c5a12b3e167c49329f2.tar.gz chromium_src-24bb5a4b2e4d909c27740c5a12b3e167c49329f2.tar.bz2 | |
Remove crypto::ECPrivateKey::IsSupported.
We no longer need to worry about the system NSS on decrepit Linux
distributions. The only platform where ECPrivateKey is backed by NSS is iOS and
we control that one.
BUG=519504
Review URL: https://codereview.chromium.org/1408813002
Cr-Commit-Position: refs/heads/master@{#354379}
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/ec_private_key.h | 3 | ||||
| -rw-r--r-- | crypto/ec_private_key_nss.cc | 38 | ||||
| -rw-r--r-- | crypto/ec_private_key_openssl.cc | 3 |
3 files changed, 2 insertions, 42 deletions
diff --git a/crypto/ec_private_key.h b/crypto/ec_private_key.h index 87af838..a3ba49d 100644 --- a/crypto/ec_private_key.h +++ b/crypto/ec_private_key.h @@ -34,9 +34,6 @@ class CRYPTO_EXPORT ECPrivateKey { public: ~ECPrivateKey(); - // Returns whether the system supports elliptic curve cryptography. - static bool IsSupported(); - // Creates a new random instance. Can return NULL if initialization fails. // The created key will use the NIST P-256 curve. // TODO(mattm): Add a curve parameter. diff --git a/crypto/ec_private_key_nss.cc b/crypto/ec_private_key_nss.cc index 5092010..5f8a4e6 100644 --- a/crypto/ec_private_key_nss.cc +++ b/crypto/ec_private_key_nss.cc @@ -15,7 +15,6 @@ extern "C" { #include <pk11pub.h> #include <secmod.h> -#include "base/lazy_instance.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "crypto/nss_util.h" @@ -25,34 +24,6 @@ extern "C" { namespace { -PK11SlotInfo* GetTempKeySlot() { - return PK11_GetInternalSlot(); -} - -class EllipticCurveSupportChecker { - public: - EllipticCurveSupportChecker() { - // NOTE: we can do this check here only because we use the NSS internal - // slot. If we support other slots in the future, checking whether they - // support ECDSA may block NSS, and the value may also change as devices are - // inserted/removed, so we would need to re-check on every use. - crypto::EnsureNSSInit(); - crypto::ScopedPK11Slot slot(GetTempKeySlot()); - supported_ = PK11_DoesMechanism(slot.get(), CKM_EC_KEY_PAIR_GEN) && - PK11_DoesMechanism(slot.get(), CKM_ECDSA); - } - - bool Supported() { - return supported_; - } - - private: - bool supported_; -}; - -static base::LazyInstance<EllipticCurveSupportChecker>::Leaky - g_elliptic_curve_supported = LAZY_INSTANCE_INITIALIZER; - // Copied from rsa_private_key_nss.cc. static bool ReadAttribute(SECKEYPrivateKey* key, CK_ATTRIBUTE_TYPE type, @@ -82,15 +53,10 @@ ECPrivateKey::~ECPrivateKey() { } // static -bool ECPrivateKey::IsSupported() { - return g_elliptic_curve_supported.Get().Supported(); -} - -// static ECPrivateKey* ECPrivateKey::Create() { EnsureNSSInit(); - ScopedPK11Slot slot(GetTempKeySlot()); + ScopedPK11Slot slot(PK11_GetInternalSlot()); if (!slot) return nullptr; @@ -140,7 +106,7 @@ ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( const std::vector<uint8>& subject_public_key_info) { EnsureNSSInit(); - ScopedPK11Slot slot(GetTempKeySlot()); + ScopedPK11Slot slot(PK11_GetInternalSlot()); if (!slot) return nullptr; diff --git a/crypto/ec_private_key_openssl.cc b/crypto/ec_private_key_openssl.cc index 1a06028..9836fa6 100644 --- a/crypto/ec_private_key_openssl.cc +++ b/crypto/ec_private_key_openssl.cc @@ -93,9 +93,6 @@ ECPrivateKey* ECPrivateKey::Copy() const { } // static -bool ECPrivateKey::IsSupported() { return true; } - -// static ECPrivateKey* ECPrivateKey::Create() { OpenSSLErrStackTracer err_tracer(FROM_HERE); |