summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Use a forward declaration of RSAPrivateKey in crypto/signature_creator.h.wtc@chromium.org2012-02-086-7/+13
| | | | | | | | | | R=rch@chromium.org BUG=none TEST=no compilation errors Review URL: http://codereview.chromium.org/9348001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@120872 0039d316-1c4b-4281-b951-d872f2087c98
* Upstream: Build crypto_unittests for Android.jingzhao@chromium.org2012-02-071-2/+2
| | | | | | Review URL: http://codereview.chromium.org/9328034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@120727 0039d316-1c4b-4281-b951-d872f2087c98
* Fix an SECItem leak in the new ECSignatureCreator class.rnk@chromium.org2012-02-011-14/+9
| | | | | | | | | | | R=rch@chromium.org BUG=111317 TEST=ran drmemory on ECSignatureCreator.BasicTest, no longer reports leak Review URL: http://codereview.chromium.org/9302016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@120085 0039d316-1c4b-4281-b951-d872f2087c98
* crypto: P224::Contract could produce a non-minimal representation.agl@chromium.org2012-01-311-2/+35
| | | | | | | | | | | | | | | I missed an overflow in Contract because I suspected that the prime elimination would take care of it. It didn't, and I forgot to get back to the overflow. Because of this, Contract may have produced a non-minimal representation, causing flakey failures ~0.02% of the time. BUG=110972 TEST=crypto_unittests Review URL: http://codereview.chromium.org/9104013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@119775 0039d316-1c4b-4281-b951-d872f2087c98
* Add crypto pre-submit that will add the openssl builder to the default ↵joth@chromium.org2012-01-251-0/+14
| | | | | | | | | | | | try-bot list. BUG=None TEST=git try should run a linux_redux try job too. Review URL: http://codereview.chromium.org/9235031 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@119094 0039d316-1c4b-4281-b951-d872f2087c98
* Remove wrong parameter from ECSignatureCreator's constructor in openssl ↵jnd@chromium.org2012-01-251-4/+2
| | | | | | | | | | | | | implement. The wrong parameter was unused and broke the linux redux build. TBR=wtc BUG=None. TEST=Linux redux bot should be green. Review URL: https://chromiumcodereview.appspot.com/9234024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@119053 0039d316-1c4b-4281-b951-d872f2087c98
* CertDatabaseNSSTest: Don't delete test DB dir since we don't close the DB ↵mattm@chromium.org2012-01-252-14/+22
| | | | | | | | | | | | | | | | (broke in r108543). Refactor test DB code so that nss_util owns the test DB dir. Keeping the test DB dir until exit prevents later tests that would use the test DB from failing. The dir will still be deleted by the LazyInstance atexit handler. BUG=108748 TEST=see bug Review URL: http://codereview.chromium.org/9255034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@119003 0039d316-1c4b-4281-b951-d872f2087c98
* Create a new ECSignatureCreator class for signing content using EC crypto.rch@chromium.org2012-01-256-25/+271
| | | | | | Review URL: http://codereview.chromium.org/9240029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@118964 0039d316-1c4b-4281-b951-d872f2087c98
* Add a convenience typedef LazyInstance<T>::Leaky to avoid repeating T.fischman@chromium.org2012-01-231-5/+3
| | | | | | | | | | | | | Converted the first 20 or so hits for LeakyLazyInstanceTraits on codesearch to demonstrate the benefit at callsites. The real change is base/lazy_instance.h; everything else is example. BUG=none TEST=none Review URL: https://chromiumcodereview.appspot.com/9192024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@118754 0039d316-1c4b-4281-b951-d872f2087c98
* This adds support for encrypted ONC import to Chrome.gspencer@chromium.org2012-01-112-2/+17
| | | | | | | | | | | | | | | We now can import standalone ONC files that are encrypted by the Spigots management app. TBR=joaodasilva@chromium.org BUG=chromium-os:19397 TEST=Ran new unit tests, imported encrypted ONC on device. Review URL: http://codereview.chromium.org/8949056 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@117321 0039d316-1c4b-4281-b951-d872f2087c98
* net: allow CRLSets to block specific SPKIs.agl@chromium.org2012-01-102-6/+7
| | | | | | | | | | | | | | | | This change allows CRLSets to include a list of blocked SPKI fingerprints, which may save us doing emergency binary pushes in the future. It also corrects a bug where the NSS code was passing in the full SPKI rather than the SHA256 hash. BUG=none TEST=net_unittests Review URL: http://codereview.chromium.org/9149010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@117069 0039d316-1c4b-4281-b951-d872f2087c98
* Move net/base/sys_byteorder.h to base/sys_byteorder.hisherman@chromium.org2011-12-282-40/+5
| | | | | | | | | | | | | | Two motivations: (1) There are currently clients in src/crypto that need the same logic. (2) There is soon to be a client in src/chrome/common that needs the 64-bit version of this logic, which is currently inlined in a src/crypto implementation file. BUG=103480 TEST=compiles Review URL: http://codereview.chromium.org/8949026 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115926 0039d316-1c4b-4281-b951-d872f2087c98
* Fixed bad pointer on edge casegroby@chromium.org2011-12-221-1/+2
| | | | | | | | | | CID=102090 TEST= Review URL: http://codereview.chromium.org/8965056 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115499 0039d316-1c4b-4281-b951-d872f2087c98
* Coverity: Initialize member variables.jhawkins@chromium.org2011-12-212-1/+4
| | | | | | | | | | | | | CID=6462,16392,16996,17268,100987,101018,102401,102417,102476,102484,102513 102546,102552,102567,102617,102674,102677,102678,102679,102681,102685, 102714,102750,102751,102781 BUG=none TEST=none R=groby Review URL: http://codereview.chromium.org/9005015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115234 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 115227 - Coverity: Initialize member variables.jhawkins@chromium.org2011-12-212-4/+1
| | | | | | | | | | | | | | | | CID=6462,16392,16996,17268,100987,101018,102401,102417,102476,102484,102513 102546,102552,102567,102617,102674,102677,102678,102679,102681,102685, 102714,102750,102751,102781 BUG=none TEST=none R=groby Review URL: http://codereview.chromium.org/9005015 TBR=jhawkins@chromium.org Review URL: http://codereview.chromium.org/8965062 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115228 0039d316-1c4b-4281-b951-d872f2087c98
* Coverity: Initialize member variables.jhawkins@chromium.org2011-12-202-1/+4
| | | | | | | | | | | | | CID=6462,16392,16996,17268,100987,101018,102401,102417,102476,102484,102513 102546,102552,102567,102617,102674,102677,102678,102679,102681,102685, 102714,102750,102751,102781 BUG=none TEST=none R=groby Review URL: http://codereview.chromium.org/9005015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@115227 0039d316-1c4b-4281-b951-d872f2087c98
* Reland: Simplify PRTimeToBaseTime implementation, add BaseTimeToPRTime.mattm@chromium.org2011-12-154-16/+52
| | | | | | | | | | BUG=107047 TEST=crypto_unittests TBR=wtc@chromium.org Review URL: http://codereview.chromium.org/8956003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114693 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 114499 - Simplify PRTimeToBaseTime implementation, add BaseTimeToPRTime.sail@chromium.org2011-12-144-52/+16
| | | | | | | | | | | | | BUG=107047 TEST=crypto_unittests Review URL: http://codereview.chromium.org/8894023 TBR=mattm@chromium.org Review URL: http://codereview.chromium.org/8913018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114524 0039d316-1c4b-4281-b951-d872f2087c98
* Simplify PRTimeToBaseTime implementation, add BaseTimeToPRTime.mattm@chromium.org2011-12-144-16/+52
| | | | | | | | | | BUG=107047 TEST=crypto_unittests Review URL: http://codereview.chromium.org/8894023 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114499 0039d316-1c4b-4281-b951-d872f2087c98
* Simplify SPAKE2 implementation.sergeyu@chromium.org2011-12-133-61/+34
| | | | | | | | | | | | | | Currently P224EncryptedKeyExchange uses two pieces of secret: password and session-specific key. They are combined and used together as one password. It is not really needed and the calling code can do it when neccessary. BUG=105214 Review URL: http://codereview.chromium.org/8903001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114189 0039d316-1c4b-4281-b951-d872f2087c98
* Support EC certs in OriginBoundCertService and OriginBoundCertStore.mattm@chromium.org2011-12-062-52/+99
| | | | | | | | | | | | | OriginBoundCertService::GetOriginBoundCert takes a vector of requested cert types in order of preferrence and will return or generate one of an acceptable type. BUG=88782 TEST=net_unittests, unit_tests Review URL: http://codereview.chromium.org/8662036 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113108 0039d316-1c4b-4281-b951-d872f2087c98
* Implement RSAPrivateKey::Copy()sergeyu@chromium.org2011-12-036-117/+175
| | | | | | | | BUG=105220 Review URL: http://codereview.chromium.org/8727014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112837 0039d316-1c4b-4281-b951-d872f2087c98
* ReReland: Allow signing EC certs and creating EC origin-bound certs.mattm@chromium.org2011-12-023-0/+141
| | | | | | | | | BUG=88782 TEST=X509UtilNSSTest Review URL: http://codereview.chromium.org/8537025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112780 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 112385 - Reland: Allow signing EC certs and creating EC origin-bound ↵rbyers@chromium.org2011-12-013-141/+0
| | | | | | | | | | | | | | | certs. BUG=88782 TEST=X509UtilNSSTest Review URL: http://codereview.chromium.org/8537025 TBR=mattm@chromium.org Review URL: http://codereview.chromium.org/8764017 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112391 0039d316-1c4b-4281-b951-d872f2087c98
* Reland: Allow signing EC certs and creating EC origin-bound certs.mattm@chromium.org2011-12-013-0/+141
| | | | | | | | | | BUG=88782 TEST=X509UtilNSSTest Review URL: http://codereview.chromium.org/8537025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112385 0039d316-1c4b-4281-b951-d872f2087c98
* ake string_util::WriteInto() DCHECK() that the supplied |length_with_null| > ↵pkasting@chromium.org2011-11-298-54/+48
| | | | | | | | | | | | 1, meaning that the without-'\0' string is non-empty. This replaces the conditional code added recently that makes this case return NULL. It's easier to understand if it's simply an error to call WriteInto() in this case at all. Add DCHECK()s or conditionals as appropriate to callers in order to ensure this assertion holds. BUG=none TEST=none Review URL: http://codereview.chromium.org/8418034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112005 0039d316-1c4b-4281-b951-d872f2087c98
* replace platform conditions with os_posix and os_bsd where applicablerobert.nagy@gmail.com2011-11-221-1/+1
| | | | | | | | | | | | | this patch also adds a comment that describes why EAI_NODATA is disabled on FreeBSD BUG= TEST= TBR=wtc Review URL: http://codereview.chromium.org/8598010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@111253 0039d316-1c4b-4281-b951-d872f2087c98
* net: add low-entropy, shared secret authentication protocol.agl@chromium.org2011-11-225-0/+518
| | | | | | | | | | BUG=none TEST=crypto_unittests Review URL: http://codereview.chromium.org/8499032 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@111070 0039d316-1c4b-4281-b951-d872f2087c98
* Upstream: Build net_unittests for Android.jingzhao@chromium.org2011-11-212-5/+13
| | | | | | | | | | BUG= TEST= Review URL: http://codereview.chromium.org/8429034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110902 0039d316-1c4b-4281-b951-d872f2087c98
* Added serialization to SecureHash.ahendrickson@chromium.org2011-11-194-0/+149
| | | | | | | | | | | | These will be used to resume hash generation when a download is interrupted and later resumed. BUG=None. TEST=SecureHashTest.TestSerialization Review URL: http://codereview.chromium.org/8588057 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110842 0039d316-1c4b-4281-b951-d872f2087c98
* Change the Chrome OS PKCS #11 module from libopencryptoki.so to libchaps.so.dkrahn@chromium.org2011-11-172-21/+21
| | | | | | | | | | | | | | | This CL is part of a larger effort to replace opencryptoki as the PKCS #11 layer in Chrome OS. In this first phase, libchaps.so forwards requests to a daemon (chapsd) which loads opencryptoki to service the requests. You can find the Chaps design doc here: https://docs.google.com/a/google.com/document/d/1TQFc6GABKa1JgwUx2hIcxAHQ329fkd03yYlGxhfHQlQ/edit Change-Id: I42962c4703413039641b6ede40caaf0c97ab900e BUG=chromium-os:21005 TEST=* Ensure previously existing certs still exist. * Import new cert and private key from PKCS12 file. Review URL: http://codereview.chromium.org/8527006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110435 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Allow signing EC certs and creating EC origin-bound certs."mattm@chromium.org2011-11-173-141/+0
| | | | | | | | | | | | Revert "Fix leak in X509UtilNSSTest VerifyCertificateSignature." BUG=88782 TEST=none TBR=cpu@chromium.org Review URL: http://codereview.chromium.org/8587018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110419 0039d316-1c4b-4281-b951-d872f2087c98
* Allow signing EC certs and creating EC origin-bound certs.mattm@chromium.org2011-11-173-0/+141
| | | | | | | | | | BUG=88782 TEST=X509UtilNSSTest Review URL: http://codereview.chromium.org/8537025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110393 0039d316-1c4b-4281-b951-d872f2087c98
* Allow linker initialization of lazy instancejoth@chromium.org2011-11-151-2/+2
| | | | | | | | | | | | | | Using the initializer list construct = {0} allows the object to be linker initialized. Modify the LazyInstance class design to make it a pod aggregate type that can be linker initialized this way. Also combines the instance and state members, in line with the Singleton<> class design. Introduces a new LAZY_INSTANCE_INITIALIZER macro specifically for using to init all lazy instances + modify all existing callsites to use it. (Old code would no longer compile) BUG=94925 TEST=existing tests pass. http://build.chromium.org/f/chromium/perf/linux-release/sizes/report.html?history=150&header=chrome-si&graph=chrome-si&rev=-1 should step downward. TBR=jam@chromium.org,rvargas@chromium.org,darin@chromium.org,ben@chromium.org,apatrick@chromium.org,akalin@chromium.org Review URL: http://codereview.chromium.org/8491043 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110076 0039d316-1c4b-4281-b951-d872f2087c98
* RSAPrivateKey vector push_back cleanups.mattm@chromium.org2011-11-153-16/+6
| | | | | | | | | | BUG=none TEST=unittests Review URL: http://codereview.chromium.org/8533028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110043 0039d316-1c4b-4281-b951-d872f2087c98
* Rename crypto/third_party/nss headers to avoid mixups.mattm@chromium.org2011-11-157-22/+22
| | | | | | | | | | | | | | When trying to include the real NSS headers from other files under crypto/third_party/nss, the local versions would get used on the MSVS build. BUG=none TEST=none Review URL: http://codereview.chromium.org/8538025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110009 0039d316-1c4b-4281-b951-d872f2087c98
* Add ECPrivateKey for Elliptic Curve keypair generation.mattm@chromium.org2011-11-098-0/+773
| | | | | | | | | | | | | The implementation uses NSS on all platforms unless USE_OPENSSL is defined (which is only stubbed out in this CL). BUG=88782 TEST=ECPrivateKeyUnitTest Review URL: http://codereview.chromium.org/8413024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@109188 0039d316-1c4b-4281-b951-d872f2087c98
* Revert revert 108866 - crypto: add simple P224 implementation.agl@chromium.org2011-11-074-0/+1520
| | | | | | (Landed in r108866, reverted in r108869 due to shared library build issues.) git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108903 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 108866 - crypto: add simple P224 implementation.jkummerow@chromium.org2011-11-074-1519/+0
| | | | | | | | | | | | | | | This is intended to be the underlying group for an EKE implementation for Remoting. BUG=none TEST=crypto_unittests Review URL: http://codereview.chromium.org/8431007 TBR=agl@chromium.org Review URL: http://codereview.chromium.org/8467016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108869 0039d316-1c4b-4281-b951-d872f2087c98
* crypto: add simple P224 implementation.agl@chromium.org2011-11-074-0/+1519
| | | | | | | | | | | | This is intended to be the underlying group for an EKE implementation for Remoting. BUG=none TEST=crypto_unittests Review URL: http://codereview.chromium.org/8431007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108866 0039d316-1c4b-4281-b951-d872f2087c98
* This change implements certificate import from ONC file.gspencer@chromium.org2011-11-031-1/+1
| | | | | | | | | | | | | | | | | | It will import any certificates in an ONC file into the certificate database. It does not yet associate the given GUID for the certificate with the certificate added to the database. That will happen in an upcoming CL. This also adds test cases for importing each type of certificate. BUG=chromium-os:19404,chromium-os:19406 TEST=Ran new unit test cases. Imported ONC file with a certificate and saw that it appeared in the certificate manager. Review URL: http://codereview.chromium.org/8403007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108551 0039d316-1c4b-4281-b951-d872f2087c98
* Implement UseLocalCacheOfNSSDatabaseIfNFS() for OpenBSD.robert.nagy@gmail.com2011-10-251-3/+11
| | | | | | | | | | R=wtc@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/8396003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107173 0039d316-1c4b-4281-b951-d872f2087c98
* Fixed slot selection in HMAC class to ensure that we are using softtoken ↵zelidrag@chromium.org2011-10-231-3/+0
| | | | | | | | | | | instead of TPM slots. BUG=chromium-os:21633 TEST=make sure that user signin works properly on Alex - we should not show Gaia signin screen on second login after system resote Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=106881 Review URL: http://codereview.chromium.org/8373022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@106882 0039d316-1c4b-4281-b951-d872f2087c98
* Fixed slot selection in HMAC class to ensure that we are using softtoken ↵zelidrag@chromium.org2011-10-231-1/+4
| | | | | | | | | | instead of TPM slots. BUG=chromium-os:21633 TEST=make sure that user signin works properly on Alex - we should not show Gaia signin screen on second login after system resote Review URL: http://codereview.chromium.org/8373022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@106881 0039d316-1c4b-4281-b951-d872f2087c98
* OpenBSD patches for net, split from CR #8275005robert.nagy@gmail.com2011-10-201-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | net/base/host_resolver_proc.cc: - define AI_ADDRCONFIG as 0 net/base/listen_socket.cc: - Shuffle and add missing headers since the order of including these matters. net/base/net_util.h: - Missing header for all POSIX platforms. Needed on OpenBSD and it won't hurt others. net/dns/dns_config_service_posix.h: - Missing header for OpenBSD. The order matters here too net/dns/dns_config_service_posix.cc: - Use res_init() on OpenBSD and disable RES_ROTATE if it is not defined net/net.gyp: - Do not use libresolv on OpenBSD since it's not there, the resolver is in libc. - Include base/platform_mime_util_linux.cc in the OpenBSD builds. BUG= TEST= Review URL: http://codereview.chromium.org/8336024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@106604 0039d316-1c4b-4281-b951-d872f2087c98
* This reinstates a change of gauravsh's that I revertedgspencer@chromium.org2011-10-191-3/+0
| | | | | | | | | | | | | | | | | | because we thought it might be the cause of crashes when getting SPDY certs. http://crosbug.com/21693 We've tested that, and it doesn't appear to be the cause. So, I'm resubmitting the code from review 8212003 TBR=gauravsh@chromium.org BUG=chromium-os:21693, chromium-os:20933 TEST=Built with and without change, and tested SPDY proxy setup on an alex. Review URL: http://codereview.chromium.org/8349020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@106225 0039d316-1c4b-4281-b951-d872f2087c98
* Use NSS to generate Origin-Bound Certs on Win and Mac.mattm@chromium.org2011-10-181-0/+7
| | | | | | | | | | | | The platform RSAPrivateKey is used to generate the private key, which is then imported into NSS to generate the certificate. X509Certificate::CreateOriginBound is moved to x509_util::CreateOriginBoundCert so it can be shared by those platforms, and removes the unnecessary X509Certificate generation step. BUG=88782 TEST=X509UtilNSSTest.CreateOriginBoundCert & manual testing: try on win or mac, check if generated cert has the OBC extension. Review URL: http://codereview.chromium.org/8296014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105997 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 105136 - [chromiumos] Start TPM token initialization re-tries on logingspencer@chromium.org2011-10-141-0/+3
| | | | | | | | | | | | | ** Because of crash bug http://crosbug.com/21693, I'm going to revert this until gaurav or I can take a look ** Original Review URL: http://codereview.chromium.org/8212003 BUG=chromium-os:20933,chromium-os:21693 TBR=gauravsh@chromium.org Review URL: http://codereview.chromium.org/8289019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105599 0039d316-1c4b-4281-b951-d872f2087c98
* [chromiumos] Start TPM token initialization re-tries on logingauravsh@chromium.org2011-10-121-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current TPM token setup logic attempts initialization once after the user logs in. Asynchronous attempts for TPM token setup are not triggered unless the user opens the VPN or WiFi config panel (attempt retries are triggered via a call to CertLibraryImpl::RequestCertificates()). This means that if the first attempt fails and the user never opens up the WiFi config or VPN config panel, the TPM token will stay uninitialized. This breaks the certificate manager (list of certs is empty), the SPDY proxy extension, amongst other things. Essentially, any part of the network subsystem that depends on the private hardware NSS slot (via crypto::GetPrivateNSSKeySlot) stays broken if the first attempt fails. (So, this is not just an issue with the list of certs not being displayed correctly). This CL changes that so that retry logic for TPM token init is triggered right after the user logs in. BUG=chromium-os:20933 TEST=Log in, verify from logs that TPM initialization attempts start immediately after. Verify that the missing certificates issue no longer happens. Change-Id: I9c609bdb198a88db8ceb2019cc92c19d1983bc05 Review URL: http://codereview.chromium.org/8212003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105136 0039d316-1c4b-4281-b951-d872f2087c98
* Make constant-time comparison operators for cryptographic uses public.palmer@chromium.org2011-10-074-21/+54
| | | | | | Review URL: http://codereview.chromium.org/8124011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@104502 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-02 09:02:53 +0000