summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Allow to get key from SPAKE2 after the first round trip.Vitaly Buka2014-12-043-11/+25
| | | | | | | | | | | | The second round trip is optional and is not the part of SPAKE2 algorithm. Application may want to get key and do verification with usefull payload. BUG=438470 R=agl@chromium.org Review URL: https://codereview.chromium.org/761663004 Cr-Commit-Position: refs/heads/master@{#306844}
* gn format // (the rest, except mojo)scottmg2014-12-031-5/+8
| | | | | | | | | | | | | | Excluded mojo because I think that needs to happen on the other side. At gn --version = 306668 for which roll is in CQ. R=brettw@chromium.org TBR=scherkus@chromium.org BUG=348474 Review URL: https://codereview.chromium.org/774353003 Cr-Commit-Position: refs/heads/master@{#306708}
* Don't allow trailing data when creating an RSAPrivateKey.davidben2014-11-243-16/+35
| | | | | | | | | | | CreateFromPrivateKeyInfo should not silently discard data after the PrivateKeyInfo. BUG=432279 Review URL: https://codereview.chromium.org/713523004 Cr-Commit-Position: refs/heads/master@{#305503}
* Fix crypto and net build on Windows GN.jam2014-11-141-0/+5
| | | | | | Review URL: https://codereview.chromium.org/732613003 Cr-Commit-Position: refs/heads/master@{#304233}
* Add scoped_ptr to Environment object.jorgelo2014-11-131-1/+2
| | | | | | | | | BUG=None TEST=Compiles. Review URL: https://codereview.chromium.org/722513005 Cr-Commit-Position: refs/heads/master@{#304085}
* Fix BoringSSL + Windows build.davidben2014-11-111-1/+1
| | | | | | | | BUG=none Review URL: https://codereview.chromium.org/706763004 Cr-Commit-Position: refs/heads/master@{#303754}
* Cleanup: Don't check for negative values from EVP_DigestVerifyFinal.eroman2014-11-111-2/+1
| | | | | | | | (No longer a possibility in BoringSSL). Review URL: https://codereview.chromium.org/707973007 Cr-Commit-Position: refs/heads/master@{#303700}
* Check trailing data when parsing ASN.1.davidben2014-11-114-16/+36
| | | | | | | | | | | | | | | | | | | Properly check that the entire buffer was consumed. d2i_* may process only a prefix of its input. In addition, don't bother using a memory BIO when the buffer can be parsed directly. This aligns the NSS and OpenSSL port's behavior in most places: SEC_QuickDERDecodeItem fails with SEC_ERROR_EXTRA_INPUT if there is excess data. Add tests. Both for testing and to verify this is the NSS port's behavior. For a PKCS #8 PrivateKeyInfo, NSS will silently accept trailing data. Fix WebCrypto in NSS to align with the spec. RSAPrivateKey is left for a follow-up. (This includes an NSS roll to pick up a symbol export.) BUG=430200 Review URL: https://codereview.chromium.org/685063007 Cr-Commit-Position: refs/heads/master@{#303546}
* Cleanup: Use BN_bn2bin_padded() for zero-padding rather than custom code.eroman2014-11-101-15/+4
| | | | | | Review URL: https://codereview.chromium.org/711113003 Cr-Commit-Position: refs/heads/master@{#303535}
* Make *some* version of the Win GN build work.dpranke2014-11-081-43/+48
| | | | | | | | | R=scottmg@chromium.org, brettw@chromium.org BUG=354261 Review URL: https://codereview.chromium.org/709593004 Cr-Commit-Position: refs/heads/master@{#303366}
* Add crypto/wincrypt_shim.h wrapper header to resolve BoringSSL conflicts.davidben2014-10-305-3/+29
| | | | | | | | | | | | | wincrypt.h defines macros that conflict with BoringSSL. Introduce a crypto/wincrypt_shim.h wrapper header which #undefs those macros and instead #defines replacement ones. All Chromium headers should use this wrapper header. BUG=338884 Review URL: https://codereview.chromium.org/686883002 Cr-Commit-Position: refs/heads/master@{#301994}
* NACL_WIN64 takes precedence over USE_OPENSSL.davidben2014-10-291-7/+7
| | | | | | | | | | | | | | With the BoringSSL Windows port, it is possible for Windows to have USE_OPENSSL set. The #ifdefs in symmetric_key.h should still resolve in the NACL_WIN64 direction. This fixes the crypto_nacl build target. BUG=338884 Review URL: https://codereview.chromium.org/689463002 Cr-Commit-Position: refs/heads/master@{#301870}
* Adding openssl_bio_string to GN build.pwestin2014-10-271-0/+7
| | | | | | | | BUG= Review URL: https://codereview.chromium.org/643703008 Cr-Commit-Position: refs/heads/master@{#301368}
* Type conversion fixes, crypto/ edition.pkasting2014-10-213-22/+27
| | | | | | | | | | | This is mostly to fix MSVC warnings about possible value truncation. BUG=81439 TEST=none Review URL: https://codereview.chromium.org/659943004 Cr-Commit-Position: refs/heads/master@{#300432}
* Convert the few remaining ARRAYSIZE_UNSAFE -> arraysize.viettrungluu2014-10-171-3/+3
| | | | | | | | | | | | | | | | | | | There are still ARRAYSIZE_UNSAFEs in ppapi/tests/test_audio.cc, but it defines it itself, and it might be compiled by some older NaCl toolchain that doesn't support C++11. third_party/npapi/npspy/common/format.cpp also has its own ARRAYSIZE_UNSAFE, but I'm hoping to delete npspy completely.) I'll remove ARRAYSIZE_UNSAFE from base/macro.h separately, since it's quite likely we have deps that use our base (and those deps may use it). R=ben@chromium.org TBR=armansito@chromium.org BUG=423134 Review URL: https://codereview.chromium.org/663673002 Cr-Commit-Position: refs/heads/master@{#300034}
* Allow custom deleters to opt out of self reset checks for scoped_ptr.dcheng2014-10-142-0/+3
| | | | | | | | | | | | | | | | | The self-reset check makes sense for the default deleters, because it would otherwise leave a dangling pointer stored in the scoped_ptr. However, a custom deleter might actually decrement a reference count under the hood. This self-reset check can make assignment operators implementation a lot uglier. One example is net's KeyPair: because there might be a self-assignment, the original code needed to proxy the incoming scoped_ptrs via a stack temporary before moving them into their final location. BUG=418347 Review URL: https://codereview.chromium.org/610533003 Cr-Commit-Position: refs/heads/master@{#299571}
* Replacing the OVERRIDE with override and FINAL with final in /src/cryptoanujk.sharma2014-10-074-21/+21
| | | | | | | | | | | This step is a giant search and replace for OVERRIDE and FINAL to replace them with their lowercase versions. BUG=417463 Review URL: https://codereview.chromium.org/632653002 Cr-Commit-Position: refs/heads/master@{#298360}
* Add davidben@chromium.org to crypto/OWNERSdavidben2014-10-031-0/+1
| | | | | | | | BUG= Review URL: https://codereview.chromium.org/627833002 Cr-Commit-Position: refs/heads/master@{#298124}
* Fix crypto_unittests on Windows BoringSSL port.davidben2014-10-023-10/+3
| | | | | | | | | | MSVC is somewhat pickier about casting things to bool. BUG=338884 Review URL: https://codereview.chromium.org/618123007 Cr-Commit-Position: refs/heads/master@{#297770}
* Replace forward_dependent_configs with public_depsBrett Wilson2014-09-231-5/+5
| | | | | | | | | | | | This is the new name. It has the same meaning but additionally with a "you can use the headers" permission. Rename direct_dependent_configs to public_configs. This is the new name with identical meaning. TBR=jamesr Review URL: https://codereview.chromium.org/595073002 Cr-Commit-Position: refs/heads/master@{#296302}
* Generalize crypto::SignatureCreator to allow choice of hash function, so as ↵dougsteed2014-09-194-13/+125
| | | | | | | | | | | | | | to support SHA256 (not just SHA1). BUG=412531 R=rsleevi@chromium.org,davidben@chromium.org TBR=pfeldman@chromium.org Review URL: https://codereview.chromium.org/560583002 Cr-Commit-Position: refs/heads/master@{#295747}
* Cleanup: Use base/files/file_util.h instead of base/file_util.h in [c-n]*/thestig2014-09-131-1/+1
| | | | | | | | | TBR=cpu@chromium.org,jochen@chromium.org,piman@chromium.org,rockot@chromium.org,rsleevi@chromium.org,vrk@chromium.org ,zea@chromium.org Review URL: https://codereview.chromium.org/563173002 Cr-Commit-Position: refs/heads/master@{#294712}
* Reland dd7edfa67: Switch Mac over to BoringSSL from NSS.davidben2014-09-121-1/+0
| | | | | | | | | | | | | | | | This is a reland of dd7edfa67 which was reverted in 80a9a88f4c for build failures. It also includes a BoringSSL roll and build changes to avoid adding a static initializer. This is a much much larger change than the diff suggests. If it breaks something, please revert first and ask questions later. BUG=338885 TBR=brettw Review URL: https://codereview.chromium.org/568643003 Cr-Commit-Position: refs/heads/master@{#294589}
* Remove unused user email argument from nss_util.pneubeck2014-09-123-13/+8
| | | | | | | | | | BUG=413219 (for trivial refactoring) TBR=willchan@chromium.org,rsleevi@chromium.org,nkostylev@chromium.org Review URL: https://codereview.chromium.org/560303002 Cr-Commit-Position: refs/heads/master@{#294570}
* Allow a crypto::RSAPrivateKey object to be wrapped round a pre-existingdougsteed2014-09-104-21/+43
| | | | | | | | | | | | | | openssl key, as is currently supported for NSS. Change-Id: I36c848884273fe8e23451259655680b6b7d46a98 BUG=412427 R=davidben@chromium.org Review URL: https://codereview.chromium.org/559623002 Cr-Commit-Position: refs/heads/master@{#294254}
* Combine MSVS warning supression codeskulkarni.a2014-08-261-5/+4
| | | | | | | | | | together in crypto.gyp "msvs_disabled_warnings" code definition present in two place in the same 'target_name': 'crypto'. Review URL: https://codereview.chromium.org/492963004 Cr-Commit-Position: refs/heads/master@{#291903}
* Add LOCAL_ prefix to non-UMA histogram macros.asvitkine2014-08-261-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes it harder to accidently use the wrong macro. Also, removes the D* variants of the macros and associated DebugNow() function. These were rarely used and removing them removes clutter from the header file. Existing uses converted to be behind NDEBUG ifdefs. No functional changes except for a fix to the code in content_based_thumbnailing_algorithm.cc which was incorrectly using a ternary operator for the histogram name (which doesn't work since the macros cache the histogram object) and removal of local histograms Spellcheck.SuggestTime and Spellcheck.InitTime per groby@. Since this is an API rename, TBR'ing downstream owners. BUG=311349 TBR=groby@chromium.org,zea@chromium.org,jeremy@chromium.org,reveman@chromium.org,agl@chromium.org,jam@chromium.org Review URL: https://codereview.chromium.org/484603006 Cr-Commit-Position: refs/heads/master@{#291840}
* Disable Poly1305 code only on bad chips.agl@chromium.org2014-08-081-4/+4
| | | | | | | | | | | | This change detects buggy ARM chips and disables the Poly1305 code only on those chips. BUG=341598 Review URL: https://codereview.chromium.org/442863003 Cr-Commit-Position: refs/heads/master@{#288267} git-svn-id: svn://svn.chromium.org/chrome/trunk/src@288267 0039d316-1c4b-4281-b951-d872f2087c98
* Move StringToLowerASCII to base namespacebrettw@chromium.org2014-08-071-1/+1
| | | | | | | | TBR=sky Review URL: https://codereview.chromium.org/448853002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@288085 0039d316-1c4b-4281-b951-d872f2087c98
* Align OpenSSL and NSS ChannelID formats.davidben@chromium.org2014-08-062-37/+78
| | | | | | | | | | | | | | | | NSS would use "" as the password while OpenSSL would use "\0\0" (UCS-2 encoding of a NUL-terminated string) because of how PKCS#12 recommended encoding passwords. Make the OpenSSL code use the same format so that we can freely switch back and forth between NSS and OpenSSL. (This is in case we need to roll back an OpenSSL cutover and the release has hit some early release channel already.) BUG=399121 Review URL: https://codereview.chromium.org/435593003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@287890 0039d316-1c4b-4281-b951-d872f2087c98
* Disable Poly1305 NEON code again.agl@chromium.org2014-08-051-0/+4
| | | | | | | | | | | | | | The Poly1305 NEON code became live again with the BoringSSL switch. This change disables it again in Chromium because of some broken phones. We should really read /proc/cpuinfo and selectively disable, but this change is simple and keeps the status-quo for now. BUG=341598 Review URL: https://codereview.chromium.org/443523002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@287630 0039d316-1c4b-4281-b951-d872f2087c98
* Fix ScopedTestNSSDB for older NSS versions.pneubeck@chromium.org2014-08-031-4/+9
| | | | | | | | | | | | | Before, if NSS version was < 3.15.1, then the ScopedTempDir was destructed without ScopedAllowIO and lead to a thread restriction violation. Now, the temp dir is not deleted in this case as the NSS DB is left open. BUG=210525 TBR=rsleevi@chromium.org Review URL: https://codereview.chromium.org/423363005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@287257 0039d316-1c4b-4281-b951-d872f2087c98
* Enable system NSS key slot.pneubeck@chromium.org2014-08-025-22/+38
| | | | | | | | | | | | | | | | | | | | | | | This only affects users of domains that the device is registered to for policy. All other users are unaffected (EnableNSSSystemKeySlotForResourceContext is only called for USER_AFFILIATION_MANAGED) For the affected users, this enables and uses the slot for - client authentication for TSL (see ClientCertStoreChromeOS) - client authentication for 802.1x networks - listing/removing certificates on the settings page (see CertificateManager) In a follow up, also the enterprise.platformKeys API will be updated. Depends on: https://codereview.chromium.org/426983002/ https://codereview.chromium.org/428933002/ BUG=210525 R=mattm@chromium.org, rsleevi@chromium.org, willchan@chromium.org, xiyuan@chromium.org Review URL: https://codereview.chromium.org/424523002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@287175 0039d316-1c4b-4281-b951-d872f2087c98
* Implement QUIC key extraction.wtc@chromium.org2014-07-313-10/+25
| | | | | | | | | | | | | | | | | | | | | Added a new subkey_secret output to crypto::HKDF which is saved by the forward-secure key derivation and used for a new ExportKeyingMaterial method on QuicCryptoStream. This will be used in Chromium for WebRTC on QUIC. Generated some tests by making a straightforward alternative implementation in Python. Written by Daniel Ziegler. Merge internal CL: 72073257 R=agl@chromium.org,dmziegler@chromium.org BUG= Review URL: https://codereview.chromium.org/423333002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286738 0039d316-1c4b-4281-b951-d872f2087c98
* Relax the failure mode of EncryptorTest.UnsupportedKeySize so that wewtc@chromium.org2014-07-311-6/+5
| | | | | | | | | | | can run the test on all platforms. R=davidben@chromium.org,joth@chromium.org,rsleevi@chromium.org BUG= Review URL: https://codereview.chromium.org/432443003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286667 0039d316-1c4b-4281-b951-d872f2087c98
* [webcrypto] Implement RSA-OAEP using BoringSSL.eroman@chromium.org2014-07-301-0/+8
| | | | | | | | | BUG=395840 R=davidben@chromium.org, rsleevi@chromium.org Review URL: https://codereview.chromium.org/419673006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286599 0039d316-1c4b-4281-b951-d872f2087c98
* Make NSSInitSingleton::tpm_slot_ a ScopedPK11Slot.pneubeck@chromium.org2014-07-301-17/+14
| | | | | | | | | | Based on https://codereview.chromium.org/426983002/ . BUG=210525 Review URL: https://codereview.chromium.org/428933002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286593 0039d316-1c4b-4281-b951-d872f2087c98
* Make crypto::GetSystemNSSKeySlot asynchronous.pneubeck@chromium.org2014-07-302-12/+26
| | | | | | | | | | | The system slot is set asynchronously, so the getting the system slot should happen asynchronously as well. BUG=210525 TBR=rsleevi@chromium.org Review URL: https://codereview.chromium.org/426983002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286493 0039d316-1c4b-4281-b951-d872f2087c98
* Extract ScopedTestNSSDB from nss_util.pneubeck@chromium.org2014-07-2812-173/+380
| | | | | | | | | | | | | | | | | | | | | Before ScopedTestNSSDB affected several slot getters from nss_util.h . This change reduces ScopedTestNSSDB to solely setup a temporary test DB and not influencing the global state in nss_util anymore. As a replacement for some of its old behavior, a new ScopedTestSystemNSSKeySlot is added, which allows to override the slot returned by GetSystemNSSKeySlot(). With this change it's now possible to write tests that need both a user and system NSS DB by using ScopedTestSystemNSSKeySlot. As a side-effect, GetPersistentNSSKeySlot() is now compiled on !OS_CHROMEOS only. BUG=210525 (For include changes:) R=rsleevi@chromium.org TBR=nkostylev@chromium.org, stevenjb@chromium.org Review URL: https://codereview.chromium.org/401623006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@285881 0039d316-1c4b-4281-b951-d872f2087c98
* Update masters after the tryserver split.sergeyberezin@chromium.org2014-07-261-1/+1
| | | | | | | | | | | Also replace deprecated linux_chromium_rel with linux_chromium_rel_swarming, while I'm at it. R=agable@chromium.org, maruel@chromium.org BUG=395196 Review URL: https://codereview.chromium.org/415323002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@285752 0039d316-1c4b-4281-b951-d872f2087c98
* Desupport AES-192 in crypto::SymmetricKey.davidben@chromium.org2014-07-253-27/+46
| | | | | | | | | | | | | BoringSSL does not support AES-192. No current consumer uses AES-192, so remove the test which asserts it works. This fixes crypto_unittests in the Mac OpenSSL port. Blacklist AES-192 in the NSS implementation so that we do not accidentally grow a new dependency on it. BUG=338885 Review URL: https://codereview.chromium.org/420883003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@285678 0039d316-1c4b-4281-b951-d872f2087c98
* Switch to BoringSSL.davidben@chromium.org2014-07-229-21/+25
| | | | | | | | | | | | | | | | | This is a reland of r284079 which was reverted in r284248 for components build issues. That, in turn, was a reland of r283813 which was reverted in r283845 because it broke WebRTC tests on Android. That, in turn, was a reland of r283542 which was reverted in r283591 because it broke the WebView build. This is a much larger change than its diff suggests. If it breaks something, please revert first and ask questions later. BUG=393317 R=agl@chromium.org, jam@chromium.org Review URL: https://codereview.chromium.org/401153002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284729 0039d316-1c4b-4281-b951-d872f2087c98
* clean up code at crypto folder.rucifer1217@gmail.com2014-07-229-170/+168
| | | | | | | | BUG=none Review URL: https://codereview.chromium.org/407713002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284547 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Switch to BoringSSL."agl@chromium.org2014-07-189-25/+21
| | | | | | | | | | This reverts commit r284079. BUG=395271 Review URL: https://codereview.chromium.org/406693004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284248 0039d316-1c4b-4281-b951-d872f2087c98
* Switch to BoringSSL.agl@chromium.org2014-07-189-21/+25
| | | | | | | | | | | | | | | (This is a reland of r283813 which was reverted in r283845 because it broke WebRTC tests on Android. That, in turn, was a reland of of r283542 which was reverted in r283591 because it broke the WebView build.) This is a much larger change than its diff suggests. If it breaks something, please revert first and ask questions later. BUG=none Review URL: https://codereview.chromium.org/401613008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284079 0039d316-1c4b-4281-b951-d872f2087c98
* Remove NSSCertDatabase from ClientCertStoreChromeOS unittest.pneubeck@chromium.org2014-07-181-6/+10
| | | | | | | | | | | | | | | | | The database was only used to import a PKCS#12 file. By changing to separate key (PKCS#8 format) and cert (X509 in PEM encoding), only dependencies on the lower level RSAPrivateKey, X509Certificate and PK11_* NSS functions are required. Note this removes at the same time a call to the deprecated NSSCertDatabase::GetInstance(). Also - fixes multi profile cases of the unit test and the CA matching (the latter is now identical to all other platforms). - fixes a bug in the matching of client certs from software slots, because of reused cert database names - gets rid of the error output that occurred during the PKCS12 import because the file contained also a CA cert: [ERROR:nsPKCS12Blob.cpp(219)] Could not grab a handle to the certificate in the slot from the corresponding PKCS#12 DER certificate. BUG=210525, 329735,315285 Review URL: https://codereview.chromium.org/394013005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284056 0039d316-1c4b-4281-b951-d872f2087c98
* Remove some unnecessary ifs.eroman@chromium.org2014-07-181-4/+2
| | | | | | | | scoped_ptr<> only calls the deleter when the data is non-null Review URL: https://codereview.chromium.org/357783003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283980 0039d316-1c4b-4281-b951-d872f2087c98
* Fixes for re-enabling more MSVC level 4 warnings: misc edition #2pkasting@chromium.org2014-07-181-1/+1
| | | | | | | | | | | | | | | | | | This contains fixes for the following sorts of issues: * Assignment inside conditional * Taking the address of a temporary * Octal escape sequence terminated by decimal number * Signedness mismatch * Possibly-uninitialized local variable This also contains a small number of cleanups to nearby code (e.g. no else after return). BUG=81439 TEST=none Review URL: https://codereview.chromium.org/382673002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283967 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 283813 "Switch to BoringSSL."vitalybuka@chromium.org2014-07-179-25/+21
| | | | | | | | | | | | | | | | | | | | | | | | | Failed WebRtcBrowserTest on android_dbg_triggered_tests. > Switch to BoringSSL. > > (This is a reland of r283542 which was reverted in r283591 because it > broke the WebView build. The android_aosp trybots are broken[1] so this > based on hope.) > > This is a much larger change than its diff suggests. If it breaks > something, please revert first and ask questions later. > > [1] http://code.google.com/p/chromium/issues/detail?id=394597 > > BUG=none > > Review URL: https://codereview.chromium.org/399993002 TBR=agl@chromium.org Review URL: https://codereview.chromium.org/405503002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283845 0039d316-1c4b-4281-b951-d872f2087c98
* Switch to BoringSSL.agl@chromium.org2014-07-179-21/+25
| | | | | | | | | | | | | | | | | (This is a reland of r283542 which was reverted in r283591 because it broke the WebView build. The android_aosp trybots are broken[1] so this based on hope.) This is a much larger change than its diff suggests. If it breaks something, please revert first and ask questions later. [1] http://code.google.com/p/chromium/issues/detail?id=394597 BUG=none Review URL: https://codereview.chromium.org/399993002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283813 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-07 18:01:43 +0000