summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Revert 202305 "Destroy all Singletons and LazyInstances between ..."rsesek@chromium.org2013-05-251-2/+3
| | | | | | | | | | | | | | | | | | | > Destroy all Singletons and LazyInstances between each test. > > This modifies base::TestSuite to add a test listener that runs the AtExitManager > between each test. > > BUG=110594, 156433, 238654 > TEST=*unit*tests > R=apatrick@chromium.org, gspencer@chromium.org, phajdan.jr@chromium.org, pneubeck@chromium.org, rsleevi@chromium.org > > Review URL: https://codereview.chromium.org/8947021 TBR=rsesek@chromium.org Review URL: https://codereview.chromium.org/16063002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202312 0039d316-1c4b-4281-b951-d872f2087c98
* Destroy all Singletons and LazyInstances between each test.rsesek@chromium.org2013-05-251-3/+2
| | | | | | | | | | | | | This modifies base::TestSuite to add a test listener that runs the AtExitManager between each test. BUG=110594, 156433, 238654 TEST=*unit*tests R=apatrick@chromium.org, gspencer@chromium.org, phajdan.jr@chromium.org, pneubeck@chromium.org, rsleevi@chromium.org Review URL: https://codereview.chromium.org/8947021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202305 0039d316-1c4b-4281-b951-d872f2087c98
* Fix crypto target on linux-redux when using clangrsleevi@chromium.org2013-05-091-4/+4
| | | | | | | | | BUG=none R=wtc Review URL: https://chromiumcodereview.appspot.com/14598019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@199272 0039d316-1c4b-4281-b951-d872f2087c98
* Add RSAPrivateKey::CreateFromKeypair()cmasone@chromium.org2013-05-083-6/+51
| | | | | | | | | | | Add a static method to create an RSAPrivateKey object from an NSS public/private keypair. Only declared and implemented when USE_NSS is defined. BUG=235179 Review URL: https://chromiumcodereview.appspot.com/14941007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198985 0039d316-1c4b-4281-b951-d872f2087c98
* Fix client certificate authentication on Mac and Linux introduced in r178732rsleevi@chromium.org2013-04-251-1/+0
| | | | | | | | | | | | | | | | | | | | When requesting client authentication, the SSL server may send a list of acceptable CAs. When discovering matching client certificates, the Mac and Linux implementations were not fully considering all intermediate certificates when attempting to discover client certificates. For example, if the client certficate chain was CC -> Intermediate -> Root, and the server sent a list of acceptable CAs as Root, then on Mac and Linux, CC would not be considered, whereas on Windows it would. Further, if the server listed Intermediate as an acceptable CA, then it would work on all platforms. BUG=224280, 224897 TEST=See https://docs.google.com/a/chromium.org/document/d/19V5_PBSm7OaFLXzTXdiCdSpt1r1yFYJhuH9X41O2oOs/edit?usp=sharing R=wtc@chromium.org Review URL: https://chromiumcodereview.appspot.com/13866049 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196535 0039d316-1c4b-4281-b951-d872f2087c98
* Update the remaining include paths of base/string_piece.h to its new location.tfarina@chromium.org2013-04-178-8/+8
| | | | | | | | | | | string_piece.h was moved into base/strings/ in r191206 - https://chromiumcodereview.appspot.com/12982018/ TBR=brettw@chromium.org Review URL: https://codereview.chromium.org/14272007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@194693 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite scoped_array<T> to scoped_ptr<T[]> in crypto.dcheng@chromium.org2013-04-112-7/+7
| | | | | | | | | | | | This is a manual cleanup pass using sed for files which are not built on Linux. BUG=171111 Review URL: https://chromiumcodereview.appspot.com/13831003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193667 0039d316-1c4b-4281-b951-d872f2087c98
* Finish scoped_array<T> to scoped_ptr<T[]> conversion on Linux.dcheng@chromium.org2013-04-092-2/+2
| | | | | | | | | | | There are only a few instances left in the Linux build, so lumping them all into one patch. BUG=171111 Review URL: https://codereview.chromium.org/13916003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193134 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite std::string("") to std::string(), Linux edition.dcheng@chromium.org2013-04-092-5/+6
| | | | | | | | | | | | | | | | | | | This patch was generated by running the empty_string clang tool across the Chromium Linux compilation database. Implicitly or explicitly constructing std::string() with a "" argument is inefficient as the caller needs to emit extra instructions to pass an argument, and the constructor needlessly copies a byte into internal storage. Rewriting these instances to simply call the default constructor appears to save ~14-18 kilobytes on an optimized release build. BUG=none Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=193020 Review URL: https://codereview.chromium.org/13145003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193040 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Rewrite std::string("") to std::string(), Linux edition."dcheng@chromium.org2013-04-092-6/+5
| | | | | | | | | | | | | | This reverts commit e59558b78e8c6a1b0bd916a724724b638c3c91b6. Revert "Fix build after r193020." This reverts commit 558a35897f6b3ffbcaefde927c1f150b815d140a. Revert "Really fix build after r193020." This reverts commit e3748a79b523a8d365d4a33ef986eebb4186fa78. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193030 0039d316-1c4b-4281-b951-d872f2087c98
* Rewrite std::string("") to std::string(), Linux edition.dcheng@chromium.org2013-04-092-5/+6
| | | | | | | | | | | | | | | | | This patch was generated by running the empty_string clang tool across the Chromium Linux compilation database. Implicitly or explicitly constructing std::string() with a "" argument is inefficient as the caller needs to emit extra instructions to pass an argument, and the constructor needlessly copies a byte into internal storage. Rewriting these instances to simply call the default constructor appears to save ~14-18 kilobytes on an optimized release build. BUG=none Review URL: https://codereview.chromium.org/13145003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193020 0039d316-1c4b-4281-b951-d872f2087c98
* Add support for P-256 key exchange in crypto handshake.rtenneti@chromium.org2013-03-311-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Merge internal change: 44173744 Add default return to avoid crashing when we get an unknown error code from the peer. Merge internal change: 44160057 Fix incorrect DCHECK while serializing version negotiation packet. Merge internal change: 44156166 Reorder the addends in GetPacketHeaderSize to match the order of the public header fields. Merge internal change: 44153020 Changing retransmission and retransmittable data boolean flags to enums. Merge internal change: 44071662 Remove methods from QuicTime for converting to/from microseconds and milliseconds since the epoch for QuicTime is unspecified. (It wraps TimeTicks in Chromium). Merge internal change: 44069965 Change InterArrival feedback message to traffic in delta since the "start" of the connection instead of a delta since the epoch. One step closer to being able to remove QuicTime::To/FromMicroseconds since those methods don't "do the right thing". Merge internal change: 44037996 Changing kForce into an enum. Merge internal change: 44024887 Cleanups from landing P-256 key exchange in Chromium. Merge internal change: 44023801 Fix for std::vector in QuicPacketPublicHeader's memory corruption by memset. Merge internal change: 44022862 Merging cleanup changes from chromium. Merge internal change: 44009665 Plug in the new decrypter and encrypter after the new keys have been derived. This is a first cut, as some details on changing the encryption keys still need to be worked out. Our interim solution is permissive trial decryption, which allows the peer to encrypt with the wrong key, either using the new key too early or using the null key for too long. The latter will leak confidential information, so we err on the side of using the new key too early. WARNING: the interim solution protects against eavesdroppers, but is vulberable to active attackers. Merge internal change: 44006658 Start tracking server and client stream resets and export them via varz. Merge internal change: 43971847 Pull out RstStreamFrame error code from QuicErrorCode so that they don't appear in the tracked ConnectionClose error map. This will also help in tracking RstStream error codes separately. Merge internal change: 43968620 Adding Client/Server logging to all LOGS/DLOGs Not bothering with VLOGs/DVLOGS unless it's requested. Merge internal change: 43948596 crypto: step 5. This change implements source-address tokens at the server and has the client echo them. Source address tokens are opaque (to the client) bytestrings that prove ownership of an IP address. In order to prevent amplification attacks, the server demands that the client have a valid source address token for the IP address that it's claiming to come from and that the token is reasonably recent. Since we already have it implemented, this code uses AES-GCM to encrypt and authenticate the tokens with a fixed, dummy secret (for now). In the future, the secret will be derived from the primary, private key in the same way that SessionTicket keys used to be. The QuicEncrypter/Decrypter code was written to be quite specific to the task of encrypting and decrypting packets and, as part of this, it exposed only 64 bits of the AEAD nonce. Since all GFEs will share the same token secret, and they'll all create tokens with random nonces, that runs an unacceptably high risk of an attacker obtaining two tokens with the same nonce. Thus this change also reworks the QuicEncrypter/Decrypter so that the full nonce is exposed and thus we can use 96-bit nonces. That's still not completely wonderful but, at 10Mpps an attacker would still take a year to obtain a pair of nonces, so it's good enough for a while at least. Merge internal change: 43893806 R=rch@chromium.org Review URL: https://chromiumcodereview.appspot.com/13282004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191569 0039d316-1c4b-4281-b951-d872f2087c98
* Update the remaining references to sys_string_conversions.h to its new location.tfarina@chromium.org2013-03-301-1/+1
| | | | | | | | | | | | BUG=196305 TBR=isherman@chromium.org,rsleevi@chromium.org,keybuk@chromium.org,fischman@chromium.org, thestig@chromium.org,alexeypa@chromium.org,rogerta@chromium.org,cpu@chromium.org, akalin@chromium.org,ben@chromium.org,tony@chromium.org Review URL: https://chromiumcodereview.appspot.com/13322003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191479 0039d316-1c4b-4281-b951-d872f2087c98
* [Cleanup] Remove StringPrintf from global namespacegroby@chromium.org2013-03-181-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | use of StringPrintf now requires prefixing with base:: or a per-scope using directive TBR'd: abodenha: chrome/service brettw: content, third_party, webkit darin: base, chrome/browser, chrome/renderer dgarret: courgette enne: cc fischmann: media gbillock: sql joi: google_apis,components rsleevi: net, crypto sky: chrome/test thestig: printing, chrome/common, tsepez: ipc wez: remoting yfriedman: testing/android NOTRY=true R=brettw@chromium.org TBR=joi@chromium.org, rsleevi@chromium.org, enne@chromium.org, thestig@chromium.org, darin@chromium.org, abodenha@chromium.org, sky@chromium.org, dgarret@chromium.org, tsepez@chromium.org, fishman@chromium.org, wez@chromium.org, gbillock@chromium.org, yfriedman@chromium.org BUG= Review URL: https://codereview.chromium.org/12767006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188857 0039d316-1c4b-4281-b951-d872f2087c98
* Invoke the iOS hook from TestSuite so each run_all_unittests.cc file does notlliabraa@chromium.org2013-03-151-3/+0
| | | | | | | | | | | | have to remember to install MainHook. BUG=None Review URL: https://chromiumcodereview.appspot.com/12321117 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188376 0039d316-1c4b-4281-b951-d872f2087c98
* Land Recent QUIC Changesrtenneti@chromium.org2013-03-141-11/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Handle versioning by closing the connection on version mismatch for now. Merge internal change: 43606997 Number of cleanups from landing recent crypto changes. Merge internal change: 43606111 Added delta_time_largest_observed to ReceivedPacketInfo to calculate accurate RTT. Merge internal change: 43582099 Implement server-side QUIC key expansion. The derived keys are still not being used yet. TODO: Code is in crypto_test_utils needs to be enabled. Merge internal change: 43570937 Added AbandoningPacket to congestion control to avoid issue with FEC. Merge internal change: 43570099 Wait infinite (aka wait for next ack) is not handled correctly. Merge internal change: 43558636 Enable faster stats for QUIC. Merge internal change: 43557310 Implement QUIC key expansion on the client side. The keys are not being used yet. Merge internal change: 43515237 Add missing quic_stats files. Track some connection stats. Merge internal change: 43506869 Fix bug in WriteQueuedPackets Merge internal change: 43499600 Small comment change in crypto_handshake's ProcessServerHello method. Merge internal change: 43448804 R=rch@chromium.org BUG= Review URL: https://chromiumcodereview.appspot.com/12806002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188096 0039d316-1c4b-4281-b951-d872f2087c98
* Added Curve25519-donna changes.rtenneti@chromium.org2013-03-085-0/+724
| | | | | | | | | | | | | | | | | | | Added a wrapper class that implements the following API calls which for Curve25519. + ScalarMult to compute the shared key. + ScalarBaseMult to get public key. + ConvertToPrivateKey returns a private key from random bytes. Per agl/wtc, grabbed the rev 234205ff from the git repo (https://github.com/agl/curve25519-donna/tree/234205ff1ecaf6b3c1dc76798a462c4293f31fdb) and checked it in to crypto/ because that version has pure Google copyright. R=wtc@chromium.org,agl@chromium.org,rsleevi@chromium.org TEST=crypto unit tests Review URL: https://chromiumcodereview.appspot.com/12457004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@187074 0039d316-1c4b-4281-b951-d872f2087c98
* CRYPTO - Resolved comments from wtc. Used scoped_ptr<char[]> andrtenneti@chromium.org2013-02-272-7/+6
| | | | | | | | | | | deletion of virtual and removed and'ing with 0xFF. R=wtc@chromium.org TEST=crypt unittests Review URL: https://chromiumcodereview.appspot.com/12330157 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184832 0039d316-1c4b-4281-b951-d872f2087c98
* Move file_path.h to base/files.brettw@chromium.org2013-02-241-1/+1
| | | | | | TBR=sky git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184344 0039d316-1c4b-4281-b951-d872f2087c98
* Relanding Porting of HKDF changes from server.rtenneti@chromium.org2013-02-234-0/+253
| | | | | | | | | | | | | | | Added a2b_hex function to move common code in hkdf_unittest.cc and to make it similar to CL - 40300624. Merge internal CL: 40300624 Original approved CL: https://chromiumcodereview.appspot.com/12326029/ R=agl@chromium.org, rsleevi@chromium.org Review URL: https://chromiumcodereview.appspot.com/12335045 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184306 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 184133vandebo@chromium.org2013-02-224-251/+0
| | | | | | | | | | | | | | | | | | | | | | It failed in this way: [ RUN ] HKDFTest.HKDFConstruct c:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\include\vector(932) : Assertion failed: vector subscript out of range c:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\include\vector(933) : Assertion failed: "Standard C++ Libraries Out of Range" && 0 http://build.chromium.org/p/chromium.win/builders/XP%20Tests%20%28dbg%29%281%29/builds/33019/steps/crypto_unittests/logs/stdio > Porting of HKDF changes from server. > > Merge internal CL: 40300624 > > > Review URL: https://chromiumcodereview.appspot.com/12326029 TBR=rtenneti@chromium.org Review URL: https://codereview.chromium.org/12330079 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184146 0039d316-1c4b-4281-b951-d872f2087c98
* Porting of HKDF changes from server.rtenneti@chromium.org2013-02-224-0/+251
| | | | | | | | | Merge internal CL: 40300624 Review URL: https://chromiumcodereview.appspot.com/12326029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184133 0039d316-1c4b-4281-b951-d872f2087c98
* This patch adds some Android-support code to allow the networkdigit@chromium.org2013-02-111-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | stack to use platform-specific private key objects to perform signing in the context of SSL handshakes which require a client certificate. More specifically: - Add net/android/keystore.h, which provides native functions to operate on JNI references pointing to java.security.PrivateKey objects provided by the platform. I.e.: net::android::GetPrivateKeyType() net::android::SignWithPrivateKey() Also provide a function that can get the system's own EVP_PKEY* handle corresponding to a given PrivateKey object. This uses reflection and should *only* be used for RSA private keys when running on Android 4.0 and 4.1, in order to route around a platform bug that was only fixed in 4.2. net::android::GetOpenSSLSytstemHandleForPrivateKey() See the comments in this source file for mode details: net/android/java/org/chromium/net/AndroidKeyStore.java - Add net/android/keystore_openssl.h, which provides a function that can wrap an existing PrivateKey JNI reference around an OpenSSL EVP_PKEY object which uses custom DSA/RSA/ECDSA methods to perform signing as expected to handle client certificates. net::android::GetOpenSSLPrivateKeyWrapper() - Add relevant unit tests for the new functions. Note that the unit test comes with its own Java helper function, which is used to create a platform PrivateKey object from encoded PKCS#8 private key data. This is called from the native unit test, but does not constitute a new Java test (AndroidKeyStoreTestUtil.java). - Add corresponding new test key files under net/data/ssl/certificates/, and their generation script in net/data/ssl/scripts/. - Add net/android/private_key_type_list.h which is used both from C++ and Java to define the list of supported private key types used by this code. - Minor improvements: Add a "release()" method to crypto::ScopedOpenSSL, add missing BASE_EXPORT to one base/android/jni_array.h function declaration. BUG=166642 Review URL: https://chromiumcodereview.appspot.com/11571059 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181741 0039d316-1c4b-4281-b951-d872f2087c98
* More FilePath -> base::FilePath replacement.brettw@chromium.org2013-02-101-16/+16
| | | | | | Review URL: https://codereview.chromium.org/12225112 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181655 0039d316-1c4b-4281-b951-d872f2087c98
* Add FilePath to base namespace.brettw@chromium.org2013-02-021-4/+1
| | | | | | | This updates headers that forward-declare it and a few random places to use the namespace explicitly. There us a using declaration in file_path.h that makes the rest compile, which we can do in future passes. Review URL: https://codereview.chromium.org/12163003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180245 0039d316-1c4b-4281-b951-d872f2087c98
* Time NSS Initialization for slow startups.jeremy@chromium.org2013-01-221-0/+10
| | | | | | | | | | | Since the code for doing this is outside chrome/ , we can't use the ScopedSlowStartupUMA class, but instead record a regular histogram. If we're experiencing a slow startup, we look up the histogram and set the UMA bit on it. BUG=160927 Review URL: https://chromiumcodereview.appspot.com/12018019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@178018 0039d316-1c4b-4281-b951-d872f2087c98
* Disabling nacl_win64 targets when building in target_arch!=ia32 mode.bradnelson@google.com2013-01-211-1/+1
| | | | | | | | | | | | | | | | When building on windows with target_arch=x64, we no longer need win32 targets forced to be 64-bit. This gates out these targets when target_arch!=ia32. (Prior CL dropped the minimal set to break the dependency between these targets and the rest of the build. This eliminates them completely.) BUG=None TEST=None R=jschuh@chromium.org,thestig@chromium.org TBR=darin@chromium.org,abodenha@chromium.org,apatrick@chromium.org,sra@chromium.org,wtc@chromium.org Review URL: https://chromiumcodereview.appspot.com/11929039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177959 0039d316-1c4b-4281-b951-d872f2087c98
* Make crypto build on Win64jschuh@chromium.org2013-01-101-0/+8
| | | | | | | | | | BUG=166496 BUG=167187 TBR=rsleevi Review URL: https://chromiumcodereview.appspot.com/11833014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175954 0039d316-1c4b-4281-b951-d872f2087c98
* Add the QuicRandom interface with a default implementation that is wtc@chromium.org2012-12-081-1/+1
| | | | | | | | | | | | | | | | | both cryptographically secure and thread-safe. The default QuicRandom is a singleton. crypto/random.h can include the smaller <stddef.h> for size_t. Add missing header files to net/net.gyp. R=rch@chromium.org BUG=none TEST=new unit tests Review URL: https://chromiumcodereview.appspot.com/11476031 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@171931 0039d316-1c4b-4281-b951-d872f2087c98
* Use size_t as the type of the key_length and digest_length argumentswtc@chromium.org2012-12-046-16/+13
| | | | | | | | | | | | of HMAC::Init() and HMAC::Sign(). R=agl@chromium.org,bradnelson@chromium.org,thakis@chromium.org BUG=none TEST=none Review URL: https://chromiumcodereview.appspot.com/11419270 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170852 0039d316-1c4b-4281-b951-d872f2087c98
* Fix nits in SecureHash.wtc@chromium.org2012-11-302-1/+3
| | | | | | | | | | R=agl@chromium.org,rsleevi@chromium.org BUG=none TEST=none Review URL: https://chromiumcodereview.appspot.com/11299235 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170308 0039d316-1c4b-4281-b951-d872f2087c98
* Fix nits in crypto::InitNSSSafely().jorgelo@chromium.org2012-11-292-11/+12
| | | | | | | | | | | | | Some comments in https://chromiumcodereview.appspot.com/11411013/ were not addressed before the CL landed, so do that now. BUG=None TEST=content_browsertests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11418212 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170129 0039d316-1c4b-4281-b951-d872f2087c98
* Update nss_revision to 169146.wtc@chromium.org2012-11-221-2/+0
| | | | | | | | | | | | | | | | | The underlying CLs are: https://codereview.chromium.org/11419095/ https://codereview.chromium.org/11411127/ The first CL allows us to call NSS_SetAlgorithmPolicy in Windows shared_library build. R=rsleevi@chromium.org,sgjesse@chromium.org BUG=none TEST=none Review URL: https://chromiumcodereview.appspot.com/11308155 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169195 0039d316-1c4b-4281-b951-d872f2087c98
* Always force a crash with error info on NSS_NoDB_Init failure.wtc@chromium.org2012-11-211-10/+8
| | | | | | | | | | R=eroman@chromium.org,rsleevi@chromium.org BUG=153281 TEST=none Review URL: https://chromiumcodereview.appspot.com/11415074 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169053 0039d316-1c4b-4281-b951-d872f2087c98
* Disable MD5 certificate signatures if NSS is used to verify certificates.wtc@chromium.org2012-11-201-5/+8
| | | | | | | | | | | | | | | | This prepares us for NSS 3.14, which disables MD5 certificate signatures by default. Disable a unit test for NSS because all the test cases in that test are invalid now. R=rsleevi@chromium.org BUG=151692 TEST=none Review URL: https://chromiumcodereview.appspot.com/11365274 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168757 0039d316-1c4b-4281-b951-d872f2087c98
* Initialize NSS in the PPAPI process for ClearKey CDM.jorgelo@chromium.org2012-11-172-1/+22
| | | | | | | | | | BUG=156864 TEST=content_browsertests passes on linux_rel_precise. Review URL: https://chromiumcodereview.appspot.com/11411013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168372 0039d316-1c4b-4281-b951-d872f2087c98
* Move scoped_temp_dir from base to base/filesbrettw@chromium.org2012-11-161-3/+4
| | | | | | | | | | Also add to base namespace. BUG= Review URL: https://codereview.chromium.org/11359217 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168281 0039d316-1c4b-4281-b951-d872f2087c98
* Use LOG(FATAL) instead of CHECK(false) to force a crash on NSS_NoDB_Initwtc@chromium.org2012-11-161-1/+1
| | | | | | | | | | | | | | failure. This prevents the log message from being stripped in official builds. R=eroman@chromium.org BUG=153281 TEST=none Review URL: https://chromiumcodereview.appspot.com/11280021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168128 0039d316-1c4b-4281-b951-d872f2087c98
* Force a crash with error info on NSS_NoDB_Init failure.wtc@chromium.org2012-11-151-0/+13
| | | | | | | | | | R=eroman@chromium.org,rsleevi@chromium.org BUG=153281 TEST=none Review URL: https://chromiumcodereview.appspot.com/11358256 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@167871 0039d316-1c4b-4281-b951-d872f2087c98
* crypto: add GHASH implementation.agl@chromium.org2012-11-094-0/+484
| | | | | | | | Can be used to implement GCM until GCM support in NSS is widespread. Review URL: https://codereview.chromium.org/11175015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@166952 0039d316-1c4b-4281-b951-d872f2087c98
* crypto: Remove forbidden using namespace directive.tfarina@chromium.org2012-11-032-3/+12
| | | | | | | | | | | | Instead just wrap the unittests files into the crypto namespace. TEST=crypto_unittests R=rsleevi@chromium.org Review URL: https://chromiumcodereview.appspot.com/11368035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@165816 0039d316-1c4b-4281-b951-d872f2087c98
* First step towards component build for Android.yfriedman@chromium.org2012-11-011-1/+2
| | | | | | | | | | Add symbol exports needed to build content shell. BUG=158821 Review URL: https://codereview.chromium.org/11368031 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@165420 0039d316-1c4b-4281-b951-d872f2087c98
* Enable MD5 certificate signatures until we figure out how to dealwtc@chromium.org2012-10-191-0/+5
| | | | | | | | | | | | | | | | | | with the weak certificate signature unit tests. Map the new NSS error code SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED to net::ERR_CERT_WEAK_SIGNATURE. Refactor MapCertErrorToCertStatusto avoid duplicating code with MapSecurityError. R=rsleevi@chromium.org BUG=151692 TEST=none Review URL: https://chromiumcodereview.appspot.com/11192076 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@163098 0039d316-1c4b-4281-b951-d872f2087c98
* Remove all the "set noparent" directivesdpranke@chromium.org2012-10-191-1/+0
| | | | | | | | | | | | | Now that OWNERS supports per-file owners, we can limit the scope of the top-level wildcard to just DEPS, and make darin and ben owners for everything else and remove the broad use of "set noparent". R=ben@chromium.org, darin@chromium.org BUG=88315 Review URL: https://codereview.chromium.org/11191038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@163069 0039d316-1c4b-4281-b951-d872f2087c98
* Reland: Implement ScopedTestNSSDB instead of OpenTestNSSDB()toyoshim@chromium.org2012-10-183-7/+32
| | | | | | | | | | | | | | This CL needs memory suppression because of missing CloseTestNSSDB(). See also TODO. BUG=136950, 156433 Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=162327 Review URL: https://chromiumcodereview.appspot.com/11174006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162659 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 162327 - Implement ScopedTestNSSDB instead of OpenTestNSSDB()estade@chromium.org2012-10-173-31/+7
| | | | | | | | | | | | | BUG=136950 Review URL: https://chromiumcodereview.appspot.com/11174006 TBR=toyoshim@chromium.org BUG=156433 Review URL: https://codereview.chromium.org/11196028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162511 0039d316-1c4b-4281-b951-d872f2087c98
* Implement ScopedTestNSSDB instead of OpenTestNSSDB()toyoshim@chromium.org2012-10-173-7/+31
| | | | | | | | | BUG=136950 Review URL: https://chromiumcodereview.appspot.com/11174006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162327 0039d316-1c4b-4281-b951-d872f2087c98
* Use the NSS internal key slot for all temporary key operationsrsleevi@chromium.org2012-10-174-9/+4
| | | | | | | | | | | | | | | Rather than calling PK11_GetBestSlot, which requires enumerating all connected tokens, use PK11_GetInternalSlot, which explicitly uses the internal NSS key database. On Linux, this will ignore any user preferences regarding what tokens should be used for which mechanisms, but for internal/temporary operations, this is an acceptable tradeoff. BUG=chrome-os-partner:14707 Review URL: https://chromiumcodereview.appspot.com/11186004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162309 0039d316-1c4b-4281-b951-d872f2087c98
* crypto: remove unused Mac SignatureVerifier.agl@chromium.org2012-10-092-227/+0
| | | | | | Review URL: https://chromiumcodereview.appspot.com/11092006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160892 0039d316-1c4b-4281-b951-d872f2087c98
* Force crypto::AppleKeychain access to be guarded by a Big Global Lockrsleevi@chromium.org2012-10-031-0/+13
| | | | | | | | | | | | | | | | Apple removed the Big Global Lock guarding the Security.framework API, but there are a number of thread-unsafe places in the API. Additionally, it seems that OS X 10.8.2 has introduced some deadlock potential, so force calls to be serialized behind a Chrome-supplied Big Global Lock until it's safe to do otherwise. BUG=151707 TEST=See bug Review URL: https://chromiumcodereview.appspot.com/11016004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159839 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-07 10:47:38 +0000