From bb2eb35a70fcbc47be253bf50c8648c65271a19e Mon Sep 17 00:00:00 2001
From: "albertb@chromium.org"
 <albertb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Mon, 12 Jul 2010 21:59:16 +0000
Subject: Add support for SymmetricKey to import raw keys when using NSS.

BUG=48512
TEST=unittests

Review URL: http://codereview.chromium.org/2811045

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52136 0039d316-1c4b-4281-b951-d872f2087c98
---
 base/crypto/symmetric_key.h | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

(limited to 'base/crypto/symmetric_key.h')

diff --git a/base/crypto/symmetric_key.h b/base/crypto/symmetric_key.h
index 48b3708..c1e6f97 100644
--- a/base/crypto/symmetric_key.h
+++ b/base/crypto/symmetric_key.h
@@ -44,12 +44,13 @@ class SymmetricKey {
                                              size_t iterations,
                                              size_t key_size_in_bits);
 
-  // TODO(wtc): port this method to Mac and NSS.
-#if defined(OS_WIN)
-  // Imports a raw key.  This method is only used by unit tests.
-  static SymmetricKey* Import(Algorithm algorithm,
-                              const void* key_data,
-                              size_t key_size_in_bytes);
+#if defined(USE_NSS) || defined(OS_WIN)
+  // TODO(albertb): Port this method to mac.
+  // Imports a raw key. For this call to be successful, |raw_key| must have been
+  // generated by either GenerateRandomKey or DeriveKeyFromPassword, and
+  // must have been exported with GetRawKey. The caller owns the returned
+  // SymmetricKey.
+  static SymmetricKey* Import(Algorithm algorithm, const std::string& raw_key);
 #endif
 
 #if defined(USE_NSS)
@@ -60,13 +61,14 @@ class SymmetricKey {
   HCRYPTKEY key() const { return key_.get(); }
 #endif
 
-  // Extracts the raw key from the platform specific data. This should only be
-  // done in unit tests to verify that keys are generated correctly.
+  // Extracts the raw key from the platform specific data.
+  // Warning: |raw_key| holds the raw key as bytes and thus must be handled
+  // carefully.
   bool GetRawKey(std::string* raw_key);
 
  private:
 #if defined(USE_NSS)
-  explicit SymmetricKey(PK11SymKey* key) : key_(key) {}
+  explicit SymmetricKey(PK11SymKey* key);
   ScopedPK11SymKey key_;
 #elif defined(OS_MACOSX)
   SymmetricKey(const void* key_data, size_t key_size_in_bits);
-- 
cgit v1.1