On NSS, treat non-permanent RSA private keys as ephemeral

When generating/using a crypto::RSAPrivateKey with NSS, prefer the internal software slot over other modules (such as any TPMs [ChromeOS] or smart cards [Linux]) if the key being generated is not marked as a permanent key. BUG=none R=wtc Review URL: https://chromiumcodereview.appspot.com/17447009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207853 0039d316-1c4b-4281-b951-d872f2087c98

On NSS, treat non-permanent RSA private keys as ephemeral
When generating/using a crypto::RSAPrivateKey with NSS, prefer the internal software slot over other modules (such as any TPMs [ChromeOS] or smart cards [Linux]) if the key being generated is not marked as a permanent key. BUG=none R=wtc Review URL: https://chromiumcodereview.appspot.com/17447009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207853 0039d316-1c4b-4281-b951-d872f2087c98
8f7da7fc · rsleevi@chromium.org · 5bbabede · 8f7da7fc
Commit 8f7da7fc authored Jun 21, 2013 by rsleevi@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

crypto/rsa_private_key_nss.cc crypto/rsa_private_key_nss.cc +4 -2

No files found.
--- a/crypto/rsa_private_key_nss.cc
+++ b/crypto/rsa_private_key_nss.cc
@@ -206,7 +206,8 @@ RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits,

  scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);

-  ScopedPK11Slot slot(GetPrivateNSSKeySlot());
+  ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
+                      PK11_GetInternalSlot());
  if (!slot.get())
    return NULL;

@@ -236,7 +237,8 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams(

  scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);

-  ScopedPK11Slot slot(GetPrivateNSSKeySlot());
+  ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
+                      PK11_GetInternalSlot());
  if (!slot.get())
    return NULL;