diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2022-11-28 16:14:41 +0100 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2022-12-13 15:19:41 +0000 |
| commit | 61d9742824d54be5693191fe502325a909feca59 (patch) | |
| tree | cbf28e779b11338fe52eb75b915684cd8955542c /chromium/crypto | |
| parent | 45f9ded08bb7526984b24ccb5a5327aaf6821676 (diff) | |
| download | qtwebengine-chromium-61d9742824d54be5693191fe502325a909feca59.tar.gz | |
BASELINE: Update Chromium to 108.0.5359.70
Change-Id: I77334ff232b819600f275bd3cfe41fbaa3619230
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/445904
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/crypto')
90 files changed, 470 insertions, 236 deletions
diff --git a/chromium/crypto/BUILD.gn b/chromium/crypto/BUILD.gn index 69594cbd135..19109b21217 100644 --- a/chromium/crypto/BUILD.gn +++ b/chromium/crypto/BUILD.gn @@ -1,9 +1,10 @@ -# Copyright (c) 2013 The Chromium Authors. All rights reserved. +# Copyright 2013 The Chromium Authors # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. import("//build/buildflag_header.gni") import("//build/config/chromeos/ui_mode.gni") +import("//components/nacl/toolchain.gni") import("//crypto/features.gni") import("//testing/test.gni") @@ -54,6 +55,8 @@ component("crypto") { "symmetric_key.h", "unexportable_key.cc", "unexportable_key.h", + "unexportable_key_metrics.cc", + "unexportable_key_metrics.h", ] deps = [ @@ -126,15 +129,18 @@ component("crypto") { "nss_util.h", "nss_util_internal.h", ] - deps += [ "//build:chromeos_buildflags" ] + deps += [ + "//build:chromeos_buildflags", + "//components/nacl/common:buildflags", + ] configs += [ "//build/config/linux/nss" ] } - if (is_chromeos_ash) { + if (is_chromeos_ash && !is_minimal_toolchain) { sources += [ "nss_util_chromeos.cc" ] } - if (is_chromeos || is_chromeos_lacros) { + if (is_chromeos && !is_minimal_toolchain) { sources += [ "chaps_support.cc", "chaps_support.h", @@ -162,6 +168,10 @@ test("crypto_unittests") { "unexportable_key_unittest.cc", ] + if (is_win) { + sources += [ "unexportable_key_metrics_unittest.cc" ] + } + # Some files are built when NSS is used for the platform certificate library. if (use_nss_certs) { sources += [ diff --git a/chromium/crypto/DEPS b/chromium/crypto/DEPS index 859cc4e7e54..46e2af3af22 100644 --- a/chromium/crypto/DEPS +++ b/chromium/crypto/DEPS @@ -1,3 +1,4 @@ include_rules = [ + "+components/nacl/common/buildflags.h", "+third_party/boringssl/src/include", ] diff --git a/chromium/crypto/aead.cc b/chromium/crypto/aead.cc index 1c43c89e89f..bb556f8afb9 100644 --- a/chromium/crypto/aead.cc +++ b/chromium/crypto/aead.cc @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/aead.h b/chromium/crypto/aead.h index b5c25d4c9b1..db56e0e2c9f 100644 --- a/chromium/crypto/aead.h +++ b/chromium/crypto/aead.h @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/aead_unittest.cc b/chromium/crypto/aead_unittest.cc index 8208e33b0f5..4f9a1c4ba77 100644 --- a/chromium/crypto/aead_unittest.cc +++ b/chromium/crypto/aead_unittest.cc @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/apple_keychain.h b/chromium/crypto/apple_keychain.h index 62149c70f82..c248cb618f7 100644 --- a/chromium/crypto/apple_keychain.h +++ b/chromium/crypto/apple_keychain.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/apple_keychain_ios.mm b/chromium/crypto/apple_keychain_ios.mm index e16407d0af0..d4501d6fa53 100644 --- a/chromium/crypto/apple_keychain_ios.mm +++ b/chromium/crypto/apple_keychain_ios.mm @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/apple_keychain_mac.cc b/chromium/crypto/apple_keychain_mac.cc index 58420a8d058..a2c91d433e8 100644 --- a/chromium/crypto/apple_keychain_mac.cc +++ b/chromium/crypto/apple_keychain_mac.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/capi_util.cc b/chromium/crypto/capi_util.cc index 1e199db1c45..1970f130fa7 100644 --- a/chromium/crypto/capi_util.cc +++ b/chromium/crypto/capi_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/capi_util.h b/chromium/crypto/capi_util.h index 11e2b7bb6ed..4fdc9f5b1aa 100644 --- a/chromium/crypto/capi_util.h +++ b/chromium/crypto/capi_util.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/chaps_support.cc b/chromium/crypto/chaps_support.cc index 6f540df9e3e..4b176ae608d 100644 --- a/chromium/crypto/chaps_support.cc +++ b/chromium/crypto/chaps_support.cc @@ -1,4 +1,4 @@ -// Copyright 2020 The Chromium Authors. All rights reserved. +// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/chaps_support.h b/chromium/crypto/chaps_support.h index 5eef59edfb6..eb754335316 100644 --- a/chromium/crypto/chaps_support.h +++ b/chromium/crypto/chaps_support.h @@ -1,4 +1,4 @@ -// Copyright 2020 The Chromium Authors. All rights reserved. +// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/crypto_export.h b/chromium/crypto/crypto_export.h index 605af94e298..66bd53cbccc 100644 --- a/chromium/crypto/crypto_export.h +++ b/chromium/crypto/crypto_export.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_private_key.cc b/chromium/crypto/ec_private_key.cc index 2807804994c..98c10988fc2 100644 --- a/chromium/crypto/ec_private_key.cc +++ b/chromium/crypto/ec_private_key.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_private_key.h b/chromium/crypto/ec_private_key.h index 6548bc705b6..bc0468df6d6 100644 --- a/chromium/crypto/ec_private_key.h +++ b/chromium/crypto/ec_private_key.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_private_key_unittest.cc b/chromium/crypto/ec_private_key_unittest.cc index 50ba4d51552..53831b0df52 100644 --- a/chromium/crypto/ec_private_key_unittest.cc +++ b/chromium/crypto/ec_private_key_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_signature_creator.cc b/chromium/crypto/ec_signature_creator.cc index e9c8b3bf2b3..cc2cf1ea7e6 100644 --- a/chromium/crypto/ec_signature_creator.cc +++ b/chromium/crypto/ec_signature_creator.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_signature_creator.h b/chromium/crypto/ec_signature_creator.h index d68cd60f042..e9cb3f80cb9 100644 --- a/chromium/crypto/ec_signature_creator.h +++ b/chromium/crypto/ec_signature_creator.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_signature_creator_impl.cc b/chromium/crypto/ec_signature_creator_impl.cc index c5a89d0b1d8..3129ef48723 100644 --- a/chromium/crypto/ec_signature_creator_impl.cc +++ b/chromium/crypto/ec_signature_creator_impl.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_signature_creator_impl.h b/chromium/crypto/ec_signature_creator_impl.h index f563b6f8c20..11b8392372a 100644 --- a/chromium/crypto/ec_signature_creator_impl.h +++ b/chromium/crypto/ec_signature_creator_impl.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/ec_signature_creator_unittest.cc b/chromium/crypto/ec_signature_creator_unittest.cc index 1f41cd12804..76c57175595 100644 --- a/chromium/crypto/ec_signature_creator_unittest.cc +++ b/chromium/crypto/ec_signature_creator_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/encryptor.cc b/chromium/crypto/encryptor.cc index ea12e719aa3..6c8a1ad7b06 100644 --- a/chromium/crypto/encryptor.cc +++ b/chromium/crypto/encryptor.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/encryptor.h b/chromium/crypto/encryptor.h index 8cd4cd9eff5..48197cbf30b 100644 --- a/chromium/crypto/encryptor.h +++ b/chromium/crypto/encryptor.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/encryptor_unittest.cc b/chromium/crypto/encryptor_unittest.cc index fec60f5050e..9e58fb0d967 100644 --- a/chromium/crypto/encryptor_unittest.cc +++ b/chromium/crypto/encryptor_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/features.gni b/chromium/crypto/features.gni index 57779380b87..e9ec884de10 100644 --- a/chromium/crypto/features.gni +++ b/chromium/crypto/features.gni @@ -1,5 +1,5 @@ -# Copyright 2022 The Chromium Authors.All rights reserved. -# Use of this source code is governed by a BSD - style license that can be +# Copyright 2022 The Chromium Authors +# Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. import("//build/config/features.gni") diff --git a/chromium/crypto/hkdf.cc b/chromium/crypto/hkdf.cc index 9ebf94b789a..06b6194a7c3 100644 --- a/chromium/crypto/hkdf.cc +++ b/chromium/crypto/hkdf.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/hkdf.h b/chromium/crypto/hkdf.h index 6d927ab6c28..cd4fb32a1ac 100644 --- a/chromium/crypto/hkdf.h +++ b/chromium/crypto/hkdf.h @@ -1,4 +1,4 @@ -// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/hmac.cc b/chromium/crypto/hmac.cc index 093dfbd5ff2..5facfc06e0c 100644 --- a/chromium/crypto/hmac.cc +++ b/chromium/crypto/hmac.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/hmac.h b/chromium/crypto/hmac.h index 0b6e1ecf023..66574a01050 100644 --- a/chromium/crypto/hmac.h +++ b/chromium/crypto/hmac.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/hmac_unittest.cc b/chromium/crypto/hmac_unittest.cc index 3fc05246649..36450379198 100644 --- a/chromium/crypto/hmac_unittest.cc +++ b/chromium/crypto/hmac_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mac_security_services_lock.cc b/chromium/crypto/mac_security_services_lock.cc index bd8af9aec56..c96e6982805 100644 --- a/chromium/crypto/mac_security_services_lock.cc +++ b/chromium/crypto/mac_security_services_lock.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mac_security_services_lock.h b/chromium/crypto/mac_security_services_lock.h index fe56c6f38e2..da4e490387e 100644 --- a/chromium/crypto/mac_security_services_lock.h +++ b/chromium/crypto/mac_security_services_lock.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mock_apple_keychain.cc b/chromium/crypto/mock_apple_keychain.cc index d37d732a508..4d5614e5e34 100644 --- a/chromium/crypto/mock_apple_keychain.cc +++ b/chromium/crypto/mock_apple_keychain.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mock_apple_keychain.h b/chromium/crypto/mock_apple_keychain.h index b8ecbe52236..110905e9fb5 100644 --- a/chromium/crypto/mock_apple_keychain.h +++ b/chromium/crypto/mock_apple_keychain.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mock_apple_keychain_ios.cc b/chromium/crypto/mock_apple_keychain_ios.cc index 84194fb58ed..347dccae467 100644 --- a/chromium/crypto/mock_apple_keychain_ios.cc +++ b/chromium/crypto/mock_apple_keychain_ios.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/mock_apple_keychain_mac.cc b/chromium/crypto/mock_apple_keychain_mac.cc index a04c24e68ca..8f846865788 100644 --- a/chromium/crypto/mock_apple_keychain_mac.cc +++ b/chromium/crypto/mock_apple_keychain_mac.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_crypto_module_delegate.h b/chromium/crypto/nss_crypto_module_delegate.h index cb870705165..3a90a10c7dd 100644 --- a/chromium/crypto/nss_crypto_module_delegate.h +++ b/chromium/crypto/nss_crypto_module_delegate.h @@ -1,4 +1,4 @@ -// Copyright 2013 The Chromium Authors. All rights reserved. +// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_key_util.cc b/chromium/crypto/nss_key_util.cc index 083a4374aa9..09a7b98abe1 100644 --- a/chromium/crypto/nss_key_util.cc +++ b/chromium/crypto/nss_key_util.cc @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_key_util.h b/chromium/crypto/nss_key_util.h index 9b642a6f85b..5526c190884 100644 --- a/chromium/crypto/nss_key_util.h +++ b/chromium/crypto/nss_key_util.h @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_key_util_unittest.cc b/chromium/crypto/nss_key_util_unittest.cc index ced9850aa3e..d5fd455dd70 100644 --- a/chromium/crypto/nss_key_util_unittest.cc +++ b/chromium/crypto/nss_key_util_unittest.cc @@ -1,4 +1,4 @@ -// Copyright 2015 The Chromium Authors. All rights reserved. +// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_util.cc b/chromium/crypto/nss_util.cc index 32ec5b1e58c..04d61641fd0 100644 --- a/chromium/crypto/nss_util.cc +++ b/chromium/crypto/nss_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/nss_util.h b/chromium/crypto/nss_util.h index 77f2fc4f6a7..8cdfd179fcc 100644 --- a/chromium/crypto/nss_util.h +++ b/chromium/crypto/nss_util.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -11,6 +11,7 @@ #include "base/compiler_specific.h" #include "base/files/file_path.h" #include "build/chromeos_buildflags.h" +#include "components/nacl/common/buildflags.h" #include "crypto/crypto_export.h" namespace base { @@ -35,7 +36,7 @@ CRYPTO_EXPORT void EnsureNSSInit(); // A sample version string is "3.12.3". bool CheckNSSVersion(const char* version); -#if BUILDFLAG(IS_CHROMEOS_ASH) +#if BUILDFLAG(IS_CHROMEOS_ASH) && !BUILDFLAG(IS_MINIMAL_TOOLCHAIN) // Returns true once the TPM is owned and PKCS#11 initialized with the // user and security officer PINs, and Chaps has been successfully loaded into @@ -70,7 +71,7 @@ CRYPTO_EXPORT void FinishInitializingTPMTokenAndSystemSlot(); // tries to open the public slot. CRYPTO_EXPORT void DiagnosePublicSlotAndCrash(const base::FilePath& nss_path); -#endif // BUILDFLAG(IS_CHROMEOS_ASH) +#endif // BUILDFLAG(IS_CHROMEOS_ASH) && !BUILDFLAG(IS_MINIMAL_TOOLCHAIN) // Convert a NSS PRTime value into a base::Time object. // We use a int64_t instead of PRTime here to avoid depending on NSPR headers. diff --git a/chromium/crypto/nss_util_chromeos.cc b/chromium/crypto/nss_util_chromeos.cc index 5592607cd02..d77a664282c 100644 --- a/chromium/crypto/nss_util_chromeos.cc +++ b/chromium/crypto/nss_util_chromeos.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -592,27 +592,26 @@ void SetPrivateSoftwareSlotForChromeOSUserForTesting(ScopedPK11Slot slot) { } namespace { -void PrintDirectoryInfo(std::stringstream& ss, const base::FilePath& path) { +void PrintDirectoryInfo(const base::FilePath& path) { base::stat_wrapper_t file_stat; - base::File::Error error_code = base::File::Error::FILE_OK; + if (base::File::Stat(path.value().c_str(), &file_stat) == -1) { - error_code = base::File::OSErrorToFileError(errno); + base::File::Error error_code = base::File::OSErrorToFileError(errno); + LOG(ERROR) << "Failed to collect directory info, error: " << error_code; } - ss << path << ", "; - ss << std::oct << file_stat.st_mode << std::dec << ", "; - ss << "uid " << file_stat.st_uid << ", "; - ss << "gid " << file_stat.st_gid << std::endl; - ss << "Enumerate error code: " << error_code << std::endl; + LOG(ERROR) << path << ", " << std::oct << file_stat.st_mode << std::dec + << ", " + << "uid " << file_stat.st_uid << ", " + << "gid " << file_stat.st_gid << std::endl; } } // namespace // TODO(crbug.com/1163303): Remove when the bug is fixed. void DiagnosePublicSlotAndCrash(const base::FilePath& nss_path) { - std::stringstream ss; - ss << "Public slot is invalid." << std::endl; + LOG(ERROR) << "Public slot is invalid. Start collecting stats."; // Should be something like /home/chronos/u-<hash>/.pki/nssdb . - ss << "NSS path: " << nss_path << std::endl; + LOG(ERROR) << "NSS path: " << nss_path; { // NSS files like pkcs11.txt, cert9.db, key4.db . @@ -622,23 +621,22 @@ void DiagnosePublicSlotAndCrash(const base::FilePath& nss_path) { /*pattern=*/base::FilePath::StringType(), base::FileEnumerator::FolderSearchPolicy::MATCH_ONLY, base::FileEnumerator::ErrorPolicy::STOP_ENUMERATION); - ss << "Public slot database files:" << std::endl; + LOG(ERROR) << "Public slot database files:"; for (base::FilePath path = files.Next(); !path.empty(); path = files.Next()) { base::FileEnumerator::FileInfo file_info = files.GetInfo(); - ss << file_info.GetName() << ", "; - ss << std::oct << file_info.stat().st_mode << std::dec << ", "; - ss << "uid " << file_info.stat().st_uid << ", "; - ss << "gid " << file_info.stat().st_gid << ", "; - ss << file_info.stat().st_size << " bytes, "; char buf[16]; int read_result = base::ReadFile(path, buf, sizeof(buf) - 1); - ss << ((read_result > 0) ? "readable" : "not readable"); - ss << std::endl; + LOG(ERROR) << file_info.GetName() << ", " << std::oct + << file_info.stat().st_mode << std::dec << ", " + << "uid " << file_info.stat().st_uid << ", " + << "gid " << file_info.stat().st_gid << ", " + << file_info.stat().st_size << " bytes, " + << ((read_result > 0) ? "readable" : "not readable"); } - ss << "Enumerate error code: " << files.GetError() << std::endl; + LOG(ERROR) << "Enumerate error code: " << files.GetError(); } // NSS directory might not be created yet, also check parent directories. @@ -646,32 +644,32 @@ void DiagnosePublicSlotAndCrash(const base::FilePath& nss_path) { // access permissions. base::FilePath nssdb_path = nss_path.Append(base::FilePath::kParentDirectory); - PrintDirectoryInfo(ss, nssdb_path); + PrintDirectoryInfo(nssdb_path); base::FilePath pki_path = nssdb_path.Append(base::FilePath::kParentDirectory); - PrintDirectoryInfo(ss, pki_path); + PrintDirectoryInfo(pki_path); base::FilePath u_hash_path = pki_path.Append(base::FilePath::kParentDirectory); - PrintDirectoryInfo(ss, u_hash_path); + PrintDirectoryInfo(u_hash_path); { // Check whether the NSS path exists, and if not, check whether it's // possible to create it. if (base::DirectoryExists(nss_path)) { - ss << "NSS path exists." << std::endl; + LOG(ERROR) << "NSS path exists (as expected)."; } else { base::File::Error error = base::File::Error::FILE_OK; if (base::CreateDirectoryAndGetError(nss_path, &error)) { - ss << "NSS path didn't exist. Created successfully." << std::endl; + LOG(ERROR) << "NSS path didn't exist. Created successfully."; } else { - ss << "NSS path didn't exist. Failed to create, error: " << error - << std::endl; + LOG(ERROR) << "NSS path didn't exist. Failed to create, error: " + << error; } } } - CHECK(false) << ss.str(); + CHECK(false) << "Public slot is invalid."; } } // namespace crypto diff --git a/chromium/crypto/nss_util_internal.h b/chromium/crypto/nss_util_internal.h index 041351cbc62..b180b4fb8ae 100644 --- a/chromium/crypto/nss_util_internal.h +++ b/chromium/crypto/nss_util_internal.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,6 +12,7 @@ #include "base/callback.h" #include "base/memory/raw_ptr.h" #include "build/chromeos_buildflags.h" +#include "components/nacl/common/buildflags.h" #include "crypto/crypto_export.h" #include "crypto/scoped_nss_types.h" @@ -55,7 +56,7 @@ class CRYPTO_EXPORT AutoSECMODListReadLock { raw_ptr<SECMODListLock> lock_; }; -#if BUILDFLAG(IS_CHROMEOS_ASH) +#if BUILDFLAG(IS_CHROMEOS_ASH) && !BUILDFLAG(IS_MINIMAL_TOOLCHAIN) // Returns path to the NSS database file in the provided profile // directory. CRYPTO_EXPORT base::FilePath GetSoftwareNSSDBPath( @@ -140,7 +141,7 @@ CRYPTO_EXPORT void CloseChromeOSUserForTesting( CRYPTO_EXPORT void SetPrivateSoftwareSlotForChromeOSUserForTesting( ScopedPK11Slot slot); -#endif // BUILDFLAG(IS_CHROMEOS_ASH) +#endif // BUILDFLAG(IS_CHROMEOS_ASH) && !BUILDFLAG(IS_MINIMAL_TOOLCHAIN) // Loads the given module for this NSS session. SECMODModule* LoadNSSModule(const char* name, diff --git a/chromium/crypto/nss_util_unittest.cc b/chromium/crypto/nss_util_unittest.cc index 729d5bf1b35..b1006bc7d9b 100644 --- a/chromium/crypto/nss_util_unittest.cc +++ b/chromium/crypto/nss_util_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/openssl_util.cc b/chromium/crypto/openssl_util.cc index 71b26eacb5c..a5f466c92da 100644 --- a/chromium/crypto/openssl_util.cc +++ b/chromium/crypto/openssl_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/openssl_util.h b/chromium/crypto/openssl_util.h index 21ee9402458..cfcd811db82 100644 --- a/chromium/crypto/openssl_util.h +++ b/chromium/crypto/openssl_util.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/p224_spake.cc b/chromium/crypto/p224_spake.cc index cdbbd9afa98..49b331eb798 100644 --- a/chromium/crypto/p224_spake.cc +++ b/chromium/crypto/p224_spake.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/p224_spake.h b/chromium/crypto/p224_spake.h index 7a0995d5a5e..685f2876549 100644 --- a/chromium/crypto/p224_spake.h +++ b/chromium/crypto/p224_spake.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/p224_spake_unittest.cc b/chromium/crypto/p224_spake_unittest.cc index e1220c479c1..047787e74e6 100644 --- a/chromium/crypto/p224_spake_unittest.cc +++ b/chromium/crypto/p224_spake_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/random.cc b/chromium/crypto/random.cc index 500ef102073..ce4acb74292 100644 --- a/chromium/crypto/random.cc +++ b/chromium/crypto/random.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/random.h b/chromium/crypto/random.h index 2b0fcafbfec..2927c923a84 100644 --- a/chromium/crypto/random.h +++ b/chromium/crypto/random.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/random_unittest.cc b/chromium/crypto/random_unittest.cc index dfdcfd50775..5f3c547117a 100644 --- a/chromium/crypto/random_unittest.cc +++ b/chromium/crypto/random_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/rsa_private_key.cc b/chromium/crypto/rsa_private_key.cc index ad923b417a1..d601aa8e427 100644 --- a/chromium/crypto/rsa_private_key.cc +++ b/chromium/crypto/rsa_private_key.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/rsa_private_key.h b/chromium/crypto/rsa_private_key.h index 2ae2e715a7f..6a458a0b168 100644 --- a/chromium/crypto/rsa_private_key.h +++ b/chromium/crypto/rsa_private_key.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/rsa_private_key_unittest.cc b/chromium/crypto/rsa_private_key_unittest.cc index f9549f34186..67d3a9d86f1 100644 --- a/chromium/crypto/rsa_private_key_unittest.cc +++ b/chromium/crypto/rsa_private_key_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_capi_types.h b/chromium/crypto/scoped_capi_types.h index 5856001eb6d..6ce36e9eeb3 100644 --- a/chromium/crypto/scoped_capi_types.h +++ b/chromium/crypto/scoped_capi_types.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_mock_unexportable_key_provider.cc b/chromium/crypto/scoped_mock_unexportable_key_provider.cc index 7a2f36208e6..10006f39c09 100644 --- a/chromium/crypto/scoped_mock_unexportable_key_provider.cc +++ b/chromium/crypto/scoped_mock_unexportable_key_provider.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_mock_unexportable_key_provider.h b/chromium/crypto/scoped_mock_unexportable_key_provider.h index efafb9d6c50..301b1ee833d 100644 --- a/chromium/crypto/scoped_mock_unexportable_key_provider.h +++ b/chromium/crypto/scoped_mock_unexportable_key_provider.h @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_nss_types.h b/chromium/crypto/scoped_nss_types.h index ce86fc78ced..91bde0d0081 100644 --- a/chromium/crypto/scoped_nss_types.h +++ b/chromium/crypto/scoped_nss_types.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_nss_chromeos_user.cc b/chromium/crypto/scoped_test_nss_chromeos_user.cc index 2723007b2c0..b5e1c3352af 100644 --- a/chromium/crypto/scoped_test_nss_chromeos_user.cc +++ b/chromium/crypto/scoped_test_nss_chromeos_user.cc @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_nss_chromeos_user.h b/chromium/crypto/scoped_test_nss_chromeos_user.h index f77dd11aff8..81d7041d53d 100644 --- a/chromium/crypto/scoped_test_nss_chromeos_user.h +++ b/chromium/crypto/scoped_test_nss_chromeos_user.h @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_nss_db.cc b/chromium/crypto/scoped_test_nss_db.cc index 3edbcb5d9d9..b616d688745 100644 --- a/chromium/crypto/scoped_test_nss_db.cc +++ b/chromium/crypto/scoped_test_nss_db.cc @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_nss_db.h b/chromium/crypto/scoped_test_nss_db.h index 52f1eff73e5..f583c7a40bd 100644 --- a/chromium/crypto/scoped_test_nss_db.h +++ b/chromium/crypto/scoped_test_nss_db.h @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_system_nss_key_slot.cc b/chromium/crypto/scoped_test_system_nss_key_slot.cc index 4bc52bb8c2c..abf922d80e1 100644 --- a/chromium/crypto/scoped_test_system_nss_key_slot.cc +++ b/chromium/crypto/scoped_test_system_nss_key_slot.cc @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/scoped_test_system_nss_key_slot.h b/chromium/crypto/scoped_test_system_nss_key_slot.h index b50e1a1d428..5bade09677f 100644 --- a/chromium/crypto/scoped_test_system_nss_key_slot.h +++ b/chromium/crypto/scoped_test_system_nss_key_slot.h @@ -1,4 +1,4 @@ -// Copyright 2014 The Chromium Authors. All rights reserved. +// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/secure_hash.cc b/chromium/crypto/secure_hash.cc index 16540f449b4..b1f26e1f451 100644 --- a/chromium/crypto/secure_hash.cc +++ b/chromium/crypto/secure_hash.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/secure_hash.h b/chromium/crypto/secure_hash.h index 452c05156c5..dab23b0ee1f 100644 --- a/chromium/crypto/secure_hash.h +++ b/chromium/crypto/secure_hash.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/secure_hash_unittest.cc b/chromium/crypto/secure_hash_unittest.cc index b50be6f57aa..2b40a7da95d 100644 --- a/chromium/crypto/secure_hash_unittest.cc +++ b/chromium/crypto/secure_hash_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/secure_util.cc b/chromium/crypto/secure_util.cc index d52feadb661..a1ff9e45ccc 100644 --- a/chromium/crypto/secure_util.cc +++ b/chromium/crypto/secure_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/secure_util.h b/chromium/crypto/secure_util.h index cfe05ca1554..70a23c66edf 100644 --- a/chromium/crypto/secure_util.h +++ b/chromium/crypto/secure_util.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/sha2.cc b/chromium/crypto/sha2.cc index 33663c6d05b..540c2bfc3dd 100644 --- a/chromium/crypto/sha2.cc +++ b/chromium/crypto/sha2.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/sha2.h b/chromium/crypto/sha2.h index 1852bdee0dc..d4b3d6be05a 100644 --- a/chromium/crypto/sha2.h +++ b/chromium/crypto/sha2.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/sha2_unittest.cc b/chromium/crypto/sha2_unittest.cc index 27d6d25508c..dcfa27a182a 100644 --- a/chromium/crypto/sha2_unittest.cc +++ b/chromium/crypto/sha2_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_creator.cc b/chromium/crypto/signature_creator.cc index a074a9cbeb9..a0ddcaface7 100644 --- a/chromium/crypto/signature_creator.cc +++ b/chromium/crypto/signature_creator.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_creator.h b/chromium/crypto/signature_creator.h index 5fda91f2dc8..96cd18911c8 100644 --- a/chromium/crypto/signature_creator.h +++ b/chromium/crypto/signature_creator.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_creator_unittest.cc b/chromium/crypto/signature_creator_unittest.cc index 676b67d5613..ad192b92733 100644 --- a/chromium/crypto/signature_creator_unittest.cc +++ b/chromium/crypto/signature_creator_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_verifier.cc b/chromium/crypto/signature_verifier.cc index 542c7f671b8..f510546c589 100644 --- a/chromium/crypto/signature_verifier.cc +++ b/chromium/crypto/signature_verifier.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_verifier.h b/chromium/crypto/signature_verifier.h index 1a44dd5fb87..41ea947db42 100644 --- a/chromium/crypto/signature_verifier.h +++ b/chromium/crypto/signature_verifier.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/signature_verifier_unittest.cc b/chromium/crypto/signature_verifier_unittest.cc index 7aaac6cebf1..67bc11318b5 100644 --- a/chromium/crypto/signature_verifier_unittest.cc +++ b/chromium/crypto/signature_verifier_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/symmetric_key.cc b/chromium/crypto/symmetric_key.cc index 9dc71e9e43c..c8aa5171aef 100644 --- a/chromium/crypto/symmetric_key.cc +++ b/chromium/crypto/symmetric_key.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/symmetric_key.h b/chromium/crypto/symmetric_key.h index 65c43de37d4..a40ffa92a64 100644 --- a/chromium/crypto/symmetric_key.h +++ b/chromium/crypto/symmetric_key.h @@ -1,4 +1,4 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/symmetric_key_unittest.cc b/chromium/crypto/symmetric_key_unittest.cc index 4fd3838710f..0e515708e39 100644 --- a/chromium/crypto/symmetric_key_unittest.cc +++ b/chromium/crypto/symmetric_key_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright 2011 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/unexportable_key.cc b/chromium/crypto/unexportable_key.cc index c735638d0e1..44881136cdf 100644 --- a/chromium/crypto/unexportable_key.cc +++ b/chromium/crypto/unexportable_key.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,14 +8,6 @@ #include "base/check.h" #include "build/build_config.h" -#if BUILDFLAG(IS_WIN) -#include "base/metrics/histogram_functions.h" -#include "base/metrics/histogram_macros.h" -#include "base/task/task_traits.h" -#include "base/task/thread_pool.h" -#include "base/timer/elapsed_timer.h" -#endif // BUILDFLAG(IS_WIN) - namespace crypto { namespace { @@ -41,59 +33,6 @@ std::unique_ptr<UnexportableKeyProvider> GetUnexportableKeyProvider() { #endif } -#if BUILDFLAG(IS_WIN) -void MeasureTPMAvailabilityWin() { - // Measure the fraction of Windows machines that have TPMs, and what the best - // supported algorithm is. - base::ThreadPool::PostTask( - // GetUnexportableKeyProvider can call functions that take the global - // loader lock, so although BEST_EFFORT makes it low priority to start, - // once it starts it must run in a foreground thread to avoid priority - // inversions. - FROM_HERE, - {base::MayBlock(), base::TaskPriority::BEST_EFFORT, - base::ThreadPolicy::MUST_USE_FOREGROUND}, - base::BindOnce([]() { - // Note that values here are used in a recorded histogram. Don't change - // the values of existing members. - enum TPMSupport { - kNone = 0, - kRSA = 1, - kECDSA = 2, - kMaxValue = 2, - }; - - TPMSupport result = TPMSupport::kNone; - std::unique_ptr<UnexportableKeyProvider> provider = - GetUnexportableKeyProvider(); - if (provider) { - const SignatureVerifier::SignatureAlgorithm kAllAlgorithms[] = { - SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256, - SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA256, - }; - auto algo = provider->SelectAlgorithm(kAllAlgorithms); - if (algo) { - switch (*algo) { - case SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256: - result = TPMSupport::kECDSA; - break; - case SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA256: - result = TPMSupport::kRSA; - break; - case SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA1: - case SignatureVerifier::SignatureAlgorithm::RSA_PSS_SHA256: - // Not supported for this metric. - break; - } - } - } - // This metric was previously named Crypto.TPMSupport but that expired, - // so using a new name to avoid mixing up with old data. - base::UmaHistogramEnumeration("Crypto.TPMSupport2", result); - })); -} -#endif // BUILDFLAG(IS_WIN) - namespace internal { void SetUnexportableKeyProviderForTesting( diff --git a/chromium/crypto/unexportable_key.h b/chromium/crypto/unexportable_key.h index 2e352e47361..7113efe8b9d 100644 --- a/chromium/crypto/unexportable_key.h +++ b/chromium/crypto/unexportable_key.h @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -94,11 +94,6 @@ class CRYPTO_EXPORT UnexportableKeyProvider { CRYPTO_EXPORT std::unique_ptr<UnexportableKeyProvider> GetUnexportableKeyProvider(); -#if BUILDFLAG(IS_WIN) -// MeasureTPMAvailability records UMA metrics of TPM availability. -CRYPTO_EXPORT void MeasureTPMAvailabilityWin(); -#endif // BUILDFLAG(IS_WIN) - namespace internal { CRYPTO_EXPORT void SetUnexportableKeyProviderForTesting( diff --git a/chromium/crypto/unexportable_key_metrics.cc b/chromium/crypto/unexportable_key_metrics.cc new file mode 100644 index 00000000000..946be9bf574 --- /dev/null +++ b/chromium/crypto/unexportable_key_metrics.cc @@ -0,0 +1,178 @@ +// Copyright 2022 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "crypto/unexportable_key_metrics.h" + +#include "base/feature_list.h" +#include "base/metrics/histogram_functions.h" +#include "base/task/task_traits.h" +#include "base/task/thread_pool.h" +#include "base/timer/elapsed_timer.h" +#include "crypto/unexportable_key.h" + +namespace crypto { + +namespace { + +enum class TPMOperation { + kMessageSigning, + kMessageVerify, + kWrappedKeyCreation, + kNewKeyCreation, +}; + +std::string GetHistogramSuffixForOperation(TPMOperation operation) { + switch (operation) { + case TPMOperation::kMessageSigning: + return "MessageSigning"; + case TPMOperation::kMessageVerify: + return "MessageVerify"; + case TPMOperation::kNewKeyCreation: + return "NewKeyCreation"; + case TPMOperation::kWrappedKeyCreation: + return "WrappedKeyCreation"; + } + return ""; +} + +std::string GetHistogramSuffixForAlgo(internal::TPMSupport algo) { + switch (algo) { + case internal::TPMSupport::kECDSA: + return "ECDSA"; + case internal::TPMSupport::kRSA: + return "RSA"; + case internal::TPMSupport::kNone: + return ""; + } + return ""; +} + +void ReportUmaLatency(TPMOperation operation, + internal::TPMSupport algo, + base::TimeDelta latency) { + std::string histogram_name = "Crypto.TPMDuration." + + GetHistogramSuffixForOperation(operation) + + GetHistogramSuffixForAlgo(algo); + base::UmaHistogramMediumTimes(histogram_name, latency); +} + +void ReportUmaOperationSuccess(TPMOperation operation, + internal::TPMSupport algo, + bool status) { + std::string histogram_name = "Crypto.TPMOperation." + + GetHistogramSuffixForOperation(operation) + + GetHistogramSuffixForAlgo(algo); + base::UmaHistogramBoolean(histogram_name, status); +} + +void ReportUmaTpmOperation(TPMOperation operation, + internal::TPMSupport algo, + base::TimeDelta latency, + bool status) { + ReportUmaOperationSuccess(operation, algo, status); + if (status && operation != TPMOperation::kMessageVerify) { + // Only report latency for successful operations + // No latency reported for verification that is done outside of TPM + ReportUmaLatency(operation, algo, latency); + } +} + +void MeasureTpmOperationsInternal() { + internal::TPMSupport supported_algo = internal::TPMSupport::kNone; + std::unique_ptr<UnexportableKeyProvider> provider = + GetUnexportableKeyProvider(); + if (!provider) { + return; + } + + const SignatureVerifier::SignatureAlgorithm kAllAlgorithms[] = { + SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256, + SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA256, + }; + + auto algo = provider->SelectAlgorithm(kAllAlgorithms); + if (algo) { + switch (*algo) { + case SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256: + supported_algo = internal::TPMSupport::kECDSA; + break; + case SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA256: + supported_algo = internal::TPMSupport::kRSA; + break; + case SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA1: + case SignatureVerifier::SignatureAlgorithm::RSA_PSS_SHA256: + // Not supported for this metric. + break; + } + } + + // Report if TPM is supported and best algo + base::UmaHistogramEnumeration("Crypto.TPMSupport2", supported_algo); + if (supported_algo == internal::TPMSupport::kNone) { + return; + } + + base::ElapsedTimer key_creation_timer; + std::unique_ptr<UnexportableSigningKey> current_key = + provider->GenerateSigningKeySlowly(kAllAlgorithms); + ReportUmaTpmOperation(TPMOperation::kNewKeyCreation, supported_algo, + key_creation_timer.Elapsed(), current_key != nullptr); + if (!current_key) { + return; + } + + base::ElapsedTimer wrapped_key_creation_timer; + std::unique_ptr<UnexportableSigningKey> wrapped_key = + provider->FromWrappedSigningKeySlowly(current_key->GetWrappedKey()); + ReportUmaTpmOperation(TPMOperation::kWrappedKeyCreation, supported_algo, + wrapped_key_creation_timer.Elapsed(), + wrapped_key != nullptr); + + const uint8_t msg[] = {1, 2, 3, 4}; + base::ElapsedTimer message_signing_timer; + absl::optional<std::vector<uint8_t>> signed_bytes = + current_key->SignSlowly(msg); + ReportUmaTpmOperation(TPMOperation::kMessageSigning, supported_algo, + message_signing_timer.Elapsed(), + signed_bytes.has_value()); + if (!signed_bytes.has_value()) { + return; + } + + crypto::SignatureVerifier verifier; + bool verify_init = + verifier.VerifyInit(current_key->Algorithm(), signed_bytes.value(), + current_key->GetSubjectPublicKeyInfo()); + if (verify_init) { + verifier.VerifyUpdate(msg); + bool verify_final = verifier.VerifyFinal(); + ReportUmaOperationSuccess(TPMOperation::kMessageVerify, supported_algo, + verify_final); + } else { + ReportUmaOperationSuccess(TPMOperation::kMessageVerify, supported_algo, + verify_init); + } +} + +} // namespace + +namespace internal { + +void MeasureTpmOperationsInternalForTesting() { + MeasureTpmOperationsInternal(); +} + +} // namespace internal + +void MaybeMeasureTpmOperations() { + static BASE_FEATURE(kTpmLatencyMetrics, "TpmLatencyMetrics", + base::FEATURE_ENABLED_BY_DEFAULT); + if (base::FeatureList::IsEnabled(kTpmLatencyMetrics)) { + base::ThreadPool::PostTask( + FROM_HERE, {base::MayBlock(), base::TaskPriority::BEST_EFFORT}, + base::BindOnce(&MeasureTpmOperationsInternal)); + } +} + +} // namespace crypto diff --git a/chromium/crypto/unexportable_key_metrics.h b/chromium/crypto/unexportable_key_metrics.h new file mode 100644 index 00000000000..882bfe3d173 --- /dev/null +++ b/chromium/crypto/unexportable_key_metrics.h @@ -0,0 +1,34 @@ +// Copyright 2022 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CRYPTO_UNEXPORTABLE_KEY_METRICS_H_ +#define CRYPTO_UNEXPORTABLE_KEY_METRICS_H_ + +#include "crypto/crypto_export.h" + +namespace crypto { + +// Records UMA metrics of TPM availability, latency and successful usage. +// Does the work on a new background task. +CRYPTO_EXPORT void MaybeMeasureTpmOperations(); + +// internal namespace to be used by tests only +namespace internal { + +// Note that values here are used in a recorded histogram. Don't change +// the values of existing members. +enum class TPMSupport { + kNone = 0, + kRSA = 1, + kECDSA = 2, + kMaxValue = 2, +}; + +// Exported for testing +CRYPTO_EXPORT void MeasureTpmOperationsInternalForTesting(); +} // namespace internal + +} // namespace crypto + +#endif // CRYPTO_UNEXPORTABLE_KEY_METRICS_H_ diff --git a/chromium/crypto/unexportable_key_metrics_unittest.cc b/chromium/crypto/unexportable_key_metrics_unittest.cc new file mode 100644 index 00000000000..1afa17e4a1a --- /dev/null +++ b/chromium/crypto/unexportable_key_metrics_unittest.cc @@ -0,0 +1,57 @@ +// Copyright 2022 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "crypto/unexportable_key_metrics.h" + +#include "base/test/metrics/histogram_tester.h" +#include "crypto/scoped_mock_unexportable_key_provider.h" +#include "crypto/signature_verifier.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace { + +// Note mock provider only supports ECDSA +TEST(UnexportableKeyMetricTest, GatherAllMetrics) { + crypto::ScopedMockUnexportableKeyProvider scoped_mock_key_provider; + + base::HistogramTester histogram_tester; + histogram_tester.ExpectTotalCount("Crypto.TPMSupport2", 0); + histogram_tester.ExpectTotalCount("Crypto.TPMDuration.NewKeyCreationECDSA", + 0); + histogram_tester.ExpectTotalCount( + "Crypto.TPMDuration.WrappedKeyCreationECDSA", 0); + histogram_tester.ExpectTotalCount("Crypto.TPMDuration.MessageSigningECDSA", + 0); + histogram_tester.ExpectTotalCount("Crypto.TPMOperation.NewKeyCreation", 0); + histogram_tester.ExpectTotalCount("Crypto.TPMOperation.WrappedKeyCreation", + 0); + histogram_tester.ExpectTotalCount("Crypto.TPMOperation.MessageSigning", 0); + histogram_tester.ExpectTotalCount("Crypto.TPMOperation.MessageVerify", 0); + + crypto::internal::MeasureTpmOperationsInternalForTesting(); + + EXPECT_THAT( + histogram_tester.GetAllSamples("Crypto.TPMSupport2"), + BucketsAre(base::Bucket(crypto::internal::TPMSupport::kECDSA, 1))); + histogram_tester.ExpectTotalCount("Crypto.TPMDuration.NewKeyCreationECDSA", + 1); + histogram_tester.ExpectTotalCount( + "Crypto.TPMDuration.WrappedKeyCreationECDSA", 1); + histogram_tester.ExpectTotalCount("Crypto.TPMDuration.MessageSigningECDSA", + 1); + EXPECT_THAT( + histogram_tester.GetAllSamples("Crypto.TPMOperation.NewKeyCreationECDSA"), + BucketsAre(base::Bucket(true, 1))); + EXPECT_THAT(histogram_tester.GetAllSamples( + "Crypto.TPMOperation.WrappedKeyCreationECDSA"), + BucketsAre(base::Bucket(true, 1))); + EXPECT_THAT( + histogram_tester.GetAllSamples("Crypto.TPMOperation.MessageSigningECDSA"), + BucketsAre(base::Bucket(true, 1))); + EXPECT_THAT( + histogram_tester.GetAllSamples("Crypto.TPMOperation.MessageVerifyECDSA"), + BucketsAre(base::Bucket(true, 1))); +} + +} // namespace diff --git a/chromium/crypto/unexportable_key_unittest.cc b/chromium/crypto/unexportable_key_unittest.cc index b0f10c95d1b..85c97df0e9a 100644 --- a/chromium/crypto/unexportable_key_unittest.cc +++ b/chromium/crypto/unexportable_key_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. diff --git a/chromium/crypto/unexportable_key_win.cc b/chromium/crypto/unexportable_key_win.cc index c13f43d368d..99f9c3afd54 100644 --- a/chromium/crypto/unexportable_key_win.cc +++ b/chromium/crypto/unexportable_key_win.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2021 The Chromium Authors. All rights reserved. +// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -19,6 +19,7 @@ #include "base/strings/sys_string_conversions.h" #include "base/strings/utf_string_conversions.h" #include "base/threading/scoped_blocking_call.h" +#include "base/threading/scoped_thread_priority.h" #include "crypto/random.h" #include "crypto/sha2.h" #include "crypto/unexportable_key.h" @@ -85,6 +86,7 @@ absl::optional<SignatureVerifier::SignatureAlgorithm> GetBestSupported( continue; } + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); if (!FAILED(NCryptIsAlgSupported(provider, *bcrypto_algo_name, /*flags=*/0))) { return algo; @@ -97,6 +99,7 @@ absl::optional<SignatureVerifier::SignatureAlgorithm> GetBestSupported( // GetKeyProperty returns the given NCrypt key property of |key|. absl::optional<std::vector<uint8_t>> GetKeyProperty(NCRYPT_KEY_HANDLE key, LPCWSTR property) { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); DWORD size; if (FAILED(NCryptGetProperty(key, property, nullptr, 0, &size, 0))) { return absl::nullopt; @@ -115,6 +118,7 @@ absl::optional<std::vector<uint8_t>> GetKeyProperty(NCRYPT_KEY_HANDLE key, // ExportKey returns |key| exported in the given format or nullopt on error. absl::optional<std::vector<uint8_t>> ExportKey(NCRYPT_KEY_HANDLE key, LPCWSTR format) { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); DWORD output_size; if (FAILED(NCryptExportKey(key, 0, format, nullptr, nullptr, 0, &output_size, 0))) { @@ -254,10 +258,13 @@ class ECDSAKey : public UnexportableSigningKey { // ECDSA. std::vector<uint8_t> sig(64); DWORD sig_size; - if (FAILED(NCryptSignHash(key_.get(), nullptr, digest.data(), digest.size(), - sig.data(), sig.size(), &sig_size, - NCRYPT_SILENT_FLAG))) { - return absl::nullopt; + { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); + if (FAILED(NCryptSignHash(key_.get(), nullptr, digest.data(), + digest.size(), sig.data(), sig.size(), + &sig_size, NCRYPT_SILENT_FLAG))) { + return absl::nullopt; + } } CHECK_EQ(sig.size(), sig_size); @@ -312,6 +319,7 @@ class RSAKey : public UnexportableSigningKey { padding_info.pszAlgId = NCRYPT_SHA256_ALGORITHM; DWORD sig_size; + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); if (FAILED(NCryptSignHash(key_.get(), &padding_info, digest.data(), digest.size(), nullptr, 0, &sig_size, NCRYPT_SILENT_FLAG | BCRYPT_PAD_PKCS1))) { @@ -346,13 +354,16 @@ class UnexportableKeyProviderWin : public UnexportableKeyProvider { base::span<const SignatureVerifier::SignatureAlgorithm> acceptable_algorithms) override { ScopedProvider provider; - if (FAILED(NCryptOpenStorageProvider( - ScopedProvider::Receiver(provider).get(), - MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { - // If the operation failed then |provider| doesn't have a valid handle in - // it and we shouldn't try to free it. - std::ignore = provider.release(); - return absl::nullopt; + { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); + if (FAILED(NCryptOpenStorageProvider( + ScopedProvider::Receiver(provider).get(), + MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { + // If the operation failed then |provider| doesn't have a valid handle + // in it and we shouldn't try to free it. + std::ignore = provider.release(); + return absl::nullopt; + } } return GetBestSupported(provider.get(), acceptable_algorithms); @@ -365,13 +376,16 @@ class UnexportableKeyProviderWin : public UnexportableKeyProvider { FROM_HERE, base::BlockingType::WILL_BLOCK); ScopedProvider provider; - if (FAILED(NCryptOpenStorageProvider( - ScopedProvider::Receiver(provider).get(), - MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { - // If the operation failed when |provider| doesn't have a valid handle in - // it and we shouldn't try to free it. - std::ignore = provider.release(); - return nullptr; + { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); + if (FAILED(NCryptOpenStorageProvider( + ScopedProvider::Receiver(provider).get(), + MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { + // If the operation failed when |provider| doesn't have a valid handle + // in it and we shouldn't try to free it. + std::ignore = provider.release(); + return nullptr; + } } absl::optional<SignatureVerifier::SignatureAlgorithm> algo = @@ -381,19 +395,22 @@ class UnexportableKeyProviderWin : public UnexportableKeyProvider { } ScopedKey key; - // An empty key name stops the key being persisted to disk. - if (FAILED(NCryptCreatePersistedKey( - provider.get(), ScopedKey::Receiver(key).get(), - BCryptAlgorithmFor(*algo).value(), /*pszKeyName=*/nullptr, - /*dwLegacyKeySpec=*/0, /*dwFlags=*/0))) { - // If the operation failed then |key| doesn't have a valid handle in it - // and we shouldn't try and free it. - std::ignore = key.release(); - return nullptr; - } + { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); + // An empty key name stops the key being persisted to disk. + if (FAILED(NCryptCreatePersistedKey( + provider.get(), ScopedKey::Receiver(key).get(), + BCryptAlgorithmFor(*algo).value(), /*pszKeyName=*/nullptr, + /*dwLegacyKeySpec=*/0, /*dwFlags=*/0))) { + // If the operation failed then |key| doesn't have a valid handle in it + // and we shouldn't try and free it. + std::ignore = key.release(); + return nullptr; + } - if (FAILED(NCryptFinalizeKey(key.get(), NCRYPT_SILENT_FLAG))) { - return nullptr; + if (FAILED(NCryptFinalizeKey(key.get(), NCRYPT_SILENT_FLAG))) { + return nullptr; + } } const absl::optional<std::vector<uint8_t>> wrapped_key = @@ -431,25 +448,28 @@ class UnexportableKeyProviderWin : public UnexportableKeyProvider { FROM_HERE, base::BlockingType::WILL_BLOCK); ScopedProvider provider; - if (FAILED(NCryptOpenStorageProvider( - ScopedProvider::Receiver(provider).get(), - MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { - // If the operation failed when |provider| doesn't have a valid handle in - // it and we shouldn't try to free it. - std::ignore = provider.release(); - return nullptr; - } - ScopedKey key; - if (FAILED(NCryptImportKey( - provider.get(), /*hImportKey=*/NULL, BCRYPT_OPAQUE_KEY_BLOB, - /*pParameterList=*/nullptr, ScopedKey::Receiver(key).get(), - const_cast<PBYTE>(wrapped.data()), wrapped.size(), - /*dwFlags=*/NCRYPT_SILENT_FLAG))) { - // If the operation failed then |key| doesn't have a valid handle in it - // and we shouldn't try and free it. - std::ignore = key.release(); - return nullptr; + { + SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY(); + if (FAILED(NCryptOpenStorageProvider( + ScopedProvider::Receiver(provider).get(), + MS_PLATFORM_CRYPTO_PROVIDER, /*flags=*/0))) { + // If the operation failed when |provider| doesn't have a valid handle + // in it and we shouldn't try to free it. + std::ignore = provider.release(); + return nullptr; + } + + if (FAILED(NCryptImportKey( + provider.get(), /*hImportKey=*/NULL, BCRYPT_OPAQUE_KEY_BLOB, + /*pParameterList=*/nullptr, ScopedKey::Receiver(key).get(), + const_cast<PBYTE>(wrapped.data()), wrapped.size(), + /*dwFlags=*/NCRYPT_SILENT_FLAG))) { + // If the operation failed then |key| doesn't have a valid handle in it + // and we shouldn't try and free it. + std::ignore = key.release(); + return nullptr; + } } const absl::optional<std::vector<uint8_t>> algo_bytes = |