[go: nahoru, domu]
Google Git
Sign in
chromium / chromium / src / 869e4212ba8bc726c216eaa676cf02c483cb9994^! / . / crypto / unexportable_key.h
commit869e4212ba8bc726c216eaa676cf02c483cb9994[log] [tgz]
authorAlex Ilin <alexilin@chromium.org>Mon Jul 17 23:22:26 2023
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Jul 17 23:22:26 2023
tree22cfd76c557acd7572e7df09ad528e0a93db8574
parentfb2a5d9da8198fa8ee811bd150ac59a6123f443a [diff] [blame]
Reland "[DBSC] Make it easier to test binding keys on Linux and Mac"

This is a reland of commit 964303340b500b4c1d2e10fa00c3a91f9a786149

Orignal CL wasn't the cause for the test failures:
https://crbug.com/1464248#c3

Original change's description:
> [DBSC] Make it easier to test binding keys on Linux and Mac
>
> //crypto currently has an UnexportableKeyProvider support on Windows
> only. Since most of the future developers work on Linux and Mac, it will
> be helpful to be able to test the feature on these platforms.
>
> To facilite local development, this CL adds a mock software-backed
> implementation of an UnexportableKeyProvider behind a feature flag. This
> feature flag is expected to never be shipped to end users.
>
> The flag is checked on the UnexportableKeyService level, so only
> DBSC-related code will switch to an insecure implementation.
>
> Bug: b/290640296
> Change-Id: Iccd1d0c1733d3f5472380023377bd81df4e3f933
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4675882
> Reviewed-by: Adam Langley <agl@chromium.org>
> Reviewed-by: Kristian Monsen <kristianm@chromium.org>
> Commit-Queue: Alex Ilin <alexilin@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1168616}

Bug: b/290640296, 1464248
Change-Id: Ie749b8a48c2435d389bb13e5a9b69ccd7dbb7755
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4681330
Reviewed-by: Adam Langley <agl@chromium.org>
Commit-Queue: Adam Langley <agl@chromium.org>
Reviewed-by: Kristian Monsen <kristianm@chromium.org>
Auto-Submit: Alex Ilin <alexilin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1171456}

diff --git a/crypto/unexportable_key.h b/crypto/unexportable_key.h
index 61c25be..63acf4b6 100644
--- a/crypto/unexportable_key.h
+++ b/crypto/unexportable_key.h

@@ -191,6 +191,14 @@
 CRYPTO_EXPORT std::unique_ptr<VirtualUnexportableKeyProvider>
 GetVirtualUnexportableKeyProvider_DO_NOT_USE_METRICS_ONLY();
 
+// `GetSoftwareUnsecureUnexportableKeyProvider()` returns a mock software
+// implementation of `UnexportableKeyProvider` that can be used on platforms
+// that do not have a native secure implementation.
+// This should be used for development purposes only since these keys are not
+// backed by hardware and are not stored securely.
+CRYPTO_EXPORT std::unique_ptr<UnexportableKeyProvider>
+GetSoftwareUnsecureUnexportableKeyProvider();
+
 namespace internal {
 
 CRYPTO_EXPORT void SetUnexportableKeyProviderForTesting(