diff options
| author | Cronet Mainline Eng <cronet-mainline-eng+copybara@google.com> | 2023-08-14 17:15:38 +0000 |
|---|---|---|
| committer | Mohannad Farrag <aymanm@google.com> | 2023-08-14 17:22:36 +0000 |
| commit | ec3a8e8db24bb3ce4b078106b358ca1c4389c14f (patch) | |
| tree | 823f64849ad509483bfebb2252199a5fe79b8e43 /crypto/unexportable_key_win.cc | |
| parent | d12afe756882b2521faa0b33cbd4813fcea04c22 (diff) | |
| download | cronet-ec3a8e8db24bb3ce4b078106b358ca1c4389c14f.tar.gz | |
Import Cronet version 117.0.5938.0
Project import generated by Copybara.
FolderOrigin-RevId: /tmp/copybara-origin/src
Change-Id: Ib7683d0ed240e11ed9068152600c8092afba4571
Diffstat (limited to 'crypto/unexportable_key_win.cc')
| -rw-r--r-- | crypto/unexportable_key_win.cc | 40 |
1 files changed, 24 insertions, 16 deletions
diff --git a/crypto/unexportable_key_win.cc b/crypto/unexportable_key_win.cc index 18306034b..41e5d8bb8 100644 --- a/crypto/unexportable_key_win.cc +++ b/crypto/unexportable_key_win.cc @@ -524,28 +524,32 @@ class ECDSASoftwareKey : public VirtualUnexportableSigningKey { absl::optional<std::vector<uint8_t>> Sign( base::span<const uint8_t> data) override { - if (!valid_) { + if (!key_.is_valid()) { return absl::nullopt; } return SignECDSA(key_.get(), data); } - bool DeleteKey() override { - if (!valid_) { - return false; + void DeleteKey() override { + if (!key_.is_valid()) { + return; } - auto status = NCryptDeleteKey(key_.get(), NCRYPT_SILENT_FLAG); - valid_ = false; - return !FAILED(status); + // If key deletion succeeds, NCryptDeleteKey frees the key. To avoid double + // free, we need to release the key from the ScopedNCryptKey RAII object. + // Key deletion can fail in circumstances which are not under the + // application's control. For these cases, ScopedNCrypt key should free the + // key. + if (NCryptDeleteKey(key_.get(), NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { + static_cast<void>(key_.release()); + } } private: ScopedNCryptKey key_; const std::string name_; const std::vector<uint8_t> spki_; - bool valid_ = true; }; // RSASoftwareKey wraps a Credential Guard stored RSA key. @@ -568,28 +572,32 @@ class RSASoftwareKey : public VirtualUnexportableSigningKey { absl::optional<std::vector<uint8_t>> Sign( base::span<const uint8_t> data) override { - if (!valid_) { + if (!key_.is_valid()) { return absl::nullopt; } return SignRSA(key_.get(), data); } - bool DeleteKey() override { - if (!valid_) { - return false; + void DeleteKey() override { + if (!key_.is_valid()) { + return; } - auto status = NCryptDeleteKey(key_.get(), NCRYPT_SILENT_FLAG); - valid_ = false; - return !FAILED(status); + // If key deletion succeeds, NCryptDeleteKey frees the key. To avoid double + // free, we need to release the key from the ScopedNCryptKey RAII object. + // Key deletion can fail in circumstances which are not under the + // application's control. For these cases, ScopedNCrypt key should free the + // key. + if (NCryptDeleteKey(key_.get(), NCRYPT_SILENT_FLAG) == ERROR_SUCCESS) { + static_cast<void>(key_.release()); + } } private: ScopedNCryptKey key_; std::string name_; const std::vector<uint8_t> spki_; - bool valid_ = true; }; // UnexportableKeyProviderWin uses NCrypt and the Platform Crypto |