gecko-dev/security/pkix
David Keeler 5bfa1a1ac8 bug 1430906 - don't hold around a test key forever in mozilla::pkix gtests r=franziskus
Before this patch, mozilla::pkix gtests would generate a public/private key pair
and stash it in a global variable. Since this wasn't part of XPCOM nor tracked
by the PSM/NSS shutdown machinery, it wouldn't get released at the appropriate
time. The solution to this is to generate the key and then essentially export it
as data, so no NSS objects are held alive. Since NSS considers private keys
stored in the persistent database sensitive and won't export them in the clear,
we "encrypt" the key material with an empty password so we can import it when
necessary. (While the gtests don't use persistent keys, the test utilties in the
gtests are also used by some xpcshell tests that do use persistent keys, hence
the need to encrypt the key material.)

--HG--
extra : rebase_source : df10c25a462a3ba0396f5ba4a43a52fb924548ff
extra : amend_source : d95722891e49a99c471046cd9c758e914a02838e
2018-01-12 13:57:51 -08:00
..
include/pkix
lib Bug 1198481 - Fixed typo 'id_pk_serverAuth' to 'id_kp_serverAuth'. r=keeler 2017-12-02 18:03:18 +05:30
test bug 1430906 - don't hold around a test key forever in mozilla::pkix gtests r=franziskus 2018-01-12 13:57:51 -08:00
tools
moz.build Bug 1394734 - Replace CONFIG['MSVC'] by CONFIG['CC_TYPE'] r=glandium 2017-12-08 13:46:13 +01:00
warnings.mozbuild Bug 1394734 - Replace CONFIG['MSVC'] by CONFIG['CC_TYPE'] r=glandium 2017-12-08 13:46:13 +01:00