--- a/dom/crypto/CryptoKey.cpp
+++ b/dom/crypto/CryptoKey.cpp
@@ -325,26 +325,26 @@ CryptoKey::AddPublicKeyData(SECKEYPublic
// There should be a private NSS key with type 'EC'.
MOZ_ASSERT(mPrivateKey && mPrivateKey->keyType == ecKey);
// The given public key should have the same key type.
MOZ_ASSERT(aPublicKey->keyType == mPrivateKey->keyType);
nsNSSShutDownPreventionLock locker;
// Read EC params.
- ScopedSECItem params(::SECITEM_AllocItem(nullptr, nullptr, 0));
+ ScopedAutoSECItem params;
SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, mPrivateKey,
- CKA_EC_PARAMS, params);
+ CKA_EC_PARAMS, ¶ms);
if (rv != SECSuccess) {
return NS_ERROR_DOM_OPERATION_ERR;
}
// Read private value.
- ScopedSECItem value(::SECITEM_AllocItem(nullptr, nullptr, 0));
- rv = PK11_ReadRawAttribute(PK11_TypePrivKey, mPrivateKey, CKA_VALUE, value);
+ ScopedAutoSECItem value;
+ rv = PK11_ReadRawAttribute(PK11_TypePrivKey, mPrivateKey, CKA_VALUE, &value);
if (rv != SECSuccess) {
return NS_ERROR_DOM_OPERATION_ERR;
}
SECItem* point = &aPublicKey->u.ec.publicValue;
CK_OBJECT_CLASS privateKeyValue = CKO_PRIVATE_KEY;
CK_BBOOL falseValue = CK_FALSE;
CK_KEY_TYPE ecValue = CKK_EC;
@@ -352,19 +352,19 @@ CryptoKey::AddPublicKeyData(SECKEYPublic
CK_ATTRIBUTE keyTemplate[9] = {
{ CKA_CLASS, &privateKeyValue, sizeof(privateKeyValue) },
{ CKA_KEY_TYPE, &ecValue, sizeof(ecValue) },
{ CKA_TOKEN, &falseValue, sizeof(falseValue) },
{ CKA_SENSITIVE, &falseValue, sizeof(falseValue) },
{ CKA_PRIVATE, &falseValue, sizeof(falseValue) },
// PrivateKeyFromPrivateKeyTemplate sets the ID.
{ CKA_ID, nullptr, 0 },
- { CKA_EC_PARAMS, params->data, params->len },
+ { CKA_EC_PARAMS, params.data, params.len },
{ CKA_EC_POINT, point->data, point->len },
- { CKA_VALUE, value->data, value->len },
+ { CKA_VALUE, value.data, value.len },
};
mPrivateKey = PrivateKeyFromPrivateKeyTemplate(keyTemplate,
ArrayLength(keyTemplate));
NS_ENSURE_TRUE(mPrivateKey, NS_ERROR_DOM_OPERATION_ERR);
return NS_OK;
}
@@ -847,28 +847,24 @@ CryptoKey::PrivateKeyFromJwk(const JsonW
return nullptr;
}
bool ReadAndEncodeAttribute(SECKEYPrivateKey* aKey,
CK_ATTRIBUTE_TYPE aAttribute,
Optional<nsString>& aDst)
{
- ScopedSECItem item(::SECITEM_AllocItem(nullptr, nullptr, 0));
- if (!item) {
- return false;
- }
-
- if (PK11_ReadRawAttribute(PK11_TypePrivKey, aKey, aAttribute, item)
+ ScopedAutoSECItem item;
+ if (PK11_ReadRawAttribute(PK11_TypePrivKey, aKey, aAttribute, &item)
!= SECSuccess) {
return false;
}
CryptoBuffer buffer;
- if (!buffer.Assign(item)) {
+ if (!buffer.Assign(&item)) {
return false;
}
if (NS_FAILED(buffer.ToJwkBase64(aDst.Value()))) {
return false;
}
return true;
@@ -966,32 +962,32 @@ CryptoKey::PrivateKeyToJwk(SECKEYPrivate
return NS_ERROR_DOM_OPERATION_ERR;
}
aRetVal.mKty = NS_LITERAL_STRING(JWK_TYPE_RSA);
return NS_OK;
}
case ecKey: {
// Read EC params.
- ScopedSECItem params(::SECITEM_AllocItem(nullptr, nullptr, 0));
+ ScopedAutoSECItem params;
SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, aPrivKey,
- CKA_EC_PARAMS, params);
+ CKA_EC_PARAMS, ¶ms);
if (rv != SECSuccess) {
return NS_ERROR_DOM_OPERATION_ERR;
}
// Read public point Q.
- ScopedSECItem ecPoint(::SECITEM_AllocItem(nullptr, nullptr, 0));
+ ScopedAutoSECItem ecPoint;
rv = PK11_ReadRawAttribute(PK11_TypePrivKey, aPrivKey, CKA_EC_POINT,
- ecPoint);
+ &ecPoint);
if (rv != SECSuccess) {
return NS_ERROR_DOM_OPERATION_ERR;
}
- if (!ECKeyToJwk(PK11_TypePrivKey, aPrivKey, params, ecPoint, aRetVal)) {
+ if (!ECKeyToJwk(PK11_TypePrivKey, aPrivKey, ¶ms, &ecPoint, aRetVal)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
aRetVal.mD.Construct();
// Read private value.
if (!ReadAndEncodeAttribute(aPrivKey, CKA_VALUE, aRetVal.mD)) {
return NS_ERROR_DOM_OPERATION_ERR;