From 211c6e459c4b3cad323aed8a39911eae3e777e63 Mon Sep 17 00:00:00 2001
From: markusheintz <markusheintz@chromium.org>
Date: Tue, 2 Dec 2014 04:13:59 -0800
Subject: [PATCH] Revert of Switch Windows over to BoringSSL from NSS.
 (patchset #2 id:20001 of https://codereview.chromium.org/765603002/)

Reason for revert:
breaks gn build
http://build.chromium.org/p/chromium.win/buildstatus?builder=Win8%20GN&number=1126

Original issue's description:
> Switch Windows over to BoringSSL from NSS.
>
> This is a much much larger change than the diff suggests. If it
> breaks something, please revert first and ask questions later.
>
> BUG=338884
>
> Committed: https://crrev.com/deaca2e618f14a475045cefcbe03d18eb79aaff7
> Cr-Commit-Position: refs/heads/master@{#306358}

TBR=rsleevi@chromium.org,brettw@chromium.org,davidben@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG=338884

Review URL: https://codereview.chromium.org/769223002

Cr-Commit-Position: refs/heads/master@{#306370}
---
 build/common.gypi                   | 4 ++--
 build/config/crypto.gni             | 7 +++----
 net/ssl/openssl_platform_key_win.cc | 2 +-
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/build/common.gypi b/build/common.gypi
index ee22f330226c..8c8bfc1003d5 100644
--- a/build/common.gypi
+++ b/build/common.gypi
@@ -213,8 +213,8 @@
             'enable_hidpi%': 1,
           }],
 
-          # Enable the OpenSSL backend on Mac OS and Windows.
-          ['OS=="mac" or OS=="win"', {
+          # Enable the OpenSSL backend on Mac OS.
+          ['OS=="mac"', {
             'use_openssl%': 1,
           }],
 
diff --git a/build/config/crypto.gni b/build/config/crypto.gni
index ee23569f9b2a..20004c3edd5f 100644
--- a/build/config/crypto.gni
+++ b/build/config/crypto.gni
@@ -8,10 +8,9 @@
 # the global build dependency on it should be removed.
 
 declare_args() {
-  # Use OpenSSL instead of NSS. This is used for Android, Mac, NaCl untrusted
-  # code, and Windows, and is experimental in other cases (see
-  # http://crbug.com/62803).
-  use_openssl = is_android || is_mac || is_nacl || is_win
+  # Use OpenSSL instead of NSS. This is used for Android, Mac, and NaCl untrusted
+  # code, and is experimental in other cases (see http://crbug.com/62803).
+  use_openssl = is_android || is_mac || is_nacl
 }
 
 # True when we're using OpenSSL for certificate verification and storage. We
diff --git a/net/ssl/openssl_platform_key_win.cc b/net/ssl/openssl_platform_key_win.cc
index 81e2ed91a1dd..8c9589afe0d0 100644
--- a/net/ssl/openssl_platform_key_win.cc
+++ b/net/ssl/openssl_platform_key_win.cc
@@ -506,7 +506,7 @@ int EcdsaMethodSign(const uint8_t* digest,
 
   // Ensure the DER-encoded signature fits in the bounds.
   int len = i2d_ECDSA_SIG(sig.get(), nullptr);
-  if (len < 0 || static_cast<size_t>(len) > ECDSA_size(ec_key)) {
+  if (len < 0 || len > ECDSA_size(ec_key)) {
     OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);
     return 0;
   }
-- 
2.11.4.GIT