Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(265)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/keygen_handler_nss.cc

Issue 2668005: Bring the handling of <keygen> and support for the application/x-x509-user-ce... (Closed) Base URL: http://src.chromium.org/svn/trunk/src/
Patch Set: Whitespace/style Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/keygen_handler_mac.cc ('k') | net/base/keygen_handler_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/keygen_handler.h" 5 #include "net/base/keygen_handler.h"
6 6
7 #include <pk11pub.h> 7 #include <pk11pub.h>
8 #include <secmod.h> 8 #include <secmod.h>
9 #include <ssl.h> 9 #include <ssl.h>
10 #include <secder.h> // DER_Encode() 10 #include <secder.h> // DER_Encode()
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
45 DERTemplate CERTPublicKeyAndChallengeTemplate[] = { 45 DERTemplate CERTPublicKeyAndChallengeTemplate[] = {
46 { DER_SEQUENCE, 46 { DER_SEQUENCE,
47 0, NULL, sizeof(CERTPublicKeyAndChallenge) }, 47 0, NULL, sizeof(CERTPublicKeyAndChallenge) },
48 { DER_ANY, 48 { DER_ANY,
49 offsetof(CERTPublicKeyAndChallenge, spki), }, 49 offsetof(CERTPublicKeyAndChallenge, spki), },
50 { DER_IA5_STRING, 50 { DER_IA5_STRING,
51 offsetof(CERTPublicKeyAndChallenge, challenge), }, 51 offsetof(CERTPublicKeyAndChallenge, challenge), },
52 { 0, } 52 { 0, }
53 }; 53 };
54 54
55 void StoreKeyLocationInCache(const SECItem& public_key_info,
56 PK11SlotInfo *slot) {
57 KeygenHandler::Cache* cache = KeygenHandler::Cache::GetInstance();
58 KeygenHandler::KeyLocation key_location;
59 const char* slot_name = PK11_GetSlotName(slot);
60 key_location.slot_name.assign(slot_name);
61 cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data),
62 public_key_info.len), key_location);
63 }
64
65 bool KeygenHandler::KeyLocation::Equals(
66 const net::KeygenHandler::KeyLocation& location) const {
67 return slot_name == location.slot_name;
68 }
69
70 // This function is largely copied from the Firefox's 55 // This function is largely copied from the Firefox's
71 // <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp 56 // <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp
72 // FIXME(gauravsh): Do we need a copy of the Mozilla license here? 57 // FIXME(gauravsh): Do we need a copy of the Mozilla license here?
73 58
74 std::string KeygenHandler::GenKeyAndSignChallenge() { 59 std::string KeygenHandler::GenKeyAndSignChallenge() {
75 // Key pair generation mechanism - only RSA is supported at present. 60 // Key pair generation mechanism - only RSA is supported at present.
76 PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h 61 PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h
77 62
78 // Temporary structures used for generating the result 63 // Temporary structures used for generating the result
79 // in the right format. 64 // in the right format.
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after
203 188
204 // Convert the signed public key and challenge into base64/ascii. 189 // Convert the signed public key and challenge into base64/ascii.
205 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data), 190 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data),
206 signedItem.len), 191 signedItem.len),
207 &result_blob)) { 192 &result_blob)) {
208 LOG(ERROR) << "Couldn't convert signed public key into base64"; 193 LOG(ERROR) << "Couldn't convert signed public key into base64";
209 isSuccess = false; 194 isSuccess = false;
210 goto failure; 195 goto failure;
211 } 196 }
212 197
213 StoreKeyLocationInCache(spkiItem, slot);
214
215 failure: 198 failure:
216 if (!isSuccess) { 199 if (!isSuccess) {
217 LOG(ERROR) << "SSL Keygen failed!"; 200 LOG(ERROR) << "SSL Keygen failed!";
218 } else { 201 } else {
219 LOG(INFO) << "SSL Keygen succeeded!"; 202 LOG(INFO) << "SSL Keygen succeeded!";
220 } 203 }
221 204
222 // Do cleanups 205 // Do cleanups
223 if (privateKey) { 206 if (privateKey) {
224 // On successful keygen we need to keep the private key, of course, 207 // On successful keygen we need to keep the private key, of course,
(...skipping 20 matching lines...) Expand all
245 PK11_FreeSlot(slot); 228 PK11_FreeSlot(slot);
246 } 229 }
247 if (pkac.challenge.data) { 230 if (pkac.challenge.data) {
248 free(pkac.challenge.data); 231 free(pkac.challenge.data);
249 } 232 }
250 233
251 return (isSuccess ? result_blob : std::string()); 234 return (isSuccess ? result_blob : std::string());
252 } 235 }
253 236
254 } // namespace net 237 } // namespace net
OLDNEW
« no previous file with comments | « net/base/keygen_handler_mac.cc ('k') | net/base/keygen_handler_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698