OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/keygen_handler.h" | 5 #include "net/base/keygen_handler.h" |
6 | 6 |
7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
8 #include <secmod.h> | 8 #include <secmod.h> |
9 #include <ssl.h> | 9 #include <ssl.h> |
10 #include <secder.h> // DER_Encode() | 10 #include <secder.h> // DER_Encode() |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
45 DERTemplate CERTPublicKeyAndChallengeTemplate[] = { | 45 DERTemplate CERTPublicKeyAndChallengeTemplate[] = { |
46 { DER_SEQUENCE, | 46 { DER_SEQUENCE, |
47 0, NULL, sizeof(CERTPublicKeyAndChallenge) }, | 47 0, NULL, sizeof(CERTPublicKeyAndChallenge) }, |
48 { DER_ANY, | 48 { DER_ANY, |
49 offsetof(CERTPublicKeyAndChallenge, spki), }, | 49 offsetof(CERTPublicKeyAndChallenge, spki), }, |
50 { DER_IA5_STRING, | 50 { DER_IA5_STRING, |
51 offsetof(CERTPublicKeyAndChallenge, challenge), }, | 51 offsetof(CERTPublicKeyAndChallenge, challenge), }, |
52 { 0, } | 52 { 0, } |
53 }; | 53 }; |
54 | 54 |
55 void StoreKeyLocationInCache(const SECItem& public_key_info, | |
56 PK11SlotInfo *slot) { | |
57 KeygenHandler::Cache* cache = KeygenHandler::Cache::GetInstance(); | |
58 KeygenHandler::KeyLocation key_location; | |
59 const char* slot_name = PK11_GetSlotName(slot); | |
60 key_location.slot_name.assign(slot_name); | |
61 cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data), | |
62 public_key_info.len), key_location); | |
63 } | |
64 | |
65 bool KeygenHandler::KeyLocation::Equals( | |
66 const net::KeygenHandler::KeyLocation& location) const { | |
67 return slot_name == location.slot_name; | |
68 } | |
69 | |
70 // This function is largely copied from the Firefox's | 55 // This function is largely copied from the Firefox's |
71 // <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp | 56 // <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp |
72 // FIXME(gauravsh): Do we need a copy of the Mozilla license here? | 57 // FIXME(gauravsh): Do we need a copy of the Mozilla license here? |
73 | 58 |
74 std::string KeygenHandler::GenKeyAndSignChallenge() { | 59 std::string KeygenHandler::GenKeyAndSignChallenge() { |
75 // Key pair generation mechanism - only RSA is supported at present. | 60 // Key pair generation mechanism - only RSA is supported at present. |
76 PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h | 61 PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h |
77 | 62 |
78 // Temporary structures used for generating the result | 63 // Temporary structures used for generating the result |
79 // in the right format. | 64 // in the right format. |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
203 | 188 |
204 // Convert the signed public key and challenge into base64/ascii. | 189 // Convert the signed public key and challenge into base64/ascii. |
205 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data), | 190 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data), |
206 signedItem.len), | 191 signedItem.len), |
207 &result_blob)) { | 192 &result_blob)) { |
208 LOG(ERROR) << "Couldn't convert signed public key into base64"; | 193 LOG(ERROR) << "Couldn't convert signed public key into base64"; |
209 isSuccess = false; | 194 isSuccess = false; |
210 goto failure; | 195 goto failure; |
211 } | 196 } |
212 | 197 |
213 StoreKeyLocationInCache(spkiItem, slot); | |
214 | |
215 failure: | 198 failure: |
216 if (!isSuccess) { | 199 if (!isSuccess) { |
217 LOG(ERROR) << "SSL Keygen failed!"; | 200 LOG(ERROR) << "SSL Keygen failed!"; |
218 } else { | 201 } else { |
219 LOG(INFO) << "SSL Keygen succeeded!"; | 202 LOG(INFO) << "SSL Keygen succeeded!"; |
220 } | 203 } |
221 | 204 |
222 // Do cleanups | 205 // Do cleanups |
223 if (privateKey) { | 206 if (privateKey) { |
224 // On successful keygen we need to keep the private key, of course, | 207 // On successful keygen we need to keep the private key, of course, |
(...skipping 20 matching lines...) Expand all Loading... |
245 PK11_FreeSlot(slot); | 228 PK11_FreeSlot(slot); |
246 } | 229 } |
247 if (pkac.challenge.data) { | 230 if (pkac.challenge.data) { |
248 free(pkac.challenge.data); | 231 free(pkac.challenge.data); |
249 } | 232 } |
250 | 233 |
251 return (isSuccess ? result_blob : std::string()); | 234 return (isSuccess ? result_blob : std::string()); |
252 } | 235 } |
253 | 236 |
254 } // namespace net | 237 } // namespace net |
OLD | NEW |