Index: crypto/third_party/nss/pk11akey.cc |
diff --git a/crypto/third_party/nss/pk11akey.cc b/crypto/third_party/nss/pk11akey.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..4db582fc6c4b93d5570d84105c9c9490a80c2e4c |
--- /dev/null |
+++ b/crypto/third_party/nss/pk11akey.cc |
@@ -0,0 +1,98 @@ |
+ /* ***** BEGIN LICENSE BLOCK ***** |
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
+ * |
+ * The contents of this file are subject to the Mozilla Public License Version |
+ * 1.1 (the "License"); you may not use this file except in compliance with |
+ * the License. You may obtain a copy of the License at |
+ * http://www.mozilla.org/MPL/ |
+ * |
+ * Software distributed under the License is distributed on an "AS IS" basis, |
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
+ * for the specific language governing rights and limitations under the |
+ * License. |
+ * |
+ * The Original Code is the Netscape security libraries. |
+ * |
+ * The Initial Developer of the Original Code is |
+ * Netscape Communications Corporation. |
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000 |
+ * the Initial Developer. All Rights Reserved. |
+ * |
+ * Contributor(s): |
+ * Dr Stephen Henson <stephen.henson@gemplus.com> |
+ * Dr Vipul Gupta <vipul.gupta@sun.com>, and |
+ * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories |
+ * |
+ * Alternatively, the contents of this file may be used under the terms of |
+ * either the GNU General Public License Version 2 or later (the "GPL"), or |
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
+ * in which case the provisions of the GPL or the LGPL are applicable instead |
+ * of those above. If you wish to allow use of your version of this file only |
+ * under the terms of either the GPL or the LGPL, and not to allow others to |
+ * use your version of this file under the terms of the MPL, indicate your |
+ * decision by deleting the provisions above and replace them with the notice |
+ * and other provisions required by the GPL or the LGPL. If you do not delete |
+ * the provisions above, a recipient may use your version of this file under |
+ * the terms of any one of the MPL, the GPL or the LGPL. |
+ * |
+ * ***** END LICENSE BLOCK ***** */ |
+ |
+#include "crypto/third_party/nss/chromium-nss.h" |
+ |
+#include <pk11pub.h> |
+ |
+#include "base/logging.h" |
+ |
+// Based on PK11_ImportEncryptedPrivateKeyInfo function in |
+// mozilla/security/nss/lib/pk11wrap/pk11akey.c. |
+SECStatus ImportEncryptedECPrivateKeyInfoAndReturnKey( |
+ PK11SlotInfo* slot, |
+ SECKEYEncryptedPrivateKeyInfo* epki, |
+ SECItem* password, |
+ SECItem* nickname, |
+ SECItem* public_value, |
+ PRBool permanent, |
+ PRBool sensitive, |
+ SECKEYPrivateKey** private_key, |
+ void* wincx) { |
+ SECItem* crypto_param = NULL; |
+ |
+ CK_ATTRIBUTE_TYPE usage = CKA_SIGN; |
+ |
+ PK11SymKey* key = PK11_PBEKeyGen(slot, |
+ &epki->algorithm, |
+ password, |
+ PR_FALSE, // faulty3DES |
+ wincx); |
+ if (key == NULL) { |
+ DLOG(ERROR) << "PK11_PBEKeyGen: " << PORT_GetError(); |
+ return SECFailure; |
+ } |
+ |
+ CK_MECHANISM_TYPE crypto_mech_type = PK11_GetPBECryptoMechanism( |
+ &epki->algorithm, &crypto_param, password); |
+ if (crypto_mech_type == CKM_INVALID_MECHANISM) { |
+ DLOG(ERROR) << "PK11_GetPBECryptoMechanism: " << PORT_GetError(); |
+ PK11_FreeSymKey(key); |
+ return SECFailure; |
+ } |
+ |
+ crypto_mech_type = PK11_GetPadMechanism(crypto_mech_type); |
+ |
+ *private_key = PK11_UnwrapPrivKey(slot, key, crypto_mech_type, crypto_param, |
+ &epki->encryptedData, nickname, |
+ public_value, permanent, sensitive, CKK_EC, |
+ &usage, 1, wincx); |
+ |
+ if (crypto_param != NULL) |
+ SECITEM_ZfreeItem(crypto_param, PR_TRUE); |
+ |
+ PK11_FreeSymKey(key); |
+ |
+ if (!*private_key) { |
+ DLOG(ERROR) << "PK11_UnwrapPrivKey: " << PORT_GetError(); |
+ return SECFailure; |
+ } |
+ |
+ return SECSuccess; |
+} |