Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(783)

Side by Side Diff: crypto/rsa_private_key.h

Issue 1106103003: Don't use RSAPrivateKey in NSS integration code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-refactor
Patch Set: pneubeck comments Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ 5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_
6 #define CRYPTO_RSA_PRIVATE_KEY_H_ 6 #define CRYPTO_RSA_PRIVATE_KEY_H_
7 7
8 #include "build/build_config.h" 8 #include "build/build_config.h"
9 9
10 #include <list> 10 #include <list>
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 // Create a new instance from an existing EVP_PKEY, taking a 184 // Create a new instance from an existing EVP_PKEY, taking a
185 // reference to it. |key| must be an RSA key. Returns NULL on 185 // reference to it. |key| must be an RSA key. Returns NULL on
186 // failure. 186 // failure.
187 static RSAPrivateKey* CreateFromKey(EVP_PKEY* key); 187 static RSAPrivateKey* CreateFromKey(EVP_PKEY* key);
188 #else 188 #else
189 // Create a new instance by referencing an existing private key 189 // Create a new instance by referencing an existing private key
190 // structure. Does not import the key. 190 // structure. Does not import the key.
191 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); 191 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key);
192 #endif 192 #endif
193 193
194 // TODO(davidben): These functions are used when NSS is the platform key
195 // store, but they also assume that the internal crypto library is NSS. Split
196 // out the convenience NSS platform key methods from the logic which expects
197 // an RSAPrivateKey. See https://crbug.com/478777.
198 #if defined(USE_NSS_CERTS) && !defined(USE_OPENSSL)
199 // Create a new random instance in |slot|. Can return NULL if initialization
200 // fails. The created key is permanent and is not exportable in plaintext
201 // form.
202 static RSAPrivateKey* CreateSensitive(PK11SlotInfo* slot, uint16 num_bits);
203
204 // Create a new instance in |slot| by importing an existing private key. The
205 // format is an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can
206 // return NULL if initialization fails.
207 // The created key is permanent and is not exportable in plaintext form.
208 static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo(
209 PK11SlotInfo* slot,
210 const std::vector<uint8>& input);
211
212 // Import an existing public key, and then search for the private
213 // half in the key database. The format of the public key blob is is
214 // an X509 SubjectPublicKeyInfo block. This can return NULL if
215 // initialization fails or the private key cannot be found. The
216 // caller takes ownership of the returned object, but nothing new is
217 // created in the key database.
218 static RSAPrivateKey* FindFromPublicKeyInfo(
219 const std::vector<uint8>& input);
220
221 // Import an existing public key, and then search for the private
222 // half in the slot specified by |slot|. The format of the public
223 // key blob is is an X509 SubjectPublicKeyInfo block. This can return
224 // NULL if initialization fails or the private key cannot be found.
225 // The caller takes ownership of the returned object, but nothing new
226 // is created in the slot.
227 static RSAPrivateKey* FindFromPublicKeyInfoInSlot(
228 const std::vector<uint8>& input,
229 PK11SlotInfo* slot);
230 #endif // USE_NSS_CERTS && !USE_OPENSSL
231
232 #if defined(USE_OPENSSL) 194 #if defined(USE_OPENSSL)
233 EVP_PKEY* key() { return key_; } 195 EVP_PKEY* key() { return key_; }
234 #else 196 #else
235 SECKEYPrivateKey* key() { return key_; } 197 SECKEYPrivateKey* key() { return key_; }
236 SECKEYPublicKey* public_key() { return public_key_; } 198 SECKEYPublicKey* public_key() { return public_key_; }
237 #endif 199 #endif
238 200
239 // Creates a copy of the object. 201 // Creates a copy of the object.
240 RSAPrivateKey* Copy() const; 202 RSAPrivateKey* Copy() const;
241 203
242 // Exports the private key to a PKCS #1 PrivateKey block. 204 // Exports the private key to a PKCS #1 PrivateKey block.
243 bool ExportPrivateKey(std::vector<uint8>* output) const; 205 bool ExportPrivateKey(std::vector<uint8>* output) const;
244 206
245 // Exports the public key to an X509 SubjectPublicKeyInfo block. 207 // Exports the public key to an X509 SubjectPublicKeyInfo block.
246 bool ExportPublicKey(std::vector<uint8>* output) const; 208 bool ExportPublicKey(std::vector<uint8>* output) const;
247 209
248 private: 210 private:
249 #if defined(USE_NSS_CERTS) 211 #if defined(USE_NSS_CERTS)
250 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FindFromPublicKey); 212 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FindFromPublicKey);
251 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FailedFindFromPublicKey); 213 FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FailedFindFromPublicKey);
252 #endif 214 #endif
253 215
254 // Constructor is private. Use one of the Create*() or Find*() 216 // Constructor is private. Use one of the Create*() methods above instead.
255 // methods above instead.
256 RSAPrivateKey(); 217 RSAPrivateKey();
257 218
258 #if !defined(USE_OPENSSL)
259 // Shared helper for Create() and CreateSensitive().
260 // TODO(cmasone): consider replacing |permanent| and |sensitive| with a
261 // flags arg created by ORing together some enumerated values.
262 // Note: |permanent| is only supported when USE_NSS_CERTS is defined.
263 static RSAPrivateKey* CreateWithParams(PK11SlotInfo* slot,
264 uint16 num_bits,
265 bool permanent,
266 bool sensitive);
267
268 // Shared helper for CreateFromPrivateKeyInfo() and
269 // CreateSensitiveFromPrivateKeyInfo().
270 // Note: |permanent| is only supported when USE_NSS_CERTS is defined.
271 static RSAPrivateKey* CreateFromPrivateKeyInfoWithParams(
272 PK11SlotInfo* slot,
273 const std::vector<uint8>& input,
274 bool permanent,
275 bool sensitive);
276 #endif
277
278 #if defined(USE_NSS_CERTS)
279 // Import an existing public key. The format of the public key blob
280 // is an X509 SubjectPublicKeyInfo block. This can return NULL if
281 // initialization fails. The caller takes ownership of the returned
282 // object. Note that this method doesn't initialize the |key_| member.
283 static RSAPrivateKey* InitPublicPart(const std::vector<uint8>& input);
284 #endif
285
286 #if defined(USE_OPENSSL) 219 #if defined(USE_OPENSSL)
287 EVP_PKEY* key_; 220 EVP_PKEY* key_;
288 #else 221 #else
289 SECKEYPrivateKey* key_; 222 SECKEYPrivateKey* key_;
290 SECKEYPublicKey* public_key_; 223 SECKEYPublicKey* public_key_;
291 #endif 224 #endif
292 225
293 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); 226 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey);
294 }; 227 };
295 228
296 } // namespace crypto 229 } // namespace crypto
297 230
298 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ 231 #endif // CRYPTO_RSA_PRIVATE_KEY_H_
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698