Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(182)

Unified Diff: crypto/rsa_private_key.h

Issue 1118263003: Revert of Don't use RSAPrivateKey in NSS integration code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-refactor
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « crypto/nss_key_util_unittest.cc ('k') | crypto/rsa_private_key_nss.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: crypto/rsa_private_key.h
diff --git a/crypto/rsa_private_key.h b/crypto/rsa_private_key.h
index 637be38836f8d085f634fc3978264d2873ede0a2..9ab9c5768c010b7352129efcdd1feb335cb6e35e 100644
--- a/crypto/rsa_private_key.h
+++ b/crypto/rsa_private_key.h
@@ -191,6 +191,44 @@
static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key);
#endif
+ // TODO(davidben): These functions are used when NSS is the platform key
+ // store, but they also assume that the internal crypto library is NSS. Split
+ // out the convenience NSS platform key methods from the logic which expects
+ // an RSAPrivateKey. See https://crbug.com/478777.
+#if defined(USE_NSS_CERTS) && !defined(USE_OPENSSL)
+ // Create a new random instance in |slot|. Can return NULL if initialization
+ // fails. The created key is permanent and is not exportable in plaintext
+ // form.
+ static RSAPrivateKey* CreateSensitive(PK11SlotInfo* slot, uint16 num_bits);
+
+ // Create a new instance in |slot| by importing an existing private key. The
+ // format is an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can
+ // return NULL if initialization fails.
+ // The created key is permanent and is not exportable in plaintext form.
+ static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo(
+ PK11SlotInfo* slot,
+ const std::vector<uint8>& input);
+
+ // Import an existing public key, and then search for the private
+ // half in the key database. The format of the public key blob is is
+ // an X509 SubjectPublicKeyInfo block. This can return NULL if
+ // initialization fails or the private key cannot be found. The
+ // caller takes ownership of the returned object, but nothing new is
+ // created in the key database.
+ static RSAPrivateKey* FindFromPublicKeyInfo(
+ const std::vector<uint8>& input);
+
+ // Import an existing public key, and then search for the private
+ // half in the slot specified by |slot|. The format of the public
+ // key blob is is an X509 SubjectPublicKeyInfo block. This can return
+ // NULL if initialization fails or the private key cannot be found.
+ // The caller takes ownership of the returned object, but nothing new
+ // is created in the slot.
+ static RSAPrivateKey* FindFromPublicKeyInfoInSlot(
+ const std::vector<uint8>& input,
+ PK11SlotInfo* slot);
+#endif // USE_NSS_CERTS && !USE_OPENSSL
+
#if defined(USE_OPENSSL)
EVP_PKEY* key() { return key_; }
#else
@@ -213,8 +251,37 @@
FRIEND_TEST_ALL_PREFIXES(RSAPrivateKeyNSSTest, FailedFindFromPublicKey);
#endif
- // Constructor is private. Use one of the Create*() methods above instead.
+ // Constructor is private. Use one of the Create*() or Find*()
+ // methods above instead.
RSAPrivateKey();
+
+#if !defined(USE_OPENSSL)
+ // Shared helper for Create() and CreateSensitive().
+ // TODO(cmasone): consider replacing |permanent| and |sensitive| with a
+ // flags arg created by ORing together some enumerated values.
+ // Note: |permanent| is only supported when USE_NSS_CERTS is defined.
+ static RSAPrivateKey* CreateWithParams(PK11SlotInfo* slot,
+ uint16 num_bits,
+ bool permanent,
+ bool sensitive);
+
+ // Shared helper for CreateFromPrivateKeyInfo() and
+ // CreateSensitiveFromPrivateKeyInfo().
+ // Note: |permanent| is only supported when USE_NSS_CERTS is defined.
+ static RSAPrivateKey* CreateFromPrivateKeyInfoWithParams(
+ PK11SlotInfo* slot,
+ const std::vector<uint8>& input,
+ bool permanent,
+ bool sensitive);
+#endif
+
+#if defined(USE_NSS_CERTS)
+ // Import an existing public key. The format of the public key blob
+ // is an X509 SubjectPublicKeyInfo block. This can return NULL if
+ // initialization fails. The caller takes ownership of the returned
+ // object. Note that this method doesn't initialize the |key_| member.
+ static RSAPrivateKey* InitPublicPart(const std::vector<uint8>& input);
+#endif
#if defined(USE_OPENSSL)
EVP_PKEY* key_;
« no previous file with comments | « crypto/nss_key_util_unittest.cc ('k') | crypto/rsa_private_key_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698