OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <cryptohi.h> | 8 #include <cryptohi.h> |
9 #include <keyhi.h> | 9 #include <keyhi.h> |
10 #include <secder.h> | 10 #include <secder.h> |
(...skipping 433 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
444 true /*task is slow*/); | 444 true /*task is slow*/); |
445 } | 445 } |
446 | 446 |
447 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). | 447 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). |
448 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { | 448 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { |
449 const uint8* public_key_uint8 = | 449 const uint8* public_key_uint8 = |
450 reinterpret_cast<const uint8*>(state->public_key_.data()); | 450 reinterpret_cast<const uint8*>(state->public_key_.data()); |
451 std::vector<uint8> public_key_vector( | 451 std::vector<uint8> public_key_vector( |
452 public_key_uint8, public_key_uint8 + state->public_key_.size()); | 452 public_key_uint8, public_key_uint8 + state->public_key_.size()); |
453 | 453 |
454 // TODO(pneubeck): This searches all slots. Change to look only at |slot_|. | 454 crypto::ScopedSECKEYPrivateKey rsa_key; |
pneubeck (no reviews)
2015/05/12 09:48:38
great, thanks!
| |
455 crypto::ScopedSECKEYPrivateKey rsa_key( | 455 if (state->slot_) { |
456 crypto::FindNSSKeyFromPublicKeyInfo(public_key_vector)); | 456 rsa_key = crypto::FindNSSKeyFromPublicKeyInfoInSlot(public_key_vector, |
457 state->slot_); | |
458 } else { | |
459 rsa_key = crypto::FindNSSKeyFromPublicKeyInfo(public_key_vector); | |
460 } | |
457 | 461 |
458 // Fail if the key was not found. If a specific slot was requested, also fail | 462 // Fail if the key was not found or is of the wrong type. |
459 // if the key was found in the wrong slot. | 463 if (!rsa_key || SECKEY_GetPrivateKeyType(rsa_key.get()) != rsaKey) { |
460 if (!rsa_key || SECKEY_GetPrivateKeyType(rsa_key.get()) != rsaKey || | |
461 (state->slot_ && rsa_key->pkcs11Slot != state->slot_)) { | |
462 state->OnError(FROM_HERE, kErrorKeyNotFound); | 464 state->OnError(FROM_HERE, kErrorKeyNotFound); |
463 return; | 465 return; |
464 } | 466 } |
465 | 467 |
466 std::string signature_str; | 468 std::string signature_str; |
467 if (state->sign_direct_pkcs_padded_) { | 469 if (state->sign_direct_pkcs_padded_) { |
468 static_assert( | 470 static_assert( |
469 sizeof(*state->data_.data()) == sizeof(char), | 471 sizeof(*state->data_.data()) == sizeof(char), |
470 "Can't reinterpret data if it's characters are not 8 bit large."); | 472 "Can't reinterpret data if it's characters are not 8 bit large."); |
471 SECItem input = {siBuffer, | 473 SECItem input = {siBuffer, |
(...skipping 414 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
886 NSSOperationState* state_ptr = state.get(); | 888 NSSOperationState* state_ptr = state.get(); |
887 GetCertDatabase(std::string() /* don't get any specific slot */, | 889 GetCertDatabase(std::string() /* don't get any specific slot */, |
888 base::Bind(&GetTokensWithDB, base::Passed(&state)), | 890 base::Bind(&GetTokensWithDB, base::Passed(&state)), |
889 browser_context, | 891 browser_context, |
890 state_ptr); | 892 state_ptr); |
891 } | 893 } |
892 | 894 |
893 } // namespace platform_keys | 895 } // namespace platform_keys |
894 | 896 |
895 } // namespace chromeos | 897 } // namespace chromeos |
OLD | NEW |