Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(300)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.cc

Issue 1139533002: Use FindNSSKeyFromPublicKeyInfoInSlot in GetPrivateKeyOnWorkerThread. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@rsa-private-key-1
Patch Set: pneubeck comments Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/chromeos/platform_keys/platform_keys_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager. h" 5 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager. h"
6 6
7 #include <cryptohi.h> 7 #include <cryptohi.h>
8 #include <keyhi.h> 8 #include <keyhi.h>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
49 base::Callback<void(crypto::ScopedPK11Slot)> callback_on_origin_thread = 49 base::Callback<void(crypto::ScopedPK11Slot)> callback_on_origin_thread =
50 base::Bind(&RunCallbackOnThreadRunner, response_task_runner, callback); 50 base::Bind(&RunCallbackOnThreadRunner, response_task_runner, callback);
51 51
52 crypto::ScopedPK11Slot system_slot = 52 crypto::ScopedPK11Slot system_slot =
53 crypto::GetSystemNSSKeySlot(callback_on_origin_thread); 53 crypto::GetSystemNSSKeySlot(callback_on_origin_thread);
54 if (system_slot) 54 if (system_slot)
55 callback_on_origin_thread.Run(system_slot.Pass()); 55 callback_on_origin_thread.Run(system_slot.Pass());
56 } 56 }
57 57
58 // Checks if a private RSA key associated with |public_key| can be found in 58 // Checks if a private RSA key associated with |public_key| can be found in
59 // |slot|. 59 // |slot|. |slot| must be non-null.
60 // Must be called on a worker thread. 60 // Must be called on a worker thread.
61 crypto::ScopedSECKEYPrivateKey GetPrivateKeyOnWorkerThread( 61 crypto::ScopedSECKEYPrivateKey GetPrivateKeyOnWorkerThread(
62 PK11SlotInfo* slot, 62 PK11SlotInfo* slot,
63 const std::string& public_key) { 63 const std::string& public_key) {
64 DCHECK(slot);
xiyuan 2015/05/12 18:03:55 nit: This code only runs on real device. So let's
davidben 2015/05/12 18:05:28 Done. (It's redundant with CHECKs further up the c
64 const uint8* public_key_uint8 = 65 const uint8* public_key_uint8 =
65 reinterpret_cast<const uint8*>(public_key.data()); 66 reinterpret_cast<const uint8*>(public_key.data());
66 std::vector<uint8> public_key_vector( 67 std::vector<uint8> public_key_vector(
67 public_key_uint8, public_key_uint8 + public_key.size()); 68 public_key_uint8, public_key_uint8 + public_key.size());
68 69
69 // TODO(davidben): This should be equivalent to calling
70 // FindNSSKeyFromPublicKeyInfoInSlot.
71 crypto::ScopedSECKEYPrivateKey rsa_key( 70 crypto::ScopedSECKEYPrivateKey rsa_key(
72 crypto::FindNSSKeyFromPublicKeyInfo(public_key_vector)); 71 crypto::FindNSSKeyFromPublicKeyInfoInSlot(public_key_vector, slot));
73 if (!rsa_key || rsa_key->pkcs11Slot != slot || 72 if (!rsa_key || SECKEY_GetPrivateKeyType(rsa_key.get()) != rsaKey)
74 SECKEY_GetPrivateKeyType(rsa_key.get()) != rsaKey) {
75 return nullptr; 73 return nullptr;
76 }
77 return rsa_key.Pass(); 74 return rsa_key.Pass();
78 } 75 }
79 76
80 // Signs |data| using a private key associated with |public_key| and stored in 77 // Signs |data| using a private key associated with |public_key| and stored in
81 // |slot|. Once the data is signed, callback is run on |response_task_runner|. 78 // |slot|. Once the data is signed, callback is run on |response_task_runner|.
82 // In case of an error, the callback will be passed an empty string. 79 // In case of an error, the callback will be passed an empty string.
83 void SignDataOnWorkerThread( 80 void SignDataOnWorkerThread(
84 crypto::ScopedPK11Slot slot, 81 crypto::ScopedPK11Slot slot,
85 const std::string& public_key, 82 const std::string& public_key,
86 const std::string& data, 83 const std::string& data,
(...skipping 265 matching lines...) Expand 10 before | Expand all | Expand 10 after
352 // If key creation failed, reset the state machine. 349 // If key creation failed, reset the state machine.
353 create_tpm_key_state_ = 350 create_tpm_key_state_ =
354 public_key.empty() ? CREATE_TPM_KEY_NOT_STARTED : CREATE_TPM_KEY_DONE; 351 public_key.empty() ? CREATE_TPM_KEY_NOT_STARTED : CREATE_TPM_KEY_DONE;
355 } 352 }
356 353
357 void EasyUnlockTpmKeyManager::OnDataSigned( 354 void EasyUnlockTpmKeyManager::OnDataSigned(
358 const base::Callback<void(const std::string&)>& callback, 355 const base::Callback<void(const std::string&)>& callback,
359 const std::string& signature) { 356 const std::string& signature) {
360 callback.Run(signature); 357 callback.Run(signature);
361 } 358 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/chromeos/platform_keys/platform_keys_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698