Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(112)

Side by Side Diff: net/ssl/ssl_platform_key_nss.cc

Issue 1278763002: Add a ClientKeyStore to allow injection of non-platform keys for TLS client auth. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@client_cert_store
Patch Set: Nits. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/client_key_store.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/ssl_platform_key.h" 5 #include "net/ssl/ssl_platform_key.h"
6 6
7 #include <keyhi.h> 7 #include <keyhi.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 #include <prerror.h> 9 #include <prerror.h>
10 10
11 #include <openssl/bn.h> 11 #include <openssl/bn.h>
12 #include <openssl/ecdsa.h> 12 #include <openssl/ecdsa.h>
13 #include <openssl/rsa.h> 13 #include <openssl/rsa.h>
14 14
15 #include "base/logging.h" 15 #include "base/logging.h"
16 #include "base/macros.h" 16 #include "base/macros.h"
17 #include "base/sequenced_task_runner.h" 17 #include "base/sequenced_task_runner.h"
18 #include "base/stl_util.h" 18 #include "base/stl_util.h"
19 #include "crypto/scoped_nss_types.h" 19 #include "crypto/scoped_nss_types.h"
20 #include "crypto/scoped_openssl_types.h" 20 #include "crypto/scoped_openssl_types.h"
21 #include "net/cert/x509_certificate.h" 21 #include "net/cert/x509_certificate.h"
22 #include "net/ssl/client_key_store.h"
22 #include "net/ssl/ssl_private_key.h" 23 #include "net/ssl/ssl_private_key.h"
23 #include "net/ssl/threaded_ssl_private_key.h" 24 #include "net/ssl/threaded_ssl_private_key.h"
24 25
25 namespace net { 26 namespace net {
26 27
27 namespace { 28 namespace {
28 29
29 void LogPRError() { 30 void LogPRError() {
30 PRErrorCode err = PR_GetError(); 31 PRErrorCode err = PR_GetError();
31 const char* err_name = PR_ErrorToName(err); 32 const char* err_name = PR_ErrorToName(err);
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after
151 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS); 152 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS);
152 }; 153 };
153 154
154 } // namespace 155 } // namespace
155 156
156 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey( 157 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey(
157 X509Certificate* certificate, 158 X509Certificate* certificate,
158 scoped_refptr<base::SequencedTaskRunner> task_runner) { 159 scoped_refptr<base::SequencedTaskRunner> task_runner) {
159 crypto::ScopedSECKEYPrivateKey key( 160 crypto::ScopedSECKEYPrivateKey key(
160 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr)); 161 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr));
161 if (!key) 162 if (!key) {
162 return nullptr; 163 return ClientKeyStore::GetInstance()->FetchClientCertPrivateKey(
164 *certificate);
165 }
163 166
164 KeyType nss_type = SECKEY_GetPrivateKeyType(key.get()); 167 KeyType nss_type = SECKEY_GetPrivateKeyType(key.get());
165 SSLPrivateKey::Type type; 168 SSLPrivateKey::Type type;
166 switch (nss_type) { 169 switch (nss_type) {
167 case rsaKey: 170 case rsaKey:
168 type = SSLPrivateKey::Type::RSA; 171 type = SSLPrivateKey::Type::RSA;
169 break; 172 break;
170 case ecKey: 173 case ecKey:
171 type = SSLPrivateKey::Type::ECDSA; 174 type = SSLPrivateKey::Type::ECDSA;
172 break; 175 break;
173 default: 176 default:
174 LOG(ERROR) << "Unknown key type: " << nss_type; 177 LOG(ERROR) << "Unknown key type: " << nss_type;
175 return nullptr; 178 return nullptr;
176 } 179 }
177 return make_scoped_ptr(new ThreadedSSLPrivateKey( 180 return make_scoped_ptr(new ThreadedSSLPrivateKey(
178 make_scoped_ptr(new SSLPlatformKeyNSS(type, key.Pass())), 181 make_scoped_ptr(new SSLPlatformKeyNSS(type, key.Pass())),
179 task_runner.Pass())); 182 task_runner.Pass()));
180 } 183 }
181 184
182 } // namespace net 185 } // namespace net
OLDNEW
« no previous file with comments | « net/ssl/client_key_store.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698