OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/ssl_platform_key.h" | 5 #include "net/ssl/ssl_platform_key.h" |
6 | 6 |
7 #include <keyhi.h> | 7 #include <keyhi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <prerror.h> | 9 #include <prerror.h> |
10 | 10 |
11 #include <openssl/bn.h> | 11 #include <openssl/bn.h> |
12 #include <openssl/ecdsa.h> | 12 #include <openssl/ecdsa.h> |
13 #include <openssl/rsa.h> | 13 #include <openssl/rsa.h> |
14 | 14 |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/macros.h" | 16 #include "base/macros.h" |
17 #include "base/sequenced_task_runner.h" | 17 #include "base/sequenced_task_runner.h" |
18 #include "base/stl_util.h" | 18 #include "base/stl_util.h" |
19 #include "crypto/scoped_nss_types.h" | 19 #include "crypto/scoped_nss_types.h" |
20 #include "crypto/scoped_openssl_types.h" | 20 #include "crypto/scoped_openssl_types.h" |
21 #include "net/cert/x509_certificate.h" | 21 #include "net/cert/x509_certificate.h" |
| 22 #include "net/ssl/client_key_store.h" |
22 #include "net/ssl/ssl_private_key.h" | 23 #include "net/ssl/ssl_private_key.h" |
23 #include "net/ssl/threaded_ssl_private_key.h" | 24 #include "net/ssl/threaded_ssl_private_key.h" |
24 | 25 |
25 namespace net { | 26 namespace net { |
26 | 27 |
27 namespace { | 28 namespace { |
28 | 29 |
29 void LogPRError() { | 30 void LogPRError() { |
30 PRErrorCode err = PR_GetError(); | 31 PRErrorCode err = PR_GetError(); |
31 const char* err_name = PR_ErrorToName(err); | 32 const char* err_name = PR_ErrorToName(err); |
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
151 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS); | 152 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS); |
152 }; | 153 }; |
153 | 154 |
154 } // namespace | 155 } // namespace |
155 | 156 |
156 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey( | 157 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey( |
157 X509Certificate* certificate, | 158 X509Certificate* certificate, |
158 scoped_refptr<base::SequencedTaskRunner> task_runner) { | 159 scoped_refptr<base::SequencedTaskRunner> task_runner) { |
159 crypto::ScopedSECKEYPrivateKey key( | 160 crypto::ScopedSECKEYPrivateKey key( |
160 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr)); | 161 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr)); |
161 if (!key) | 162 if (!key) { |
162 return nullptr; | 163 return ClientKeyStore::GetInstance()->FetchClientCertPrivateKey( |
| 164 *certificate); |
| 165 } |
163 | 166 |
164 KeyType nss_type = SECKEY_GetPrivateKeyType(key.get()); | 167 KeyType nss_type = SECKEY_GetPrivateKeyType(key.get()); |
165 SSLPrivateKey::Type type; | 168 SSLPrivateKey::Type type; |
166 switch (nss_type) { | 169 switch (nss_type) { |
167 case rsaKey: | 170 case rsaKey: |
168 type = SSLPrivateKey::Type::RSA; | 171 type = SSLPrivateKey::Type::RSA; |
169 break; | 172 break; |
170 case ecKey: | 173 case ecKey: |
171 type = SSLPrivateKey::Type::ECDSA; | 174 type = SSLPrivateKey::Type::ECDSA; |
172 break; | 175 break; |
173 default: | 176 default: |
174 LOG(ERROR) << "Unknown key type: " << nss_type; | 177 LOG(ERROR) << "Unknown key type: " << nss_type; |
175 return nullptr; | 178 return nullptr; |
176 } | 179 } |
177 return make_scoped_ptr(new ThreadedSSLPrivateKey( | 180 return make_scoped_ptr(new ThreadedSSLPrivateKey( |
178 make_scoped_ptr(new SSLPlatformKeyNSS(type, key.Pass())), | 181 make_scoped_ptr(new SSLPlatformKeyNSS(type, key.Pass())), |
179 task_runner.Pass())); | 182 task_runner.Pass())); |
180 } | 183 } |
181 | 184 |
182 } // namespace net | 185 } // namespace net |
OLD | NEW |