Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(90)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_platform_key_win.cc

Issue 1304143010: Plumbing SSLPrivateKey Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/ssl/ssl_platform_key_task_runner.cc ('K') | « net/ssl/ssl_platform_key_task_runner.cc ('k') | net/ssl/ssl_private_key.h » ('j') | net/ssl/threaded_ssl_private_key.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/ssl_platform_key.h" 5 #include "net/ssl/ssl_platform_key.h"
6 6
7 #include <windows.h> 7 #include <windows.h>
8 #include <NCrypt.h> 8 #include <NCrypt.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
(...skipping 17 matching lines...) Expand all
28 #include "net/base/net_errors.h" 28 #include "net/base/net_errors.h"
29 #include "net/cert/x509_certificate.h" 29 #include "net/cert/x509_certificate.h"
30 #include "net/ssl/scoped_openssl_types.h" 30 #include "net/ssl/scoped_openssl_types.h"
31 #include "net/ssl/ssl_private_key.h" 31 #include "net/ssl/ssl_private_key.h"
32 #include "net/ssl/threaded_ssl_private_key.h" 32 #include "net/ssl/threaded_ssl_private_key.h"
33 33
34 namespace net { 34 namespace net {
35 35
36 namespace { 36 namespace {
37 37
38 base::LazyInstance<SSLPlatformKeyTaskRunner>::Leaky g_platform_key_task_runner =
39 LAZY_INSTANCE_INITIALIZER;
40
38 using NCryptFreeObjectFunc = SECURITY_STATUS(WINAPI*)(NCRYPT_HANDLE); 41 using NCryptFreeObjectFunc = SECURITY_STATUS(WINAPI*)(NCRYPT_HANDLE);
39 using NCryptSignHashFunc = SECURITY_STATUS(WINAPI*)(NCRYPT_KEY_HANDLE, // hKey 42 using NCryptSignHashFunc = SECURITY_STATUS(WINAPI*)(NCRYPT_KEY_HANDLE, // hKey
40 VOID*, // pPaddingInfo 43 VOID*, // pPaddingInfo
41 BYTE*, // pbHashValue 44 BYTE*, // pbHashValue
42 DWORD, // cbHashValue 45 DWORD, // cbHashValue
43 BYTE*, // pbSignature 46 BYTE*, // pbSignature
44 DWORD, // cbSignature 47 DWORD, // cbSignature
45 DWORD*, // pcbResult 48 DWORD*, // pcbResult
46 DWORD); // dwFlags 49 DWORD); // dwFlags
47 50
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after
310 break; 313 break;
311 default: 314 default:
312 return false; 315 return false;
313 } 316 }
314 *out_max_length = EVP_PKEY_size(key.get()); 317 *out_max_length = EVP_PKEY_size(key.get());
315 return true; 318 return true;
316 } 319 }
317 320
318 } // namespace 321 } // namespace
319 322
320 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey( 323 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey(
321 X509Certificate* certificate, 324 X509Certificate* certificate) {
322 scoped_refptr<base::SequencedTaskRunner> task_runner) { 325 if (!certificate) {
davidben 2015/09/25 20:10:12 Ditto about caller's problem.
svaldez 2015/09/28 16:54:53 Ditto.
326 return nullptr;
327 }
328
323 // Rather than query the private key for metadata, extract the public key from 329 // Rather than query the private key for metadata, extract the public key from
324 // the certificate without using Windows APIs. CAPI and CNG do not 330 // the certificate without using Windows APIs. CAPI and CNG do not
325 // consistently work depending on the system. See https://crbug.com/468345. 331 // consistently work depending on the system. See https://crbug.com/468345.
326 SSLPrivateKey::Type key_type; 332 SSLPrivateKey::Type key_type;
327 size_t max_length; 333 size_t max_length;
328 if (!GetKeyInfo(certificate, &key_type, &max_length)) 334 if (!GetKeyInfo(certificate, &key_type, &max_length))
329 return nullptr; 335 return nullptr;
330 336
331 PCCERT_CONTEXT cert_context = certificate->os_cert_handle(); 337 PCCERT_CONTEXT cert_context = certificate->os_cert_handle();
332 338
(...skipping 14 matching lines...) Expand all
347 // transferred. 353 // transferred.
348 CHECK_EQ(must_free, TRUE); 354 CHECK_EQ(must_free, TRUE);
349 355
350 scoped_ptr<ThreadedSSLPrivateKey::Delegate> delegate; 356 scoped_ptr<ThreadedSSLPrivateKey::Delegate> delegate;
351 if (key_spec == CERT_NCRYPT_KEY_SPEC) { 357 if (key_spec == CERT_NCRYPT_KEY_SPEC) {
352 delegate.reset(new SSLPlatformKeyCNG(prov_or_key, key_type, max_length)); 358 delegate.reset(new SSLPlatformKeyCNG(prov_or_key, key_type, max_length));
353 } else { 359 } else {
354 DCHECK(SSLPrivateKey::Type::RSA == key_type); 360 DCHECK(SSLPrivateKey::Type::RSA == key_type);
355 delegate.reset(new SSLPlatformKeyCAPI(prov_or_key, key_spec, max_length)); 361 delegate.reset(new SSLPlatformKeyCAPI(prov_or_key, key_spec, max_length));
356 } 362 }
357 return make_scoped_ptr( 363 return make_scoped_refptr(new ThreadedSSLPrivateKey(
358 new ThreadedSSLPrivateKey(delegate.Pass(), task_runner.Pass())); 364 delegate.Pass(), g_platform_key_task_runner.Get().task_runner().Pass()));
359 } 365 }
360 366
361 } // namespace net 367 } // namespace net
OLDNEW
« net/ssl/ssl_platform_key_task_runner.cc ('K') | « net/ssl/ssl_platform_key_task_runner.cc ('k') | net/ssl/ssl_private_key.h » ('j') | net/ssl/threaded_ssl_private_key.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698