OLD | NEW |
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/keygen_handler.h" | 5 #include "net/base/keygen_handler.h" |
6 | 6 |
7 #include <Security/SecAsn1Coder.h> | 7 #include <Security/SecAsn1Coder.h> |
8 #include <Security/SecAsn1Templates.h> | 8 #include <Security/SecAsn1Templates.h> |
9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
10 | 10 |
11 #include "base/base64.h" | 11 #include "base/base64.h" |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
81 | 81 |
82 | 82 |
83 static OSStatus CreateRSAKeyPair(int size_in_bits, | 83 static OSStatus CreateRSAKeyPair(int size_in_bits, |
84 SecKeyRef* out_pub_key, | 84 SecKeyRef* out_pub_key, |
85 SecKeyRef* out_priv_key); | 85 SecKeyRef* out_priv_key); |
86 static OSStatus SignData(CSSM_DATA data, | 86 static OSStatus SignData(CSSM_DATA data, |
87 SecKeyRef private_key, | 87 SecKeyRef private_key, |
88 CSSM_DATA* signature); | 88 CSSM_DATA* signature); |
89 | 89 |
90 | 90 |
| 91 bool KeygenHandler::KeyLocation::Equals( |
| 92 const KeygenHandler::KeyLocation& location) const { |
| 93 return keychain_path == location.keychain_path; |
| 94 } |
| 95 |
91 std::string KeygenHandler::GenKeyAndSignChallenge() { | 96 std::string KeygenHandler::GenKeyAndSignChallenge() { |
92 std::string result; | 97 std::string result; |
93 OSStatus err; | 98 OSStatus err; |
94 SecKeyRef public_key = NULL; | 99 SecKeyRef public_key = NULL; |
95 SecKeyRef private_key = NULL; | 100 SecKeyRef private_key = NULL; |
96 SecAsn1CoderRef coder = NULL; | 101 SecAsn1CoderRef coder = NULL; |
97 CSSM_DATA signature = {0, NULL}; | 102 CSSM_DATA signature = {0, NULL}; |
98 | 103 |
99 { | 104 { |
100 // Create the key-pair. | 105 // Create the key-pair. |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 err = SecAsn1EncodeItem(coder, &spkac, | 152 err = SecAsn1EncodeItem(coder, &spkac, |
148 kSignedPublicKeyAndChallengeTemplate, &encoded); | 153 kSignedPublicKeyAndChallengeTemplate, &encoded); |
149 if (err) | 154 if (err) |
150 goto failure; | 155 goto failure; |
151 | 156 |
152 // Base64 encode the result. | 157 // Base64 encode the result. |
153 std::string input(reinterpret_cast<char*>(encoded.Data), encoded.Length); | 158 std::string input(reinterpret_cast<char*>(encoded.Data), encoded.Length); |
154 base::Base64Encode(input, &result); | 159 base::Base64Encode(input, &result); |
155 } | 160 } |
156 | 161 |
157 failure: | 162 failure: |
158 if (err) { | 163 if (err) { |
159 LOG(ERROR) << "SSL Keygen failed! OSStatus = " << err; | 164 LOG(ERROR) << "SSL Keygen failed! OSStatus = " << err; |
160 } else { | 165 } else { |
161 LOG(INFO) << "SSL Keygen succeeded! Output is: " << result; | 166 LOG(INFO) << "SSL Keygen succeeded! Output is: " << result; |
162 } | 167 } |
163 | 168 |
164 // Remove keys from keychain if asked to during unit testing: | 169 // Remove keys from keychain if asked to during unit testing: |
165 if (!stores_key_) { | 170 if (!stores_key_) { |
166 if (public_key) | 171 if (public_key) |
167 SecKeychainItemDelete(reinterpret_cast<SecKeychainItemRef>(public_key)); | 172 SecKeychainItemDelete(reinterpret_cast<SecKeychainItemRef>(public_key)); |
(...skipping 24 matching lines...) Expand all Loading... |
192 scoped_cftyperef<SecKeychainRef> scoped_keychain(keychain); | 197 scoped_cftyperef<SecKeychainRef> scoped_keychain(keychain); |
193 return SecKeyCreatePair( | 198 return SecKeyCreatePair( |
194 keychain, | 199 keychain, |
195 CSSM_ALGID_RSA, | 200 CSSM_ALGID_RSA, |
196 size_in_bits, | 201 size_in_bits, |
197 0LL, | 202 0LL, |
198 // public key usage and attributes: | 203 // public key usage and attributes: |
199 CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_WRAP, | 204 CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_WRAP, |
200 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT, | 205 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT, |
201 // private key usage and attributes: | 206 // private key usage and attributes: |
202 CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_SIGN | CSSM_KEYUSE_UNWRAP,
// private key | 207 CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_SIGN | CSSM_KEYUSE_UNWRAP, |
203 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT | | 208 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT | |
204 CSSM_KEYATTR_SENSITIVE, | 209 CSSM_KEYATTR_SENSITIVE, |
205 NULL, | 210 NULL, |
206 out_pub_key, out_priv_key); | 211 out_pub_key, out_priv_key); |
207 } | 212 } |
208 | 213 |
209 static OSStatus CreateSignatureContext(SecKeyRef key, | 214 static OSStatus CreateSignatureContext(SecKeyRef key, |
210 CSSM_ALGORITHMS algorithm, | 215 CSSM_ALGORITHMS algorithm, |
211 CSSM_CC_HANDLE* out_cc_handle) { | 216 CSSM_CC_HANDLE* out_cc_handle) { |
212 OSStatus err; | 217 OSStatus err; |
(...skipping 30 matching lines...) Expand all Loading... |
243 CSSM_ALGID_MD5WithRSA, | 248 CSSM_ALGID_MD5WithRSA, |
244 &cc_handle); | 249 &cc_handle); |
245 if (err) | 250 if (err) |
246 return err; | 251 return err; |
247 err = CSSM_SignData(cc_handle, &data, 1, CSSM_ALGID_NONE, signature); | 252 err = CSSM_SignData(cc_handle, &data, 1, CSSM_ALGID_NONE, signature); |
248 CSSM_DeleteContext(cc_handle); | 253 CSSM_DeleteContext(cc_handle); |
249 return err; | 254 return err; |
250 } | 255 } |
251 | 256 |
252 } // namespace net | 257 } // namespace net |
OLD | NEW |