Adds support for the <keygen> element to Windows, matching...

net/base/keygen_handler_nss.cc

-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/keygen_handler.h"
 
 #include <pk11pub.h>
 #include <secmod.h>
 #include <ssl.h>
 #include <secder.h>    // DER_Encode()
 #include <cryptohi.h>  // SEC_DerSignData()
@@ skipping 32 matching lines @@
 DERTemplate CERTPublicKeyAndChallengeTemplate[] = {
   { DER_SEQUENCE,
     0, NULL, sizeof(CERTPublicKeyAndChallenge) },
   { DER_ANY,
     offsetof(CERTPublicKeyAndChallenge, spki), },
   { DER_IA5_STRING,
     offsetof(CERTPublicKeyAndChallenge, challenge), },
   { 0, }
 };
 
+void StoreKeyLocationInCache(const SECItem& public_key_info,
+                             PK11SlotInfo *slot) {
+  KeygenHandler::Cache* cache = KeygenHandler::Cache::GetInstance();
+  KeygenHandler::KeyLocation key_location;
+  const char* slot_name = PK11_GetSlotName(slot);
+  key_location.slot_name.assign(slot_name);
+  cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data),
+                public_key_info.len), key_location);
+}
+
+bool KeygenHandler::KeyLocation::Equals(
+    const net::KeygenHandler::KeyLocation& location) const {
+  return slot_name == location.slot_name;
+}
+
 // This function is largely copied from the Firefox's
 // <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp
 // FIXME(gauravsh): Do we need a copy of the Mozilla license here?
 
 std::string KeygenHandler::GenKeyAndSignChallenge() {
   // Key pair generation mechanism - only RSA is supported at present.
   PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;  // from nss/pkcs11t.h
 
   // Temporary structures used for generating the result
   // in the right format.
@@ skipping 123 matching lines @@
 
   // Convert the signed public key and challenge into base64/ascii.
   if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data),
                                       signedItem.len),
                           &result_blob)) {
     LOG(ERROR) << "Couldn't convert signed public key into base64";
     isSuccess = false;
     goto failure;
   }
 
+  StoreKeyLocationInCache(spkiItem, slot);
+
  failure:
   if (!isSuccess) {
     LOG(ERROR) << "SSL Keygen failed!";
   } else {
-    LOG(INFO) << "SSl Keygen succeeded!";
+    LOG(INFO) << "SSL Keygen succeeded!";
   }
 
   // Do cleanups
   if (privateKey) {
-    if (!isSuccess || !stores_key_) {
-      PK11_DestroyTokenObject(privateKey->pkcs11Slot,privateKey->pkcs11ID);
-      SECKEY_DestroyPrivateKey(privateKey);
-    }
     // On successful keygen we need to keep the private key, of course,
     // or we won't be able to use the client certificate.
+    if (!isSuccess || !stores_key_) {
+      PK11_DestroyTokenObject(privateKey->pkcs11Slot, privateKey->pkcs11ID);
+    }
+    SECKEY_DestroyPrivateKey(privateKey);
   }
 
   if (publicKey) {
     PK11_DestroyTokenObject(publicKey->pkcs11Slot, publicKey->pkcs11ID);
   }
   if (spkInfo) {
     SECKEY_DestroySubjectPublicKeyInfo(spkInfo);
   }
   if (publicKey) {
     SECKEY_DestroyPublicKey(publicKey);
   }
   if (arena) {
     PORT_FreeArena(arena, PR_TRUE);
   }
   if (slot != NULL) {
     PK11_FreeSlot(slot);
   }
   if (pkac.challenge.data) {
     free(pkac.challenge.data);
   }
 
   return (isSuccess ? result_blob : std::string());
 }
 
 }  // namespace net