Index: net/ssl/token_binding_openssl.cc |
diff --git a/net/ssl/token_binding_openssl.cc b/net/ssl/token_binding_openssl.cc |
index 0cfc3fe94d816cc0dd616a3b20105c2f10ec2969..a9346a0aa1c9c700c2fd02dee6e4f61d95f29db1 100644 |
--- a/net/ssl/token_binding_openssl.cc |
+++ b/net/ssl/token_binding_openssl.cc |
@@ -23,11 +23,9 @@ enum TokenBindingType { |
TB_TYPE_REFERRED = 1, |
}; |
-bool BuildTokenBindingID(TokenBindingType type, |
- crypto::ECPrivateKey* key, |
- CBB* out) { |
+bool BuildTokenBindingID(crypto::ECPrivateKey* key, CBB* out) { |
CBB ec_point; |
- if (!CBB_add_u8(out, type) || !CBB_add_u8(out, TB_PARAM_ECDSAP256) || |
+ if (!CBB_add_u8(out, TB_PARAM_ECDSAP256) || |
!CBB_add_u8_length_prefixed(out, &ec_point)) { |
return false; |
} |
@@ -46,6 +44,28 @@ bool BuildTokenBindingID(TokenBindingType type, |
return true; |
} |
+Error BuildTokenBinding(TokenBindingType type, |
+ crypto::ECPrivateKey* key, |
+ const std::vector<uint8_t>& signed_ekm, |
+ std::string* out) { |
+ uint8_t* out_data; |
+ size_t out_len; |
+ CBB token_binding; |
+ if (!CBB_init(&token_binding, 0) || !CBB_add_u8(&token_binding, type) || |
+ !BuildTokenBindingID(key, &token_binding) || |
+ !CBB_add_u16(&token_binding, signed_ekm.size()) || |
+ !CBB_add_bytes(&token_binding, signed_ekm.data(), signed_ekm.size()) || |
+ // 0-length extensions |
+ !CBB_add_u16(&token_binding, 0) || |
+ !CBB_finish(&token_binding, &out_data, &out_len)) { |
+ CBB_cleanup(&token_binding); |
+ return ERR_FAILED; |
+ } |
+ out->assign(reinterpret_cast<char*>(out_data), out_len); |
+ OPENSSL_free(out_data); |
+ return OK; |
+} |
+ |
} // namespace |
Error BuildTokenBindingMessageFromTokenBindings( |
@@ -80,22 +100,7 @@ Error BuildTokenBindingMessageFromTokenBindings( |
Error BuildProvidedTokenBinding(crypto::ECPrivateKey* key, |
const std::vector<uint8_t>& signed_ekm, |
std::string* out) { |
- uint8_t* out_data; |
- size_t out_len; |
- CBB token_binding; |
- if (!CBB_init(&token_binding, 0) || |
- !BuildTokenBindingID(TB_TYPE_PROVIDED, key, &token_binding) || |
- !CBB_add_u16(&token_binding, signed_ekm.size()) || |
- !CBB_add_bytes(&token_binding, signed_ekm.data(), signed_ekm.size()) || |
- // 0-length extensions |
- !CBB_add_u16(&token_binding, 0) || |
- !CBB_finish(&token_binding, &out_data, &out_len)) { |
- CBB_cleanup(&token_binding); |
- return ERR_FAILED; |
- } |
- out->assign(reinterpret_cast<char*>(out_data), out_len); |
- OPENSSL_free(out_data); |
- return OK; |
+ return BuildTokenBinding(TB_TYPE_PROVIDED, key, signed_ekm, out); |
} |
bool ParseTokenBindingMessage(base::StringPiece token_binding_message, |