Index: net/cert/x509_util_nss.cc |
diff --git a/net/cert/x509_util_nss.cc b/net/cert/x509_util_nss.cc |
index 56669352bdbce678fa64b5e1220f075995c30665..48aecb09a7584cc7930033529691aa60e29df967 100644 |
--- a/net/cert/x509_util_nss.cc |
+++ b/net/cert/x509_util_nss.cc |
@@ -24,6 +24,7 @@ |
#include "crypto/ec_private_key.h" |
#include "crypto/nss_util.h" |
#include "crypto/nss_util_internal.h" |
+#include "crypto/rsa_private_key.h" |
#include "crypto/scoped_nss_types.h" |
#include "crypto/third_party/nss/chromium-nss.h" |
#include "net/cert/x509_certificate.h" |
@@ -182,6 +183,29 @@ bool SignCertificate( |
return true; |
} |
+CERTCertificate* CreateSelfSignedCertInternal( |
+ SECKEYPublicKey* public_key, |
+ SECKEYPrivateKey* private_key, |
+ const std::string& subject, |
+ uint32 serial_number, |
+ base::Time not_valid_before, |
+ base::Time not_valid_after) { |
+ CERTCertificate* cert = CreateCertificate(public_key, |
+ subject, |
+ serial_number, |
+ not_valid_before, |
+ not_valid_after); |
+ if (!cert) |
+ return NULL; |
+ |
+ if (!SignCertificate(cert, private_key)) { |
+ CERT_DestroyCertificate(cert); |
+ return NULL; |
+ } |
+ |
+ return cert; |
+} |
+ |
bool CreateDomainBoundCertInternal( |
SECKEYPublicKey* public_key, |
SECKEYPrivateKey* private_key, |
@@ -312,27 +336,26 @@ CERTName* CreateCertNameFromEncoded(PLArenaPool* arena, |
namespace x509_util { |
-CERTCertificate* CreateSelfSignedCert( |
- SECKEYPublicKey* public_key, |
- SECKEYPrivateKey* private_key, |
- const std::string& subject, |
- uint32 serial_number, |
- base::Time not_valid_before, |
- base::Time not_valid_after) { |
- CERTCertificate* cert = CreateCertificate(public_key, |
- subject, |
- serial_number, |
- not_valid_before, |
- not_valid_after); |
+bool CreateSelfSignedCert(crypto::RSAPrivateKey* key, |
+ const std::string& common_name, |
+ uint32 serial_number, |
+ base::Time not_valid_before, |
+ base::Time not_valid_after, |
+ std::string* der_encoded) { |
+ CERTCertificate* cert = CreateSelfSignedCertInternal( |
wtc
2013/06/20 21:35:56
I think we can just inline CreateSelfSignedCertInt
|
+ key->public_key(), |
+ key->key(), |
+ common_name, |
+ serial_number, |
+ not_valid_before, |
+ not_valid_after); |
if (!cert) |
- return NULL; |
- |
- if (!SignCertificate(cert, private_key)) { |
- CERT_DestroyCertificate(cert); |
- return NULL; |
- } |
+ return false; |
- return cert; |
+ der_encoded->assign(reinterpret_cast<char*>(cert->derCert.data), |
+ cert->derCert.len); |
+ CERT_DestroyCertificate(cert); |
+ return true; |
} |
bool IsSupportedValidityRange(base::Time not_valid_before, |