| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/openssl_private_key_store.h" | 5 #include "net/base/openssl_private_key_store.h" |
| 6 | 6 |
| 7 #include <openssl/bytestring.h> |
| 7 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 8 #include <openssl/mem.h> | 9 #include <openssl/mem.h> |
| 9 #include <openssl/x509.h> | |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/memory/singleton.h" | 12 #include "base/memory/singleton.h" |
| 13 #include "crypto/auto_cbb.h" |
| 13 #include "crypto/openssl_util.h" | 14 #include "crypto/openssl_util.h" |
| 15 #include "crypto/scoped_openssl_types.h" |
| 14 #include "net/android/network_library.h" | 16 #include "net/android/network_library.h" |
| 15 #include "net/ssl/scoped_openssl_types.h" | |
| 16 | 17 |
| 17 namespace net { | 18 namespace net { |
| 18 | 19 |
| 19 bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, | 20 bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, EVP_PKEY* pkey) { |
| 20 EVP_PKEY* pkey) { | |
| 21 // Always clear openssl errors on exit. | 21 // Always clear openssl errors on exit. |
| 22 crypto::OpenSSLErrStackTracer err_trace(FROM_HERE); | 22 crypto::OpenSSLErrStackTracer err_trace(FROM_HERE); |
| 23 | 23 |
| 24 // Important: Do not use i2d_PublicKey() here, which returns data in | 24 uint8_t* public_key; |
| 25 // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded | 25 size_t public_len; |
| 26 // SubjectPublicKeyInfo (X.509), as expected by the platform. | 26 crypto::AutoCBB cbb; |
| 27 unsigned char* public_key = NULL; | 27 if (!CBB_init(cbb.get(), 0) || !EVP_marshal_public_key(cbb.get(), pkey) || |
| 28 int public_len = i2d_PUBKEY(pkey, &public_key); | 28 !CBB_finish(cbb.get(), &public_key, &public_len)) { |
| 29 return false; |
| 30 } |
| 31 crypto::ScopedOpenSSLBytes free_public_key(public_key); |
| 29 | 32 |
| 30 // Important: Do not use i2d_PrivateKey() here, it returns data | 33 uint8_t* private_key; |
| 31 // in a format that is incompatible with what the platform expects. | 34 size_t private_len; |
| 32 unsigned char* private_key = NULL; | 35 cbb.Reset(); |
| 33 int private_len = 0; | 36 if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), pkey) || |
| 34 ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey)); | 37 !CBB_finish(cbb.get(), &private_key, &private_len)) { |
| 35 if (pkcs8) | 38 return false; |
| 36 private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key); | |
| 37 bool ret = false; | |
| 38 if (public_len > 0 && private_len > 0) { | |
| 39 ret = android::StoreKeyPair( | |
| 40 static_cast<const uint8_t*>(public_key), public_len, | |
| 41 static_cast<const uint8_t*>(private_key), private_len); | |
| 42 } | 39 } |
| 43 LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len | 40 crypto::ScopedOpenSSLBytes free_private_key(private_key); |
| 44 << " priv len = " << private_len; | 41 |
| 45 OPENSSL_free(public_key); | 42 if (!android::StoreKeyPair(public_key, public_len, private_key, |
| 46 OPENSSL_free(private_key); | 43 private_len)) { |
| 47 return ret; | 44 LOG(ERROR) << "StoreKeyPair failed. public_len = " << public_len |
| 45 << " private_len = " << private_len; |
| 46 } |
| 47 return true; |
| 48 } | 48 } |
| 49 | 49 |
| 50 } // namespace net | 50 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1742873002:
Switch //net to the new SPKI and PKCS#8 APIs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@spki-crypto