| Index: net/base/openssl_private_key_store_android.cc
|
| diff --git a/net/base/openssl_private_key_store_android.cc b/net/base/openssl_private_key_store_android.cc
|
| index 538b47465019122767efec2cb9f6a198adf2ea45..424f72f477e3c7eabded7caee45e916d011138f9 100644
|
| --- a/net/base/openssl_private_key_store_android.cc
|
| +++ b/net/base/openssl_private_key_store_android.cc
|
| @@ -4,47 +4,47 @@
|
|
|
| #include "net/base/openssl_private_key_store.h"
|
|
|
| +#include <openssl/bytestring.h>
|
| #include <openssl/evp.h>
|
| #include <openssl/mem.h>
|
| -#include <openssl/x509.h>
|
|
|
| #include "base/logging.h"
|
| #include "base/memory/singleton.h"
|
| +#include "crypto/auto_cbb.h"
|
| #include "crypto/openssl_util.h"
|
| +#include "crypto/scoped_openssl_types.h"
|
| #include "net/android/network_library.h"
|
| -#include "net/ssl/scoped_openssl_types.h"
|
|
|
| namespace net {
|
|
|
| -bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url,
|
| - EVP_PKEY* pkey) {
|
| +bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, EVP_PKEY* pkey) {
|
| // Always clear openssl errors on exit.
|
| crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);
|
|
|
| - // Important: Do not use i2d_PublicKey() here, which returns data in
|
| - // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded
|
| - // SubjectPublicKeyInfo (X.509), as expected by the platform.
|
| - unsigned char* public_key = NULL;
|
| - int public_len = i2d_PUBKEY(pkey, &public_key);
|
| -
|
| - // Important: Do not use i2d_PrivateKey() here, it returns data
|
| - // in a format that is incompatible with what the platform expects.
|
| - unsigned char* private_key = NULL;
|
| - int private_len = 0;
|
| - ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey));
|
| - if (pkcs8)
|
| - private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key);
|
| - bool ret = false;
|
| - if (public_len > 0 && private_len > 0) {
|
| - ret = android::StoreKeyPair(
|
| - static_cast<const uint8_t*>(public_key), public_len,
|
| - static_cast<const uint8_t*>(private_key), private_len);
|
| + uint8_t* public_key;
|
| + size_t public_len;
|
| + crypto::AutoCBB cbb;
|
| + if (!CBB_init(cbb.get(), 0) || !EVP_marshal_public_key(cbb.get(), pkey) ||
|
| + !CBB_finish(cbb.get(), &public_key, &public_len)) {
|
| + return false;
|
| }
|
| - LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len
|
| - << " priv len = " << private_len;
|
| - OPENSSL_free(public_key);
|
| - OPENSSL_free(private_key);
|
| - return ret;
|
| + crypto::ScopedOpenSSLBytes free_public_key(public_key);
|
| +
|
| + uint8_t* private_key;
|
| + size_t private_len;
|
| + cbb.Reset();
|
| + if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), pkey) ||
|
| + !CBB_finish(cbb.get(), &private_key, &private_len)) {
|
| + return false;
|
| + }
|
| + crypto::ScopedOpenSSLBytes free_private_key(private_key);
|
| +
|
| + if (!android::StoreKeyPair(public_key, public_len, private_key,
|
| + private_len)) {
|
| + LOG(ERROR) << "StoreKeyPair failed. public_len = " << public_len
|
| + << " private_len = " << private_len;
|
| + }
|
| + return true;
|
| }
|
|
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 1742873002:
Switch //net to the new SPKI and PKCS#8 APIs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@spki-crypto