Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(280)

Unified Diff: net/base/openssl_private_key_store_android.cc

Issue 1742873002: Switch //net to the new SPKI and PKCS#8 APIs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@spki-crypto
Patch Set: tweak keygen_handler_openssl.cc Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/base/keygen_handler_unittest.cc ('k') | net/cert/ct_log_verifier_openssl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/openssl_private_key_store_android.cc
diff --git a/net/base/openssl_private_key_store_android.cc b/net/base/openssl_private_key_store_android.cc
index 538b47465019122767efec2cb9f6a198adf2ea45..424f72f477e3c7eabded7caee45e916d011138f9 100644
--- a/net/base/openssl_private_key_store_android.cc
+++ b/net/base/openssl_private_key_store_android.cc
@@ -4,47 +4,47 @@
#include "net/base/openssl_private_key_store.h"
+#include <openssl/bytestring.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
-#include <openssl/x509.h>
#include "base/logging.h"
#include "base/memory/singleton.h"
+#include "crypto/auto_cbb.h"
#include "crypto/openssl_util.h"
+#include "crypto/scoped_openssl_types.h"
#include "net/android/network_library.h"
-#include "net/ssl/scoped_openssl_types.h"
namespace net {
-bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url,
- EVP_PKEY* pkey) {
+bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, EVP_PKEY* pkey) {
// Always clear openssl errors on exit.
crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);
- // Important: Do not use i2d_PublicKey() here, which returns data in
- // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded
- // SubjectPublicKeyInfo (X.509), as expected by the platform.
- unsigned char* public_key = NULL;
- int public_len = i2d_PUBKEY(pkey, &public_key);
-
- // Important: Do not use i2d_PrivateKey() here, it returns data
- // in a format that is incompatible with what the platform expects.
- unsigned char* private_key = NULL;
- int private_len = 0;
- ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey));
- if (pkcs8)
- private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key);
- bool ret = false;
- if (public_len > 0 && private_len > 0) {
- ret = android::StoreKeyPair(
- static_cast<const uint8_t*>(public_key), public_len,
- static_cast<const uint8_t*>(private_key), private_len);
+ uint8_t* public_key;
+ size_t public_len;
+ crypto::AutoCBB cbb;
+ if (!CBB_init(cbb.get(), 0) || !EVP_marshal_public_key(cbb.get(), pkey) ||
+ !CBB_finish(cbb.get(), &public_key, &public_len)) {
+ return false;
}
- LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len
- << " priv len = " << private_len;
- OPENSSL_free(public_key);
- OPENSSL_free(private_key);
- return ret;
+ crypto::ScopedOpenSSLBytes free_public_key(public_key);
+
+ uint8_t* private_key;
+ size_t private_len;
+ cbb.Reset();
+ if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), pkey) ||
+ !CBB_finish(cbb.get(), &private_key, &private_len)) {
+ return false;
+ }
+ crypto::ScopedOpenSSLBytes free_private_key(private_key);
+
+ if (!android::StoreKeyPair(public_key, public_len, private_key,
+ private_len)) {
+ LOG(ERROR) << "StoreKeyPair failed. public_len = " << public_len
+ << " private_len = " << private_len;
+ }
+ return true;
}
} // namespace net
« no previous file with comments | « net/base/keygen_handler_unittest.cc ('k') | net/cert/ct_log_verifier_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698