Index: net/base/openssl_private_key_store_android.cc |
diff --git a/net/base/openssl_private_key_store_android.cc b/net/base/openssl_private_key_store_android.cc |
index 538b47465019122767efec2cb9f6a198adf2ea45..424f72f477e3c7eabded7caee45e916d011138f9 100644 |
--- a/net/base/openssl_private_key_store_android.cc |
+++ b/net/base/openssl_private_key_store_android.cc |
@@ -4,47 +4,47 @@ |
#include "net/base/openssl_private_key_store.h" |
+#include <openssl/bytestring.h> |
#include <openssl/evp.h> |
#include <openssl/mem.h> |
-#include <openssl/x509.h> |
#include "base/logging.h" |
#include "base/memory/singleton.h" |
+#include "crypto/auto_cbb.h" |
#include "crypto/openssl_util.h" |
+#include "crypto/scoped_openssl_types.h" |
#include "net/android/network_library.h" |
-#include "net/ssl/scoped_openssl_types.h" |
namespace net { |
-bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, |
- EVP_PKEY* pkey) { |
+bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, EVP_PKEY* pkey) { |
// Always clear openssl errors on exit. |
crypto::OpenSSLErrStackTracer err_trace(FROM_HERE); |
- // Important: Do not use i2d_PublicKey() here, which returns data in |
- // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded |
- // SubjectPublicKeyInfo (X.509), as expected by the platform. |
- unsigned char* public_key = NULL; |
- int public_len = i2d_PUBKEY(pkey, &public_key); |
- |
- // Important: Do not use i2d_PrivateKey() here, it returns data |
- // in a format that is incompatible with what the platform expects. |
- unsigned char* private_key = NULL; |
- int private_len = 0; |
- ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey)); |
- if (pkcs8) |
- private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key); |
- bool ret = false; |
- if (public_len > 0 && private_len > 0) { |
- ret = android::StoreKeyPair( |
- static_cast<const uint8_t*>(public_key), public_len, |
- static_cast<const uint8_t*>(private_key), private_len); |
+ uint8_t* public_key; |
+ size_t public_len; |
+ crypto::AutoCBB cbb; |
+ if (!CBB_init(cbb.get(), 0) || !EVP_marshal_public_key(cbb.get(), pkey) || |
+ !CBB_finish(cbb.get(), &public_key, &public_len)) { |
+ return false; |
} |
- LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len |
- << " priv len = " << private_len; |
- OPENSSL_free(public_key); |
- OPENSSL_free(private_key); |
- return ret; |
+ crypto::ScopedOpenSSLBytes free_public_key(public_key); |
+ |
+ uint8_t* private_key; |
+ size_t private_len; |
+ cbb.Reset(); |
+ if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), pkey) || |
+ !CBB_finish(cbb.get(), &private_key, &private_len)) { |
+ return false; |
+ } |
+ crypto::ScopedOpenSSLBytes free_private_key(private_key); |
+ |
+ if (!android::StoreKeyPair(public_key, public_len, private_key, |
+ private_len)) { |
+ LOG(ERROR) << "StoreKeyPair failed. public_len = " << public_len |
+ << " private_len = " << private_len; |
+ } |
+ return true; |
} |
} // namespace net |