OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/android/keystore_openssl.h" | 5 #include "net/android/keystore_openssl.h" |
6 | 6 |
7 #include <jni.h> | 7 #include <jni.h> |
8 #include <openssl/bn.h> | 8 #include <openssl/bn.h> |
9 #include <openssl/ec.h> | 9 #include <openssl/ec.h> |
10 #include <openssl/engine.h> | 10 #include <openssl/engine.h> |
11 #include <openssl/err.h> | 11 #include <openssl/err.h> |
12 #include <openssl/evp.h> | 12 #include <openssl/evp.h> |
13 #include <openssl/rsa.h> | 13 #include <openssl/rsa.h> |
14 #include <stdint.h> | 14 #include <stdint.h> |
15 | 15 |
| 16 #include <memory> |
| 17 |
16 #include "base/android/build_info.h" | 18 #include "base/android/build_info.h" |
17 #include "base/android/scoped_java_ref.h" | 19 #include "base/android/scoped_java_ref.h" |
18 #include "base/lazy_instance.h" | 20 #include "base/lazy_instance.h" |
19 #include "base/logging.h" | 21 #include "base/logging.h" |
20 #include "base/memory/scoped_ptr.h" | |
21 #include "crypto/openssl_util.h" | 22 #include "crypto/openssl_util.h" |
22 #include "net/android/keystore.h" | 23 #include "net/android/keystore.h" |
23 #include "net/android/legacy_openssl.h" | 24 #include "net/android/legacy_openssl.h" |
24 #include "net/ssl/scoped_openssl_types.h" | 25 #include "net/ssl/scoped_openssl_types.h" |
25 #include "net/ssl/ssl_client_cert_type.h" | 26 #include "net/ssl/ssl_client_cert_type.h" |
26 | 27 |
27 // IMPORTANT NOTE: The following code will currently only work when used | 28 // IMPORTANT NOTE: The following code will currently only work when used |
28 // to implement client certificate support with OpenSSL. That's because | 29 // to implement client certificate support with OpenSSL. That's because |
29 // only the signing operations used in this use case are implemented here. | 30 // only the signing operations used in this use case are implemented here. |
30 // | 31 // |
(...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
323 const crypto::OpenSSLErrStackTracer& tracer) { | 324 const crypto::OpenSSLErrStackTracer& tracer) { |
324 crypto::ScopedRSA rsa( | 325 crypto::ScopedRSA rsa( |
325 RSA_new_method(global_boringssl_engine.Get().engine())); | 326 RSA_new_method(global_boringssl_engine.Get().engine())); |
326 | 327 |
327 std::vector<uint8_t> modulus; | 328 std::vector<uint8_t> modulus; |
328 if (!GetRSAKeyModulus(private_key, &modulus)) { | 329 if (!GetRSAKeyModulus(private_key, &modulus)) { |
329 LOG(ERROR) << "Failed to get private key modulus"; | 330 LOG(ERROR) << "Failed to get private key modulus"; |
330 return nullptr; | 331 return nullptr; |
331 } | 332 } |
332 | 333 |
333 scoped_ptr<KeyExData> ex_data(new KeyExData); | 334 std::unique_ptr<KeyExData> ex_data(new KeyExData); |
334 ex_data->private_key.Reset(nullptr, private_key); | 335 ex_data->private_key.Reset(nullptr, private_key); |
335 if (ex_data->private_key.is_null()) { | 336 if (ex_data->private_key.is_null()) { |
336 LOG(ERROR) << "Could not create global JNI reference"; | 337 LOG(ERROR) << "Could not create global JNI reference"; |
337 return nullptr; | 338 return nullptr; |
338 } | 339 } |
339 ex_data->legacy_rsa = legacy_rsa; | 340 ex_data->legacy_rsa = legacy_rsa; |
340 ex_data->cached_size = VectorBignumSize(modulus); | 341 ex_data->cached_size = VectorBignumSize(modulus); |
341 | 342 |
342 RSA_set_ex_data(rsa.get(), global_boringssl_engine.Get().rsa_ex_index(), | 343 RSA_set_ex_data(rsa.get(), global_boringssl_engine.Get().rsa_ex_index(), |
343 ex_data.release()); | 344 ex_data.release()); |
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
493 crypto::OpenSSLErrStackTracer tracer(FROM_HERE); | 494 crypto::OpenSSLErrStackTracer tracer(FROM_HERE); |
494 crypto::ScopedEC_KEY ec_key( | 495 crypto::ScopedEC_KEY ec_key( |
495 EC_KEY_new_method(global_boringssl_engine.Get().engine())); | 496 EC_KEY_new_method(global_boringssl_engine.Get().engine())); |
496 | 497 |
497 std::vector<uint8_t> order; | 498 std::vector<uint8_t> order; |
498 if (!GetECKeyOrder(private_key, &order)) { | 499 if (!GetECKeyOrder(private_key, &order)) { |
499 LOG(ERROR) << "Can't extract order parameter from EC private key"; | 500 LOG(ERROR) << "Can't extract order parameter from EC private key"; |
500 return nullptr; | 501 return nullptr; |
501 } | 502 } |
502 | 503 |
503 scoped_ptr<KeyExData> ex_data(new KeyExData); | 504 std::unique_ptr<KeyExData> ex_data(new KeyExData); |
504 ex_data->private_key.Reset(nullptr, private_key); | 505 ex_data->private_key.Reset(nullptr, private_key); |
505 if (ex_data->private_key.is_null()) { | 506 if (ex_data->private_key.is_null()) { |
506 LOG(ERROR) << "Can't create global JNI reference"; | 507 LOG(ERROR) << "Can't create global JNI reference"; |
507 return nullptr; | 508 return nullptr; |
508 } | 509 } |
509 ex_data->legacy_rsa = nullptr; | 510 ex_data->legacy_rsa = nullptr; |
510 ex_data->cached_size = VectorBignumSize(order); | 511 ex_data->cached_size = VectorBignumSize(order); |
511 | 512 |
512 EC_KEY_set_ex_data(ec_key.get(), | 513 EC_KEY_set_ex_data(ec_key.get(), |
513 global_boringssl_engine.Get().ec_key_ex_index(), | 514 global_boringssl_engine.Get().ec_key_ex_index(), |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
546 return GetEcdsaPkeyWrapper(private_key); | 547 return GetEcdsaPkeyWrapper(private_key); |
547 default: | 548 default: |
548 LOG(WARNING) | 549 LOG(WARNING) |
549 << "GetOpenSSLPrivateKeyWrapper() called with invalid key type"; | 550 << "GetOpenSSLPrivateKeyWrapper() called with invalid key type"; |
550 return nullptr; | 551 return nullptr; |
551 } | 552 } |
552 } | 553 } |
553 | 554 |
554 } // namespace android | 555 } // namespace android |
555 } // namespace net | 556 } // namespace net |
OLD | NEW |