OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/nss_key_util.h" | 5 #include "crypto/nss_key_util.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <keyhi.h> | 8 #include <keyhi.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <secmod.h> |
10 #include <stdint.h> | 11 #include <stdint.h> |
11 | 12 |
12 #include <memory> | 13 #include <memory> |
13 | 14 |
14 #include "base/logging.h" | 15 #include "base/logging.h" |
15 #include "crypto/nss_util.h" | 16 #include "crypto/nss_util.h" |
16 | |
17 #if defined(USE_NSS_CERTS) | |
18 #include <secmod.h> | |
19 #include "crypto/nss_util_internal.h" | 17 #include "crypto/nss_util_internal.h" |
20 #endif | |
21 | 18 |
22 namespace crypto { | 19 namespace crypto { |
23 | 20 |
24 namespace { | 21 namespace { |
25 | 22 |
26 #if defined(USE_NSS_CERTS) | |
27 | |
28 struct PublicKeyInfoDeleter { | 23 struct PublicKeyInfoDeleter { |
29 inline void operator()(CERTSubjectPublicKeyInfo* spki) { | 24 inline void operator()(CERTSubjectPublicKeyInfo* spki) { |
30 SECKEY_DestroySubjectPublicKeyInfo(spki); | 25 SECKEY_DestroySubjectPublicKeyInfo(spki); |
31 } | 26 } |
32 }; | 27 }; |
33 | 28 |
34 typedef std::unique_ptr<CERTSubjectPublicKeyInfo, PublicKeyInfoDeleter> | 29 typedef std::unique_ptr<CERTSubjectPublicKeyInfo, PublicKeyInfoDeleter> |
35 ScopedPublicKeyInfo; | 30 ScopedPublicKeyInfo; |
36 | 31 |
37 // Decodes |input| as a SubjectPublicKeyInfo and returns a SECItem containing | 32 // Decodes |input| as a SubjectPublicKeyInfo and returns a SECItem containing |
(...skipping 14 matching lines...) Expand all Loading... |
52 return nullptr; | 47 return nullptr; |
53 | 48 |
54 // See pk11_MakeIDFromPublicKey from NSS. For now, only RSA keys are | 49 // See pk11_MakeIDFromPublicKey from NSS. For now, only RSA keys are |
55 // supported. | 50 // supported. |
56 if (SECKEY_GetPublicKeyType(result.get()) != rsaKey) | 51 if (SECKEY_GetPublicKeyType(result.get()) != rsaKey) |
57 return nullptr; | 52 return nullptr; |
58 | 53 |
59 return ScopedSECItem(PK11_MakeIDFromPubKey(&result->u.rsa.modulus)); | 54 return ScopedSECItem(PK11_MakeIDFromPubKey(&result->u.rsa.modulus)); |
60 } | 55 } |
61 | 56 |
62 #endif // defined(USE_NSS_CERTS) | |
63 | |
64 } // namespace | 57 } // namespace |
65 | 58 |
66 bool GenerateRSAKeyPairNSS(PK11SlotInfo* slot, | 59 bool GenerateRSAKeyPairNSS(PK11SlotInfo* slot, |
67 uint16_t num_bits, | 60 uint16_t num_bits, |
68 bool permanent, | 61 bool permanent, |
69 ScopedSECKEYPublicKey* public_key, | 62 ScopedSECKEYPublicKey* public_key, |
70 ScopedSECKEYPrivateKey* private_key) { | 63 ScopedSECKEYPrivateKey* private_key) { |
71 DCHECK(slot); | 64 DCHECK(slot); |
72 | 65 |
73 PK11RSAGenParams param; | 66 PK11RSAGenParams param; |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
111 KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_DIGITAL_SIGNATURE; | 104 KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_DIGITAL_SIGNATURE; |
112 SECKEYPrivateKey* key_raw = nullptr; | 105 SECKEYPrivateKey* key_raw = nullptr; |
113 rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( | 106 rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( |
114 slot, &der_private_key_info, nullptr, nullptr, permanent, | 107 slot, &der_private_key_info, nullptr, nullptr, permanent, |
115 permanent /* sensitive */, key_usage, &key_raw, nullptr); | 108 permanent /* sensitive */, key_usage, &key_raw, nullptr); |
116 if (rv != SECSuccess) | 109 if (rv != SECSuccess) |
117 return nullptr; | 110 return nullptr; |
118 return ScopedSECKEYPrivateKey(key_raw); | 111 return ScopedSECKEYPrivateKey(key_raw); |
119 } | 112 } |
120 | 113 |
121 #if defined(USE_NSS_CERTS) | |
122 | |
123 ScopedSECKEYPrivateKey FindNSSKeyFromPublicKeyInfo( | 114 ScopedSECKEYPrivateKey FindNSSKeyFromPublicKeyInfo( |
124 const std::vector<uint8_t>& input) { | 115 const std::vector<uint8_t>& input) { |
125 EnsureNSSInit(); | 116 EnsureNSSInit(); |
126 | 117 |
127 ScopedSECItem cka_id(MakeIDFromSPKI(input)); | 118 ScopedSECItem cka_id(MakeIDFromSPKI(input)); |
128 if (!cka_id) | 119 if (!cka_id) |
129 return nullptr; | 120 return nullptr; |
130 | 121 |
131 // Search all slots in all modules for the key with the given ID. | 122 // Search all slots in all modules for the key with the given ID. |
132 AutoSECMODListReadLock auto_lock; | 123 AutoSECMODListReadLock auto_lock; |
(...skipping 20 matching lines...) Expand all Loading... |
153 DCHECK(slot); | 144 DCHECK(slot); |
154 | 145 |
155 ScopedSECItem cka_id(MakeIDFromSPKI(input)); | 146 ScopedSECItem cka_id(MakeIDFromSPKI(input)); |
156 if (!cka_id) | 147 if (!cka_id) |
157 return nullptr; | 148 return nullptr; |
158 | 149 |
159 return ScopedSECKEYPrivateKey( | 150 return ScopedSECKEYPrivateKey( |
160 PK11_FindKeyByKeyID(slot, cka_id.get(), nullptr)); | 151 PK11_FindKeyByKeyID(slot, cka_id.get(), nullptr)); |
161 } | 152 } |
162 | 153 |
163 #endif // defined(USE_NSS_CERTS) | |
164 | |
165 } // namespace crypto | 154 } // namespace crypto |
OLD | NEW |