| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/nss_key_util.h" | 5 #include "crypto/nss_key_util.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <secmod.h> |
| 10 #include <stdint.h> | 11 #include <stdint.h> |
| 11 | 12 |
| 12 #include <memory> | 13 #include <memory> |
| 13 | 14 |
| 14 #include "base/logging.h" | 15 #include "base/logging.h" |
| 15 #include "crypto/nss_util.h" | 16 #include "crypto/nss_util.h" |
| 16 | |
| 17 #if defined(USE_NSS_CERTS) | |
| 18 #include <secmod.h> | |
| 19 #include "crypto/nss_util_internal.h" | 17 #include "crypto/nss_util_internal.h" |
| 20 #endif | |
| 21 | 18 |
| 22 namespace crypto { | 19 namespace crypto { |
| 23 | 20 |
| 24 namespace { | 21 namespace { |
| 25 | 22 |
| 26 #if defined(USE_NSS_CERTS) | |
| 27 | |
| 28 struct PublicKeyInfoDeleter { | 23 struct PublicKeyInfoDeleter { |
| 29 inline void operator()(CERTSubjectPublicKeyInfo* spki) { | 24 inline void operator()(CERTSubjectPublicKeyInfo* spki) { |
| 30 SECKEY_DestroySubjectPublicKeyInfo(spki); | 25 SECKEY_DestroySubjectPublicKeyInfo(spki); |
| 31 } | 26 } |
| 32 }; | 27 }; |
| 33 | 28 |
| 34 typedef std::unique_ptr<CERTSubjectPublicKeyInfo, PublicKeyInfoDeleter> | 29 typedef std::unique_ptr<CERTSubjectPublicKeyInfo, PublicKeyInfoDeleter> |
| 35 ScopedPublicKeyInfo; | 30 ScopedPublicKeyInfo; |
| 36 | 31 |
| 37 // Decodes |input| as a SubjectPublicKeyInfo and returns a SECItem containing | 32 // Decodes |input| as a SubjectPublicKeyInfo and returns a SECItem containing |
| (...skipping 14 matching lines...) Expand all Loading... |
| 52 return nullptr; | 47 return nullptr; |
| 53 | 48 |
| 54 // See pk11_MakeIDFromPublicKey from NSS. For now, only RSA keys are | 49 // See pk11_MakeIDFromPublicKey from NSS. For now, only RSA keys are |
| 55 // supported. | 50 // supported. |
| 56 if (SECKEY_GetPublicKeyType(result.get()) != rsaKey) | 51 if (SECKEY_GetPublicKeyType(result.get()) != rsaKey) |
| 57 return nullptr; | 52 return nullptr; |
| 58 | 53 |
| 59 return ScopedSECItem(PK11_MakeIDFromPubKey(&result->u.rsa.modulus)); | 54 return ScopedSECItem(PK11_MakeIDFromPubKey(&result->u.rsa.modulus)); |
| 60 } | 55 } |
| 61 | 56 |
| 62 #endif // defined(USE_NSS_CERTS) | |
| 63 | |
| 64 } // namespace | 57 } // namespace |
| 65 | 58 |
| 66 bool GenerateRSAKeyPairNSS(PK11SlotInfo* slot, | 59 bool GenerateRSAKeyPairNSS(PK11SlotInfo* slot, |
| 67 uint16_t num_bits, | 60 uint16_t num_bits, |
| 68 bool permanent, | 61 bool permanent, |
| 69 ScopedSECKEYPublicKey* public_key, | 62 ScopedSECKEYPublicKey* public_key, |
| 70 ScopedSECKEYPrivateKey* private_key) { | 63 ScopedSECKEYPrivateKey* private_key) { |
| 71 DCHECK(slot); | 64 DCHECK(slot); |
| 72 | 65 |
| 73 PK11RSAGenParams param; | 66 PK11RSAGenParams param; |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 111 KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_DIGITAL_SIGNATURE; | 104 KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_DIGITAL_SIGNATURE; |
| 112 SECKEYPrivateKey* key_raw = nullptr; | 105 SECKEYPrivateKey* key_raw = nullptr; |
| 113 rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( | 106 rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( |
| 114 slot, &der_private_key_info, nullptr, nullptr, permanent, | 107 slot, &der_private_key_info, nullptr, nullptr, permanent, |
| 115 permanent /* sensitive */, key_usage, &key_raw, nullptr); | 108 permanent /* sensitive */, key_usage, &key_raw, nullptr); |
| 116 if (rv != SECSuccess) | 109 if (rv != SECSuccess) |
| 117 return nullptr; | 110 return nullptr; |
| 118 return ScopedSECKEYPrivateKey(key_raw); | 111 return ScopedSECKEYPrivateKey(key_raw); |
| 119 } | 112 } |
| 120 | 113 |
| 121 #if defined(USE_NSS_CERTS) | |
| 122 | |
| 123 ScopedSECKEYPrivateKey FindNSSKeyFromPublicKeyInfo( | 114 ScopedSECKEYPrivateKey FindNSSKeyFromPublicKeyInfo( |
| 124 const std::vector<uint8_t>& input) { | 115 const std::vector<uint8_t>& input) { |
| 125 EnsureNSSInit(); | 116 EnsureNSSInit(); |
| 126 | 117 |
| 127 ScopedSECItem cka_id(MakeIDFromSPKI(input)); | 118 ScopedSECItem cka_id(MakeIDFromSPKI(input)); |
| 128 if (!cka_id) | 119 if (!cka_id) |
| 129 return nullptr; | 120 return nullptr; |
| 130 | 121 |
| 131 // Search all slots in all modules for the key with the given ID. | 122 // Search all slots in all modules for the key with the given ID. |
| 132 AutoSECMODListReadLock auto_lock; | 123 AutoSECMODListReadLock auto_lock; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 153 DCHECK(slot); | 144 DCHECK(slot); |
| 154 | 145 |
| 155 ScopedSECItem cka_id(MakeIDFromSPKI(input)); | 146 ScopedSECItem cka_id(MakeIDFromSPKI(input)); |
| 156 if (!cka_id) | 147 if (!cka_id) |
| 157 return nullptr; | 148 return nullptr; |
| 158 | 149 |
| 159 return ScopedSECKEYPrivateKey( | 150 return ScopedSECKEYPrivateKey( |
| 160 PK11_FindKeyByKeyID(slot, cka_id.get(), nullptr)); | 151 PK11_FindKeyByKeyID(slot, cka_id.get(), nullptr)); |
| 161 } | 152 } |
| 162 | 153 |
| 163 #endif // defined(USE_NSS_CERTS) | |
| 164 | |
| 165 } // namespace crypto | 154 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2046863002:
Remove traces of USE_NSS_CERTS from crypto/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master