| Index: net/ssl/ssl_platform_key_mac.cc
|
| diff --git a/net/ssl/ssl_platform_key_mac.cc b/net/ssl/ssl_platform_key_mac.cc
|
| index e7313c07d2d0ff72c902e4462458f72f15953b7c..029c0f36fecbbf6aecb82a5ee7eb40e9c81cada5 100644
|
| --- a/net/ssl/ssl_platform_key_mac.cc
|
| +++ b/net/ssl/ssl_platform_key_mac.cc
|
| @@ -29,7 +29,7 @@
|
| #include "crypto/openssl_util.h"
|
| #include "net/base/net_errors.h"
|
| #include "net/cert/x509_certificate.h"
|
| -#include "net/ssl/ssl_platform_key_task_runner.h"
|
| +#include "net/ssl/ssl_platform_key_util.h"
|
| #include "net/ssl/ssl_private_key.h"
|
| #include "net/ssl/threaded_ssl_private_key.h"
|
|
|
| @@ -91,22 +91,18 @@ SecKeyRef FetchSecKeyRefForCertificate(const X509Certificate* certificate) {
|
|
|
| class SSLPlatformKeyMac : public ThreadedSSLPrivateKey::Delegate {
|
| public:
|
| - SSLPlatformKeyMac(SecKeyRef key, const CSSM_KEY* cssm_key)
|
| - : key_(key, base::scoped_policy::RETAIN), cssm_key_(cssm_key) {
|
| - DCHECK(cssm_key_->KeyHeader.AlgorithmId == CSSM_ALGID_RSA ||
|
| - cssm_key_->KeyHeader.AlgorithmId == CSSM_ALGID_ECDSA);
|
| - }
|
| + SSLPlatformKeyMac(SSLPrivateKey::Type type,
|
| + size_t max_length,
|
| + SecKeyRef key,
|
| + const CSSM_KEY* cssm_key)
|
| + : type_(type),
|
| + max_length_(max_length),
|
| + key_(key, base::scoped_policy::RETAIN),
|
| + cssm_key_(cssm_key) {}
|
|
|
| ~SSLPlatformKeyMac() override {}
|
|
|
| - SSLPrivateKey::Type GetType() override {
|
| - if (cssm_key_->KeyHeader.AlgorithmId == CSSM_ALGID_RSA) {
|
| - return SSLPrivateKey::Type::RSA;
|
| - } else {
|
| - DCHECK_EQ(CSSM_ALGID_ECDSA, cssm_key_->KeyHeader.AlgorithmId);
|
| - return SSLPrivateKey::Type::ECDSA;
|
| - }
|
| - }
|
| + SSLPrivateKey::Type GetType() override { return type_; }
|
|
|
| std::vector<SSLPrivateKey::Hash> GetDigestPreferences() override {
|
| static const SSLPrivateKey::Hash kHashes[] = {
|
| @@ -116,17 +112,7 @@ class SSLPlatformKeyMac : public ThreadedSSLPrivateKey::Delegate {
|
| kHashes + arraysize(kHashes));
|
| }
|
|
|
| - size_t GetMaxSignatureLengthInBytes() override {
|
| - if (cssm_key_->KeyHeader.AlgorithmId == CSSM_ALGID_RSA) {
|
| - return (cssm_key_->KeyHeader.LogicalKeySizeInBits + 7) / 8;
|
| - } else {
|
| - // LogicalKeySizeInBits is the size of an EC public key. But an
|
| - // ECDSA signature length depends on the size of the base point's
|
| - // order. For P-256, P-384, and P-521, these two sizes are the same.
|
| - return ECDSA_SIG_max_len((cssm_key_->KeyHeader.LogicalKeySizeInBits + 7) /
|
| - 8);
|
| - }
|
| - }
|
| + size_t GetMaxSignatureLengthInBytes() override { return max_length_; }
|
|
|
| Error SignDigest(SSLPrivateKey::Hash hash,
|
| const base::StringPiece& input,
|
| @@ -202,7 +188,7 @@ class SSLPlatformKeyMac : public ThreadedSSLPrivateKey::Delegate {
|
| }
|
| }
|
|
|
| - signature->resize(GetMaxSignatureLengthInBytes());
|
| + signature->resize(max_length_);
|
| CSSM_DATA signature_data;
|
| signature_data.Length = signature->size();
|
| signature_data.Data = signature->data();
|
| @@ -216,6 +202,8 @@ class SSLPlatformKeyMac : public ThreadedSSLPrivateKey::Delegate {
|
| }
|
|
|
| private:
|
| + SSLPrivateKey::Type type_;
|
| + size_t max_length_;
|
| base::ScopedCFTypeRef<SecKeyRef> key_;
|
| const CSSM_KEY* cssm_key_;
|
|
|
| @@ -237,13 +225,14 @@ scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey(
|
| if (status != noErr)
|
| return nullptr;
|
|
|
| - if (cssm_key->KeyHeader.AlgorithmId != CSSM_ALGID_RSA &&
|
| - cssm_key->KeyHeader.AlgorithmId != CSSM_ALGID_ECDSA) {
|
| - LOG(ERROR) << "Unknown key type: " << cssm_key->KeyHeader.AlgorithmId;
|
| + SSLPrivateKey::Type key_type;
|
| + size_t max_length;
|
| + if (!GetClientCertInfo(certificate, &key_type, &max_length))
|
| return nullptr;
|
| - }
|
| +
|
| return make_scoped_refptr(new ThreadedSSLPrivateKey(
|
| - base::MakeUnique<SSLPlatformKeyMac>(private_key.get(), cssm_key),
|
| + base::MakeUnique<SSLPlatformKeyMac>(key_type, max_length,
|
| + private_key.get(), cssm_key),
|
| GetSSLPlatformKeyTaskRunner()));
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 2391213002:
Report curve types in ECDSA SSLPrivateKeys. (Closed)
