| Index: net/base/keygen_handler_mac.cc
|
| diff --git a/net/base/keygen_handler_mac.cc b/net/base/keygen_handler_mac.cc
|
| index 63ea84751aa1d926cc7fb215edf03d5431567204..da61edb7a02e26a7f73f4842c61fb9cfa8469333 100644
|
| --- a/net/base/keygen_handler_mac.cc
|
| +++ b/net/base/keygen_handler_mac.cc
|
| @@ -34,30 +34,15 @@ struct PublicKeyAndChallenge {
|
| // This is a copy of the built-in kSecAsn1IA5StringTemplate, but without the
|
| // 'streamable' flag, which was causing bogus data to be written.
|
| const SecAsn1Template kIA5StringTemplate[] = {
|
| - { SEC_ASN1_IA5_STRING, 0, NULL, sizeof(CSSM_DATA) }
|
| -};
|
| + {SEC_ASN1_IA5_STRING, 0, NULL, sizeof(CSSM_DATA)}};
|
|
|
| static const SecAsn1Template kPublicKeyAndChallengeTemplate[] = {
|
| - {
|
| - SEC_ASN1_SEQUENCE,
|
| - 0,
|
| - NULL,
|
| - sizeof(PublicKeyAndChallenge)
|
| - },
|
| - {
|
| - SEC_ASN1_INLINE,
|
| - offsetof(PublicKeyAndChallenge, spki),
|
| - kSecAsn1SubjectPublicKeyInfoTemplate
|
| - },
|
| - {
|
| - SEC_ASN1_INLINE,
|
| - offsetof(PublicKeyAndChallenge, challenge_string),
|
| - kIA5StringTemplate
|
| - },
|
| - {
|
| - 0
|
| - }
|
| -};
|
| + {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PublicKeyAndChallenge)},
|
| + {SEC_ASN1_INLINE, offsetof(PublicKeyAndChallenge, spki),
|
| + kSecAsn1SubjectPublicKeyInfoTemplate},
|
| + {SEC_ASN1_INLINE, offsetof(PublicKeyAndChallenge, challenge_string),
|
| + kIA5StringTemplate},
|
| + {0}};
|
|
|
| struct SignedPublicKeyAndChallenge {
|
| PublicKeyAndChallenge pkac;
|
| @@ -66,31 +51,14 @@ struct SignedPublicKeyAndChallenge {
|
| };
|
|
|
| static const SecAsn1Template kSignedPublicKeyAndChallengeTemplate[] = {
|
| - {
|
| - SEC_ASN1_SEQUENCE,
|
| - 0,
|
| - NULL,
|
| - sizeof(SignedPublicKeyAndChallenge)
|
| - },
|
| - {
|
| - SEC_ASN1_INLINE,
|
| - offsetof(SignedPublicKeyAndChallenge, pkac),
|
| - kPublicKeyAndChallengeTemplate
|
| - },
|
| - {
|
| - SEC_ASN1_INLINE,
|
| - offsetof(SignedPublicKeyAndChallenge, signature_algorithm),
|
| - kSecAsn1AlgorithmIDTemplate
|
| - },
|
| - {
|
| - SEC_ASN1_BIT_STRING,
|
| - offsetof(SignedPublicKeyAndChallenge, signature)
|
| - },
|
| - {
|
| - 0
|
| - }
|
| -};
|
| -
|
| + {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SignedPublicKeyAndChallenge)},
|
| + {SEC_ASN1_INLINE, offsetof(SignedPublicKeyAndChallenge, pkac),
|
| + kPublicKeyAndChallengeTemplate},
|
| + {SEC_ASN1_INLINE,
|
| + offsetof(SignedPublicKeyAndChallenge, signature_algorithm),
|
| + kSecAsn1AlgorithmIDTemplate},
|
| + {SEC_ASN1_BIT_STRING, offsetof(SignedPublicKeyAndChallenge, signature)},
|
| + {0}};
|
|
|
| static OSStatus CreateRSAKeyPair(int size_in_bits,
|
| SecAccessRef initial_access,
|
| @@ -126,15 +94,15 @@ std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| }
|
|
|
| // Create the key-pair.
|
| - err = CreateRSAKeyPair(key_size_in_bits_, initial_access,
|
| - &public_key, &private_key);
|
| + err = CreateRSAKeyPair(
|
| + key_size_in_bits_, initial_access, &public_key, &private_key);
|
| if (err)
|
| goto failure;
|
|
|
| // Get the public key data (DER sequence of modulus, exponent).
|
| CFDataRef key_data = NULL;
|
| - err = SecKeychainItemExport(public_key, kSecFormatBSAFE, 0, NULL,
|
| - &key_data);
|
| + err =
|
| + SecKeychainItemExport(public_key, kSecFormatBSAFE, 0, NULL, &key_data);
|
| if (err) {
|
| crypto::LogCSSMError("SecKeychainItemExpor", err);
|
| goto failure;
|
| @@ -161,8 +129,8 @@ std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| reinterpret_cast<uint8_t*>(const_cast<char*>(challenge_.data()));
|
|
|
| CSSM_DATA encoded;
|
| - err = SecAsn1EncodeItem(coder, &spkac.pkac,
|
| - kPublicKeyAndChallengeTemplate, &encoded);
|
| + err = SecAsn1EncodeItem(
|
| + coder, &spkac.pkac, kPublicKeyAndChallengeTemplate, &encoded);
|
| if (err) {
|
| crypto::LogCSSMError("SecAsn1EncodeItem", err);
|
| goto failure;
|
| @@ -179,8 +147,8 @@ std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| // See <https://bugzilla.mozilla.org/show_bug.cgi?id=549460>
|
|
|
| // DER-encode the entire SignedPublicKeyAndChallenge:
|
| - err = SecAsn1EncodeItem(coder, &spkac,
|
| - kSignedPublicKeyAndChallengeTemplate, &encoded);
|
| + err = SecAsn1EncodeItem(
|
| + coder, &spkac, kSignedPublicKeyAndChallengeTemplate, &encoded);
|
| if (err) {
|
| crypto::LogCSSMError("SecAsn1EncodeItem", err);
|
| goto failure;
|
| @@ -191,7 +159,7 @@ std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| base::Base64Encode(input, &result);
|
| }
|
|
|
| - failure:
|
| +failure:
|
| if (err)
|
| OSSTATUS_LOG(ERROR, err) << "SSL Keygen failed!";
|
| else
|
| @@ -218,7 +186,6 @@ std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| return result;
|
| }
|
|
|
| -
|
| // Create an RSA key pair with size |size_in_bits|. |initial_access|
|
| // is passed as the initial access control list in Keychain. The
|
| // public and private keys are placed in |out_pub_key| and
|
| @@ -250,7 +217,8 @@ static OSStatus CreateRSAKeyPair(int size_in_bits,
|
| CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT |
|
| CSSM_KEYATTR_SENSITIVE,
|
| initial_access,
|
| - out_pub_key, out_priv_key);
|
| + out_pub_key,
|
| + out_priv_key);
|
| }
|
| if (err)
|
| crypto::LogCSSMError("SecKeyCreatePair", err);
|
| @@ -294,11 +262,8 @@ static OSStatus CreateSignatureContext(SecKeyRef key,
|
| return err;
|
| }
|
|
|
| - err = CSSM_CSP_CreateSignatureContext(csp_handle,
|
| - algorithm,
|
| - credentials,
|
| - cssm_key,
|
| - out_cc_handle);
|
| + err = CSSM_CSP_CreateSignatureContext(
|
| + csp_handle, algorithm, credentials, cssm_key, out_cc_handle);
|
| if (err)
|
| crypto::LogCSSMError("CSSM_CSP_CreateSignatureContext", err);
|
| return err;
|
| @@ -308,9 +273,8 @@ static OSStatus SignData(CSSM_DATA data,
|
| SecKeyRef private_key,
|
| CSSM_DATA* signature) {
|
| CSSM_CC_HANDLE cc_handle;
|
| - OSStatus err = CreateSignatureContext(private_key,
|
| - CSSM_ALGID_MD5WithRSA,
|
| - &cc_handle);
|
| + OSStatus err =
|
| + CreateSignatureContext(private_key, CSSM_ALGID_MD5WithRSA, &cc_handle);
|
| if (err) {
|
| crypto::LogCSSMError("CreateSignatureContext", err);
|
| return err;
|
|
|
Chromium Code Reviews
