| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/rsa_private_key.h" | 5 #include "crypto/rsa_private_key.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <secmod.h> | 10 #include <secmod.h> |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 if (rv != SECSuccess) { | 31 if (rv != SECSuccess) { |
| 32 NOTREACHED(); | 32 NOTREACHED(); |
| 33 return false; | 33 return false; |
| 34 } | 34 } |
| 35 | 35 |
| 36 output->assign(item.data, item.data + item.len); | 36 output->assign(item.data, item.data + item.len); |
| 37 SECITEM_FreeItem(&item, PR_FALSE); | 37 SECITEM_FreeItem(&item, PR_FALSE); |
| 38 return true; | 38 return true; |
| 39 } | 39 } |
| 40 | 40 |
| 41 #if defined(USE_NSS) |
| 42 SECKEYPublicKey* GetRSAPublicKey(const std::vector<uint8>& input) { |
| 43 // First, decode and save the public key. |
| 44 SECItem key_der; |
| 45 key_der.type = siBuffer; |
| 46 key_der.data = const_cast<unsigned char*>(&input[0]); |
| 47 key_der.len = input.size(); |
| 48 |
| 49 CERTSubjectPublicKeyInfo* spki = |
| 50 SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); |
| 51 if (!spki) |
| 52 return NULL; |
| 53 SECKEYPublicKey* result = SECKEY_ExtractPublicKey(spki); |
| 54 SECKEY_DestroySubjectPublicKeyInfo(spki); |
| 55 if (!result || result->keyType != rsaKey) |
| 56 return NULL; |
| 57 return result; |
| 58 } |
| 59 #endif // defined(USE_NSS) |
| 60 |
| 41 } // namespace | 61 } // namespace |
| 42 | 62 |
| 43 namespace crypto { | 63 namespace crypto { |
| 44 | 64 |
| 45 RSAPrivateKey::~RSAPrivateKey() { | 65 RSAPrivateKey::~RSAPrivateKey() { |
| 46 if (key_) | 66 if (key_) |
| 47 SECKEY_DestroyPrivateKey(key_); | 67 SECKEY_DestroyPrivateKey(key_); |
| 48 if (public_key_) | 68 if (public_key_) |
| 49 SECKEY_DestroyPublicKey(public_key_); | 69 SECKEY_DestroyPublicKey(public_key_); |
| 50 } | 70 } |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 107 return NULL; | 127 return NULL; |
| 108 } | 128 } |
| 109 return copy; | 129 return copy; |
| 110 } | 130 } |
| 111 | 131 |
| 112 // static | 132 // static |
| 113 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( | 133 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( |
| 114 const std::vector<uint8>& input) { | 134 const std::vector<uint8>& input) { |
| 115 EnsureNSSInit(); | 135 EnsureNSSInit(); |
| 116 | 136 |
| 117 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); | 137 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey()); |
| 118 | 138 result->public_key_ = GetRSAPublicKey(input); |
| 119 // First, decode and save the public key. | |
| 120 SECItem key_der; | |
| 121 key_der.type = siBuffer; | |
| 122 key_der.data = const_cast<unsigned char*>(&input[0]); | |
| 123 key_der.len = input.size(); | |
| 124 | |
| 125 CERTSubjectPublicKeyInfo* spki = | |
| 126 SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); | |
| 127 if (!spki) { | |
| 128 NOTREACHED(); | |
| 129 return NULL; | |
| 130 } | |
| 131 | |
| 132 result->public_key_ = SECKEY_ExtractPublicKey(spki); | |
| 133 SECKEY_DestroySubjectPublicKeyInfo(spki); | |
| 134 if (!result->public_key_) { | 139 if (!result->public_key_) { |
| 135 NOTREACHED(); | 140 NOTREACHED(); |
| 136 return NULL; | 141 return NULL; |
| 137 } | 142 } |
| 138 | 143 |
| 139 // Make sure the key is an RSA key. If not, that's an error | |
| 140 if (result->public_key_->keyType != rsaKey) { | |
| 141 NOTREACHED(); | |
| 142 return NULL; | |
| 143 } | |
| 144 | |
| 145 ScopedSECItem ck_id( | 144 ScopedSECItem ck_id( |
| 146 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); | 145 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| 147 if (!ck_id.get()) { | 146 if (!ck_id.get()) { |
| 148 NOTREACHED(); | 147 NOTREACHED(); |
| 149 return NULL; | 148 return NULL; |
| 150 } | 149 } |
| 151 | 150 |
| 152 // Search all slots in all modules for the key with the given ID. | 151 // Search all slots in all modules for the key with the given ID. |
| 153 AutoSECMODListReadLock auto_lock; | 152 AutoSECMODListReadLock auto_lock; |
| 154 SECMODModuleList* head = SECMOD_GetDefaultModuleList(); | 153 SECMODModuleList* head = SECMOD_GetDefaultModuleList(); |
| 155 for (SECMODModuleList* item = head; item != NULL; item = item->next) { | 154 for (SECMODModuleList* item = head; item != NULL; item = item->next) { |
| 156 int slot_count = item->module->loaded ? item->module->slotCount : 0; | 155 int slot_count = item->module->loaded ? item->module->slotCount : 0; |
| 157 for (int i = 0; i < slot_count; i++) { | 156 for (int i = 0; i < slot_count; i++) { |
| 158 // Finally...Look for the key! | 157 // Finally...Look for the key! |
| 159 result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], | 158 result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], |
| 160 ck_id.get(), NULL); | 159 ck_id.get(), NULL); |
| 161 if (result->key_) | 160 if (result->key_) |
| 162 return result.release(); | 161 return result.release(); |
| 163 } | 162 } |
| 164 } | 163 } |
| 165 | 164 |
| 166 // We didn't find the key. | 165 // We didn't find the key. |
| 167 return NULL; | 166 return NULL; |
| 168 } | 167 } |
| 168 |
| 169 // static |
| 170 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfoInSlot( |
| 171 const std::vector<uint8>& input, |
| 172 PK11SlotInfo* slot) { |
| 173 EnsureNSSInit(); |
| 174 |
| 175 if (!slot) |
| 176 return NULL; |
| 177 |
| 178 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey()); |
| 179 result->public_key_ = GetRSAPublicKey(input); |
| 180 if (!result->public_key_) { |
| 181 NOTREACHED(); |
| 182 return NULL; |
| 183 } |
| 184 |
| 185 ScopedSECItem ck_id( |
| 186 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| 187 if (!ck_id.get()) { |
| 188 NOTREACHED(); |
| 189 return NULL; |
| 190 } |
| 191 |
| 192 result->key_ = PK11_FindKeyByKeyID(slot, ck_id.get(), NULL); |
| 193 if (!result->key_) |
| 194 return NULL; |
| 195 return result.release(); |
| 196 } |
| 169 #endif | 197 #endif |
| 170 | 198 |
| 171 RSAPrivateKey* RSAPrivateKey::Copy() const { | 199 RSAPrivateKey* RSAPrivateKey::Copy() const { |
| 172 RSAPrivateKey* copy = new RSAPrivateKey(); | 200 RSAPrivateKey* copy = new RSAPrivateKey(); |
| 173 copy->key_ = SECKEY_CopyPrivateKey(key_); | 201 copy->key_ = SECKEY_CopyPrivateKey(key_); |
| 174 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); | 202 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); |
| 175 return copy; | 203 return copy; |
| 176 } | 204 } |
| 177 | 205 |
| 178 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { | 206 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 267 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); | 295 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); |
| 268 if (!result->public_key_) { | 296 if (!result->public_key_) { |
| 269 NOTREACHED(); | 297 NOTREACHED(); |
| 270 return NULL; | 298 return NULL; |
| 271 } | 299 } |
| 272 | 300 |
| 273 return result.release(); | 301 return result.release(); |
| 274 } | 302 } |
| 275 | 303 |
| 276 } // namespace crypto | 304 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 270663002:
Implemented profile-aware owner key loading. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src