| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/rsa_private_key.h" | 5 #include "crypto/rsa_private_key.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <secmod.h> | 10 #include <secmod.h> |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 if (rv != SECSuccess) { | 31 if (rv != SECSuccess) { |
| 32 NOTREACHED(); | 32 NOTREACHED(); |
| 33 return false; | 33 return false; |
| 34 } | 34 } |
| 35 | 35 |
| 36 output->assign(item.data, item.data + item.len); | 36 output->assign(item.data, item.data + item.len); |
| 37 SECITEM_FreeItem(&item, PR_FALSE); | 37 SECITEM_FreeItem(&item, PR_FALSE); |
| 38 return true; | 38 return true; |
| 39 } | 39 } |
| 40 | 40 |
| 41 SECKEYPublicKey* GetRSAPublicKey(const std::vector<uint8>& input) { |
| 42 // First, decode and save the public key. |
| 43 SECItem key_der; |
| 44 key_der.type = siBuffer; |
| 45 key_der.data = const_cast<unsigned char*>(&input[0]); |
| 46 key_der.len = input.size(); |
| 47 |
| 48 CERTSubjectPublicKeyInfo* spki = |
| 49 SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); |
| 50 if (!spki) |
| 51 return NULL; |
| 52 SECKEYPublicKey* result = SECKEY_ExtractPublicKey(spki); |
| 53 SECKEY_DestroySubjectPublicKeyInfo(spki); |
| 54 if (!result || result->keyType != rsaKey) |
| 55 return NULL; |
| 56 return result; |
| 57 } |
| 58 |
| 41 } // namespace | 59 } // namespace |
| 42 | 60 |
| 43 namespace crypto { | 61 namespace crypto { |
| 44 | 62 |
| 45 RSAPrivateKey::~RSAPrivateKey() { | 63 RSAPrivateKey::~RSAPrivateKey() { |
| 46 if (key_) | 64 if (key_) |
| 47 SECKEY_DestroyPrivateKey(key_); | 65 SECKEY_DestroyPrivateKey(key_); |
| 48 if (public_key_) | 66 if (public_key_) |
| 49 SECKEY_DestroyPublicKey(public_key_); | 67 SECKEY_DestroyPublicKey(public_key_); |
| 50 } | 68 } |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 107 return NULL; | 125 return NULL; |
| 108 } | 126 } |
| 109 return copy; | 127 return copy; |
| 110 } | 128 } |
| 111 | 129 |
| 112 // static | 130 // static |
| 113 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( | 131 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( |
| 114 const std::vector<uint8>& input) { | 132 const std::vector<uint8>& input) { |
| 115 EnsureNSSInit(); | 133 EnsureNSSInit(); |
| 116 | 134 |
| 117 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); | 135 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey()); |
| 118 | 136 result->public_key_ = GetRSAPublicKey(input); |
| 119 // First, decode and save the public key. | |
| 120 SECItem key_der; | |
| 121 key_der.type = siBuffer; | |
| 122 key_der.data = const_cast<unsigned char*>(&input[0]); | |
| 123 key_der.len = input.size(); | |
| 124 | |
| 125 CERTSubjectPublicKeyInfo* spki = | |
| 126 SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); | |
| 127 if (!spki) { | |
| 128 NOTREACHED(); | |
| 129 return NULL; | |
| 130 } | |
| 131 | |
| 132 result->public_key_ = SECKEY_ExtractPublicKey(spki); | |
| 133 SECKEY_DestroySubjectPublicKeyInfo(spki); | |
| 134 if (!result->public_key_) { | 137 if (!result->public_key_) { |
| 135 NOTREACHED(); | 138 NOTREACHED(); |
| 136 return NULL; | 139 return NULL; |
| 137 } | 140 } |
| 138 | 141 |
| 139 // Make sure the key is an RSA key. If not, that's an error | |
| 140 if (result->public_key_->keyType != rsaKey) { | |
| 141 NOTREACHED(); | |
| 142 return NULL; | |
| 143 } | |
| 144 | |
| 145 ScopedSECItem ck_id( | 142 ScopedSECItem ck_id( |
| 146 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); | 143 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| 147 if (!ck_id.get()) { | 144 if (!ck_id.get()) { |
| 148 NOTREACHED(); | 145 NOTREACHED(); |
| 149 return NULL; | 146 return NULL; |
| 150 } | 147 } |
| 151 | 148 |
| 152 // Search all slots in all modules for the key with the given ID. | 149 // Search all slots in all modules for the key with the given ID. |
| 153 AutoSECMODListReadLock auto_lock; | 150 AutoSECMODListReadLock auto_lock; |
| 154 SECMODModuleList* head = SECMOD_GetDefaultModuleList(); | 151 SECMODModuleList* head = SECMOD_GetDefaultModuleList(); |
| 155 for (SECMODModuleList* item = head; item != NULL; item = item->next) { | 152 for (SECMODModuleList* item = head; item != NULL; item = item->next) { |
| 156 int slot_count = item->module->loaded ? item->module->slotCount : 0; | 153 int slot_count = item->module->loaded ? item->module->slotCount : 0; |
| 157 for (int i = 0; i < slot_count; i++) { | 154 for (int i = 0; i < slot_count; i++) { |
| 158 // Finally...Look for the key! | 155 // Finally...Look for the key! |
| 159 result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], | 156 result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], |
| 160 ck_id.get(), NULL); | 157 ck_id.get(), NULL); |
| 161 if (result->key_) | 158 if (result->key_) |
| 162 return result.release(); | 159 return result.release(); |
| 163 } | 160 } |
| 164 } | 161 } |
| 165 | 162 |
| 166 // We didn't find the key. | 163 // We didn't find the key. |
| 167 return NULL; | 164 return NULL; |
| 168 } | 165 } |
| 166 |
| 167 // static |
| 168 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfoInSlot( |
| 169 const std::vector<uint8>& input, |
| 170 PK11SlotInfo* slot) { |
| 171 EnsureNSSInit(); |
| 172 |
| 173 if (!slot) |
| 174 return NULL; |
| 175 |
| 176 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey()); |
| 177 result->public_key_ = GetRSAPublicKey(input); |
| 178 if (!result->public_key_) { |
| 179 NOTREACHED(); |
| 180 return NULL; |
| 181 } |
| 182 |
| 183 ScopedSECItem ck_id( |
| 184 PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| 185 if (!ck_id.get()) { |
| 186 NOTREACHED(); |
| 187 return NULL; |
| 188 } |
| 189 |
| 190 result->key_ = PK11_FindKeyByKeyID(slot, ck_id.get(), NULL); |
| 191 if (!result->key_) |
| 192 return NULL; |
| 193 return result.release(); |
| 194 } |
| 169 #endif | 195 #endif |
| 170 | 196 |
| 171 RSAPrivateKey* RSAPrivateKey::Copy() const { | 197 RSAPrivateKey* RSAPrivateKey::Copy() const { |
| 172 RSAPrivateKey* copy = new RSAPrivateKey(); | 198 RSAPrivateKey* copy = new RSAPrivateKey(); |
| 173 copy->key_ = SECKEY_CopyPrivateKey(key_); | 199 copy->key_ = SECKEY_CopyPrivateKey(key_); |
| 174 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); | 200 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); |
| 175 return copy; | 201 return copy; |
| 176 } | 202 } |
| 177 | 203 |
| 178 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { | 204 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 267 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); | 293 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); |
| 268 if (!result->public_key_) { | 294 if (!result->public_key_) { |
| 269 NOTREACHED(); | 295 NOTREACHED(); |
| 270 return NULL; | 296 return NULL; |
| 271 } | 297 } |
| 272 | 298 |
| 273 return result.release(); | 299 return result.release(); |
| 274 } | 300 } |
| 275 | 301 |
| 276 } // namespace crypto | 302 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 270663002:
Implemented profile-aware owner key loading. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src