Chromium Code Reviews Chromium Code Reviews
Issue 270663002:
Implemented profile-aware owner key loading. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: crypto/rsa_private_key_nss.cc |
| diff --git a/crypto/rsa_private_key_nss.cc b/crypto/rsa_private_key_nss.cc |
| index bd54c2e4037131b536a6134305e1027fdf804b73..2929b9629d9863b7d404d21e8795880112d7007a 100644 |
| --- a/crypto/rsa_private_key_nss.cc |
| +++ b/crypto/rsa_private_key_nss.cc |
| @@ -38,6 +38,38 @@ static bool ReadAttribute(SECKEYPrivateKey* key, |
| return true; |
| } |
| +#if defined(USE_NSS) |
| +struct PublicKeyInfoDeleter { |
| + inline void operator()(CERTSubjectPublicKeyInfo* spki) { |
| + SECKEY_DestroySubjectPublicKeyInfo(spki); |
| + } |
| +}; |
| + |
| +typedef scoped_ptr<CERTSubjectPublicKeyInfo, PublicKeyInfoDeleter> |
| + ScopedPublicKeyInfo; |
| + |
| +// The function decodes RSA public key from the |input|. The caller |
| +// takes ownership of the returned value. |
|
wtc
2014/05/19 17:23:54
Nit: I think it is OK to not document the return v
ygorshenin1
2014/05/20 07:53:50
Done.
wtc
2014/05/20 16:46:39
Nit: I think we can keep the "The function decodes
ygorshenin1
2014/05/20 17:01:34
Done.
|
| +crypto::ScopedSECKEYPublicKey GetRSAPublicKey(const std::vector<uint8>& input) { |
| + // First, decode and save the public key. |
| + SECItem key_der; |
| + key_der.type = siBuffer; |
| + key_der.data = const_cast<unsigned char*>(&input[0]); |
| + key_der.len = input.size(); |
| + |
| + ScopedPublicKeyInfo spki(SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der)); |
| + if (!spki) |
| + return crypto::ScopedSECKEYPublicKey(); |
| + |
| + crypto::ScopedSECKEYPublicKey result(SECKEY_ExtractPublicKey(spki.get())); |
| + |
| + // Make sure the key is an RSA key.. If not, that's an error. |
| + if (!result || result->keyType != rsaKey) |
| + return crypto::ScopedSECKEYPublicKey(); |
| + return result.Pass(); |
| +} |
| +#endif // defined(USE_NSS) |
| + |
| } // namespace |
| namespace crypto { |
| @@ -112,35 +144,9 @@ RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) { |
| // static |
| RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( |
| const std::vector<uint8>& input) { |
| - EnsureNSSInit(); |
| - |
| - scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); |
| - |
| - // First, decode and save the public key. |
| - SECItem key_der; |
| - key_der.type = siBuffer; |
| - key_der.data = const_cast<unsigned char*>(&input[0]); |
| - key_der.len = input.size(); |
| - |
| - CERTSubjectPublicKeyInfo* spki = |
| - SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); |
| - if (!spki) { |
| - NOTREACHED(); |
| - return NULL; |
| - } |
| - |
| - result->public_key_ = SECKEY_ExtractPublicKey(spki); |
| - SECKEY_DestroySubjectPublicKeyInfo(spki); |
| - if (!result->public_key_) { |
| - NOTREACHED(); |
| - return NULL; |
| - } |
| - |
| - // Make sure the key is an RSA key. If not, that's an error |
| - if (result->public_key_->keyType != rsaKey) { |
| - NOTREACHED(); |
| + scoped_ptr<RSAPrivateKey> result(InitPublicPart(input)); |
| + if (!result) |
| return NULL; |
| - } |
| ScopedSECItem ck_id( |
| PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| @@ -166,6 +172,30 @@ RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( |
| // We didn't find the key. |
| return NULL; |
| } |
| + |
| +// static |
| +RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfoInSlot( |
| + const std::vector<uint8>& input, |
| + PK11SlotInfo* slot) { |
| + if (!slot) |
| + return NULL; |
| + |
| + scoped_ptr<RSAPrivateKey> result(InitPublicPart(input)); |
| + if (!result) |
| + return NULL; |
| + |
| + ScopedSECItem ck_id( |
| + PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); |
| + if (!ck_id.get()) { |
| + NOTREACHED(); |
| + return NULL; |
| + } |
| + |
| + result->key_ = PK11_FindKeyByKeyID(slot, ck_id.get(), NULL); |
| + if (!result->key_) |
| + return NULL; |
| + return result.release(); |
| +} |
| #endif |
| RSAPrivateKey* RSAPrivateKey::Copy() const { |
| @@ -273,4 +303,20 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( |
| return result.release(); |
| } |
| +#if defined(USE_NSS) |
| +// static |
| +RSAPrivateKey* RSAPrivateKey::InitPublicPart(const std::vector<uint8>& input) { |
| + EnsureNSSInit(); |
| + |
| + scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey()); |
| + result->public_key_ = GetRSAPublicKey(input).release(); |
| + if (!result->public_key_) { |
| + NOTREACHED(); |
| + return NULL; |
| + } |
| + |
| + return result.release(); |
| +} |
| +#endif // defined(USE_NSS) |
| + |
| } // namespace crypto |
