| Index: net/third_party/mozilla_security_manager/nsKeygenHandler.cpp
|
| ===================================================================
|
| --- net/third_party/mozilla_security_manager/nsKeygenHandler.cpp (revision 0)
|
| +++ net/third_party/mozilla_security_manager/nsKeygenHandler.cpp (working copy)
|
| @@ -1,12 +1,47 @@
|
| -// Copyright (c) 2010 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
| + *
|
| + * ***** BEGIN LICENSE BLOCK *****
|
| + * Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
| + *
|
| + * The contents of this file are subject to the Mozilla Public License Version
|
| + * 1.1 (the "License"); you may not use this file except in compliance with
|
| + * the License. You may obtain a copy of the License at
|
| + * http://www.mozilla.org/MPL/
|
| + *
|
| + * Software distributed under the License is distributed on an "AS IS" basis,
|
| + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
| + * for the specific language governing rights and limitations under the
|
| + * License.
|
| + *
|
| + * The Original Code is mozilla.org code.
|
| + *
|
| + * The Initial Developer of the Original Code is
|
| + * Netscape Communications Corporation.
|
| + * Portions created by the Initial Developer are Copyright (C) 1998
|
| + * the Initial Developer. All Rights Reserved.
|
| + *
|
| + * Contributor(s):
|
| + * Vipul Gupta <vipul.gupta@sun.com>
|
| + * Douglas Stebila <douglas@stebila.ca>
|
| + *
|
| + * Alternatively, the contents of this file may be used under the terms of
|
| + * either the GNU General Public License Version 2 or later (the "GPL"), or
|
| + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
| + * in which case the provisions of the GPL or the LGPL are applicable instead
|
| + * of those above. If you wish to allow use of your version of this file only
|
| + * under the terms of either the GPL or the LGPL, and not to allow others to
|
| + * use your version of this file under the terms of the MPL, indicate your
|
| + * decision by deleting the provisions above and replace them with the notice
|
| + * and other provisions required by the GPL or the LGPL. If you do not delete
|
| + * the provisions above, a recipient may use your version of this file under
|
| + * the terms of any one of the MPL, the GPL or the LGPL.
|
| + *
|
| + * ***** END LICENSE BLOCK ***** */
|
|
|
| -#include "net/base/keygen_handler.h"
|
| +#include "net/third_party/mozilla_security_manager/nsKeygenHandler.h"
|
|
|
| #include <pk11pub.h>
|
| #include <secmod.h>
|
| -#include <ssl.h>
|
| #include <secder.h> // DER_Encode()
|
| #include <cryptohi.h> // SEC_DerSignData()
|
| #include <keyhi.h> // SECKEY_CreateSubjectPublicKeyInfo()
|
| @@ -15,11 +50,10 @@
|
| #include "base/nss_util_internal.h"
|
| #include "base/nss_util.h"
|
| #include "base/logging.h"
|
| +#include "net/base/keygen_handler.h"
|
|
|
| -namespace net {
|
| +namespace {
|
|
|
| -const int64 DEFAULT_RSA_PUBLIC_EXPONENT = 0x10001;
|
| -
|
| // Template for creating the signed public key structure to be sent to the CA.
|
| DERTemplate SECAlgorithmIDTemplate[] = {
|
| { DER_SEQUENCE,
|
| @@ -54,24 +88,23 @@
|
|
|
| void StoreKeyLocationInCache(const SECItem& public_key_info,
|
| PK11SlotInfo *slot) {
|
| - KeygenHandler::Cache* cache = KeygenHandler::Cache::GetInstance();
|
| - KeygenHandler::KeyLocation key_location;
|
| + net::KeygenHandler::Cache* cache = net::KeygenHandler::Cache::GetInstance();
|
| + net::KeygenHandler::KeyLocation key_location;
|
| const char* slot_name = PK11_GetSlotName(slot);
|
| key_location.slot_name.assign(slot_name);
|
| cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data),
|
| public_key_info.len), key_location);
|
| }
|
|
|
| -bool KeygenHandler::KeyLocation::Equals(
|
| - const net::KeygenHandler::KeyLocation& location) const {
|
| - return slot_name == location.slot_name;
|
| -}
|
| +} // namespace
|
|
|
| -// This function is largely copied from the Firefox's
|
| -// <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp
|
| -// FIXME(gauravsh): Do we need a copy of the Mozilla license here?
|
| +namespace mozilla_security_manager {
|
|
|
| -std::string KeygenHandler::GenKeyAndSignChallenge() {
|
| +// This function is based on the nsKeygenFormProcessor::GetPublicKey function
|
| +// in mozilla/security/manager/ssl/src/nsKeygenHandler.cpp.
|
| +std::string GenKeyAndSignChallenge(int key_size_in_bits,
|
| + const std::string& challenge,
|
| + bool stores_key) {
|
| // Key pair generation mechanism - only RSA is supported at present.
|
| PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h
|
|
|
| @@ -107,11 +140,11 @@
|
|
|
| switch (keyGenMechanism) {
|
| case CKM_RSA_PKCS_KEY_PAIR_GEN:
|
| - rsaKeyGenParams.keySizeInBits = key_size_in_bits_;
|
| - rsaKeyGenParams.pe = DEFAULT_RSA_PUBLIC_EXPONENT;
|
| + rsaKeyGenParams.keySizeInBits = key_size_in_bits;
|
| + rsaKeyGenParams.pe = DEFAULT_RSA_KEYGEN_PE;
|
| keyGenParams = &rsaKeyGenParams;
|
|
|
| - algTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; // from <nss/secoidt.h>.
|
| + algTag = DEFAULT_RSA_KEYGEN_ALG;
|
| break;
|
| default:
|
| // TODO(gauravsh): If we ever support other mechanisms,
|
| @@ -119,7 +152,6 @@
|
| LOG(ERROR) << "Only RSA keygen mechanism is supported";
|
| isSuccess = false;
|
| goto failure;
|
| - break;
|
| }
|
|
|
| // Need to make sure that the token was initialized.
|
| @@ -158,7 +190,6 @@
|
| goto failure;
|
| }
|
|
|
| - // Temporary work store used by NSS.
|
| arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| if (!arena) {
|
| LOG(ERROR) << "PORT_NewArena: Couldn't allocate memory";
|
| @@ -177,8 +208,8 @@
|
|
|
| // Set up the PublicKeyAndChallenge data structure, then DER encode it.
|
| pkac.spki = spkiItem;
|
| - pkac.challenge.len = challenge_.length();
|
| - pkac.challenge.data = (unsigned char *)strdup(challenge_.c_str());
|
| + pkac.challenge.len = challenge.length();
|
| + pkac.challenge.data = (unsigned char *)strdup(challenge.c_str());
|
| if (!pkac.challenge.data) {
|
| LOG(ERROR) << "Out of memory while making a copy of challenge data";
|
| isSuccess = false;
|
| @@ -223,14 +254,14 @@
|
| if (privateKey) {
|
| // On successful keygen we need to keep the private key, of course,
|
| // or we won't be able to use the client certificate.
|
| - if (!isSuccess || !stores_key_) {
|
| + if (!isSuccess || !stores_key) {
|
| PK11_DestroyTokenObject(privateKey->pkcs11Slot, privateKey->pkcs11ID);
|
| }
|
| SECKEY_DestroyPrivateKey(privateKey);
|
| }
|
|
|
| if (publicKey) {
|
| - if (!isSuccess || !stores_key_) {
|
| + if (!isSuccess || !stores_key) {
|
| PK11_DestroyTokenObject(publicKey->pkcs11Slot, publicKey->pkcs11ID);
|
| }
|
| SECKEY_DestroyPublicKey(publicKey);
|
| @@ -251,4 +282,4 @@
|
| return (isSuccess ? result_blob : std::string());
|
| }
|
|
|
| -} // namespace net
|
| +} // namespace mozilla_security_manager
|
|
|
| Property changes on: net/third_party/mozilla_security_manager/nsKeygenHandler.cpp
|
| ___________________________________________________________________
|
| Added: svn:mergeinfo
|
|
|
|
|
Chromium Code Reviews
Issue 2824014:
Move the Mozilla-derived code in net/base/keygen_handler_nss.cc... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/