Index: net/third_party/mozilla_security_manager/nsKeygenHandler.cpp |
=================================================================== |
--- net/third_party/mozilla_security_manager/nsKeygenHandler.cpp (revision 0) |
+++ net/third_party/mozilla_security_manager/nsKeygenHandler.cpp (working copy) |
@@ -1,12 +1,47 @@ |
-// Copyright (c) 2010 The Chromium Authors. All rights reserved. |
-// Use of this source code is governed by a BSD-style license that can be |
-// found in the LICENSE file. |
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
+ * |
+ * ***** BEGIN LICENSE BLOCK ***** |
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
+ * |
+ * The contents of this file are subject to the Mozilla Public License Version |
+ * 1.1 (the "License"); you may not use this file except in compliance with |
+ * the License. You may obtain a copy of the License at |
+ * http://www.mozilla.org/MPL/ |
+ * |
+ * Software distributed under the License is distributed on an "AS IS" basis, |
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
+ * for the specific language governing rights and limitations under the |
+ * License. |
+ * |
+ * The Original Code is mozilla.org code. |
+ * |
+ * The Initial Developer of the Original Code is |
+ * Netscape Communications Corporation. |
+ * Portions created by the Initial Developer are Copyright (C) 1998 |
+ * the Initial Developer. All Rights Reserved. |
+ * |
+ * Contributor(s): |
+ * Vipul Gupta <vipul.gupta@sun.com> |
+ * Douglas Stebila <douglas@stebila.ca> |
+ * |
+ * Alternatively, the contents of this file may be used under the terms of |
+ * either the GNU General Public License Version 2 or later (the "GPL"), or |
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
+ * in which case the provisions of the GPL or the LGPL are applicable instead |
+ * of those above. If you wish to allow use of your version of this file only |
+ * under the terms of either the GPL or the LGPL, and not to allow others to |
+ * use your version of this file under the terms of the MPL, indicate your |
+ * decision by deleting the provisions above and replace them with the notice |
+ * and other provisions required by the GPL or the LGPL. If you do not delete |
+ * the provisions above, a recipient may use your version of this file under |
+ * the terms of any one of the MPL, the GPL or the LGPL. |
+ * |
+ * ***** END LICENSE BLOCK ***** */ |
-#include "net/base/keygen_handler.h" |
+#include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" |
#include <pk11pub.h> |
#include <secmod.h> |
-#include <ssl.h> |
#include <secder.h> // DER_Encode() |
#include <cryptohi.h> // SEC_DerSignData() |
#include <keyhi.h> // SECKEY_CreateSubjectPublicKeyInfo() |
@@ -15,11 +50,10 @@ |
#include "base/nss_util_internal.h" |
#include "base/nss_util.h" |
#include "base/logging.h" |
+#include "net/base/keygen_handler.h" |
-namespace net { |
+namespace { |
-const int64 DEFAULT_RSA_PUBLIC_EXPONENT = 0x10001; |
- |
// Template for creating the signed public key structure to be sent to the CA. |
DERTemplate SECAlgorithmIDTemplate[] = { |
{ DER_SEQUENCE, |
@@ -54,24 +88,23 @@ |
void StoreKeyLocationInCache(const SECItem& public_key_info, |
PK11SlotInfo *slot) { |
- KeygenHandler::Cache* cache = KeygenHandler::Cache::GetInstance(); |
- KeygenHandler::KeyLocation key_location; |
+ net::KeygenHandler::Cache* cache = net::KeygenHandler::Cache::GetInstance(); |
+ net::KeygenHandler::KeyLocation key_location; |
const char* slot_name = PK11_GetSlotName(slot); |
key_location.slot_name.assign(slot_name); |
cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data), |
public_key_info.len), key_location); |
} |
-bool KeygenHandler::KeyLocation::Equals( |
- const net::KeygenHandler::KeyLocation& location) const { |
- return slot_name == location.slot_name; |
-} |
+} // namespace |
-// This function is largely copied from the Firefox's |
-// <keygen> implementation in security/manager/ssl/src/nsKeygenHandler.cpp |
-// FIXME(gauravsh): Do we need a copy of the Mozilla license here? |
+namespace mozilla_security_manager { |
-std::string KeygenHandler::GenKeyAndSignChallenge() { |
+// This function is based on the nsKeygenFormProcessor::GetPublicKey function |
+// in mozilla/security/manager/ssl/src/nsKeygenHandler.cpp. |
+std::string GenKeyAndSignChallenge(int key_size_in_bits, |
+ const std::string& challenge, |
+ bool stores_key) { |
// Key pair generation mechanism - only RSA is supported at present. |
PRUint32 keyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; // from nss/pkcs11t.h |
@@ -107,11 +140,11 @@ |
switch (keyGenMechanism) { |
case CKM_RSA_PKCS_KEY_PAIR_GEN: |
- rsaKeyGenParams.keySizeInBits = key_size_in_bits_; |
- rsaKeyGenParams.pe = DEFAULT_RSA_PUBLIC_EXPONENT; |
+ rsaKeyGenParams.keySizeInBits = key_size_in_bits; |
+ rsaKeyGenParams.pe = DEFAULT_RSA_KEYGEN_PE; |
keyGenParams = &rsaKeyGenParams; |
- algTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; // from <nss/secoidt.h>. |
+ algTag = DEFAULT_RSA_KEYGEN_ALG; |
break; |
default: |
// TODO(gauravsh): If we ever support other mechanisms, |
@@ -119,7 +152,6 @@ |
LOG(ERROR) << "Only RSA keygen mechanism is supported"; |
isSuccess = false; |
goto failure; |
- break; |
} |
// Need to make sure that the token was initialized. |
@@ -158,7 +190,6 @@ |
goto failure; |
} |
- // Temporary work store used by NSS. |
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
if (!arena) { |
LOG(ERROR) << "PORT_NewArena: Couldn't allocate memory"; |
@@ -177,8 +208,8 @@ |
// Set up the PublicKeyAndChallenge data structure, then DER encode it. |
pkac.spki = spkiItem; |
- pkac.challenge.len = challenge_.length(); |
- pkac.challenge.data = (unsigned char *)strdup(challenge_.c_str()); |
+ pkac.challenge.len = challenge.length(); |
+ pkac.challenge.data = (unsigned char *)strdup(challenge.c_str()); |
if (!pkac.challenge.data) { |
LOG(ERROR) << "Out of memory while making a copy of challenge data"; |
isSuccess = false; |
@@ -223,14 +254,14 @@ |
if (privateKey) { |
// On successful keygen we need to keep the private key, of course, |
// or we won't be able to use the client certificate. |
- if (!isSuccess || !stores_key_) { |
+ if (!isSuccess || !stores_key) { |
PK11_DestroyTokenObject(privateKey->pkcs11Slot, privateKey->pkcs11ID); |
} |
SECKEY_DestroyPrivateKey(privateKey); |
} |
if (publicKey) { |
- if (!isSuccess || !stores_key_) { |
+ if (!isSuccess || !stores_key) { |
PK11_DestroyTokenObject(publicKey->pkcs11Slot, publicKey->pkcs11ID); |
} |
SECKEY_DestroyPublicKey(publicKey); |
@@ -251,4 +282,4 @@ |
return (isSuccess ? result_blob : std::string()); |
} |
-} // namespace net |
+} // namespace mozilla_security_manager |
Property changes on: net/third_party/mozilla_security_manager/nsKeygenHandler.cpp |
___________________________________________________________________ |
Added: svn:mergeinfo |