OLD | NEW |
---|---|
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- | 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
2 * | 2 * |
3 * ***** BEGIN LICENSE BLOCK ***** | 3 * ***** BEGIN LICENSE BLOCK ***** |
4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
5 * | 5 * |
6 * The contents of this file are subject to the Mozilla Public License Version | 6 * The contents of this file are subject to the Mozilla Public License Version |
7 * 1.1 (the "License"); you may not use this file except in compliance with | 7 * 1.1 (the "License"); you may not use this file except in compliance with |
8 * the License. You may obtain a copy of the License at | 8 * the License. You may obtain a copy of the License at |
9 * http://www.mozilla.org/MPL/ | 9 * http://www.mozilla.org/MPL/ |
10 * | 10 * |
(...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
116 SECKEYPrivateKey *privateKey = NULL; | 116 SECKEYPrivateKey *privateKey = NULL; |
117 SECKEYPublicKey *publicKey = NULL; | 117 SECKEYPublicKey *publicKey = NULL; |
118 CERTSubjectPublicKeyInfo *spkInfo = NULL; | 118 CERTSubjectPublicKeyInfo *spkInfo = NULL; |
119 PRArenaPool *arena = NULL; | 119 PRArenaPool *arena = NULL; |
120 SECStatus sec_rv =SECFailure; | 120 SECStatus sec_rv =SECFailure; |
121 SECItem spkiItem; | 121 SECItem spkiItem; |
122 SECItem pkacItem; | 122 SECItem pkacItem; |
123 SECItem signedItem; | 123 SECItem signedItem; |
124 CERTPublicKeyAndChallenge pkac; | 124 CERTPublicKeyAndChallenge pkac; |
125 void *keyGenParams; | 125 void *keyGenParams; |
126 pkac.challenge.data = NULL; | |
127 bool isSuccess = true; // Set to false as soon as a step fails. | 126 bool isSuccess = true; // Set to false as soon as a step fails. |
128 | 127 |
129 std::string result_blob; // the result. | 128 std::string result_blob; // the result. |
130 | 129 |
131 // Ensure NSS is initialized. | 130 // Ensure NSS is initialized. |
132 base::EnsureNSSInit(); | 131 base::EnsureNSSInit(); |
133 | 132 |
134 slot = base::GetDefaultNSSKeySlot(); | 133 slot = base::GetDefaultNSSKeySlot(); |
135 if (!slot) { | 134 if (!slot) { |
136 LOG(ERROR) << "Couldn't get Internal key slot!"; | 135 LOG(ERROR) << "Couldn't get Internal key slot!"; |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
201 sec_rv = DER_Encode(arena, &spkiItem, CERTSubjectPublicKeyInfoTemplate, | 200 sec_rv = DER_Encode(arena, &spkiItem, CERTSubjectPublicKeyInfoTemplate, |
202 spkInfo); | 201 spkInfo); |
203 if (SECSuccess != sec_rv) { | 202 if (SECSuccess != sec_rv) { |
204 LOG(ERROR) << "Couldn't DER Encode subjectPublicKeyInfo"; | 203 LOG(ERROR) << "Couldn't DER Encode subjectPublicKeyInfo"; |
205 isSuccess = false; | 204 isSuccess = false; |
206 goto failure; | 205 goto failure; |
207 } | 206 } |
208 | 207 |
209 // Set up the PublicKeyAndChallenge data structure, then DER encode it. | 208 // Set up the PublicKeyAndChallenge data structure, then DER encode it. |
210 pkac.spki = spkiItem; | 209 pkac.spki = spkiItem; |
210 pkac.challenge.type = siBuffer; | |
211 pkac.challenge.len = challenge.length(); | 211 pkac.challenge.len = challenge.length(); |
212 pkac.challenge.data = (unsigned char *)strdup(challenge.c_str()); | 212 pkac.challenge.data = (unsigned char *)challenge.data(); |
wtc
2010/06/18 18:26:27
DER_Encode does not use the |type| field. I'm ini
| |
213 if (!pkac.challenge.data) { | |
214 LOG(ERROR) << "Out of memory while making a copy of challenge data"; | |
215 isSuccess = false; | |
216 goto failure; | |
217 } | |
218 sec_rv = DER_Encode(arena, &pkacItem, CERTPublicKeyAndChallengeTemplate, | 213 sec_rv = DER_Encode(arena, &pkacItem, CERTPublicKeyAndChallengeTemplate, |
219 &pkac); | 214 &pkac); |
220 if (SECSuccess != sec_rv) { | 215 if (SECSuccess != sec_rv) { |
221 LOG(ERROR) << "Couldn't DER Encode PublicKeyAndChallenge"; | 216 LOG(ERROR) << "Couldn't DER Encode PublicKeyAndChallenge"; |
222 isSuccess = false; | 217 isSuccess = false; |
223 goto failure; | 218 goto failure; |
224 } | 219 } |
225 | 220 |
226 // Sign the DER encoded PublicKeyAndChallenge. | 221 // Sign the DER encoded PublicKeyAndChallenge. |
227 sec_rv = SEC_DerSignData(arena, &signedItem, pkacItem.data, pkacItem.len, | 222 sec_rv = SEC_DerSignData(arena, &signedItem, pkacItem.data, pkacItem.len, |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
268 } | 263 } |
269 if (spkInfo) { | 264 if (spkInfo) { |
270 SECKEY_DestroySubjectPublicKeyInfo(spkInfo); | 265 SECKEY_DestroySubjectPublicKeyInfo(spkInfo); |
271 } | 266 } |
272 if (arena) { | 267 if (arena) { |
273 PORT_FreeArena(arena, PR_TRUE); | 268 PORT_FreeArena(arena, PR_TRUE); |
274 } | 269 } |
275 if (slot != NULL) { | 270 if (slot != NULL) { |
276 PK11_FreeSlot(slot); | 271 PK11_FreeSlot(slot); |
277 } | 272 } |
278 if (pkac.challenge.data) { | |
279 free(pkac.challenge.data); | |
280 } | |
281 | 273 |
282 return (isSuccess ? result_blob : std::string()); | 274 return (isSuccess ? result_blob : std::string()); |
283 } | 275 } |
284 | 276 |
285 } // namespace mozilla_security_manager | 277 } // namespace mozilla_security_manager |
OLD | NEW |