OLD | NEW |
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- | 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
2 * | 2 * |
3 * ***** BEGIN LICENSE BLOCK ***** | 3 * ***** BEGIN LICENSE BLOCK ***** |
4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
5 * | 5 * |
6 * The contents of this file are subject to the Mozilla Public License Version | 6 * The contents of this file are subject to the Mozilla Public License Version |
7 * 1.1 (the "License"); you may not use this file except in compliance with | 7 * 1.1 (the "License"); you may not use this file except in compliance with |
8 * the License. You may obtain a copy of the License at | 8 * the License. You may obtain a copy of the License at |
9 * http://www.mozilla.org/MPL/ | 9 * http://www.mozilla.org/MPL/ |
10 * | 10 * |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
43 #include <pk11pub.h> | 43 #include <pk11pub.h> |
44 #include <secmod.h> | 44 #include <secmod.h> |
45 #include <secder.h> // DER_Encode() | 45 #include <secder.h> // DER_Encode() |
46 #include <cryptohi.h> // SEC_DerSignData() | 46 #include <cryptohi.h> // SEC_DerSignData() |
47 #include <keyhi.h> // SECKEY_CreateSubjectPublicKeyInfo() | 47 #include <keyhi.h> // SECKEY_CreateSubjectPublicKeyInfo() |
48 | 48 |
49 #include "base/base64.h" | 49 #include "base/base64.h" |
50 #include "base/nss_util_internal.h" | 50 #include "base/nss_util_internal.h" |
51 #include "base/nss_util.h" | 51 #include "base/nss_util.h" |
52 #include "base/logging.h" | 52 #include "base/logging.h" |
53 #include "net/base/keygen_handler.h" | |
54 | 53 |
55 namespace { | 54 namespace { |
56 | 55 |
57 // Template for creating the signed public key structure to be sent to the CA. | 56 // Template for creating the signed public key structure to be sent to the CA. |
58 DERTemplate SECAlgorithmIDTemplate[] = { | 57 DERTemplate SECAlgorithmIDTemplate[] = { |
59 { DER_SEQUENCE, | 58 { DER_SEQUENCE, |
60 0, NULL, sizeof(SECAlgorithmID) }, | 59 0, NULL, sizeof(SECAlgorithmID) }, |
61 { DER_OBJECT_ID, | 60 { DER_OBJECT_ID, |
62 offsetof(SECAlgorithmID, algorithm), }, | 61 offsetof(SECAlgorithmID, algorithm), }, |
63 { DER_OPTIONAL | DER_ANY, | 62 { DER_OPTIONAL | DER_ANY, |
(...skipping 15 matching lines...) Expand all Loading... |
79 DERTemplate CERTPublicKeyAndChallengeTemplate[] = { | 78 DERTemplate CERTPublicKeyAndChallengeTemplate[] = { |
80 { DER_SEQUENCE, | 79 { DER_SEQUENCE, |
81 0, NULL, sizeof(CERTPublicKeyAndChallenge) }, | 80 0, NULL, sizeof(CERTPublicKeyAndChallenge) }, |
82 { DER_ANY, | 81 { DER_ANY, |
83 offsetof(CERTPublicKeyAndChallenge, spki), }, | 82 offsetof(CERTPublicKeyAndChallenge, spki), }, |
84 { DER_IA5_STRING, | 83 { DER_IA5_STRING, |
85 offsetof(CERTPublicKeyAndChallenge, challenge), }, | 84 offsetof(CERTPublicKeyAndChallenge, challenge), }, |
86 { 0, } | 85 { 0, } |
87 }; | 86 }; |
88 | 87 |
89 void StoreKeyLocationInCache(const SECItem& public_key_info, | |
90 PK11SlotInfo *slot) { | |
91 net::KeygenHandler::Cache* cache = net::KeygenHandler::Cache::GetInstance(); | |
92 net::KeygenHandler::KeyLocation key_location; | |
93 const char* slot_name = PK11_GetSlotName(slot); | |
94 key_location.slot_name.assign(slot_name); | |
95 cache->Insert(std::string(reinterpret_cast<char*>(public_key_info.data), | |
96 public_key_info.len), key_location); | |
97 } | |
98 | |
99 } // namespace | 88 } // namespace |
100 | 89 |
101 namespace mozilla_security_manager { | 90 namespace mozilla_security_manager { |
102 | 91 |
103 // This function is based on the nsKeygenFormProcessor::GetPublicKey function | 92 // This function is based on the nsKeygenFormProcessor::GetPublicKey function |
104 // in mozilla/security/manager/ssl/src/nsKeygenHandler.cpp. | 93 // in mozilla/security/manager/ssl/src/nsKeygenHandler.cpp. |
105 std::string GenKeyAndSignChallenge(int key_size_in_bits, | 94 std::string GenKeyAndSignChallenge(int key_size_in_bits, |
106 const std::string& challenge, | 95 const std::string& challenge, |
107 bool stores_key) { | 96 bool stores_key) { |
108 // Key pair generation mechanism - only RSA is supported at present. | 97 // Key pair generation mechanism - only RSA is supported at present. |
(...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
234 | 223 |
235 // Convert the signed public key and challenge into base64/ascii. | 224 // Convert the signed public key and challenge into base64/ascii. |
236 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data), | 225 if (!base::Base64Encode(std::string(reinterpret_cast<char*>(signedItem.data), |
237 signedItem.len), | 226 signedItem.len), |
238 &result_blob)) { | 227 &result_blob)) { |
239 LOG(ERROR) << "Couldn't convert signed public key into base64"; | 228 LOG(ERROR) << "Couldn't convert signed public key into base64"; |
240 isSuccess = false; | 229 isSuccess = false; |
241 goto failure; | 230 goto failure; |
242 } | 231 } |
243 | 232 |
244 StoreKeyLocationInCache(spkiItem, slot); | |
245 | |
246 failure: | 233 failure: |
247 if (!isSuccess) { | 234 if (!isSuccess) { |
248 LOG(ERROR) << "SSL Keygen failed!"; | 235 LOG(ERROR) << "SSL Keygen failed!"; |
249 } else { | 236 } else { |
250 LOG(INFO) << "SSL Keygen succeeded!"; | 237 LOG(INFO) << "SSL Keygen succeeded!"; |
251 } | 238 } |
252 | 239 |
253 // Do cleanups | 240 // Do cleanups |
254 if (privateKey) { | 241 if (privateKey) { |
255 // On successful keygen we need to keep the private key, of course, | 242 // On successful keygen we need to keep the private key, of course, |
(...skipping 20 matching lines...) Expand all Loading... |
276 PK11_FreeSlot(slot); | 263 PK11_FreeSlot(slot); |
277 } | 264 } |
278 if (pkac.challenge.data) { | 265 if (pkac.challenge.data) { |
279 free(pkac.challenge.data); | 266 free(pkac.challenge.data); |
280 } | 267 } |
281 | 268 |
282 return (isSuccess ? result_blob : std::string()); | 269 return (isSuccess ? result_blob : std::string()); |
283 } | 270 } |
284 | 271 |
285 } // namespace mozilla_security_manager | 272 } // namespace mozilla_security_manager |
OLD | NEW |