OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/ssl_platform_key_nss.h" | |
6 | |
5 #include <cert.h> | 7 #include <cert.h> |
6 #include <keyhi.h> | 8 #include <keyhi.h> |
7 #include <pk11pub.h> | 9 #include <pk11pub.h> |
8 #include <prerror.h> | 10 #include <prerror.h> |
9 | 11 |
10 #include <utility> | 12 #include <utility> |
11 | 13 |
12 #include "base/logging.h" | 14 #include "base/logging.h" |
13 #include "base/macros.h" | 15 #include "base/macros.h" |
14 #include "base/memory/ptr_util.h" | 16 #include "base/memory/ptr_util.h" |
17 #include "crypto/nss_crypto_module_delegate.h" | |
15 #include "crypto/scoped_nss_types.h" | 18 #include "crypto/scoped_nss_types.h" |
16 #include "net/cert/x509_certificate.h" | 19 #include "net/cert/x509_certificate.h" |
17 #include "net/ssl/client_key_store.h" | |
18 #include "net/ssl/ssl_platform_key.h" | |
19 #include "net/ssl/ssl_platform_key_util.h" | 20 #include "net/ssl/ssl_platform_key_util.h" |
20 #include "net/ssl/ssl_private_key.h" | 21 #include "net/ssl/ssl_private_key.h" |
21 #include "net/ssl/threaded_ssl_private_key.h" | 22 #include "net/ssl/threaded_ssl_private_key.h" |
22 #include "third_party/boringssl/src/include/openssl/bn.h" | 23 #include "third_party/boringssl/src/include/openssl/bn.h" |
23 #include "third_party/boringssl/src/include/openssl/bytestring.h" | 24 #include "third_party/boringssl/src/include/openssl/bytestring.h" |
24 #include "third_party/boringssl/src/include/openssl/ec.h" | 25 #include "third_party/boringssl/src/include/openssl/ec.h" |
25 #include "third_party/boringssl/src/include/openssl/ec_key.h" | 26 #include "third_party/boringssl/src/include/openssl/ec_key.h" |
26 #include "third_party/boringssl/src/include/openssl/ecdsa.h" | 27 #include "third_party/boringssl/src/include/openssl/ecdsa.h" |
27 #include "third_party/boringssl/src/include/openssl/evp.h" | 28 #include "third_party/boringssl/src/include/openssl/evp.h" |
28 #include "third_party/boringssl/src/include/openssl/mem.h" | 29 #include "third_party/boringssl/src/include/openssl/mem.h" |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
146 private: | 147 private: |
147 int type_; | 148 int type_; |
148 crypto::ScopedSECKEYPrivateKey key_; | 149 crypto::ScopedSECKEYPrivateKey key_; |
149 | 150 |
150 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS); | 151 DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyNSS); |
151 }; | 152 }; |
152 | 153 |
153 } // namespace | 154 } // namespace |
154 | 155 |
155 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey( | 156 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey( |
156 const X509Certificate* certificate) { | 157 const X509Certificate* certificate, |
158 crypto::CryptoModuleBlockingPasswordDelegate* password_delegate) { | |
159 void* wincx = password_delegate ? password_delegate->wincx() : nullptr; | |
157 crypto::ScopedSECKEYPrivateKey key( | 160 crypto::ScopedSECKEYPrivateKey key( |
158 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), nullptr)); | 161 PK11_FindKeyByAnyCert(certificate->os_cert_handle(), wincx)); |
davidben
2017/06/01 23:41:25
Huh. We didn't manage to pass this in before, did
mattm
2017/06/02 04:04:20
Previously we had that ugly UnlockSlot thing where
| |
159 if (!key) { | 162 if (!key) |
160 return ClientKeyStore::GetInstance()->FetchClientCertPrivateKey( | 163 return nullptr; |
161 *certificate); | |
162 } | |
163 | 164 |
164 int type; | 165 int type; |
165 size_t max_length; | 166 size_t max_length; |
166 if (!GetClientCertInfo(certificate, &type, &max_length)) | 167 if (!GetClientCertInfo(certificate, &type, &max_length)) |
167 return nullptr; | 168 return nullptr; |
168 | 169 |
169 return make_scoped_refptr(new ThreadedSSLPrivateKey( | 170 return make_scoped_refptr(new ThreadedSSLPrivateKey( |
170 base::MakeUnique<SSLPlatformKeyNSS>(type, std::move(key)), | 171 base::MakeUnique<SSLPlatformKeyNSS>(type, std::move(key)), |
171 GetSSLPlatformKeyTaskRunner())); | 172 GetSSLPlatformKeyTaskRunner())); |
172 } | 173 } |
173 | 174 |
174 } // namespace net | 175 } // namespace net |
OLD | NEW |