Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1188)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/platform_keys/platform_keys_nss.cc

Issue 331173002: enterprise.platformKeys: Respect the 'hash' argument of generateKey. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/platform_keys/platform_keys.h ('k') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc » ('j') | chrome/common/extensions/api/enterprise_platform_keys_internal.idl » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
diff --git a/chrome/browser/chromeos/platform_keys/platform_keys_nss.cc b/chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
index 9d89797c8c2facd743752100863dbad50a2394ec..d5f8da189d9d12d191ebcab2295c7717f3f0a0de 100644
--- a/chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
+++ b/chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
@@ -151,6 +151,7 @@ class GenerateRSAKeyState : public NSSOperationState {
class SignState : public NSSOperationState {
public:
SignState(const std::string& public_key,
+ const std::string& hash_algorithm_name,
const std::string& data,
const SignCallback& callback);
virtual ~SignState() {}
@@ -168,6 +169,7 @@ class SignState : public NSSOperationState {
}
const std::string public_key_;
+ const std::string hash_algorithm_name_;
const std::string data_;
private:
@@ -258,9 +260,13 @@ GenerateRSAKeyState::GenerateRSAKeyState(unsigned int modulus_length,
}
SignState::SignState(const std::string& public_key,
+ const std::string& hash_algorithm_name,
const std::string& data,
const SignCallback& callback)
- : public_key_(public_key), data_(data), callback_(callback) {
+ : public_key_(public_key),
+ hash_algorithm_name_(hash_algorithm_name),
+ data_(data),
+ callback_(callback) {
}
GetCertificatesState::GetCertificatesState(
@@ -332,12 +338,26 @@ void RSASignOnWorkerThread(scoped_ptr<SignState> state) {
return;
}
+ SECOidTag sign_alg_tag;
+ if (state->hash_algorithm_name_ == "SHA-1") {
+ sign_alg_tag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
not at google - send to devlin 2014/06/16 17:05:31 can you just pass in this enum rather than parsing
pneubeck (no reviews) 2014/06/17 09:12:17 SECOidTag is NSS specific and can't be moved to th
not at google - send to devlin 2014/06/17 18:18:48 I see. If the schema compiler issue were fixed to
+ } else if (state->hash_algorithm_name_ == "SHA-256") {
+ sign_alg_tag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
+ } else if (state->hash_algorithm_name_ == "SHA-384") {
+ sign_alg_tag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
+ } else if (state->hash_algorithm_name_ == "SHA-512") {
+ sign_alg_tag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
+ } else {
+ state->OnError(FROM_HERE, kErrorAlgorithmNotSupported);
+ return;
+ }
+
SECItem sign_result = {siBuffer, NULL, 0};
if (SEC_SignData(&sign_result,
reinterpret_cast<const unsigned char*>(state->data_.data()),
state->data_.size(),
rsa_key->key(),
- SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION) != SECSuccess) {
+ sign_alg_tag) != SECSuccess) {
LOG(ERROR) << "Couldn't sign.";
state->OnError(FROM_HERE, kErrorInternal);
return;
@@ -492,11 +512,13 @@ void GenerateRSAKey(const std::string& token_id,
void Sign(const std::string& token_id,
const std::string& public_key,
+ const std::string& hash_algorithm_name,
const std::string& data,
const SignCallback& callback,
Profile* profile) {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
- scoped_ptr<SignState> state(new SignState(public_key, data, callback));
+ scoped_ptr<SignState> state(
+ new SignState(public_key, hash_algorithm_name, data, callback));
// Get the pointer to |state| before base::Passed releases |state|.
NSSOperationState* state_ptr = state.get();
« no previous file with comments | « chrome/browser/chromeos/platform_keys/platform_keys.h ('k') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc » ('j') | chrome/common/extensions/api/enterprise_platform_keys_internal.idl » ('J')

Powered by Google App Engine
This is Rietveld 408576698