OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/openssl_private_key_store.h" | 5 #include "net/base/openssl_private_key_store.h" |
6 | 6 |
7 #include <openssl/evp.h> | 7 #include <openssl/evp.h> |
8 #include <openssl/x509.h> | 8 #include <openssl/x509.h> |
9 | 9 |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/memory/singleton.h" | 11 #include "base/memory/singleton.h" |
12 #include "crypto/openssl_util.h" | 12 #include "crypto/openssl_util.h" |
| 13 #include "crypto/scoped_openssl_types.h" |
13 #include "net/android/network_library.h" | 14 #include "net/android/network_library.h" |
14 | 15 |
15 namespace net { | 16 namespace net { |
16 | 17 |
17 bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, | 18 bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url, |
18 EVP_PKEY* pkey) { | 19 EVP_PKEY* pkey) { |
19 // Always clear openssl errors on exit. | 20 // Always clear openssl errors on exit. |
20 crypto::OpenSSLErrStackTracer err_trace(FROM_HERE); | 21 crypto::OpenSSLErrStackTracer err_trace(FROM_HERE); |
21 | 22 |
22 // Important: Do not use i2d_PublicKey() here, which returns data in | 23 // Important: Do not use i2d_PublicKey() here, which returns data in |
23 // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded | 24 // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded |
24 // SubjectPublicKeyInfo (X.509), as expected by the platform. | 25 // SubjectPublicKeyInfo (X.509), as expected by the platform. |
25 unsigned char* public_key = NULL; | 26 unsigned char* public_key = NULL; |
26 int public_len = i2d_PUBKEY(pkey, &public_key); | 27 int public_len = i2d_PUBKEY(pkey, &public_key); |
27 | 28 |
28 // Important: Do not use i2d_PrivateKey() here, it returns data | 29 // Important: Do not use i2d_PrivateKey() here, it returns data |
29 // in a format that is incompatible with what the platform expects. | 30 // in a format that is incompatible with what the platform expects. |
30 unsigned char* private_key = NULL; | 31 unsigned char* private_key = NULL; |
31 int private_len = 0; | 32 int private_len = 0; |
32 crypto::ScopedOpenSSL< | 33 scoped_ptr<PKCS8_PRIV_KEY_INFO, |
33 PKCS8_PRIV_KEY_INFO, | 34 crypto::OpenSSLDestroyer<PKCS8_PRIV_KEY_INFO, |
34 PKCS8_PRIV_KEY_INFO_free> pkcs8(EVP_PKEY2PKCS8(pkey)); | 35 PKCS8_PRIV_KEY_INFO_free> > |
| 36 pkcs8(EVP_PKEY2PKCS8(pkey)); |
35 if (pkcs8.get() != NULL) { | 37 if (pkcs8.get() != NULL) { |
36 private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key); | 38 private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key); |
37 } | 39 } |
38 bool ret = false; | 40 bool ret = false; |
39 if (public_len > 0 && private_len > 0) { | 41 if (public_len > 0 && private_len > 0) { |
40 ret = net::android::StoreKeyPair( | 42 ret = net::android::StoreKeyPair( |
41 static_cast<const uint8*>(public_key), public_len, | 43 static_cast<const uint8*>(public_key), public_len, |
42 static_cast<const uint8*>(private_key), private_len); | 44 static_cast<const uint8*>(private_key), private_len); |
43 } | 45 } |
44 LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len | 46 LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len |
45 << " priv len = " << private_len; | 47 << " priv len = " << private_len; |
46 OPENSSL_free(public_key); | 48 OPENSSL_free(public_key); |
47 OPENSSL_free(private_key); | 49 OPENSSL_free(private_key); |
48 return ret; | 50 return ret; |
49 } | 51 } |
50 | 52 |
51 } // namespace net | 53 } // namespace net |
OLD | NEW |