Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(391)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/openssl_client_key_store.cc

Issue 388683002: Switch OpenSSLClientKeyStore::ScopedEVP_PKEY to crypto::ScopedEVP_PKEY. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Mis-split CL Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/ssl/openssl_client_key_store.h ('k') | net/ssl/openssl_client_key_store_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/openssl_client_key_store.h" 5 #include "net/ssl/openssl_client_key_store.h"
6 6
7 #include <openssl/evp.h> 7 #include <openssl/evp.h>
8 #include <openssl/x509.h> 8 #include <openssl/x509.h>
9 9
10 #include "base/memory/scoped_ptr.h" 10 #include "base/memory/scoped_ptr.h"
11 #include "base/memory/singleton.h" 11 #include "base/memory/singleton.h"
12 #include "net/cert/x509_certificate.h" 12 #include "net/cert/x509_certificate.h"
13 13
14 namespace net { 14 namespace net {
15 15
16 namespace { 16 namespace {
17 17
18 typedef OpenSSLClientKeyStore::ScopedEVP_PKEY ScopedEVP_PKEY;
19
20 // Increment the reference count of a given EVP_PKEY. This function 18 // Increment the reference count of a given EVP_PKEY. This function
21 // is similar to EVP_PKEY_dup which is not available from the OpenSSL 19 // is similar to EVP_PKEY_dup which is not available from the OpenSSL
22 // version used by Chromium at the moment. Its name is distinct to 20 // version used by Chromium at the moment. Its name is distinct to
23 // avoid compiler warnings about ambiguous function calls at caller 21 // avoid compiler warnings about ambiguous function calls at caller
24 // sites. 22 // sites.
25 EVP_PKEY* CopyEVP_PKEY(EVP_PKEY* key) { 23 EVP_PKEY* CopyEVP_PKEY(EVP_PKEY* key) {
26 if (key) 24 if (key)
27 CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EVP_PKEY); 25 CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EVP_PKEY);
28 return key; 26 return key;
29 } 27 }
30 28
31 // Return the EVP_PKEY holding the public key of a given certificate. 29 // Return the EVP_PKEY holding the public key of a given certificate.
32 // |cert| is a certificate. 30 // |cert| is a certificate.
33 // Returns a scoped EVP_PKEY for it. 31 // Returns a scoped EVP_PKEY for it.
34 ScopedEVP_PKEY GetOpenSSLPublicKey(const X509Certificate* cert) { 32 crypto::ScopedEVP_PKEY GetOpenSSLPublicKey(const X509Certificate* cert) {
35 // X509_PUBKEY_get() increments the reference count of its result. 33 // X509_PUBKEY_get() increments the reference count of its result.
36 // Unlike X509_get_X509_PUBKEY() which simply returns a direct pointer. 34 // Unlike X509_get_X509_PUBKEY() which simply returns a direct pointer.
37 EVP_PKEY* pkey = 35 EVP_PKEY* pkey =
38 X509_PUBKEY_get(X509_get_X509_PUBKEY(cert->os_cert_handle())); 36 X509_PUBKEY_get(X509_get_X509_PUBKEY(cert->os_cert_handle()));
39 if (!pkey) 37 if (!pkey)
40 LOG(ERROR) << "Can't extract private key from certificate!"; 38 LOG(ERROR) << "Can't extract private key from certificate!";
41 return ScopedEVP_PKEY(pkey); 39 return crypto::ScopedEVP_PKEY(pkey);
42 } 40 }
43 41
44 } // namespace 42 } // namespace
45 43
46 OpenSSLClientKeyStore::OpenSSLClientKeyStore() { 44 OpenSSLClientKeyStore::OpenSSLClientKeyStore() {
47 } 45 }
48 46
49 OpenSSLClientKeyStore::~OpenSSLClientKeyStore() { 47 OpenSSLClientKeyStore::~OpenSSLClientKeyStore() {
50 } 48 }
51 49
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
94 // Common code for OpenSSLClientKeyStore. Shared by all OpenSSL-based 92 // Common code for OpenSSLClientKeyStore. Shared by all OpenSSL-based
95 // builds. 93 // builds.
96 bool OpenSSLClientKeyStore::RecordClientCertPrivateKey( 94 bool OpenSSLClientKeyStore::RecordClientCertPrivateKey(
97 const X509Certificate* client_cert, 95 const X509Certificate* client_cert,
98 EVP_PKEY* private_key) { 96 EVP_PKEY* private_key) {
99 // Sanity check. 97 // Sanity check.
100 if (!client_cert || !private_key) 98 if (!client_cert || !private_key)
101 return false; 99 return false;
102 100
103 // Get public key from certificate. 101 // Get public key from certificate.
104 ScopedEVP_PKEY pub_key(GetOpenSSLPublicKey(client_cert)); 102 crypto::ScopedEVP_PKEY pub_key(GetOpenSSLPublicKey(client_cert));
105 if (!pub_key.get()) 103 if (!pub_key.get())
106 return false; 104 return false;
107 105
108 AddKeyPair(pub_key.get(), private_key); 106 AddKeyPair(pub_key.get(), private_key);
109 return true; 107 return true;
110 } 108 }
111 109
112 bool OpenSSLClientKeyStore::FetchClientCertPrivateKey( 110 bool OpenSSLClientKeyStore::FetchClientCertPrivateKey(
113 const X509Certificate* client_cert, 111 const X509Certificate* client_cert,
114 ScopedEVP_PKEY* private_key) { 112 crypto::ScopedEVP_PKEY* private_key) {
115 if (!client_cert) 113 if (!client_cert)
116 return false; 114 return false;
117 115
118 ScopedEVP_PKEY pub_key(GetOpenSSLPublicKey(client_cert)); 116 crypto::ScopedEVP_PKEY pub_key(GetOpenSSLPublicKey(client_cert));
119 if (!pub_key.get()) 117 if (!pub_key.get())
120 return false; 118 return false;
121 119
122 int index = FindKeyPairIndex(pub_key.get()); 120 int index = FindKeyPairIndex(pub_key.get());
123 if (index < 0) 121 if (index < 0)
124 return false; 122 return false;
125 123
126 private_key->reset(CopyEVP_PKEY(pairs_[index].private_key)); 124 private_key->reset(CopyEVP_PKEY(pairs_[index].private_key));
127 return true; 125 return true;
128 } 126 }
129 127
130 void OpenSSLClientKeyStore::Flush() { 128 void OpenSSLClientKeyStore::Flush() {
131 pairs_.clear(); 129 pairs_.clear();
132 } 130 }
133 131
134 OpenSSLClientKeyStore* OpenSSLClientKeyStore::GetInstance() { 132 OpenSSLClientKeyStore* OpenSSLClientKeyStore::GetInstance() {
135 return Singleton<OpenSSLClientKeyStore>::get(); 133 return Singleton<OpenSSLClientKeyStore>::get();
136 } 134 }
137 135
138 } // namespace net 136 } // namespace net
139 137
140 138
OLDNEW
« no previous file with comments | « net/ssl/openssl_client_key_store.h ('k') | net/ssl/openssl_client_key_store_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698