Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(218)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: crypto/rsa_private_key_nss.cc

Issue 66213002: NSS: {EC,RSA}PrivateKey shouldn't call crypto::GetPublicNSSKeySlot or GetPrivateNSSKeySlot. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: remove the checks again Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « crypto/rsa_private_key.h ('k') | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "crypto/rsa_private_key.h" 5 #include "crypto/rsa_private_key.h"
6 6
7 #include <cryptohi.h> 7 #include <cryptohi.h>
8 #include <keyhi.h> 8 #include <keyhi.h>
9 #include <pk11pub.h> 9 #include <pk11pub.h>
10 #include <secmod.h> 10 #include <secmod.h>
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 44
45 RSAPrivateKey::~RSAPrivateKey() { 45 RSAPrivateKey::~RSAPrivateKey() {
46 if (key_) 46 if (key_)
47 SECKEY_DestroyPrivateKey(key_); 47 SECKEY_DestroyPrivateKey(key_);
48 if (public_key_) 48 if (public_key_)
49 SECKEY_DestroyPublicKey(public_key_); 49 SECKEY_DestroyPublicKey(public_key_);
50 } 50 }
51 51
52 // static 52 // static
53 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { 53 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
54 return CreateWithParams(num_bits, 54 EnsureNSSInit();
55
56 ScopedPK11Slot slot(PK11_GetInternalSlot());
57 return CreateWithParams(slot.get(),
58 num_bits,
55 false /* not permanent */, 59 false /* not permanent */,
56 false /* not sensitive */); 60 false /* not sensitive */);
57 } 61 }
58 62
59 // static 63 // static
60 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( 64 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
61 const std::vector<uint8>& input) { 65 const std::vector<uint8>& input) {
62 return CreateFromPrivateKeyInfoWithParams(input, 66 EnsureNSSInit();
63 false /* not permanent */, 67
64 false /* not sensitive */); 68 ScopedPK11Slot slot(PK11_GetInternalSlot());
69 return CreateFromPrivateKeyInfoWithParams(
70 slot.get(),
71 input,
72 false /* not permanent */,
73 false /* not sensitive */);
65 } 74 }
66 75
67 #if defined(USE_NSS) 76 #if defined(USE_NSS)
68 // static 77 // static
69 RSAPrivateKey* RSAPrivateKey::CreateSensitive(uint16 num_bits) { 78 RSAPrivateKey* RSAPrivateKey::CreateSensitive(PK11SlotInfo* slot,
70 return CreateWithParams(num_bits, 79 uint16 num_bits) {
80 return CreateWithParams(slot,
81 num_bits,
71 true /* permanent */, 82 true /* permanent */,
72 true /* sensitive */); 83 true /* sensitive */);
73 } 84 }
74 85
75 // static 86 // static
76 RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo( 87 RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(
88 PK11SlotInfo* slot,
77 const std::vector<uint8>& input) { 89 const std::vector<uint8>& input) {
78 return CreateFromPrivateKeyInfoWithParams(input, 90 return CreateFromPrivateKeyInfoWithParams(slot,
91 input,
79 true /* permanent */, 92 true /* permanent */,
80 true /* sensitive */); 93 true /* sensitive */);
81 } 94 }
82 95
83 // static 96 // static
84 RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) { 97 RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) {
85 DCHECK(key); 98 DCHECK(key);
86 if (SECKEY_GetPrivateKeyType(key) != rsaKey) 99 if (SECKEY_GetPrivateKeyType(key) != rsaKey)
87 return NULL; 100 return NULL;
88 RSAPrivateKey* copy = new RSAPrivateKey(); 101 RSAPrivateKey* copy = new RSAPrivateKey();
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after
193 206
194 output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len); 207 output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len);
195 return true; 208 return true;
196 } 209 }
197 210
198 RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { 211 RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) {
199 EnsureNSSInit(); 212 EnsureNSSInit();
200 } 213 }
201 214
202 // static 215 // static
203 RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits, 216 RSAPrivateKey* RSAPrivateKey::CreateWithParams(PK11SlotInfo* slot,
217 uint16 num_bits,
204 bool permanent, 218 bool permanent,
205 bool sensitive) { 219 bool sensitive) {
206 #if !defined(USE_NSS) 220 if (!slot)
207 if (permanent) {
208 NOTIMPLEMENTED();
209 return NULL; 221 return NULL;
210 }
211 #endif
212
213 EnsureNSSInit();
214 222
215 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 223 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
216 224
217 ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
218 PK11_GetInternalSlot());
219 if (!slot.get())
220 return NULL;
221
222 PK11RSAGenParams param; 225 PK11RSAGenParams param;
223 param.keySizeInBits = num_bits; 226 param.keySizeInBits = num_bits;
224 param.pe = 65537L; 227 param.pe = 65537L;
225 result->key_ = PK11_GenerateKeyPair(slot.get(), 228 result->key_ = PK11_GenerateKeyPair(slot,
226 CKM_RSA_PKCS_KEY_PAIR_GEN, 229 CKM_RSA_PKCS_KEY_PAIR_GEN,
227 &param, 230 &param,
228 &result->public_key_, 231 &result->public_key_,
229 permanent, 232 permanent,
230 sensitive, 233 sensitive,
231 NULL); 234 NULL);
232 if (!result->key_) 235 if (!result->key_)
233 return NULL; 236 return NULL;
234 237
235 return result.release(); 238 return result.release();
236 } 239 }
237 240
238 // static 241 // static
239 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( 242 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams(
240 const std::vector<uint8>& input, bool permanent, bool sensitive) { 243 PK11SlotInfo* slot,
241 #if !defined(USE_NSS) 244 const std::vector<uint8>& input,
242 if (permanent) { 245 bool permanent,
243 NOTIMPLEMENTED(); 246 bool sensitive) {
247 if (!slot)
244 return NULL; 248 return NULL;
245 }
246 #endif
247
248 // This method currently leaks some memory.
249 // See http://crbug.com/34742.
250 ANNOTATE_SCOPED_MEMORY_LEAK;
251 EnsureNSSInit();
252 249
253 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 250 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
254 251
255 ScopedPK11Slot slot(permanent ? GetPrivateNSSKeySlot() :
256 PK11_GetInternalSlot());
257 if (!slot.get())
258 return NULL;
259
260 SECItem der_private_key_info; 252 SECItem der_private_key_info;
261 der_private_key_info.data = const_cast<unsigned char*>(&input.front()); 253 der_private_key_info.data = const_cast<unsigned char*>(&input.front());
262 der_private_key_info.len = input.size(); 254 der_private_key_info.len = input.size();
263 // Allow the private key to be used for key unwrapping, data decryption, 255 // Allow the private key to be used for key unwrapping, data decryption,
264 // and signature generation. 256 // and signature generation.
265 const unsigned int key_usage = KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | 257 const unsigned int key_usage = KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT |
266 KU_DIGITAL_SIGNATURE; 258 KU_DIGITAL_SIGNATURE;
267 SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( 259 SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey(
268 slot.get(), &der_private_key_info, NULL, NULL, permanent, sensitive, 260 slot, &der_private_key_info, NULL, NULL, permanent, sensitive,
269 key_usage, &result->key_, NULL); 261 key_usage, &result->key_, NULL);
270 if (rv != SECSuccess) { 262 if (rv != SECSuccess) {
271 NOTREACHED(); 263 NOTREACHED();
272 return NULL; 264 return NULL;
273 } 265 }
274 266
275 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); 267 result->public_key_ = SECKEY_ConvertToPublicKey(result->key_);
276 if (!result->public_key_) { 268 if (!result->public_key_) {
277 NOTREACHED(); 269 NOTREACHED();
278 return NULL; 270 return NULL;
279 } 271 }
280 272
281 return result.release(); 273 return result.release();
282 } 274 }
283 275
284 } // namespace crypto 276 } // namespace crypto
OLDNEW
« no previous file with comments | « crypto/rsa_private_key.h ('k') | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698