| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ | 5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ |
| 6 #define CRYPTO_RSA_PRIVATE_KEY_H_ | 6 #define CRYPTO_RSA_PRIVATE_KEY_H_ |
| 7 | 7 |
| 8 #include "build/build_config.h" | 8 #include "build/build_config.h" |
| 9 | 9 |
| 10 #include <list> | 10 #include <list> |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 173 | 173 |
| 174 // Create a new random instance. Can return NULL if initialization fails. | 174 // Create a new random instance. Can return NULL if initialization fails. |
| 175 static RSAPrivateKey* Create(uint16 num_bits); | 175 static RSAPrivateKey* Create(uint16 num_bits); |
| 176 | 176 |
| 177 // Create a new instance by importing an existing private key. The format is | 177 // Create a new instance by importing an existing private key. The format is |
| 178 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if | 178 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if |
| 179 // initialization fails. | 179 // initialization fails. |
| 180 static RSAPrivateKey* CreateFromPrivateKeyInfo( | 180 static RSAPrivateKey* CreateFromPrivateKeyInfo( |
| 181 const std::vector<uint8>& input); | 181 const std::vector<uint8>& input); |
| 182 | 182 |
| 183 #if defined(USE_NSS_CERTS) | 183 #if defined(USE_OPENSSL) |
| 184 // Create a new instance from an existing EVP_PKEY, taking a |
| 185 // reference to it. |key| must be an RSA key. Returns NULL on |
| 186 // failure. |
| 187 static RSAPrivateKey* CreateFromKey(EVP_PKEY* key); |
| 188 #else |
| 189 // Create a new instance by referencing an existing private key |
| 190 // structure. Does not import the key. |
| 191 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); |
| 192 #endif |
| 193 |
| 194 // TODO(davidben): These functions are used when NSS is the platform key |
| 195 // store, but they also assume that the internal crypto library is NSS. Split |
| 196 // out the convenience NSS platform key methods from the logic which expects |
| 197 // an RSAPrivateKey. See https://crbug.com/478777. |
| 198 #if defined(USE_NSS_CERTS) && !defined(USE_OPENSSL) |
| 184 // Create a new random instance in |slot|. Can return NULL if initialization | 199 // Create a new random instance in |slot|. Can return NULL if initialization |
| 185 // fails. The created key is permanent and is not exportable in plaintext | 200 // fails. The created key is permanent and is not exportable in plaintext |
| 186 // form. | 201 // form. |
| 187 static RSAPrivateKey* CreateSensitive(PK11SlotInfo* slot, uint16 num_bits); | 202 static RSAPrivateKey* CreateSensitive(PK11SlotInfo* slot, uint16 num_bits); |
| 188 | 203 |
| 189 // Create a new instance in |slot| by importing an existing private key. The | 204 // Create a new instance in |slot| by importing an existing private key. The |
| 190 // format is an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can | 205 // format is an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can |
| 191 // return NULL if initialization fails. | 206 // return NULL if initialization fails. |
| 192 // The created key is permanent and is not exportable in plaintext form. | 207 // The created key is permanent and is not exportable in plaintext form. |
| 193 static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo( | 208 static RSAPrivateKey* CreateSensitiveFromPrivateKeyInfo( |
| 194 PK11SlotInfo* slot, | 209 PK11SlotInfo* slot, |
| 195 const std::vector<uint8>& input); | 210 const std::vector<uint8>& input); |
| 196 | 211 |
| 197 // Create a new instance by referencing an existing private key | |
| 198 // structure. Does not import the key. | |
| 199 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); | |
| 200 | |
| 201 // Import an existing public key, and then search for the private | 212 // Import an existing public key, and then search for the private |
| 202 // half in the key database. The format of the public key blob is is | 213 // half in the key database. The format of the public key blob is is |
| 203 // an X509 SubjectPublicKeyInfo block. This can return NULL if | 214 // an X509 SubjectPublicKeyInfo block. This can return NULL if |
| 204 // initialization fails or the private key cannot be found. The | 215 // initialization fails or the private key cannot be found. The |
| 205 // caller takes ownership of the returned object, but nothing new is | 216 // caller takes ownership of the returned object, but nothing new is |
| 206 // created in the key database. | 217 // created in the key database. |
| 207 static RSAPrivateKey* FindFromPublicKeyInfo( | 218 static RSAPrivateKey* FindFromPublicKeyInfo( |
| 208 const std::vector<uint8>& input); | 219 const std::vector<uint8>& input); |
| 209 | 220 |
| 210 // Import an existing public key, and then search for the private | 221 // Import an existing public key, and then search for the private |
| 211 // half in the slot specified by |slot|. The format of the public | 222 // half in the slot specified by |slot|. The format of the public |
| 212 // key blob is is an X509 SubjectPublicKeyInfo block. This can return | 223 // key blob is is an X509 SubjectPublicKeyInfo block. This can return |
| 213 // NULL if initialization fails or the private key cannot be found. | 224 // NULL if initialization fails or the private key cannot be found. |
| 214 // The caller takes ownership of the returned object, but nothing new | 225 // The caller takes ownership of the returned object, but nothing new |
| 215 // is created in the slot. | 226 // is created in the slot. |
| 216 static RSAPrivateKey* FindFromPublicKeyInfoInSlot( | 227 static RSAPrivateKey* FindFromPublicKeyInfoInSlot( |
| 217 const std::vector<uint8>& input, | 228 const std::vector<uint8>& input, |
| 218 PK11SlotInfo* slot); | 229 PK11SlotInfo* slot); |
| 219 #elif defined(USE_OPENSSL) | 230 #endif // USE_NSS_CERTS && !USE_OPENSSL |
| 220 // Create a new instance from an existing EVP_PKEY, taking a | |
| 221 // reference to it. |key| must be an RSA key. Returns NULL on | |
| 222 // failure. | |
| 223 static RSAPrivateKey* CreateFromKey(EVP_PKEY* key); | |
| 224 | |
| 225 #endif | |
| 226 | 231 |
| 227 #if defined(USE_OPENSSL) | 232 #if defined(USE_OPENSSL) |
| 228 EVP_PKEY* key() { return key_; } | 233 EVP_PKEY* key() { return key_; } |
| 229 #else | 234 #else |
| 230 SECKEYPrivateKey* key() { return key_; } | 235 SECKEYPrivateKey* key() { return key_; } |
| 231 SECKEYPublicKey* public_key() { return public_key_; } | 236 SECKEYPublicKey* public_key() { return public_key_; } |
| 232 #endif | 237 #endif |
| 233 | 238 |
| 234 // Creates a copy of the object. | 239 // Creates a copy of the object. |
| 235 RSAPrivateKey* Copy() const; | 240 RSAPrivateKey* Copy() const; |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 284 SECKEYPrivateKey* key_; | 289 SECKEYPrivateKey* key_; |
| 285 SECKEYPublicKey* public_key_; | 290 SECKEYPublicKey* public_key_; |
| 286 #endif | 291 #endif |
| 287 | 292 |
| 288 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); | 293 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); |
| 289 }; | 294 }; |
| 290 | 295 |
| 291 } // namespace crypto | 296 } // namespace crypto |
| 292 | 297 |
| 293 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ | 298 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 881213004:
Support building BoringSSL with NSS certificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master