Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(166)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/test/cert_test_util_nss.cc

Issue 881213004: Support building BoringSSL with NSS certificates. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/openssl_platform_key_nss.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/test/cert_test_util.h" 5 #include "net/test/cert_test_util.h"
6 6
7 #include <pk11pub.h> 7 #include <pk11pub.h>
8 #include <secmodt.h> 8 #include <secmodt.h>
9 9
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
11 #include "base/files/file_util.h" 11 #include "base/files/file_util.h"
12 #include "crypto/nss_util.h" 12 #include "crypto/nss_util.h"
13 #include "crypto/rsa_private_key.h" 13 #include "crypto/rsa_private_key.h"
14 #include "net/cert/cert_type.h" 14 #include "net/cert/cert_type.h"
15 15
16 namespace net { 16 namespace net {
17 17
18 scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile( 18 scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile(
19 const base::FilePath& dir, 19 const base::FilePath& dir,
20 const std::string& key_filename, 20 const std::string& key_filename,
21 PK11SlotInfo* slot) { 21 PK11SlotInfo* slot) {
22 #if defined(USE_OPENSSL)
23 // TODO(davidben): Port RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo away
24 // from RSAPrivateKey so it doesn't make assumptions about the internal crypto
25 // library. Instead, return a ScopedSECKEYPrivateKey or have this function
26 // just return bool. https://crbug.com/478777
27 NOTIMPLEMENTED();
28 return nullptr;
29 #else
22 base::FilePath key_path = dir.AppendASCII(key_filename); 30 base::FilePath key_path = dir.AppendASCII(key_filename);
23 std::string key_pkcs8; 31 std::string key_pkcs8;
24 bool success = base::ReadFileToString(key_path, &key_pkcs8); 32 bool success = base::ReadFileToString(key_path, &key_pkcs8);
25 if (!success) { 33 if (!success) {
26 LOG(ERROR) << "Failed to read file " << key_path.value(); 34 LOG(ERROR) << "Failed to read file " << key_path.value();
27 return scoped_ptr<crypto::RSAPrivateKey>(); 35 return scoped_ptr<crypto::RSAPrivateKey>();
28 } 36 }
29 37
30 const uint8* key_pkcs8_begin = 38 const uint8* key_pkcs8_begin =
31 reinterpret_cast<const uint8*>(key_pkcs8.data()); 39 reinterpret_cast<const uint8*>(key_pkcs8.data());
32 std::vector<uint8> key_vector(key_pkcs8_begin, 40 std::vector<uint8> key_vector(key_pkcs8_begin,
33 key_pkcs8_begin + key_pkcs8.length()); 41 key_pkcs8_begin + key_pkcs8.length());
34 42
35 scoped_ptr<crypto::RSAPrivateKey> private_key( 43 scoped_ptr<crypto::RSAPrivateKey> private_key(
36 crypto::RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(slot, 44 crypto::RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(slot,
37 key_vector)); 45 key_vector));
38 LOG_IF(ERROR, !private_key) << "Could not create key from file " 46 LOG_IF(ERROR, !private_key) << "Could not create key from file "
39 << key_path.value(); 47 << key_path.value();
40 return private_key.Pass(); 48 return private_key.Pass();
49 #endif
41 } 50 }
42 51
43 bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert, 52 bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert,
44 PK11SlotInfo* slot) { 53 PK11SlotInfo* slot) {
45 std::string nickname = cert->GetDefaultNickname(USER_CERT); 54 std::string nickname = cert->GetDefaultNickname(USER_CERT);
46 { 55 {
47 crypto::AutoNSSWriteLock lock; 56 crypto::AutoNSSWriteLock lock;
48 SECStatus rv = PK11_ImportCert(slot, 57 SECStatus rv = PK11_ImportCert(slot,
49 cert->os_cert_handle(), 58 cert->os_cert_handle(),
50 CK_INVALID_HANDLE, 59 CK_INVALID_HANDLE,
(...skipping 27 matching lines...) Expand all
78 if (!ImportClientCertToSlot(cert, slot)) 87 if (!ImportClientCertToSlot(cert, slot))
79 return NULL; 88 return NULL;
80 89
81 // |cert| continues to point to the original X509Certificate before the 90 // |cert| continues to point to the original X509Certificate before the
82 // import to |slot|. However this should not make a difference as NSS handles 91 // import to |slot|. However this should not make a difference as NSS handles
83 // state globally. 92 // state globally.
84 return cert; 93 return cert;
85 } 94 }
86 95
87 } // namespace net 96 } // namespace net
OLDNEW
« no previous file with comments | « net/ssl/openssl_platform_key_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698