Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(552)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/test/cert_test_util_nss.cc

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/test/cert_test_util.cc ('k') | net/test/ct_test_util.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/test/cert_test_util.h"
6
7 #include <pk11pub.h>
8 #include <secmodt.h>
9
10 #include "base/files/file_path.h"
11 #include "base/files/file_util.h"
12 #include "crypto/nss_util.h"
13 #include "crypto/rsa_private_key.h"
14 #include "net/cert/cert_type.h"
15
16 namespace net {
17
18 scoped_ptr<crypto::RSAPrivateKey> ImportSensitiveKeyFromFile(
19 const base::FilePath& dir,
20 const std::string& key_filename,
21 PK11SlotInfo* slot) {
22 base::FilePath key_path = dir.AppendASCII(key_filename);
23 std::string key_pkcs8;
24 bool success = base::ReadFileToString(key_path, &key_pkcs8);
25 if (!success) {
26 LOG(ERROR) << "Failed to read file " << key_path.value();
27 return scoped_ptr<crypto::RSAPrivateKey>();
28 }
29
30 const uint8* key_pkcs8_begin =
31 reinterpret_cast<const uint8*>(key_pkcs8.data());
32 std::vector<uint8> key_vector(key_pkcs8_begin,
33 key_pkcs8_begin + key_pkcs8.length());
34
35 scoped_ptr<crypto::RSAPrivateKey> private_key(
36 crypto::RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(slot,
37 key_vector));
38 LOG_IF(ERROR, !private_key) << "Could not create key from file "
39 << key_path.value();
40 return private_key.Pass();
41 }
42
43 bool ImportClientCertToSlot(const scoped_refptr<X509Certificate>& cert,
44 PK11SlotInfo* slot) {
45 std::string nickname = cert->GetDefaultNickname(USER_CERT);
46 {
47 crypto::AutoNSSWriteLock lock;
48 SECStatus rv = PK11_ImportCert(slot,
49 cert->os_cert_handle(),
50 CK_INVALID_HANDLE,
51 nickname.c_str(),
52 PR_FALSE);
53 if (rv != SECSuccess) {
54 LOG(ERROR) << "Could not import cert";
55 return false;
56 }
57 }
58 return true;
59 }
60
61 scoped_refptr<X509Certificate> ImportClientCertAndKeyFromFile(
62 const base::FilePath& dir,
63 const std::string& cert_filename,
64 const std::string& key_filename,
65 PK11SlotInfo* slot) {
66 if (!ImportSensitiveKeyFromFile(dir, key_filename, slot)) {
67 LOG(ERROR) << "Could not import private key from file " << key_filename;
68 return NULL;
69 }
70
71 scoped_refptr<X509Certificate> cert(ImportCertFromFile(dir, cert_filename));
72
73 if (!cert.get()) {
74 LOG(ERROR) << "Failed to parse cert from file " << cert_filename;
75 return NULL;
76 }
77
78 if (!ImportClientCertToSlot(cert, slot))
79 return NULL;
80
81 // |cert| continues to point to the original X509Certificate before the
82 // import to |slot|. However this should not make a difference as NSS handles
83 // state globally.
84 return cert;
85 }
86
87 } // namespace net
OLDNEW
« no previous file with comments | « net/test/cert_test_util.cc ('k') | net/test/ct_test_util.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698