summaryrefslogtreecommitdiffstats
path: root/base/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'base/crypto')
-rw-r--r--base/crypto/rsa_private_key.h18
-rw-r--r--base/crypto/rsa_private_key_nss.cc225
-rw-r--r--base/crypto/signature_creator.h18
-rw-r--r--base/crypto/signature_creator_nss.cc74
-rw-r--r--base/crypto/signature_creator_win.cc2
5 files changed, 10 insertions, 327 deletions
diff --git a/base/crypto/rsa_private_key.h b/base/crypto/rsa_private_key.h
index 3d85ebb..21aa601 100644
--- a/base/crypto/rsa_private_key.h
+++ b/base/crypto/rsa_private_key.h
@@ -7,14 +7,11 @@
#include "build/build_config.h"
-#if defined(USE_NSS)
-#include <cryptoht.h>
-#include <keythi.h>
-#elif defined(OS_MACOSX)
-// TODO(port);
-#elif defined(OS_WIN)
+#if defined(OS_WIN)
#include <windows.h>
#include <wincrypt.h>
+#else
+// TODO(port)
#endif
#include <vector>
@@ -38,9 +35,7 @@ class RSAPrivateKey {
~RSAPrivateKey();
-#if defined(USE_NSS)
- SECKEYPrivateKey* key() { return key_; }
-#elif defined(OS_WIN)
+#if defined(OS_WIN)
HCRYPTPROV provider() { return provider_; }
HCRYPTKEY key() { return key_; }
#endif
@@ -56,10 +51,7 @@ private:
// instead.
RSAPrivateKey();
-#if defined(USE_NSS)
- SECKEYPrivateKey* key_;
- SECKEYPublicKey* public_key_;
-#elif defined(OS_WIN)
+#if defined(OS_WIN)
bool InitProvider();
HCRYPTPROV provider_;
diff --git a/base/crypto/rsa_private_key_nss.cc b/base/crypto/rsa_private_key_nss.cc
deleted file mode 100644
index 5c2d3fe..0000000
--- a/base/crypto/rsa_private_key_nss.cc
+++ /dev/null
@@ -1,225 +0,0 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/crypto/rsa_private_key.h"
-
-#include <cryptohi.h>
-#include <keyhi.h>
-#include <pk11pub.h>
-
-#include <iostream>
-#include <list>
-
-#include "base/logging.h"
-#include "base/nss_init.h"
-#include "base/scoped_ptr.h"
-#include "base/string_util.h"
-
-// TODO(rafaelw): Consider refactoring common functions and definitions from
-// rsa_private_key_win.cc or using NSS's ASN.1 encoder.
-namespace {
-
-// ASN.1 encoding of the AlgorithmIdentifier from PKCS #8.
-const uint8 kRsaAlgorithmIdentifier[] = {
- 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
- 0x05, 0x00
-};
-
-// ASN.1 tags for some types we use.
-const uint8 kSequenceTag = 0x30;
-const uint8 kIntegerTag = 0x02;
-const uint8 kNullTag = 0x05;
-const uint8 kOctetStringTag = 0x04;
-
-static void PrependBytesInOrder(uint8* val, int start, int num_bytes,
- std::list<uint8>* data) {
- while(num_bytes > start) {
- --num_bytes;
- data->push_front(val[num_bytes]);
- }
-}
-
-// Helper to prepend an ASN.1 length field.
-static void PrependLength(size_t size, std::list<uint8>* data) {
- // The high bit is used to indicate whether additional octets are needed to
- // represent the length.
- if (size < 0x80) {
- data->push_front(static_cast<uint8>(size));
- } else {
- uint8 num_bytes = 0;
- while (size > 0) {
- data->push_front(static_cast<uint8>(size & 0xFF));
- size >>= 8;
- num_bytes++;
- }
- CHECK(num_bytes <= 4);
- data->push_front(0x80 | num_bytes);
- }
-}
-
-// Helper to prepend an ASN.1 type header.
-static void PrependTypeHeaderAndLength(uint8 type, uint32 length,
- std::list<uint8>* output) {
- PrependLength(length, output);
- output->push_front(type);
-}
-
-// Helper to prepend an ASN.1 integer.
-static void PrependInteger(uint8* val, int num_bytes, std::list<uint8>* data) {
- // ASN.1 integers are unpadded byte arrays, so skip any null padding bytes
- // from the most-significant end of the integer.
- int start = 0;
- while (start < (num_bytes - 1) && val[start] == 0x00)
- start++;
-
- PrependBytesInOrder(val, start, num_bytes, data);
-
- // ASN.1 integers are signed. To encode a positive integer whose sign bit
- // (the most significant bit) would otherwise be set and make the number
- // negative, ASN.1 requires a leading null byte to force the integer to be
- // positive.
- if ((val[start] & 0x80) != 0) {
- data->push_front(0x00);
- num_bytes++;
- }
-
- PrependTypeHeaderAndLength(kIntegerTag, num_bytes, data);
-}
-
-static bool ReadAttributeAndPrependInteger(SECKEYPrivateKey* key,
- CK_ATTRIBUTE_TYPE type,
- std::list<uint8>* output) {
- SECItem item;
- SECStatus rv;
- rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item);
- if (rv != SECSuccess) {
- NOTREACHED();
- return false;
- }
-
- PrependInteger(item.data, item.len, output);
- SECITEM_FreeItem(&item, PR_FALSE);
- return true;
-}
-
-} // namespace
-
-
-namespace base {
-
-// static
-RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
- scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
-
- PK11SlotInfo *slot = PK11_GetInternalSlot();
- if (!slot)
- return NULL;
-
- PK11RSAGenParams param;
- param.keySizeInBits = num_bits;
- param.pe = 65537L;
- result->key_ = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &param,
- &result->public_key_, PR_FALSE, PR_FALSE, NULL);
- PK11_FreeSlot(slot);
- if (!result->key_)
- return NULL;
-
- return result.release();
-}
-
-// static
-RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
- const std::vector<uint8>& input) {
- scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
-
- PK11SlotInfo *slot = PK11_GetInternalSlot();
- if (!slot)
- return NULL;
-
- SECItem der_private_key_info;
- der_private_key_info.data = const_cast<unsigned char*>(&input.front());
- der_private_key_info.len = input.size();
- SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot,
- &der_private_key_info, NULL, NULL, PR_FALSE, PR_FALSE,
- KU_DIGITAL_SIGNATURE, &result->key_, NULL);
- PK11_FreeSlot(slot);
- if (rv != SECSuccess) {
- NOTREACHED();
- return NULL;
- }
-
- result->public_key_ = SECKEY_ConvertToPublicKey(result->key_);
- if (!result->public_key_) {
- NOTREACHED();
- return NULL;
- }
-
- return result.release();
-}
-
-RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) {
- EnsureNSSInit();
-}
-
-RSAPrivateKey::~RSAPrivateKey() {
- if (key_)
- SECKEY_DestroyPrivateKey(key_);
- if (public_key_)
- SECKEY_DestroyPublicKey(public_key_);
-}
-
-bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) {
- std::list<uint8> content;
-
- // Version (always zero)
- uint8 version = 0;
-
- // Manually read the component attributes of the private key and build up the
- // output in reverse order to prevent having to do copies to figure out the
- // length.
- if (!ReadAttributeAndPrependInteger(key_, CKA_COEFFICIENT, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_EXPONENT_2, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_EXPONENT_1, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_PRIME_2, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_PRIME_1, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_PRIVATE_EXPONENT, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_PUBLIC_EXPONENT, &content) ||
- !ReadAttributeAndPrependInteger(key_, CKA_MODULUS, &content)) {
- NOTREACHED();
- return false;
- }
- PrependInteger(&version, 1, &content);
- PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content);
- PrependTypeHeaderAndLength(kOctetStringTag, content.size(), &content);
-
- // RSA algorithm OID
- for (size_t i = sizeof(kRsaAlgorithmIdentifier); i > 0; --i)
- content.push_front(kRsaAlgorithmIdentifier[i - 1]);
-
- PrependInteger(&version, 1, &content);
- PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content);
-
- // Copy everying into the output.
- output->reserve(content.size());
- for (std::list<uint8>::iterator i = content.begin(); i != content.end(); ++i)
- output->push_back(*i);
-
- return true;
-}
-
-bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
- SECItem* der_pubkey = PK11_DEREncodePublicKey(public_key_);
- if (!der_pubkey) {
- NOTREACHED();
- return false;
- }
-
- for (size_t i = 0; i < der_pubkey->len; ++i)
- output->push_back(der_pubkey->data[i]);
-
- SECITEM_FreeItem(der_pubkey, PR_TRUE);
- return true;
-}
-
-} // namespace base
diff --git a/base/crypto/signature_creator.h b/base/crypto/signature_creator.h
index 6c7ddbc..0b66baa 100644
--- a/base/crypto/signature_creator.h
+++ b/base/crypto/signature_creator.h
@@ -5,15 +5,11 @@
#ifndef BASE_CRYPTO_SIGNATURE_CREATOR_H_
#define BASE_CRYPTO_SIGNATURE_CREATOR_H_
-#include "build/build_config.h"
-
-#if defined(USE_NSS)
-#include <cryptoht.h>
-#elif defined(OS_MACOSX)
-// TODO(port)
-#elif defined(OS_WIN)
+#if defined(OS_WIN)
#include <windows.h>
#include <wincrypt.h>
+#else
+// TODO(PORT)
#endif
#include <vector>
@@ -41,15 +37,11 @@ class SignatureCreator {
private:
// Private constructor. Use the Create() method instead.
- SignatureCreator();
+ SignatureCreator() {}
RSAPrivateKey* key_;
-#if defined(USE_NSS)
- SGNContext* sign_context_;
-#elif defined(OS_MACOSX)
- // TODO(port)
-#elif defined(OS_WIN)
+#if defined(OS_WIN)
HCRYPTHASH hash_object_;
#endif
diff --git a/base/crypto/signature_creator_nss.cc b/base/crypto/signature_creator_nss.cc
deleted file mode 100644
index a6a820b..0000000
--- a/base/crypto/signature_creator_nss.cc
+++ /dev/null
@@ -1,74 +0,0 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/crypto/signature_creator.h"
-
-#include <cryptohi.h>
-#include <keyhi.h>
-#include <stdlib.h>
-
-#include "base/logging.h"
-#include "base/nss_init.h"
-#include "base/scoped_ptr.h"
-
-namespace base {
-
-// static
-SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) {
- scoped_ptr<SignatureCreator> result(new SignatureCreator);
- result->key_ = key;
-
- result->sign_context_ = SGN_NewContext(SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
- key->key());
- if (!result->sign_context_) {
- NOTREACHED();
- return NULL;
- }
-
- SECStatus rv = SGN_Begin(result->sign_context_);
- if (rv != SECSuccess) {
- NOTREACHED();
- return NULL;
- }
-
- return result.release();
-}
-
-SignatureCreator::SignatureCreator() : sign_context_(NULL) {
- EnsureNSSInit();
-}
-
-SignatureCreator::~SignatureCreator() {
- if (sign_context_) {
- SGN_DestroyContext(sign_context_, PR_TRUE);
- sign_context_ = NULL;
- }
-}
-
-bool SignatureCreator::Update(const uint8* data_part, int data_part_len) {
- SECStatus rv = SGN_Update(sign_context_,
- const_cast<unsigned char*>(data_part),
- data_part_len);
- if (rv != SECSuccess) {
- NOTREACHED();
- return false;
- }
-
- return true;
-}
-
-bool SignatureCreator::Final(std::vector<uint8>* signature) {
- SECItem signature_item;
- SECStatus rv = SGN_End(sign_context_, &signature_item);
- if (rv != SECSuccess) {
- NOTREACHED();
- return false;
- }
- signature->assign(signature_item.data,
- signature_item.data + signature_item.len);
-
- return true;
-}
-
-} // namespace base
diff --git a/base/crypto/signature_creator_win.cc b/base/crypto/signature_creator_win.cc
index 700a309..78e4964 100644
--- a/base/crypto/signature_creator_win.cc
+++ b/base/crypto/signature_creator_win.cc
@@ -23,8 +23,6 @@ SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) {
return result.release();
}
-SignatureCreator::SignatureCreator() : hash_object_(0) {}
-
SignatureCreator::~SignatureCreator() {
if (hash_object_) {
if (!CryptDestroyHash(hash_object_))