2 files changed, 25 insertions, 1 deletions

diff --git a/components/ownership/BUILD.gn b/components/ownership/BUILD.gn
index 1bca927..cdaf227 100644
--- a/components/ownership/BUILD.gn
+++ b/components/ownership/BUILD.gn
@@ -2,6 +2,7 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
+import("//build/config/crypto.gni")
 import("//build/config/features.gni")
 
 component("ownership") {
@@ -29,6 +30,10 @@ component("ownership") {
   if (enable_configuration_policy) {
     deps += [ "//components/policy" ]
   }
+
+  if (use_nss_certs) {
+    deps += [ "//crypto:platform" ]
+  }
 }
 
 source_set("unit_tests") {
diff --git a/components/ownership/owner_key_util_impl.cc b/components/ownership/owner_key_util_impl.cc
index bc7208e..5a400d5 100644
--- a/components/ownership/owner_key_util_impl.cc
+++ b/components/ownership/owner_key_util_impl.cc
@@ -8,7 +8,12 @@
 
 #include "base/files/file_util.h"
 #include "base/logging.h"
+
+#if defined(USE_NSS_CERTS)
+#include <keythi.h>
+#include "crypto/nss_key_util.h"
 #include "crypto/rsa_private_key.h"
+#endif
 
 namespace ownership {
 
@@ -54,7 +59,21 @@ bool OwnerKeyUtilImpl::ImportPublicKey(std::vector<uint8>* output) {
 crypto::RSAPrivateKey* OwnerKeyUtilImpl::FindPrivateKeyInSlot(
     const std::vector<uint8>& key,
     PK11SlotInfo* slot) {
-  return crypto::RSAPrivateKey::FindFromPublicKeyInfoInSlot(key, slot);
+  if (!slot)
+    return nullptr;
+
+  crypto::ScopedSECKEYPrivateKey private_key(
+      crypto::FindNSSKeyFromPublicKeyInfoInSlot(key, slot));
+  if (!private_key || SECKEY_GetPrivateKeyType(private_key.get()) != rsaKey)
+    return nullptr;
+#if defined(USE_OPENSSL)
+  // TODO(davidben): This assumes that crypto::RSAPrivateKey also uses NSS.
+  // https://crbug.com/478777
+  NOTIMPLEMENTED();
+  return nullptr;
+#else
+  return crypto::RSAPrivateKey::CreateFromKey(private_key.get());
+#endif
 }
 #endif  // defined(USE_NSS_CERTS)