components/ownership/owner_key_util_impl.cc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "components/ownership/owner_key_util_impl.h"

#include <limits>

#include "base/files/file_util.h"
#include "base/logging.h"

#if defined(USE_NSS_CERTS)
#include <keythi.h>
#include "crypto/nss_key_util.h"
#include "crypto/rsa_private_key.h"
#endif

namespace ownership {

OwnerKeyUtilImpl::OwnerKeyUtilImpl(const base::FilePath& public_key_file)
    : public_key_file_(public_key_file) {
}

OwnerKeyUtilImpl::~OwnerKeyUtilImpl() {
}

bool OwnerKeyUtilImpl::ImportPublicKey(std::vector<uint8>* output) {
  // Get the file size (must fit in a 32 bit int for NSS).
  int64 file_size;
  if (!base::GetFileSize(public_key_file_, &file_size)) {
#if defined(OS_CHROMEOS)
    LOG(ERROR) << "Could not get size of " << public_key_file_.value();
#endif  // defined(OS_CHROMEOS)
    return false;
  }
  if (file_size > static_cast<int64>(std::numeric_limits<int>::max())) {
    LOG(ERROR) << public_key_file_.value() << "is " << file_size
               << "bytes!!!  Too big!";
    return false;
  }
  int32 safe_file_size = static_cast<int32>(file_size);

  output->resize(safe_file_size);

  if (safe_file_size == 0) {
    LOG(WARNING) << "Public key file is empty. This seems wrong.";
    return false;
  }

  // Get the key data off of disk
  int data_read =
      base::ReadFile(public_key_file_,
                     reinterpret_cast<char*>(vector_as_array(output)),
                     safe_file_size);
  return data_read == safe_file_size;
}

#if defined(USE_NSS_CERTS)
crypto::RSAPrivateKey* OwnerKeyUtilImpl::FindPrivateKeyInSlot(
    const std::vector<uint8>& key,
    PK11SlotInfo* slot) {
  if (!slot)
    return nullptr;

  crypto::ScopedSECKEYPrivateKey private_key(
      crypto::FindNSSKeyFromPublicKeyInfoInSlot(key, slot));
  if (!private_key || SECKEY_GetPrivateKeyType(private_key.get()) != rsaKey)
    return nullptr;
#if defined(USE_OPENSSL)
  // TODO(davidben): This assumes that crypto::RSAPrivateKey also uses NSS.
  // https://crbug.com/478777
  NOTIMPLEMENTED();
  return nullptr;
#else
  return crypto::RSAPrivateKey::CreateFromKey(private_key.get());
#endif
}
#endif  // defined(USE_NSS_CERTS)

bool OwnerKeyUtilImpl::IsPublicKeyPresent() {
  return base::PathExists(public_key_file_);
}

}  // namespace ownership