OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/spdy/spdy_credential_builder.h" | 5 #include "net/spdy/spdy_credential_builder.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/string_piece.h" | 8 #include "base/string_piece.h" |
9 #include "crypto/ec_private_key.h" | 9 #include "crypto/ec_private_key.h" |
10 #include "crypto/ec_signature_creator.h" | 10 #include "crypto/ec_signature_creator.h" |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
48 return ERR_BAD_SSL_CLIENT_AUTH_CERT; | 48 return ERR_BAD_SSL_CLIENT_AUTH_CERT; |
49 // Drop one byte of padding bits count from the BIT STRING | 49 // Drop one byte of padding bits count from the BIT STRING |
50 // (this will always be zero). Drop one byte of X9.62 format specification | 50 // (this will always be zero). Drop one byte of X9.62 format specification |
51 // (this will always be 4 to indicated an uncompressed point). | 51 // (this will always be 4 to indicated an uncompressed point). |
52 DCHECK_GT(public_key.length(), 2u); | 52 DCHECK_GT(public_key.length(), 2u); |
53 DCHECK_EQ(0, static_cast<int>(public_key[0])); | 53 DCHECK_EQ(0, static_cast<int>(public_key[0])); |
54 DCHECK_EQ(4, static_cast<int>(public_key[1])); | 54 DCHECK_EQ(4, static_cast<int>(public_key[1])); |
55 public_key = public_key.substr(2, public_key.length()); | 55 public_key = public_key.substr(2, public_key.length()); |
56 | 56 |
57 // Convert the strings into a vector<unit8> | 57 // Convert the strings into a vector<unit8> |
58 std::vector<uint8> proof_vector; | 58 std::vector<uint8> der_signature; |
59 scoped_ptr<crypto::ECPrivateKey> private_key( | 59 scoped_ptr<crypto::ECPrivateKey> private_key( |
60 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 60 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
61 ServerBoundCertService::kEPKIPassword, | 61 ServerBoundCertService::kEPKIPassword, |
62 ToVector(key), ToVector(public_key_info))); | 62 ToVector(key), ToVector(public_key_info))); |
63 scoped_ptr<crypto::ECSignatureCreator> creator( | 63 scoped_ptr<crypto::ECSignatureCreator> creator( |
64 crypto::ECSignatureCreator::Create(private_key.get())); | 64 crypto::ECSignatureCreator::Create(private_key.get())); |
65 creator->Sign(reinterpret_cast<const unsigned char *>(secret.data()), | 65 creator->Sign(reinterpret_cast<const unsigned char *>(secret.data()), |
66 secret.length(), &proof_vector); | 66 secret.length(), &der_signature); |
| 67 |
| 68 std::string proof; |
| 69 if (!creator->DecodeSignature(der_signature, &proof)) { |
| 70 NOTREACHED(); |
| 71 return ERR_UNEXPECTED; |
| 72 } |
67 | 73 |
68 credential->slot = slot; | 74 credential->slot = slot; |
69 credential->certs.push_back(public_key.as_string()); | 75 credential->certs.push_back(public_key.as_string()); |
70 credential->proof.assign(proof_vector.begin(), proof_vector.end()); | 76 credential->proof = proof; |
71 return OK; | 77 return OK; |
72 } | 78 } |
73 | 79 |
74 // static | 80 // static |
75 std::string SpdyCredentialBuilder::GetCredentialSecret( | 81 std::string SpdyCredentialBuilder::GetCredentialSecret( |
76 const std::string& tls_unique) { | 82 const std::string& tls_unique) { |
77 const char prefix[] = "SPDY CREDENTIAL ChannelID\0client -> server"; | 83 const char prefix[] = "SPDY CREDENTIAL ChannelID\0client -> server"; |
78 std::string secret(prefix, arraysize(prefix)); | 84 std::string secret(prefix, arraysize(prefix)); |
79 secret.append(tls_unique); | 85 secret.append(tls_unique); |
80 | 86 |
81 return secret; | 87 return secret; |
82 } | 88 } |
83 | 89 |
84 } // namespace net | 90 } // namespace net |
OLD | NEW |