Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(16)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/openssl_private_key_store_android.cc

Issue 11031043: Fix handling of user and CA certificates on Android. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/mime_util.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/openssl_private_key_store.h" 5 #include "net/base/openssl_private_key_store.h"
6 6
7 #include <openssl/evp.h> 7 #include <openssl/evp.h>
8 #include <openssl/x509.h>
8 9
9 #include "base/logging.h" 10 #include "base/logging.h"
10 #include "base/memory/singleton.h" 11 #include "base/memory/singleton.h"
11 #include "crypto/openssl_util.h" 12 #include "crypto/openssl_util.h"
12 #include "net/android/network_library.h" 13 #include "net/android/network_library.h"
13 14
14 namespace net { 15 namespace net {
15 16
16 namespace { 17 namespace {
17 18
18 class OpenSSLKeyStoreAndroid : public OpenSSLPrivateKeyStore { 19 class OpenSSLKeyStoreAndroid : public OpenSSLPrivateKeyStore {
19 public: 20 public:
20 ~OpenSSLKeyStoreAndroid() {} 21 ~OpenSSLKeyStoreAndroid() {}
21 22
22 // TODO(joth): Use the |url| to help identify this key to the user.
23 // Currently Android has no UI to list these stored private keys (and no
24 // API to associate a name with them), so this is a non-issue.
25 virtual bool StorePrivateKey(const GURL& url, EVP_PKEY* pkey) { 23 virtual bool StorePrivateKey(const GURL& url, EVP_PKEY* pkey) {
24 // Always clear openssl errors on exit.
25 crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);
26 // Important: Do not use i2d_PublicKey() here, which returns data in
27 // PKKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded
28 // SubjectPublicKeyInfo (X.509), as expected by the platform.
26 uint8* public_key = NULL; 29 uint8* public_key = NULL;
27 int public_len = i2d_PublicKey(pkey, &public_key); 30 int public_len = i2d_PUBKEY(pkey, &public_key);
31 // Important: Do not use i2d_PrivateKey() here, it returns data
32 // in a format that is incompatible with what the platform expects
33 // (i.e. this crashes the CertInstaller with an assertion error
34 // "error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag"
28 uint8* private_key = NULL; 35 uint8* private_key = NULL;
29 int private_len = i2d_PrivateKey(pkey, &private_key); 36 int private_len = 0;
30 37 PKCS8_PRIV_KEY_INFO* pkcs8 = EVP_PKEY2PKCS8(pkey);
38 if (pkcs8 != NULL) {
39 private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8, &private_key);
40 PKCS8_PRIV_KEY_INFO_free(pkcs8);
41 }
31 bool ret = false; 42 bool ret = false;
32 if (public_len && private_len) { 43 if (public_len > 0 && private_len > 0) {
33 ret = net::android::StoreKeyPair(public_key, public_len, private_key, 44 ret = net::android::StoreKeyPair(public_key, public_len, private_key,
34 private_len); 45 private_len);
35 } 46 }
36 LOG_IF(ERROR, !ret) << "StorePrivateKey failed. pub len = " << public_len 47 LOG_IF(ERROR, !ret) << "StorePrivateKey failed. pub len = " << public_len
37 << " priv len = " << private_len; 48 << " priv len = " << private_len;
38 OPENSSL_free(public_key); 49 OPENSSL_free(public_key);
39 OPENSSL_free(private_key); 50 OPENSSL_free(private_key);
40 return ret; 51 return ret;
41 } 52 }
42 53
(...skipping 21 matching lines...) Expand all
64 DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyStoreAndroid); 75 DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyStoreAndroid);
65 }; 76 };
66 77
67 } // namespace 78 } // namespace
68 79
69 OpenSSLPrivateKeyStore* OpenSSLPrivateKeyStore::GetInstance() { 80 OpenSSLPrivateKeyStore* OpenSSLPrivateKeyStore::GetInstance() {
70 return OpenSSLKeyStoreAndroid::GetInstance(); 81 return OpenSSLKeyStoreAndroid::GetInstance();
71 } 82 }
72 83
73 } // namespace net 84 } // namespace net
OLDNEW
« no previous file with comments | « net/base/mime_util.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698