This source file includes following definitions.
- LoadPublicKey
- PublicKeyLength
- EncryptKeySource
#include "google_apis/cup/client_update_protocol.h"
#include <keyhi.h>
#include <pk11pub.h>
#include <seccomon.h>
#include "base/logging.h"
#include "crypto/nss_util.h"
#include "crypto/scoped_nss_types.h"
typedef scoped_ptr<CERTSubjectPublicKeyInfo,
crypto::NSSDestroyer<CERTSubjectPublicKeyInfo,
SECKEY_DestroySubjectPublicKeyInfo> >
ScopedCERTSubjectPublicKeyInfo;
ClientUpdateProtocol::~ClientUpdateProtocol() {
if (public_key_)
SECKEY_DestroyPublicKey(public_key_);
}
bool ClientUpdateProtocol::LoadPublicKey(const base::StringPiece& public_key) {
crypto::EnsureNSSInit();
SECItem spki_item;
spki_item.type = siBuffer;
spki_item.data =
reinterpret_cast<unsigned char*>(const_cast<char*>(public_key.data()));
spki_item.len = static_cast<unsigned int>(public_key.size());
ScopedCERTSubjectPublicKeyInfo spki(
SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_item));
if (!spki.get())
return false;
public_key_ = SECKEY_ExtractPublicKey(spki.get());
if (!public_key_)
return false;
if (!PublicKeyLength())
return false;
return true;
}
size_t ClientUpdateProtocol::PublicKeyLength() {
if (!public_key_)
return 0;
return SECKEY_PublicKeyStrength(public_key_);
}
bool ClientUpdateProtocol::EncryptKeySource(
const std::vector<uint8>& key_source) {
if (!public_key_)
return false;
size_t keysize = SECKEY_PublicKeyStrength(public_key_);
if (key_source.size() != keysize)
return false;
encrypted_key_source_.resize(keysize);
return SECSuccess == PK11_PubEncryptRaw(
public_key_,
&encrypted_key_source_[0],
const_cast<unsigned char*>(&key_source[0]),
key_source.size(),
NULL);
}