// Copyright 2015 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/ssl/ssl_platform_key_util.h" #include "base/lazy_instance.h" #include "base/logging.h" #include "base/macros.h" #include "base/strings/string_piece.h" #include "base/threading/thread.h" #include "crypto/openssl_util.h" #include "net/cert/asn1_util.h" #include "net/cert/x509_certificate.h" #include "third_party/boringssl/src/include/openssl/bytestring.h" #include "third_party/boringssl/src/include/openssl/ec_key.h" #include "third_party/boringssl/src/include/openssl/evp.h" namespace net { namespace { class SSLPlatformKeyTaskRunner { public: SSLPlatformKeyTaskRunner() : worker_thread_("Platform Key Thread") { base::Thread::Options options; options.joinable = false; worker_thread_.StartWithOptions(options); } ~SSLPlatformKeyTaskRunner() {} scoped_refptr task_runner() { return worker_thread_.task_runner(); } private: base::Thread worker_thread_; DISALLOW_COPY_AND_ASSIGN(SSLPlatformKeyTaskRunner); }; base::LazyInstance::Leaky g_platform_key_task_runner = LAZY_INSTANCE_INITIALIZER; } // namespace scoped_refptr GetSSLPlatformKeyTaskRunner() { return g_platform_key_task_runner.Get().task_runner(); } bool GetClientCertInfo(const X509Certificate* certificate, int* out_type, size_t* out_max_length) { crypto::OpenSSLErrStackTracer tracker(FROM_HERE); std::string der_encoded; base::StringPiece spki; if (!X509Certificate::GetDEREncoded(certificate->os_cert_handle(), &der_encoded) || !asn1::ExtractSPKIFromDERCert(der_encoded, &spki)) { LOG(ERROR) << "Could not extract SPKI from certificate."; return false; } CBS cbs; CBS_init(&cbs, reinterpret_cast(spki.data()), spki.size()); bssl::UniquePtr key(EVP_parse_public_key(&cbs)); if (!key || CBS_len(&cbs) != 0) { LOG(ERROR) << "Could not parse public key."; return false; } *out_type = EVP_PKEY_id(key.get()); *out_max_length = EVP_PKEY_size(key.get()); return true; } } // namespace net