1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/base/keygen_handler.h" 6 7 #include <openssl/ssl.h> 8 9 #include "base/logging.h" 10 #include "base/memory/scoped_ptr.h" 11 #include "crypto/openssl_util.h" 12 #include "crypto/rsa_private_key.h" 13 #include "crypto/scoped_openssl_types.h" 14 #include "net/base/openssl_private_key_store.h" 15 16 namespace net { 17 GenKeyAndSignChallenge()18std::string KeygenHandler::GenKeyAndSignChallenge() { 19 scoped_ptr<crypto::RSAPrivateKey> key( 20 crypto::RSAPrivateKey::Create(key_size_in_bits_)); 21 EVP_PKEY* pkey = key->key(); 22 23 if (stores_key_) 24 OpenSSLPrivateKeyStore::StoreKeyPair(url_, pkey); 25 26 crypto::ScopedOpenSSL<NETSCAPE_SPKI, NETSCAPE_SPKI_free>::Type spki( 27 NETSCAPE_SPKI_new()); 28 ASN1_STRING_set(spki.get()->spkac->challenge, 29 challenge_.data(), challenge_.size()); 30 NETSCAPE_SPKI_set_pubkey(spki.get(), pkey); 31 // Using MD5 as this is what is required in HTML5, even though the SPKI 32 // structure does allow the use of a SHA-1 signature. 33 NETSCAPE_SPKI_sign(spki.get(), pkey, EVP_md5()); 34 char* spkistr = NETSCAPE_SPKI_b64_encode(spki.get()); 35 36 std::string result(spkistr); 37 OPENSSL_free(spkistr); 38 39 return result; 40 } 41 42 } // namespace net 43 44