nsresult
CryptoKey::PrivateKeyToPkcs8(SECKEYPrivateKey* aPrivKey,
CryptoBuffer& aRetVal,
const nsNSSShutDownPreventionLock& /*proofOfLock*/)
{
ScopedSECItem pkcs8Item(PK11_ExportDERPrivateKeyInfo(aPrivKey, nullptr));
if (!pkcs8Item.get()) {
return NS_ERROR_DOM_INVALID_ACCESS_ERR;
}
aRetVal.Assign(pkcs8Item.get());
return NS_OK;
}
SECKEYPrivateKey*
CryptoKey::PrivateKeyFromPkcs8(CryptoBuffer& aKeyData,
const nsNSSShutDownPreventionLock& /*proofOfLock*/)
{
SECKEYPrivateKey* privKey;
ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
ScopedSECItem pkcs8Item(aKeyData.ToSECItem());
if (!pkcs8Item) {
return nullptr;
}
// Allow everything, we enforce usage ourselves
unsigned int usage = KU_ALL;
nsresult rv = MapSECStatus(PK11_ImportDERPrivateKeyInfoAndReturnKey(
slot.get(), pkcs8Item.get(), nullptr, nullptr, false, false,
usage, &privKey, nullptr));
if (NS_FAILED(rv)) {
return nullptr;
}
return privKey;
}
