1 // Copyright 2017 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SSL_SSL_PLATFORM_KEY_WIN_H_ 6 #define NET_SSL_SSL_PLATFORM_KEY_WIN_H_ 7 8 #include <windows.h> 9 10 // Must be after windows.h. 11 #include <NCrypt.h> 12 13 #include "base/memory/scoped_refptr.h" 14 #include "base/win/wincrypt_shim.h" 15 #include "crypto/scoped_capi_types.h" 16 #include "crypto/scoped_cng_types.h" 17 #include "crypto/unexportable_key.h" 18 #include "net/base/net_export.h" 19 20 namespace net { 21 22 class SSLPrivateKey; 23 class X509Certificate; 24 25 // Returns an SSLPrivateKey backed by the platform private key for 26 // |cert_context| which must correspond to |certificate|. 27 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey( 28 const X509Certificate* certificate, 29 PCCERT_CONTEXT cert_context); 30 31 // Returns an SSLPrivateKey backed by |prov| and |key_spec|, which must 32 // correspond to |certificate|'s public key. 33 NET_EXPORT_PRIVATE scoped_refptr<SSLPrivateKey> WrapCAPIPrivateKey( 34 const X509Certificate* certificate, 35 crypto::ScopedHCRYPTPROV prov, 36 DWORD key_spec); 37 38 // Returns an SSLPrivateKey backed by |key|, which must correspond to 39 // |certificate|'s public key, or nullptr on error. 40 NET_EXPORT_PRIVATE scoped_refptr<SSLPrivateKey> WrapCNGPrivateKey( 41 const X509Certificate* certificate, 42 crypto::ScopedNCryptKey key); 43 44 // Uses `key` to load a second NCrypt key handle and return an 45 // SSLPrivateKey making use of that new handle. 46 NET_EXPORT scoped_refptr<SSLPrivateKey> WrapUnexportableKeySlowly( 47 const crypto::UnexportableSigningKey& key); 48 49 } // namespace net 50 51 #endif // NET_SSL_SSL_PLATFORM_KEY_WIN_H_ 52