1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "crypto/ec_private_key.h"
6
7#include <openssl/ec.h>
8#include <openssl/evp.h>
9#include <openssl/pkcs12.h>
10#include <openssl/x509.h>
11
12#include "base/logging.h"
13#include "base/memory/scoped_ptr.h"
14#include "crypto/openssl_util.h"
15
16namespace crypto {
17
18namespace {
19
20// Function pointer definition, for injecting the required key export function
21// into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and
22// |key| is a handle to the input key object. Return 1 on success, 0 otherwise.
23// NOTE: Used with OpenSSL functions, which do not comply with the Chromium
24//       style guide, hence the unusual parameter placement / types.
25typedef int (*ExportBioFunction)(BIO* bio, const void* key);
26
27// Helper to export |key| into |output| via the specified ExportBioFunction.
28bool ExportKeyWithBio(const void* key,
29                      ExportBioFunction export_fn,
30                      std::vector<uint8>* output) {
31  if (!key)
32    return false;
33
34  ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new(BIO_s_mem()));
35  if (!bio.get())
36    return false;
37
38  if (!export_fn(bio.get(), key))
39    return false;
40
41  char* data = NULL;
42  long len = BIO_get_mem_data(bio.get(), &data);
43  if (!data || len < 0)
44    return false;
45
46  output->assign(data, data + len);
47  return true;
48}
49
50// Function pointer definition, for injecting the required key export function
51// into ExportKey below. |key| is a pointer to the input key object,
52// and |data| is either NULL, or the address of an 'unsigned char*' pointer
53// that points to the start of the output buffer. The function must return
54// the number of bytes required to export the data, or -1 in case of error.
55typedef int (*ExportDataFunction)(const void* key, unsigned char** data);
56
57// Helper to export |key| into |output| via the specified export function.
58bool ExportKey(const void* key,
59               ExportDataFunction export_fn,
60               std::vector<uint8>* output) {
61  if (!key)
62    return false;
63
64  int data_len = export_fn(key, NULL);
65  if (data_len < 0)
66    return false;
67
68  output->resize(static_cast<size_t>(data_len));
69  unsigned char* data = &(*output)[0];
70  if (export_fn(key, &data) < 0)
71    return false;
72
73  return true;
74}
75
76}  // namespace
77
78ECPrivateKey::~ECPrivateKey() {
79  if (key_)
80    EVP_PKEY_free(key_);
81}
82
83// static
84bool ECPrivateKey::IsSupported() { return true; }
85
86// static
87ECPrivateKey* ECPrivateKey::Create() {
88  OpenSSLErrStackTracer err_tracer(FROM_HERE);
89
90  ScopedOpenSSL<EC_KEY, EC_KEY_free> ec_key(
91      EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
92  if (!ec_key.get() || !EC_KEY_generate_key(ec_key.get()))
93    return NULL;
94
95  scoped_ptr<ECPrivateKey> result(new ECPrivateKey());
96  result->key_ = EVP_PKEY_new();
97  if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get()))
98    return NULL;
99
100  return result.release();
101}
102
103// static
104ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
105    const std::string& password,
106    const std::vector<uint8>& encrypted_private_key_info,
107    const std::vector<uint8>& subject_public_key_info) {
108  // NOTE: The |subject_public_key_info| can be ignored here, it is only
109  // useful for the NSS implementation (which uses the public key's SHA1
110  // as a lookup key when storing the private one in its store).
111  if (encrypted_private_key_info.empty())
112    return NULL;
113
114  OpenSSLErrStackTracer err_tracer(FROM_HERE);
115  // Write the encrypted private key into a memory BIO.
116  char* private_key_data = reinterpret_cast<char*>(
117      const_cast<uint8*>(&encrypted_private_key_info[0]));
118  int private_key_data_len =
119      static_cast<int>(encrypted_private_key_info.size());
120  ScopedOpenSSL<BIO, BIO_free_all> bio(
121      BIO_new_mem_buf(private_key_data, private_key_data_len));
122  if (!bio.get())
123    return NULL;
124
125  // Convert it, then decrypt it into a PKCS#8 object.
126  ScopedOpenSSL<X509_SIG, X509_SIG_free> p8_encrypted(
127      d2i_PKCS8_bio(bio.get(), NULL));
128  if (!p8_encrypted.get())
129    return NULL;
130
131  ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> p8_decrypted(
132      PKCS8_decrypt(p8_encrypted.get(),
133                    password.c_str(),
134                    static_cast<int>(password.size())));
135  if (!p8_decrypted.get())
136    return NULL;
137
138  // Create a new EVP_PKEY for it.
139  scoped_ptr<ECPrivateKey> result(new ECPrivateKey);
140  result->key_ = EVP_PKCS82PKEY(p8_decrypted.get());
141  if (!result->key_)
142    return NULL;
143
144  return result.release();
145}
146
147bool ECPrivateKey::ExportEncryptedPrivateKey(
148    const std::string& password,
149    int iterations,
150    std::vector<uint8>* output) {
151  OpenSSLErrStackTracer err_tracer(FROM_HERE);
152  // Convert into a PKCS#8 object.
153  ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> pkcs8(
154      EVP_PKEY2PKCS8(key_));
155  if (!pkcs8.get())
156    return false;
157
158  // Encrypt the object.
159  // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
160  // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL
161  // equivalent.
162  ScopedOpenSSL<X509_SIG, X509_SIG_free> encrypted(
163      PKCS8_encrypt(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
164                    NULL,
165                    password.c_str(),
166                    static_cast<int>(password.size()),
167                    NULL,
168                    0,
169                    iterations,
170                    pkcs8.get()));
171  if (!encrypted.get())
172    return false;
173
174  // Write it into |*output|
175  return ExportKeyWithBio(encrypted.get(),
176                          reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio),
177                          output);
178}
179
180bool ECPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
181  OpenSSLErrStackTracer err_tracer(FROM_HERE);
182  return ExportKeyWithBio(
183      key_, reinterpret_cast<ExportBioFunction>(i2d_PUBKEY_bio), output);
184}
185
186bool ECPrivateKey::ExportValue(std::vector<uint8>* output) {
187  OpenSSLErrStackTracer err_tracer(FROM_HERE);
188  ScopedOpenSSL<EC_KEY, EC_KEY_free> ec_key(EVP_PKEY_get1_EC_KEY(key_));
189  return ExportKey(ec_key.get(),
190                   reinterpret_cast<ExportDataFunction>(i2d_ECPrivateKey),
191                   output);
192}
193
194bool ECPrivateKey::ExportECParams(std::vector<uint8>* output) {
195  OpenSSLErrStackTracer err_tracer(FROM_HERE);
196  ScopedOpenSSL<EC_KEY, EC_KEY_free> ec_key(EVP_PKEY_get1_EC_KEY(key_));
197  return ExportKey(ec_key.get(),
198                   reinterpret_cast<ExportDataFunction>(i2d_ECParameters),
199                   output);
200}
201
202ECPrivateKey::ECPrivateKey() : key_(NULL) {}
203
204}  // namespace crypto
205