1// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "crypto/rsa_private_key.h" 6 7#include <openssl/bio.h> 8#include <openssl/bn.h> 9#include <openssl/evp.h> 10#include <openssl/pkcs12.h> 11#include <openssl/rsa.h> 12 13#include "base/logging.h" 14#include "base/memory/scoped_ptr.h" 15#include "crypto/openssl_util.h" 16#include "crypto/scoped_openssl_types.h" 17 18namespace crypto { 19 20namespace { 21 22// Function pointer definition, for injecting the required key export function 23// into ExportKey, below. The supplied function should export EVP_PKEY into 24// the supplied BIO, returning 1 on success or 0 on failure. 25typedef int (ExportFunction)(BIO*, EVP_PKEY*); 26 27// Helper to export |key| into |output| via the specified ExportFunction. 28bool ExportKey(EVP_PKEY* key, 29 ExportFunction export_fn, 30 std::vector<uint8>* output) { 31 if (!key) 32 return false; 33 34 OpenSSLErrStackTracer err_tracer(FROM_HERE); 35 ScopedBIO bio(BIO_new(BIO_s_mem())); 36 37 int res = export_fn(bio.get(), key); 38 if (!res) 39 return false; 40 41 char* data = NULL; 42 long len = BIO_get_mem_data(bio.get(), &data); 43 if (!data || len < 0) 44 return false; 45 46 output->assign(data, data + len); 47 return true; 48} 49 50} // namespace 51 52// static 53RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { 54 OpenSSLErrStackTracer err_tracer(FROM_HERE); 55 56 ScopedRSA rsa_key(RSA_new()); 57 ScopedBIGNUM bn(BN_new()); 58 if (!rsa_key.get() || !bn.get() || !BN_set_word(bn.get(), 65537L)) 59 return NULL; 60 61 if (!RSA_generate_key_ex(rsa_key.get(), num_bits, bn.get(), NULL)) 62 return NULL; 63 64 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 65 result->key_ = EVP_PKEY_new(); 66 if (!result->key_ || !EVP_PKEY_set1_RSA(result->key_, rsa_key.get())) 67 return NULL; 68 69 return result.release(); 70} 71 72// static 73RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( 74 const std::vector<uint8>& input) { 75 if (input.empty()) 76 return NULL; 77 78 OpenSSLErrStackTracer err_tracer(FROM_HERE); 79 // BIO_new_mem_buf is not const aware, but it does not modify the buffer. 80 char* data = reinterpret_cast<char*>(const_cast<uint8*>(&input[0])); 81 ScopedBIO bio(BIO_new_mem_buf(data, input.size())); 82 if (!bio.get()) 83 return NULL; 84 85 // Importing is a little more involved than exporting, as we must first 86 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key 87 // Info structure returned. 88 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>::Type p8inf( 89 d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL)); 90 if (!p8inf.get()) 91 return NULL; 92 93 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 94 result->key_ = EVP_PKCS82PKEY(p8inf.get()); 95 if (!result->key_) 96 return NULL; 97 98 return result.release(); 99} 100 101// static 102RSAPrivateKey* RSAPrivateKey::CreateFromKey(EVP_PKEY* key) { 103 DCHECK(key); 104 if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA) 105 return NULL; 106 RSAPrivateKey* copy = new RSAPrivateKey(); 107 copy->key_ = EVP_PKEY_dup(key); 108 return copy; 109} 110 111RSAPrivateKey::RSAPrivateKey() 112 : key_(NULL) { 113} 114 115RSAPrivateKey::~RSAPrivateKey() { 116 if (key_) 117 EVP_PKEY_free(key_); 118} 119 120RSAPrivateKey* RSAPrivateKey::Copy() const { 121 scoped_ptr<RSAPrivateKey> copy(new RSAPrivateKey()); 122 ScopedRSA rsa(EVP_PKEY_get1_RSA(key_)); 123 if (!rsa) 124 return NULL; 125 copy->key_ = EVP_PKEY_new(); 126 if (!EVP_PKEY_set1_RSA(copy->key_, rsa.get())) 127 return NULL; 128 return copy.release(); 129} 130 131bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { 132 return ExportKey(key_, i2d_PKCS8PrivateKeyInfo_bio, output); 133} 134 135bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) const { 136 return ExportKey(key_, i2d_PUBKEY_bio, output); 137} 138 139} // namespace crypto 140