| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/crypto/rsa_private_key.h" | 5 #include "base/crypto/rsa_private_key.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 | 10 |
| 11 #include <iostream> | 11 #include <iostream> |
| 12 #include <list> | 12 #include <list> |
| 13 | 13 |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/nss_init.h" | 15 #include "base/nss_init.h" |
| 16 #include "base/scoped_ptr.h" | 16 #include "base/scoped_ptr.h" |
| 17 #include "base/string_util.h" | 17 #include "base/string_util.h" |
| 18 | 18 |
| 19 // TODO(rafaelw): Consider refactoring common functions and definitions from | 19 // TODO(rafaelw): Consider refactoring common functions and definitions from |
| 20 // rsa_private_key_win.cc or using NSS's ASN.1 encoder. | 20 // rsa_private_key_win.cc or using NSS's ASN.1 encoder. |
| 21 namespace { | 21 namespace { |
| 22 | 22 |
| 23 // ASN.1 encoding of the AlgorithmIdentifier from PKCS #8. | 23 static bool ReadAttribute(SECKEYPrivateKey* key, |
| 24 const uint8 kRsaAlgorithmIdentifier[] = { | 24 CK_ATTRIBUTE_TYPE type, |
| 25 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, | 25 std::vector<uint8>* output) { |
| 26 0x05, 0x00 | |
| 27 }; | |
| 28 | |
| 29 // ASN.1 tags for some types we use. | |
| 30 const uint8 kSequenceTag = 0x30; | |
| 31 const uint8 kIntegerTag = 0x02; | |
| 32 const uint8 kNullTag = 0x05; | |
| 33 const uint8 kOctetStringTag = 0x04; | |
| 34 | |
| 35 static void PrependBytesInOrder(uint8* val, int start, int num_bytes, | |
| 36 std::list<uint8>* data) { | |
| 37 while(num_bytes > start) { | |
| 38 --num_bytes; | |
| 39 data->push_front(val[num_bytes]); | |
| 40 } | |
| 41 } | |
| 42 | |
| 43 // Helper to prepend an ASN.1 length field. | |
| 44 static void PrependLength(size_t size, std::list<uint8>* data) { | |
| 45 // The high bit is used to indicate whether additional octets are needed to | |
| 46 // represent the length. | |
| 47 if (size < 0x80) { | |
| 48 data->push_front(static_cast<uint8>(size)); | |
| 49 } else { | |
| 50 uint8 num_bytes = 0; | |
| 51 while (size > 0) { | |
| 52 data->push_front(static_cast<uint8>(size & 0xFF)); | |
| 53 size >>= 8; | |
| 54 num_bytes++; | |
| 55 } | |
| 56 CHECK(num_bytes <= 4); | |
| 57 data->push_front(0x80 | num_bytes); | |
| 58 } | |
| 59 } | |
| 60 | |
| 61 // Helper to prepend an ASN.1 type header. | |
| 62 static void PrependTypeHeaderAndLength(uint8 type, uint32 length, | |
| 63 std::list<uint8>* output) { | |
| 64 PrependLength(length, output); | |
| 65 output->push_front(type); | |
| 66 } | |
| 67 | |
| 68 // Helper to prepend an ASN.1 integer. | |
| 69 static void PrependInteger(uint8* val, int num_bytes, std::list<uint8>* data) { | |
| 70 // ASN.1 integers are unpadded byte arrays, so skip any null padding bytes | |
| 71 // from the most-significant end of the integer. | |
| 72 int start = 0; | |
| 73 while (start < (num_bytes - 1) && val[start] == 0x00) | |
| 74 start++; | |
| 75 | |
| 76 PrependBytesInOrder(val, start, num_bytes, data); | |
| 77 | |
| 78 // ASN.1 integers are signed. To encode a positive integer whose sign bit | |
| 79 // (the most significant bit) would otherwise be set and make the number | |
| 80 // negative, ASN.1 requires a leading null byte to force the integer to be | |
| 81 // positive. | |
| 82 if ((val[start] & 0x80) != 0) { | |
| 83 data->push_front(0x00); | |
| 84 num_bytes++; | |
| 85 } | |
| 86 | |
| 87 PrependTypeHeaderAndLength(kIntegerTag, num_bytes, data); | |
| 88 } | |
| 89 | |
| 90 static bool ReadAttributeAndPrependInteger(SECKEYPrivateKey* key, | |
| 91 CK_ATTRIBUTE_TYPE type, | |
| 92 std::list<uint8>* output) { | |
| 93 SECItem item; | 26 SECItem item; |
| 94 SECStatus rv; | 27 SECStatus rv; |
| 95 rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item); | 28 rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item); |
| 96 if (rv != SECSuccess) { | 29 if (rv != SECSuccess) { |
| 97 NOTREACHED(); | 30 NOTREACHED(); |
| 98 return false; | 31 return false; |
| 99 } | 32 } |
| 100 | 33 |
| 101 PrependInteger(item.data, item.len, output); | 34 output->assign(item.data, item.data + item.len); |
| 102 SECITEM_FreeItem(&item, PR_FALSE); | 35 SECITEM_FreeItem(&item, PR_FALSE); |
| 103 return true; | 36 return true; |
| 104 } | 37 } |
| 105 | 38 |
| 106 } // namespace | 39 } // namespace |
| 107 | 40 |
| 108 | |
| 109 namespace base { | 41 namespace base { |
| 110 | 42 |
| 111 // static | 43 // static |
| 112 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { | 44 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { |
| 113 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); | 45 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); |
| 114 | 46 |
| 115 PK11SlotInfo *slot = PK11_GetInternalSlot(); | 47 PK11SlotInfo *slot = PK11_GetInternalSlot(); |
| 116 if (!slot) | 48 if (!slot) |
| 117 return NULL; | 49 return NULL; |
| 118 | 50 |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 163 } | 95 } |
| 164 | 96 |
| 165 RSAPrivateKey::~RSAPrivateKey() { | 97 RSAPrivateKey::~RSAPrivateKey() { |
| 166 if (key_) | 98 if (key_) |
| 167 SECKEY_DestroyPrivateKey(key_); | 99 SECKEY_DestroyPrivateKey(key_); |
| 168 if (public_key_) | 100 if (public_key_) |
| 169 SECKEY_DestroyPublicKey(public_key_); | 101 SECKEY_DestroyPublicKey(public_key_); |
| 170 } | 102 } |
| 171 | 103 |
| 172 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) { | 104 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) { |
| 173 std::list<uint8> content; | 105 PrivateKeyInfoCodec private_key_info(true); |
| 174 | 106 |
| 175 // Version (always zero) | 107 // Manually read the component attributes of the private key and build up |
| 176 uint8 version = 0; | 108 // the PrivateKeyInfo. |
| 177 | 109 if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) || |
| 178 // Manually read the component attributes of the private key and build up the | 110 !ReadAttribute(key_, CKA_PUBLIC_EXPONENT, |
| 179 // output in reverse order to prevent having to do copies to figure out the | 111 private_key_info.public_exponent()) || |
| 180 // length. | 112 !ReadAttribute(key_, CKA_PRIVATE_EXPONENT, |
| 181 if (!ReadAttributeAndPrependInteger(key_, CKA_COEFFICIENT, &content) || | 113 private_key_info.private_exponent()) || |
| 182 !ReadAttributeAndPrependInteger(key_, CKA_EXPONENT_2, &content) || | 114 !ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) || |
| 183 !ReadAttributeAndPrependInteger(key_, CKA_EXPONENT_1, &content) || | 115 !ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) || |
| 184 !ReadAttributeAndPrependInteger(key_, CKA_PRIME_2, &content) || | 116 !ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) || |
| 185 !ReadAttributeAndPrependInteger(key_, CKA_PRIME_1, &content) || | 117 !ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) || |
| 186 !ReadAttributeAndPrependInteger(key_, CKA_PRIVATE_EXPONENT, &content) || | 118 !ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) { |
| 187 !ReadAttributeAndPrependInteger(key_, CKA_PUBLIC_EXPONENT, &content) || | |
| 188 !ReadAttributeAndPrependInteger(key_, CKA_MODULUS, &content)) { | |
| 189 NOTREACHED(); | 119 NOTREACHED(); |
| 190 return false; | 120 return false; |
| 191 } | 121 } |
| 192 PrependInteger(&version, 1, &content); | |
| 193 PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content); | |
| 194 PrependTypeHeaderAndLength(kOctetStringTag, content.size(), &content); | |
| 195 | 122 |
| 196 // RSA algorithm OID | 123 return private_key_info.Export(output); |
| 197 for (size_t i = sizeof(kRsaAlgorithmIdentifier); i > 0; --i) | |
| 198 content.push_front(kRsaAlgorithmIdentifier[i - 1]); | |
| 199 | |
| 200 PrependInteger(&version, 1, &content); | |
| 201 PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content); | |
| 202 | |
| 203 // Copy everying into the output. | |
| 204 output->reserve(content.size()); | |
| 205 for (std::list<uint8>::iterator i = content.begin(); i != content.end(); ++i) | |
| 206 output->push_back(*i); | |
| 207 | |
| 208 return true; | |
| 209 } | 124 } |
| 210 | 125 |
| 211 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) { | 126 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) { |
| 212 SECItem* der_pubkey = SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_); | 127 SECItem* der_pubkey = SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_); |
| 213 if (!der_pubkey) { | 128 if (!der_pubkey) { |
| 214 NOTREACHED(); | 129 NOTREACHED(); |
| 215 return false; | 130 return false; |
| 216 } | 131 } |
| 217 | 132 |
| 218 for (size_t i = 0; i < der_pubkey->len; ++i) | 133 for (size_t i = 0; i < der_pubkey->len; ++i) |
| 219 output->push_back(der_pubkey->data[i]); | 134 output->push_back(der_pubkey->data[i]); |
| 220 | 135 |
| 221 SECITEM_FreeItem(der_pubkey, PR_TRUE); | 136 SECITEM_FreeItem(der_pubkey, PR_TRUE); |
| 222 return true; | 137 return true; |
| 223 } | 138 } |
| 224 | 139 |
| 225 } // namespace base | 140 } // namespace base |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 242136:
Refactor ASN1 parsing/serializationg (Closed)
