OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CRYPTO_EC_PRIVATE_KEY_H_ | |
6 #define CRYPTO_EC_PRIVATE_KEY_H_ | |
7 #pragma once | |
8 | |
9 #include "build/build_config.h" | |
wtc
2011/11/03 02:17:50
Include "build/build_config.h" with the Chromium h
mattm
2011/11/04 02:39:14
Done.
| |
10 | |
11 #include <vector> | |
12 | |
13 #include "base/basictypes.h" | |
14 #include "crypto/crypto_export.h" | |
15 | |
16 #if defined(USE_OPENSSL) | |
17 // Forward declaration for openssl/*.h | |
18 typedef struct evp_pkey_st EVP_PKEY; | |
19 #else | |
20 // Forward declaration. | |
21 struct SECKEYPrivateKeyStr; | |
22 struct SECKEYPublicKeyStr; | |
wtc
2011/11/03 02:17:50
Please do
typedef struct SECKEYPrivateKeyStr SE
mattm
2011/11/04 02:39:14
Done.
| |
23 #endif | |
24 | |
25 namespace crypto { | |
26 | |
27 // Encapsulates an EC private key. Can be used to generate new keys, export | |
wtc
2011/11/03 02:17:50
EC => elliptic curve (EC)
otherwise "EC" is never
mattm
2011/11/04 02:39:14
Done.
| |
28 // keys to other formats, or to extract a public key. | |
29 // TODO(mattm): make this and RSAPrivateKey implement some PrivateKey interface. | |
30 // (The difference in types of key() and public_key() make this a little | |
31 // tricky.) | |
32 class CRYPTO_EXPORT ECPrivateKey { | |
33 public: | |
34 ~ECPrivateKey(); | |
35 | |
36 // Create a new random instance. Can return NULL if initialization fails. | |
37 // The created key will use the NIST P-256 curve. | |
38 static ECPrivateKey* Create(); | |
wtc
2011/11/03 02:17:50
Please add a TODO comment about adding a 'curve' p
mattm
2011/11/04 02:39:14
Done.
| |
39 | |
40 // Create a new random instance. Can return NULL if initialization fails. | |
41 // The created key is permanent and is not exportable in plaintext form. | |
42 // | |
43 // NOTE: Currently only available if USE_NSS is defined. | |
44 static ECPrivateKey* CreateSensitive(); | |
45 | |
46 // Create a new instance by importing an existing private key. See | |
47 // ExportPrivateKey for the format description. | |
wtc
2011/11/03 02:17:50
API DESIGN: I recommend that this class exports an
mattm
2011/11/04 02:39:14
Done.
| |
48 // Returns NULL if initialization fails. | |
49 static ECPrivateKey* CreateFromPrivateKeyInfo( | |
50 const std::vector<uint8>& input); | |
51 | |
52 // Create a new instance by importing an existing private key. See | |
53 // ExportPrivateKey for the format description. | |
54 // This can return NULL if initialization fails. The created key is permanent | |
55 // and is not exportable in plaintext form. | |
56 // | |
57 // NOTE: Currently only available if USE_NSS is defined. | |
58 static ECPrivateKey* CreateSensitiveFromPrivateKeyInfo( | |
59 const std::vector<uint8>& input); | |
60 | |
61 #if defined(USE_OPENSSL) | |
62 EVP_PKEY* key() { return key_; } | |
63 #else | |
64 SECKEYPrivateKeyStr* key() { return key_; } | |
65 SECKEYPublicKeyStr* public_key() { return public_key_; } | |
66 #endif | |
67 | |
68 // Exports the private key. The format of output is: | |
69 // byte 0: length of NSS publicValue data. | |
70 // byte 1-n: NSS publicValue data. | |
71 // remaining: ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo block. | |
72 bool ExportPrivateKey(std::vector<uint8>* output); | |
wtc
2011/11/03 02:17:50
We should name this function ExportEncryptedPrivat
mattm
2011/11/04 02:39:14
Done.
| |
73 | |
74 // Exports the public key to an X509 SubjectPublicKeyInfo block. | |
75 bool ExportPublicKey(std::vector<uint8>* output); | |
76 | |
77 // Export private key data for testing. The format of data stored into output | |
78 // doesn't matter other than that it is consistent for the same key. | |
79 bool ExportValue(std::vector<uint8>* output); | |
80 bool ExportECParams(std::vector<uint8>* output); | |
81 | |
82 private: | |
83 // Constructor is private. Use one of the Create*() or Find*() | |
84 // methods above instead. | |
wtc
2011/11/03 02:17:50
Nit: this class doesn't have any Find*() methods.
mattm
2011/11/04 02:39:14
Done.
| |
85 ECPrivateKey(); | |
86 | |
87 // Shared helper for Create() and CreateSensitive(). | |
88 // TODO(cmasone): consider replacing |permanent| and |sensitive| with a | |
89 // flags arg created by ORing together some enumerated values. | |
90 static ECPrivateKey* CreateWithParams(bool permanent, | |
91 bool sensitive); | |
92 | |
93 // Shared helper for CreateFromPrivateKeyInfo() and | |
94 // CreateSensitiveFromPrivateKeyInfo(). | |
95 static ECPrivateKey* CreateFromPrivateKeyInfoWithParams( | |
96 const std::vector<uint8>& input, bool permanent, bool sensitive); | |
97 | |
98 #if defined(USE_OPENSSL) | |
99 EVP_PKEY* key_; | |
100 #else | |
101 SECKEYPrivateKeyStr* key_; | |
102 SECKEYPublicKeyStr* public_key_; | |
103 #endif | |
104 | |
105 DISALLOW_COPY_AND_ASSIGN(ECPrivateKey); | |
106 }; | |
107 | |
108 | |
109 } // namespace crypto | |
110 | |
111 #endif // CRYPTO_EC_PRIVATE_KEY_H_ | |
OLD | NEW |