OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/rsa_private_key.h" | 5 #include "crypto/rsa_private_key.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <keyhi.h> | 8 #include <keyhi.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <stdint.h> |
10 | 11 |
11 #include <list> | 12 #include <list> |
12 | 13 |
13 #include "base/debug/leak_annotations.h" | 14 #include "base/debug/leak_annotations.h" |
14 #include "base/logging.h" | 15 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 16 #include "base/memory/scoped_ptr.h" |
16 #include "base/strings/string_util.h" | 17 #include "base/strings/string_util.h" |
17 #include "crypto/nss_key_util.h" | 18 #include "crypto/nss_key_util.h" |
18 #include "crypto/nss_util.h" | 19 #include "crypto/nss_util.h" |
19 #include "crypto/scoped_nss_types.h" | 20 #include "crypto/scoped_nss_types.h" |
20 | 21 |
21 // TODO(rafaelw): Consider using NSS's ASN.1 encoder. | 22 // TODO(rafaelw): Consider using NSS's ASN.1 encoder. |
22 namespace { | 23 namespace { |
23 | 24 |
24 static bool ReadAttribute(SECKEYPrivateKey* key, | 25 static bool ReadAttribute(SECKEYPrivateKey* key, |
25 CK_ATTRIBUTE_TYPE type, | 26 CK_ATTRIBUTE_TYPE type, |
26 std::vector<uint8>* output) { | 27 std::vector<uint8_t>* output) { |
27 SECItem item; | 28 SECItem item; |
28 SECStatus rv; | 29 SECStatus rv; |
29 rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item); | 30 rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item); |
30 if (rv != SECSuccess) { | 31 if (rv != SECSuccess) { |
31 NOTREACHED(); | 32 NOTREACHED(); |
32 return false; | 33 return false; |
33 } | 34 } |
34 | 35 |
35 output->assign(item.data, item.data + item.len); | 36 output->assign(item.data, item.data + item.len); |
36 SECITEM_FreeItem(&item, PR_FALSE); | 37 SECITEM_FreeItem(&item, PR_FALSE); |
37 return true; | 38 return true; |
38 } | 39 } |
39 | 40 |
40 } // namespace | 41 } // namespace |
41 | 42 |
42 namespace crypto { | 43 namespace crypto { |
43 | 44 |
44 RSAPrivateKey::~RSAPrivateKey() { | 45 RSAPrivateKey::~RSAPrivateKey() { |
45 if (key_) | 46 if (key_) |
46 SECKEY_DestroyPrivateKey(key_); | 47 SECKEY_DestroyPrivateKey(key_); |
47 if (public_key_) | 48 if (public_key_) |
48 SECKEY_DestroyPublicKey(public_key_); | 49 SECKEY_DestroyPublicKey(public_key_); |
49 } | 50 } |
50 | 51 |
51 // static | 52 // static |
52 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { | 53 RSAPrivateKey* RSAPrivateKey::Create(uint16_t num_bits) { |
53 EnsureNSSInit(); | 54 EnsureNSSInit(); |
54 | 55 |
55 ScopedPK11Slot slot(PK11_GetInternalSlot()); | 56 ScopedPK11Slot slot(PK11_GetInternalSlot()); |
56 if (!slot) { | 57 if (!slot) { |
57 NOTREACHED(); | 58 NOTREACHED(); |
58 return nullptr; | 59 return nullptr; |
59 } | 60 } |
60 | 61 |
61 ScopedSECKEYPublicKey public_key; | 62 ScopedSECKEYPublicKey public_key; |
62 ScopedSECKEYPrivateKey private_key; | 63 ScopedSECKEYPrivateKey private_key; |
63 if (!GenerateRSAKeyPairNSS(slot.get(), num_bits, false /* not permanent */, | 64 if (!GenerateRSAKeyPairNSS(slot.get(), num_bits, false /* not permanent */, |
64 &public_key, &private_key)) { | 65 &public_key, &private_key)) { |
65 return nullptr; | 66 return nullptr; |
66 } | 67 } |
67 | 68 |
68 RSAPrivateKey* rsa_key = new RSAPrivateKey; | 69 RSAPrivateKey* rsa_key = new RSAPrivateKey; |
69 rsa_key->public_key_ = public_key.release(); | 70 rsa_key->public_key_ = public_key.release(); |
70 rsa_key->key_ = private_key.release(); | 71 rsa_key->key_ = private_key.release(); |
71 return rsa_key; | 72 return rsa_key; |
72 } | 73 } |
73 | 74 |
74 // static | 75 // static |
75 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( | 76 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( |
76 const std::vector<uint8>& input) { | 77 const std::vector<uint8_t>& input) { |
77 EnsureNSSInit(); | 78 EnsureNSSInit(); |
78 | 79 |
79 ScopedPK11Slot slot(PK11_GetInternalSlot()); | 80 ScopedPK11Slot slot(PK11_GetInternalSlot()); |
80 if (!slot) { | 81 if (!slot) { |
81 NOTREACHED(); | 82 NOTREACHED(); |
82 return nullptr; | 83 return nullptr; |
83 } | 84 } |
84 ScopedSECKEYPrivateKey key(ImportNSSKeyFromPrivateKeyInfo( | 85 ScopedSECKEYPrivateKey key(ImportNSSKeyFromPrivateKeyInfo( |
85 slot.get(), input, false /* not permanent */)); | 86 slot.get(), input, false /* not permanent */)); |
86 if (!key || SECKEY_GetPrivateKeyType(key.get()) != rsaKey) | 87 if (!key || SECKEY_GetPrivateKeyType(key.get()) != rsaKey) |
(...skipping 17 matching lines...) Expand all Loading... |
104 return copy; | 105 return copy; |
105 } | 106 } |
106 | 107 |
107 RSAPrivateKey* RSAPrivateKey::Copy() const { | 108 RSAPrivateKey* RSAPrivateKey::Copy() const { |
108 RSAPrivateKey* copy = new RSAPrivateKey(); | 109 RSAPrivateKey* copy = new RSAPrivateKey(); |
109 copy->key_ = SECKEY_CopyPrivateKey(key_); | 110 copy->key_ = SECKEY_CopyPrivateKey(key_); |
110 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); | 111 copy->public_key_ = SECKEY_CopyPublicKey(public_key_); |
111 return copy; | 112 return copy; |
112 } | 113 } |
113 | 114 |
114 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { | 115 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const { |
115 PrivateKeyInfoCodec private_key_info(true); | 116 PrivateKeyInfoCodec private_key_info(true); |
116 | 117 |
117 // Manually read the component attributes of the private key and build up | 118 // Manually read the component attributes of the private key and build up |
118 // the PrivateKeyInfo. | 119 // the PrivateKeyInfo. |
119 if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) || | 120 if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) || |
120 !ReadAttribute(key_, CKA_PUBLIC_EXPONENT, | 121 !ReadAttribute(key_, CKA_PUBLIC_EXPONENT, |
121 private_key_info.public_exponent()) || | 122 private_key_info.public_exponent()) || |
122 !ReadAttribute(key_, CKA_PRIVATE_EXPONENT, | 123 !ReadAttribute(key_, CKA_PRIVATE_EXPONENT, |
123 private_key_info.private_exponent()) || | 124 private_key_info.private_exponent()) || |
124 !ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) || | 125 !ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) || |
125 !ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) || | 126 !ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) || |
126 !ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) || | 127 !ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) || |
127 !ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) || | 128 !ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) || |
128 !ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) { | 129 !ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) { |
129 NOTREACHED(); | 130 NOTREACHED(); |
130 return false; | 131 return false; |
131 } | 132 } |
132 | 133 |
133 return private_key_info.Export(output); | 134 return private_key_info.Export(output); |
134 } | 135 } |
135 | 136 |
136 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) const { | 137 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { |
137 ScopedSECItem der_pubkey(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_)); | 138 ScopedSECItem der_pubkey(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_)); |
138 if (!der_pubkey.get()) { | 139 if (!der_pubkey.get()) { |
139 NOTREACHED(); | 140 NOTREACHED(); |
140 return false; | 141 return false; |
141 } | 142 } |
142 | 143 |
143 output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len); | 144 output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len); |
144 return true; | 145 return true; |
145 } | 146 } |
146 | 147 |
147 RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { | 148 RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { |
148 EnsureNSSInit(); | 149 EnsureNSSInit(); |
149 } | 150 } |
150 | 151 |
151 } // namespace crypto | 152 } // namespace crypto |
OLD | NEW |