| Index: crypto/ec_private_key_openssl.cc
|
| diff --git a/crypto/ec_private_key_openssl.cc b/crypto/ec_private_key_openssl.cc
|
| deleted file mode 100644
|
| index 5e8d0549a85f00f60fa7f699898af354bfd6df49..0000000000000000000000000000000000000000
|
| --- a/crypto/ec_private_key_openssl.cc
|
| +++ /dev/null
|
| @@ -1,226 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "crypto/ec_private_key.h"
|
| -
|
| -#include <openssl/bytestring.h>
|
| -#include <openssl/ec.h>
|
| -#include <openssl/evp.h>
|
| -#include <openssl/mem.h>
|
| -#include <openssl/pkcs12.h>
|
| -#include <openssl/x509.h>
|
| -#include <stddef.h>
|
| -#include <stdint.h>
|
| -
|
| -#include <memory>
|
| -
|
| -#include "base/logging.h"
|
| -#include "crypto/auto_cbb.h"
|
| -#include "crypto/openssl_util.h"
|
| -#include "crypto/scoped_openssl_types.h"
|
| -
|
| -namespace crypto {
|
| -
|
| -namespace {
|
| -
|
| -// Function pointer definition, for injecting the required key export function
|
| -// into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and
|
| -// |key| is a handle to the input key object. Return 1 on success, 0 otherwise.
|
| -// NOTE: Used with OpenSSL functions, which do not comply with the Chromium
|
| -// style guide, hence the unusual parameter placement / types.
|
| -typedef int (*ExportBioFunction)(BIO* bio, const void* key);
|
| -
|
| -using ScopedPKCS8_PRIV_KEY_INFO =
|
| - ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>;
|
| -using ScopedX509_SIG = ScopedOpenSSL<X509_SIG, X509_SIG_free>;
|
| -
|
| -// Helper to export |key| into |output| via the specified ExportBioFunction.
|
| -bool ExportKeyWithBio(const void* key,
|
| - ExportBioFunction export_fn,
|
| - std::vector<uint8_t>* output) {
|
| - if (!key)
|
| - return false;
|
| -
|
| - ScopedBIO bio(BIO_new(BIO_s_mem()));
|
| - if (!bio.get())
|
| - return false;
|
| -
|
| - if (!export_fn(bio.get(), key))
|
| - return false;
|
| -
|
| - char* data = NULL;
|
| - long len = BIO_get_mem_data(bio.get(), &data);
|
| - if (!data || len < 0)
|
| - return false;
|
| -
|
| - output->assign(data, data + len);
|
| - return true;
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| -ECPrivateKey::~ECPrivateKey() {
|
| - if (key_)
|
| - EVP_PKEY_free(key_);
|
| -}
|
| -
|
| -ECPrivateKey* ECPrivateKey::Copy() const {
|
| - std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey);
|
| - if (key_)
|
| - copy->key_ = EVP_PKEY_up_ref(key_);
|
| - return copy.release();
|
| -}
|
| -
|
| -// static
|
| -ECPrivateKey* ECPrivateKey::Create() {
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| -
|
| - ScopedEC_KEY ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
|
| - if (!ec_key.get() || !EC_KEY_generate_key(ec_key.get()))
|
| - return NULL;
|
| -
|
| - std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
|
| - result->key_ = EVP_PKEY_new();
|
| - if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get()))
|
| - return NULL;
|
| -
|
| - CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_type(result->key_->type));
|
| - return result.release();
|
| -}
|
| -
|
| -// static
|
| -ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
|
| - const std::string& password,
|
| - const std::vector<uint8_t>& encrypted_private_key_info,
|
| - const std::vector<uint8_t>& subject_public_key_info) {
|
| - // NOTE: The |subject_public_key_info| can be ignored here, it is only
|
| - // useful for the NSS implementation (which uses the public key's SHA1
|
| - // as a lookup key when storing the private one in its store).
|
| - if (encrypted_private_key_info.empty())
|
| - return NULL;
|
| -
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| -
|
| - const uint8_t* data = &encrypted_private_key_info[0];
|
| - const uint8_t* ptr = data;
|
| - ScopedX509_SIG p8_encrypted(
|
| - d2i_X509_SIG(NULL, &ptr, encrypted_private_key_info.size()));
|
| - if (!p8_encrypted || ptr != data + encrypted_private_key_info.size())
|
| - return NULL;
|
| -
|
| - ScopedPKCS8_PRIV_KEY_INFO p8_decrypted;
|
| - if (password.empty()) {
|
| - // Hack for reading keys generated by an older version of the OpenSSL
|
| - // code. OpenSSL used to use "\0\0" rather than the empty string because it
|
| - // would treat the password as an ASCII string to be converted to UCS-2
|
| - // while NSS used a byte string.
|
| - p8_decrypted.reset(PKCS8_decrypt_pbe(
|
| - p8_encrypted.get(), reinterpret_cast<const uint8_t*>("\0\0"), 2));
|
| - }
|
| - if (!p8_decrypted) {
|
| - p8_decrypted.reset(PKCS8_decrypt_pbe(
|
| - p8_encrypted.get(),
|
| - reinterpret_cast<const uint8_t*>(password.data()),
|
| - password.size()));
|
| - }
|
| -
|
| - if (!p8_decrypted)
|
| - return NULL;
|
| -
|
| - // Create a new EVP_PKEY for it.
|
| - std::unique_ptr<ECPrivateKey> result(new ECPrivateKey);
|
| - result->key_ = EVP_PKCS82PKEY(p8_decrypted.get());
|
| - if (!result->key_ || EVP_PKEY_type(result->key_->type) != EVP_PKEY_EC)
|
| - return NULL;
|
| -
|
| - return result.release();
|
| -}
|
| -
|
| -bool ECPrivateKey::ExportEncryptedPrivateKey(const std::string& password,
|
| - int iterations,
|
| - std::vector<uint8_t>* output) {
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| - // Convert into a PKCS#8 object.
|
| - ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(key_));
|
| - if (!pkcs8.get())
|
| - return false;
|
| -
|
| - // Encrypt the object.
|
| - // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
|
| - // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL
|
| - // equivalent.
|
| - ScopedX509_SIG encrypted(PKCS8_encrypt_pbe(
|
| - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
|
| - nullptr,
|
| - reinterpret_cast<const uint8_t*>(password.data()),
|
| - password.size(),
|
| - nullptr,
|
| - 0,
|
| - iterations,
|
| - pkcs8.get()));
|
| - if (!encrypted.get())
|
| - return false;
|
| -
|
| - // Write it into |*output|
|
| - return ExportKeyWithBio(encrypted.get(),
|
| - reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio),
|
| - output);
|
| -}
|
| -
|
| -bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) {
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| - uint8_t *der;
|
| - size_t der_len;
|
| - AutoCBB cbb;
|
| - if (!CBB_init(cbb.get(), 0) ||
|
| - !EVP_marshal_public_key(cbb.get(), key_) ||
|
| - !CBB_finish(cbb.get(), &der, &der_len)) {
|
| - return false;
|
| - }
|
| - output->assign(der, der + der_len);
|
| - OPENSSL_free(der);
|
| - return true;
|
| -}
|
| -
|
| -bool ECPrivateKey::ExportRawPublicKey(std::string* output) {
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| -
|
| - // Export the x and y field elements as 32-byte, big-endian numbers. (This is
|
| - // the same as X9.62 uncompressed form without the leading 0x04 byte.)
|
| - EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_);
|
| - ScopedBIGNUM x(BN_new());
|
| - ScopedBIGNUM y(BN_new());
|
| - uint8_t buf[64];
|
| - if (!x || !y ||
|
| - !EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key),
|
| - EC_KEY_get0_public_key(ec_key),
|
| - x.get(), y.get(), nullptr) ||
|
| - !BN_bn2bin_padded(buf, 32, x.get()) ||
|
| - !BN_bn2bin_padded(buf + 32, 32, y.get())) {
|
| - return false;
|
| - }
|
| -
|
| - output->assign(reinterpret_cast<const char*>(buf), sizeof(buf));
|
| - return true;
|
| -}
|
| -
|
| -bool ECPrivateKey::ExportValueForTesting(std::vector<uint8_t>* output) {
|
| - OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| - EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_);
|
| - uint8_t *der;
|
| - size_t der_len;
|
| - AutoCBB cbb;
|
| - if (!CBB_init(cbb.get(), 0) ||
|
| - !EC_KEY_marshal_private_key(cbb.get(), ec_key, 0 /* enc_flags */) ||
|
| - !CBB_finish(cbb.get(), &der, &der_len)) {
|
| - return false;
|
| - }
|
| - output->assign(der, der + der_len);
|
| - OPENSSL_free(der);
|
| - return true;
|
| -}
|
| -
|
| -ECPrivateKey::ECPrivateKey() : key_(NULL) {}
|
| -
|
| -} // namespace crypto
|
|
|
Chromium Code Reviews
Issue 1909513003:
Rename crypto/ *_openssl files (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master