OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/ec_private_key.h" | 5 #include "crypto/ec_private_key.h" |
6 | 6 |
7 #include <openssl/bytestring.h> | 7 #include <openssl/bytestring.h> |
8 #include <openssl/ec.h> | 8 #include <openssl/ec.h> |
9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
10 #include <openssl/mem.h> | 10 #include <openssl/mem.h> |
11 #include <openssl/pkcs12.h> | 11 #include <openssl/pkcs12.h> |
12 #include <openssl/x509.h> | 12 #include <openssl/x509.h> |
13 #include <stddef.h> | 13 #include <stddef.h> |
14 #include <stdint.h> | 14 #include <stdint.h> |
15 | 15 |
16 #include <memory> | |
17 | |
18 #include "base/logging.h" | 16 #include "base/logging.h" |
19 #include "crypto/auto_cbb.h" | 17 #include "crypto/auto_cbb.h" |
20 #include "crypto/openssl_util.h" | 18 #include "crypto/openssl_util.h" |
21 #include "crypto/scoped_openssl_types.h" | 19 #include "crypto/scoped_openssl_types.h" |
22 | 20 |
23 namespace crypto { | 21 namespace crypto { |
24 | 22 |
25 namespace { | 23 namespace { |
26 | 24 |
27 // Function pointer definition, for injecting the required key export function | 25 // Function pointer definition, for injecting the required key export function |
28 // into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and | 26 // into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and |
29 // |key| is a handle to the input key object. Return 1 on success, 0 otherwise. | 27 // |key| is a handle to the input key object. Return 1 on success, 0 otherwise. |
30 // NOTE: Used with OpenSSL functions, which do not comply with the Chromium | 28 // NOTE: Used with OpenSSL functions, which do not comply with the Chromium |
31 // style guide, hence the unusual parameter placement / types. | 29 // style guide, hence the unusual parameter placement / types. |
32 typedef int (*ExportBioFunction)(BIO* bio, const void* key); | 30 typedef int (*ExportBioFunction)(BIO* bio, const void* key); |
33 | 31 |
34 using ScopedPKCS8_PRIV_KEY_INFO = | 32 using ScopedPKCS8_PRIV_KEY_INFO = |
35 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>; | 33 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>; |
36 using ScopedX509_SIG = ScopedOpenSSL<X509_SIG, X509_SIG_free>; | 34 using ScopedX509_SIG = ScopedOpenSSL<X509_SIG, X509_SIG_free>; |
37 | 35 |
38 // Helper to export |key| into |output| via the specified ExportBioFunction. | 36 // Helper to export |key| into |output| via the specified ExportBioFunction. |
39 bool ExportKeyWithBio(const void* key, | 37 bool ExportKeyWithBio(const void* key, |
40 ExportBioFunction export_fn, | 38 ExportBioFunction export_fn, |
41 std::vector<uint8_t>* output) { | 39 std::vector<uint8_t>* output) { |
42 if (!key) | 40 if (!key) |
43 return false; | 41 return false; |
44 | 42 |
45 ScopedBIO bio(BIO_new(BIO_s_mem())); | 43 ScopedBIO bio(BIO_new(BIO_s_mem())); |
46 if (!bio.get()) | 44 if (!bio) |
47 return false; | 45 return false; |
48 | 46 |
49 if (!export_fn(bio.get(), key)) | 47 if (!export_fn(bio.get(), key)) |
50 return false; | 48 return false; |
51 | 49 |
52 char* data = NULL; | 50 char* data = nullptr; |
53 long len = BIO_get_mem_data(bio.get(), &data); | 51 long len = BIO_get_mem_data(bio.get(), &data); |
54 if (!data || len < 0) | 52 if (!data || len < 0) |
55 return false; | 53 return false; |
56 | 54 |
57 output->assign(data, data + len); | 55 output->assign(data, data + len); |
58 return true; | 56 return true; |
59 } | 57 } |
60 | 58 |
61 } // namespace | 59 } // namespace |
62 | 60 |
63 ECPrivateKey::~ECPrivateKey() { | 61 ECPrivateKey::~ECPrivateKey() { |
64 if (key_) | 62 if (key_) |
65 EVP_PKEY_free(key_); | 63 EVP_PKEY_free(key_); |
66 } | 64 } |
67 | 65 |
68 ECPrivateKey* ECPrivateKey::Copy() const { | |
69 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey); | |
70 if (key_) | |
71 copy->key_ = EVP_PKEY_up_ref(key_); | |
72 return copy.release(); | |
73 } | |
74 | |
75 // static | 66 // static |
76 ECPrivateKey* ECPrivateKey::Create() { | 67 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() { |
77 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 68 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
78 | 69 |
79 ScopedEC_KEY ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | 70 ScopedEC_KEY ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
80 if (!ec_key.get() || !EC_KEY_generate_key(ec_key.get())) | 71 if (!ec_key || !EC_KEY_generate_key(ec_key.get())) |
81 return NULL; | 72 return nullptr; |
82 | 73 |
83 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); | 74 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
84 result->key_ = EVP_PKEY_new(); | 75 result->key_ = EVP_PKEY_new(); |
85 if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get())) | 76 if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get())) |
86 return NULL; | 77 return nullptr; |
87 | 78 |
88 CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_)); | 79 CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_)); |
89 return result.release(); | 80 return result; |
90 } | 81 } |
91 | 82 |
92 // static | 83 // static |
93 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo( | 84 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo( |
94 const std::vector<uint8_t>& input) { | 85 const std::vector<uint8_t>& input) { |
95 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 86 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
96 | 87 |
97 CBS cbs; | 88 CBS cbs; |
98 CBS_init(&cbs, input.data(), input.size()); | 89 CBS_init(&cbs, input.data(), input.size()); |
99 ScopedEVP_PKEY pkey(EVP_parse_private_key(&cbs)); | 90 ScopedEVP_PKEY pkey(EVP_parse_private_key(&cbs)); |
100 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) | 91 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) |
101 return nullptr; | 92 return nullptr; |
102 | 93 |
103 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey); | 94 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
104 result->key_ = pkey.release(); | 95 result->key_ = pkey.release(); |
105 return result; | 96 return result; |
106 } | 97 } |
107 | 98 |
108 // static | 99 // static |
109 ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 100 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
110 const std::string& password, | 101 const std::string& password, |
111 const std::vector<uint8_t>& encrypted_private_key_info, | 102 const std::vector<uint8_t>& encrypted_private_key_info, |
112 const std::vector<uint8_t>& subject_public_key_info) { | 103 const std::vector<uint8_t>& subject_public_key_info) { |
113 // NOTE: The |subject_public_key_info| can be ignored here, it is only | 104 // NOTE: The |subject_public_key_info| can be ignored here, it is only |
114 // useful for the NSS implementation (which uses the public key's SHA1 | 105 // useful for the NSS implementation (which uses the public key's SHA1 |
115 // as a lookup key when storing the private one in its store). | 106 // as a lookup key when storing the private one in its store). |
116 if (encrypted_private_key_info.empty()) | 107 if (encrypted_private_key_info.empty()) |
117 return NULL; | 108 return nullptr; |
118 | 109 |
119 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 110 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
120 | 111 |
121 const uint8_t* data = &encrypted_private_key_info[0]; | 112 const uint8_t* data = &encrypted_private_key_info[0]; |
122 const uint8_t* ptr = data; | 113 const uint8_t* ptr = data; |
123 ScopedX509_SIG p8_encrypted( | 114 ScopedX509_SIG p8_encrypted( |
124 d2i_X509_SIG(NULL, &ptr, encrypted_private_key_info.size())); | 115 d2i_X509_SIG(nullptr, &ptr, encrypted_private_key_info.size())); |
125 if (!p8_encrypted || ptr != data + encrypted_private_key_info.size()) | 116 if (!p8_encrypted || ptr != data + encrypted_private_key_info.size()) |
126 return NULL; | 117 return nullptr; |
127 | 118 |
128 ScopedPKCS8_PRIV_KEY_INFO p8_decrypted; | 119 ScopedPKCS8_PRIV_KEY_INFO p8_decrypted; |
129 if (password.empty()) { | 120 if (password.empty()) { |
130 // Hack for reading keys generated by an older version of the OpenSSL | 121 // Hack for reading keys generated by an older version of the OpenSSL |
131 // code. OpenSSL used to use "\0\0" rather than the empty string because it | 122 // code. OpenSSL used to use "\0\0" rather than the empty string because it |
132 // would treat the password as an ASCII string to be converted to UCS-2 | 123 // would treat the password as an ASCII string to be converted to UCS-2 |
133 // while NSS used a byte string. | 124 // while NSS used a byte string. |
134 p8_decrypted.reset(PKCS8_decrypt_pbe( | 125 p8_decrypted.reset(PKCS8_decrypt_pbe( |
135 p8_encrypted.get(), reinterpret_cast<const uint8_t*>("\0\0"), 2)); | 126 p8_encrypted.get(), reinterpret_cast<const uint8_t*>("\0\0"), 2)); |
136 } | 127 } |
137 if (!p8_decrypted) { | 128 if (!p8_decrypted) { |
138 p8_decrypted.reset(PKCS8_decrypt_pbe( | 129 p8_decrypted.reset(PKCS8_decrypt_pbe( |
139 p8_encrypted.get(), | 130 p8_encrypted.get(), |
140 reinterpret_cast<const uint8_t*>(password.data()), | 131 reinterpret_cast<const uint8_t*>(password.data()), |
141 password.size())); | 132 password.size())); |
142 } | 133 } |
143 | 134 |
144 if (!p8_decrypted) | 135 if (!p8_decrypted) |
145 return NULL; | 136 return nullptr; |
146 | 137 |
147 // Create a new EVP_PKEY for it. | 138 // Create a new EVP_PKEY for it. |
148 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey); | 139 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
149 result->key_ = EVP_PKCS82PKEY(p8_decrypted.get()); | 140 result->key_ = EVP_PKCS82PKEY(p8_decrypted.get()); |
150 if (!result->key_ || EVP_PKEY_id(result->key_) != EVP_PKEY_EC) | 141 if (!result->key_ || EVP_PKEY_id(result->key_) != EVP_PKEY_EC) |
151 return NULL; | 142 return nullptr; |
152 | 143 |
153 return result.release(); | 144 return result; |
| 145 } |
| 146 |
| 147 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const { |
| 148 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey()); |
| 149 if (key_) |
| 150 copy->key_ = EVP_PKEY_up_ref(key_); |
| 151 return copy; |
154 } | 152 } |
155 | 153 |
156 bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const { | 154 bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const { |
157 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 155 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
158 uint8_t* der; | 156 uint8_t* der; |
159 size_t der_len; | 157 size_t der_len; |
160 AutoCBB cbb; | 158 AutoCBB cbb; |
161 if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), key_) || | 159 if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), key_) || |
162 !CBB_finish(cbb.get(), &der, &der_len)) { | 160 !CBB_finish(cbb.get(), &der, &der_len)) { |
163 return false; | 161 return false; |
164 } | 162 } |
165 output->assign(der, der + der_len); | 163 output->assign(der, der + der_len); |
166 OPENSSL_free(der); | 164 OPENSSL_free(der); |
167 return true; | 165 return true; |
168 } | 166 } |
169 | 167 |
170 bool ECPrivateKey::ExportEncryptedPrivateKey( | 168 bool ECPrivateKey::ExportEncryptedPrivateKey( |
171 const std::string& password, | 169 const std::string& password, |
172 int iterations, | 170 int iterations, |
173 std::vector<uint8_t>* output) const { | 171 std::vector<uint8_t>* output) const { |
174 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 172 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
175 // Convert into a PKCS#8 object. | 173 // Convert into a PKCS#8 object. |
176 ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(key_)); | 174 ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(key_)); |
177 if (!pkcs8.get()) | 175 if (!pkcs8) |
178 return false; | 176 return false; |
179 | 177 |
180 // Encrypt the object. | 178 // Encrypt the object. |
181 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC | 179 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC |
182 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL | 180 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL |
183 // equivalent. | 181 // equivalent. |
184 ScopedX509_SIG encrypted(PKCS8_encrypt_pbe( | 182 ScopedX509_SIG encrypted(PKCS8_encrypt_pbe( |
185 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, | 183 NID_pbe_WithSHA1And3_Key_TripleDES_CBC, |
186 nullptr, | 184 nullptr, |
187 reinterpret_cast<const uint8_t*>(password.data()), | 185 reinterpret_cast<const uint8_t*>(password.data()), |
188 password.size(), | 186 password.size(), |
189 nullptr, | 187 nullptr, |
190 0, | 188 0, |
191 iterations, | 189 iterations, |
192 pkcs8.get())); | 190 pkcs8.get())); |
193 if (!encrypted.get()) | 191 if (!encrypted) |
194 return false; | 192 return false; |
195 | 193 |
196 // Write it into |*output| | 194 // Write it into |*output| |
197 return ExportKeyWithBio(encrypted.get(), | 195 return ExportKeyWithBio(encrypted.get(), |
198 reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio), | 196 reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio), |
199 output); | 197 output); |
200 } | 198 } |
201 | 199 |
202 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { | 200 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { |
203 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 201 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
(...skipping 25 matching lines...) Expand all Loading... |
229 x.get(), y.get(), nullptr) || | 227 x.get(), y.get(), nullptr) || |
230 !BN_bn2bin_padded(buf, 32, x.get()) || | 228 !BN_bn2bin_padded(buf, 32, x.get()) || |
231 !BN_bn2bin_padded(buf + 32, 32, y.get())) { | 229 !BN_bn2bin_padded(buf + 32, 32, y.get())) { |
232 return false; | 230 return false; |
233 } | 231 } |
234 | 232 |
235 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); | 233 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); |
236 return true; | 234 return true; |
237 } | 235 } |
238 | 236 |
239 ECPrivateKey::ECPrivateKey() : key_(NULL) {} | 237 ECPrivateKey::ECPrivateKey() : key_(nullptr) {} |
240 | 238 |
241 } // namespace crypto | 239 } // namespace crypto |
OLD | NEW |