Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(148)

Unified Diff: crypto/ec_private_key.cc

Issue 2332473002: Use new BoringSSL scopers in //crypto (Closed)
Patch Set: typo Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: crypto/ec_private_key.cc
diff --git a/crypto/ec_private_key.cc b/crypto/ec_private_key.cc
index a8005bcf68cbf63e604dfb76314fb82c27f5986f..4d7b0f61dca2fdca1eff8217f233987cccde85de 100644
--- a/crypto/ec_private_key.cc
+++ b/crypto/ec_private_key.cc
@@ -4,8 +4,11 @@
#include "crypto/ec_private_key.h"
+#include <openssl/bio.h>
+#include <openssl/bn.h>
#include <openssl/bytestring.h>
#include <openssl/ec.h>
+#include <openssl/ec_key.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
#include <openssl/pkcs12.h>
@@ -13,10 +16,10 @@
#include <stddef.h>
#include <stdint.h>
+#include <utility>
+
#include "base/logging.h"
-#include "crypto/auto_cbb.h"
#include "crypto/openssl_util.h"
-#include "crypto/scoped_openssl_types.h"
namespace crypto {
@@ -29,10 +32,6 @@ namespace {
// style guide, hence the unusual parameter placement / types.
typedef int (*ExportBioFunction)(BIO* bio, const void* key);
-using ScopedPKCS8_PRIV_KEY_INFO =
- ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>;
-using ScopedX509_SIG = ScopedOpenSSL<X509_SIG, X509_SIG_free>;
-
// Helper to export |key| into |output| via the specified ExportBioFunction.
bool ExportKeyWithBio(const void* key,
ExportBioFunction export_fn,
@@ -40,7 +39,7 @@ bool ExportKeyWithBio(const void* key,
if (!key)
return false;
- ScopedBIO bio(BIO_new(BIO_s_mem()));
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
if (!bio)
return false;
@@ -58,25 +57,23 @@ bool ExportKeyWithBio(const void* key,
} // namespace
-ECPrivateKey::~ECPrivateKey() {
- if (key_)
- EVP_PKEY_free(key_);
-}
+ECPrivateKey::~ECPrivateKey() {}
// static
std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
- ScopedEC_KEY ec_key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ bssl::UniquePtr<EC_KEY> ec_key(
+ EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
if (!ec_key || !EC_KEY_generate_key(ec_key.get()))
return nullptr;
std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
- result->key_ = EVP_PKEY_new();
- if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_, ec_key.get()))
+ result->key_.reset(EVP_PKEY_new());
+ if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_.get(), ec_key.get()))
return nullptr;
- CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_));
+ CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_.get()));
return result;
}
@@ -87,12 +84,12 @@ std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo(
CBS cbs;
CBS_init(&cbs, input.data(), input.size());
- ScopedEVP_PKEY pkey(EVP_parse_private_key(&cbs));
+ bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
return nullptr;
std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
- result->key_ = pkey.release();
+ result->key_ = std::move(pkey);
return result;
}
@@ -111,12 +108,12 @@ std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
const uint8_t* data = &encrypted_private_key_info[0];
const uint8_t* ptr = data;
- ScopedX509_SIG p8_encrypted(
+ bssl::UniquePtr<X509_SIG> p8_encrypted(
d2i_X509_SIG(nullptr, &ptr, encrypted_private_key_info.size()));
if (!p8_encrypted || ptr != data + encrypted_private_key_info.size())
return nullptr;
- ScopedPKCS8_PRIV_KEY_INFO p8_decrypted;
+ bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> p8_decrypted;
if (password.empty()) {
// Hack for reading keys generated by an older version of the OpenSSL
// code. OpenSSL used to use "\0\0" rather than the empty string because it
@@ -137,8 +134,8 @@ std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
// Create a new EVP_PKEY for it.
std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
- result->key_ = EVP_PKCS82PKEY(p8_decrypted.get());
- if (!result->key_ || EVP_PKEY_id(result->key_) != EVP_PKEY_EC)
+ result->key_.reset(EVP_PKCS82PKEY(p8_decrypted.get()));
+ if (!result->key_ || EVP_PKEY_id(result->key_.get()) != EVP_PKEY_EC)
return nullptr;
return result;
@@ -147,8 +144,8 @@ std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const {
std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey());
if (key_) {
- EVP_PKEY_up_ref(key_);
- copy->key_ = key_;
+ EVP_PKEY_up_ref(key_.get());
+ copy->key_.reset(key_.get());
}
return copy;
}
@@ -157,8 +154,9 @@ bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
uint8_t* der;
size_t der_len;
- AutoCBB cbb;
- if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), key_) ||
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), 0) ||
+ !EVP_marshal_private_key(cbb.get(), key_.get()) ||
!CBB_finish(cbb.get(), &der, &der_len)) {
return false;
}
@@ -173,7 +171,7 @@ bool ECPrivateKey::ExportEncryptedPrivateKey(
std::vector<uint8_t>* output) const {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
// Convert into a PKCS#8 object.
- ScopedPKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(key_));
+ bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> pkcs8(EVP_PKEY2PKCS8(key_.get()));
if (!pkcs8)
return false;
@@ -181,15 +179,10 @@ bool ECPrivateKey::ExportEncryptedPrivateKey(
// NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
// so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL
// equivalent.
- ScopedX509_SIG encrypted(PKCS8_encrypt_pbe(
- NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
- nullptr,
- reinterpret_cast<const uint8_t*>(password.data()),
- password.size(),
- nullptr,
- 0,
- iterations,
- pkcs8.get()));
+ bssl::UniquePtr<X509_SIG> encrypted(
+ PKCS8_encrypt_pbe(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr,
+ reinterpret_cast<const uint8_t*>(password.data()),
+ password.size(), nullptr, 0, iterations, pkcs8.get()));
if (!encrypted)
return false;
@@ -203,9 +196,9 @@ bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
uint8_t *der;
size_t der_len;
- AutoCBB cbb;
+ bssl::ScopedCBB cbb;
if (!CBB_init(cbb.get(), 0) ||
- !EVP_marshal_public_key(cbb.get(), key_) ||
+ !EVP_marshal_public_key(cbb.get(), key_.get()) ||
!CBB_finish(cbb.get(), &der, &der_len)) {
return false;
}
@@ -219,9 +212,9 @@ bool ECPrivateKey::ExportRawPublicKey(std::string* output) const {
// Export the x and y field elements as 32-byte, big-endian numbers. (This is
// the same as X9.62 uncompressed form without the leading 0x04 byte.)
- EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_);
- ScopedBIGNUM x(BN_new());
- ScopedBIGNUM y(BN_new());
+ EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_.get());
+ bssl::UniquePtr<BIGNUM> x(BN_new());
+ bssl::UniquePtr<BIGNUM> y(BN_new());
uint8_t buf[64];
if (!x || !y ||
!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key),
@@ -236,6 +229,6 @@ bool ECPrivateKey::ExportRawPublicKey(std::string* output) const {
return true;
}
-ECPrivateKey::ECPrivateKey() : key_(nullptr) {}
+ECPrivateKey::ECPrivateKey() {}
} // namespace crypto

Powered by Google App Engine
This is Rietveld 408576698