Use new BoringSSL scopers in //components.

components/webcrypto/algorithms/rsa.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/webcrypto/algorithms/rsa.h"
 
+#include <openssl/bn.h>
 #include <openssl/evp.h>
+#include <openssl/rsa.h>
 #include <utility>
 
 #include "base/logging.h"
 #include "components/webcrypto/algorithms/asymmetric_key_util.h"
 #include "components/webcrypto/algorithms/util.h"
 #include "components/webcrypto/blink_key_handle.h"
 #include "components/webcrypto/crypto_data.h"
 #include "components/webcrypto/generate_key_result.h"
 #include "components/webcrypto/jwk.h"
 #include "components/webcrypto/status.h"
 #include "crypto/openssl_util.h"
-#include "crypto/scoped_openssl_types.h"
 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
 
 namespace webcrypto {
 
 namespace {
 
 // Describes the RSA components for a parsed key. The names of the properties
 // correspond with those from the JWK spec. Note that Chromium's WebCrypto
 // implementation does not support multi-primes, so there is no parsed field
@@ skipping 76 matching lines @@
 
 // Creates a blink::WebCryptoAlgorithm having the modulus length and public
 // exponent  of |key|.
 Status CreateRsaHashedKeyAlgorithm(
     blink::WebCryptoAlgorithmId rsa_algorithm,
     blink::WebCryptoAlgorithmId hash_algorithm,
     EVP_PKEY* key,
     blink::WebCryptoKeyAlgorithm* key_algorithm) {
   DCHECK_EQ(EVP_PKEY_RSA, EVP_PKEY_id(key));
 
-  crypto::ScopedRSA rsa(EVP_PKEY_get1_RSA(key));
-  if (!rsa.get())
+  RSA* rsa = EVP_PKEY_get0_RSA(key);
+  if (!rsa)
     return Status::ErrorUnexpected();
 
-  unsigned int modulus_length_bits = BN_num_bits(rsa.get()->n);
+  unsigned int modulus_length_bits = BN_num_bits(rsa->n);
 
   // Convert the public exponent to big-endian representation.
-  std::vector<uint8_t> e(BN_num_bytes(rsa.get()->e));
+  std::vector<uint8_t> e(BN_num_bytes(rsa->e));
   if (e.size() == 0)
     return Status::ErrorUnexpected();
-  if (e.size() != BN_bn2bin(rsa.get()->e, &e[0]))
+  if (e.size() != BN_bn2bin(rsa->e, &e[0]))
     return Status::ErrorUnexpected();
 
   *key_algorithm = blink::WebCryptoKeyAlgorithm::createRsaHashed(
       rsa_algorithm, modulus_length_bits, &e[0],
       static_cast<unsigned int>(e.size()), hash_algorithm);
 
   return Status::Success();
 }
 
 // Creates a WebCryptoKey that wraps |private_key|.
 Status CreateWebCryptoRsaPrivateKey(
-    crypto::ScopedEVP_PKEY private_key,
+    bssl::UniquePtr<EVP_PKEY> private_key,
     const blink::WebCryptoAlgorithmId rsa_algorithm_id,
     const blink::WebCryptoAlgorithm& hash,
     bool extractable,
     blink::WebCryptoKeyUsageMask usages,
     blink::WebCryptoKey* key) {
   blink::WebCryptoKeyAlgorithm key_algorithm;
   Status status = CreateRsaHashedKeyAlgorithm(
       rsa_algorithm_id, hash.id(), private_key.get(), &key_algorithm);
   if (status.IsError())
     return status;
 
   return CreateWebCryptoPrivateKey(std::move(private_key), key_algorithm,
                                    extractable, usages, key);
 }
 
 // Creates a WebCryptoKey that wraps |public_key|.
 Status CreateWebCryptoRsaPublicKey(
-    crypto::ScopedEVP_PKEY public_key,
+    bssl::UniquePtr<EVP_PKEY> public_key,
     const blink::WebCryptoAlgorithmId rsa_algorithm_id,
     const blink::WebCryptoAlgorithm& hash,
     bool extractable,
     blink::WebCryptoKeyUsageMask usages,
     blink::WebCryptoKey* key) {
   blink::WebCryptoKeyAlgorithm key_algorithm;
   Status status = CreateRsaHashedKeyAlgorithm(rsa_algorithm_id, hash.id(),
                                               public_key.get(), &key_algorithm);
   if (status.IsError())
     return status;
 
   return CreateWebCryptoPublicKey(std::move(public_key), key_algorithm,
                                   extractable, usages, key);
 }
 
 Status ImportRsaPrivateKey(const blink::WebCryptoAlgorithm& algorithm,
                            bool extractable,
                            blink::WebCryptoKeyUsageMask usages,
                            const JwkRsaInfo& params,
                            blink::WebCryptoKey* key) {
-  crypto::ScopedRSA rsa(RSA_new());
+  bssl::UniquePtr<RSA> rsa(RSA_new());
 
   rsa->n = CreateBIGNUM(params.n);
   rsa->e = CreateBIGNUM(params.e);
   rsa->d = CreateBIGNUM(params.d);
   rsa->p = CreateBIGNUM(params.p);
   rsa->q = CreateBIGNUM(params.q);
   rsa->dmp1 = CreateBIGNUM(params.dp);
   rsa->dmq1 = CreateBIGNUM(params.dq);
   rsa->iqmp = CreateBIGNUM(params.qi);
 
   if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q || !rsa->dmp1 ||
       !rsa->dmq1 || !rsa->iqmp) {
     return Status::OperationError();
   }
 
   // TODO(eroman): This should be a DataError.
   if (!RSA_check_key(rsa.get()))
     return Status::OperationError();
 
   // Create a corresponding EVP_PKEY.
-  crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new());
+  bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
   if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get()))
     return Status::OperationError();
 
   return CreateWebCryptoRsaPrivateKey(std::move(pkey), algorithm.id(),
                                       algorithm.rsaHashedImportParams()->hash(),
                                       extractable, usages, key);
 }
 
 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm,
                           bool extractable,
                           blink::WebCryptoKeyUsageMask usages,
                           const CryptoData& n,
                           const CryptoData& e,
                           blink::WebCryptoKey* key) {
-  crypto::ScopedRSA rsa(RSA_new());
+  bssl::UniquePtr<RSA> rsa(RSA_new());
 
   rsa->n = BN_bin2bn(n.bytes(), n.byte_length(), NULL);
   rsa->e = BN_bin2bn(e.bytes(), e.byte_length(), NULL);
 
   if (!rsa->n || !rsa->e)
     return Status::OperationError();
 
   // Create a corresponding EVP_PKEY.
-  crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new());
+  bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
   if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get()))
     return Status::OperationError();
 
   return CreateWebCryptoRsaPublicKey(std::move(pkey), algorithm.id(),
                                      algorithm.rsaHashedImportParams()->hash(),
                                      extractable, usages, key);
 }
 
 // Converts a BIGNUM to a big endian byte array.
 std::vector<uint8_t> BIGNUMToVector(const BIGNUM* n) {
@@ skipping 48 matching lines @@
   if (!params->convertPublicExponentToUnsigned(public_exponent))
     return Status::ErrorGenerateKeyPublicExponent();
 
   // OpenSSL hangs when given bad public exponents. Use a whitelist.
   if (public_exponent != 3 && public_exponent != 65537)
     return Status::ErrorGenerateKeyPublicExponent();
 
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
 
   // Generate an RSA key pair.
-  crypto::ScopedRSA rsa_private_key(RSA_new());
-  crypto::ScopedBIGNUM bn(BN_new());
+  bssl::UniquePtr<RSA> rsa_private_key(RSA_new());
+  bssl::UniquePtr<BIGNUM> bn(BN_new());
   if (!rsa_private_key.get() || !bn.get() ||
       !BN_set_word(bn.get(), public_exponent)) {
     return Status::OperationError();
   }
 
   if (!RSA_generate_key_ex(rsa_private_key.get(), modulus_length_bits, bn.get(),
                            NULL)) {
     return Status::OperationError();
   }
 
   // Construct an EVP_PKEY for the private key.
-  crypto::ScopedEVP_PKEY private_pkey(EVP_PKEY_new());
+  bssl::UniquePtr<EVP_PKEY> private_pkey(EVP_PKEY_new());
   if (!private_pkey ||
       !EVP_PKEY_set1_RSA(private_pkey.get(), rsa_private_key.get())) {
     return Status::OperationError();
   }
 
   // Construct an EVP_PKEY for the public key.
-  crypto::ScopedRSA rsa_public_key(RSAPublicKey_dup(rsa_private_key.get()));
-  crypto::ScopedEVP_PKEY public_pkey(EVP_PKEY_new());
+  bssl::UniquePtr<RSA> rsa_public_key(RSAPublicKey_dup(rsa_private_key.get()));
+  bssl::UniquePtr<EVP_PKEY> public_pkey(EVP_PKEY_new());
   if (!public_pkey ||
       !EVP_PKEY_set1_RSA(public_pkey.get(), rsa_public_key.get())) {
     return Status::OperationError();
   }
 
   blink::WebCryptoKey public_key;
   blink::WebCryptoKey private_key;
 
   // Note that extractable is unconditionally set to true. This is because per
   // the WebCrypto spec generated public keys are always extractable.
@@ skipping 49 matching lines @@
 Status RsaHashedAlgorithm::ImportKeyPkcs8(
     const CryptoData& key_data,
     const blink::WebCryptoAlgorithm& algorithm,
     bool extractable,
     blink::WebCryptoKeyUsageMask usages,
     blink::WebCryptoKey* key) const {
   Status status = CheckKeyCreationUsages(all_private_key_usages_, usages);
   if (status.IsError())
     return status;
 
-  crypto::ScopedEVP_PKEY private_key;
+  bssl::UniquePtr<EVP_PKEY> private_key;
   status = ImportUnverifiedPkeyFromPkcs8(key_data, EVP_PKEY_RSA, &private_key);
   if (status.IsError())
     return status;
 
   // Verify the parameters of the key.
-  crypto::ScopedRSA rsa(EVP_PKEY_get1_RSA(private_key.get()));
-  if (!rsa.get())
+  RSA* rsa = EVP_PKEY_get0_RSA(private_key.get());
+  if (!rsa)
     return Status::ErrorUnexpected();
-  if (!RSA_check_key(rsa.get()))
+  if (!RSA_check_key(rsa))
     return Status::DataError();
 
   // TODO(eroman): Validate the algorithm OID against the webcrypto provided
   // hash. http://crbug.com/389400
 
   return CreateWebCryptoRsaPrivateKey(std::move(private_key), algorithm.id(),
                                       algorithm.rsaHashedImportParams()->hash(),
                                       extractable, usages, key);
 }
 
 Status RsaHashedAlgorithm::ImportKeySpki(
     const CryptoData& key_data,
     const blink::WebCryptoAlgorithm& algorithm,
     bool extractable,
     blink::WebCryptoKeyUsageMask usages,
     blink::WebCryptoKey* key) const {
   Status status = CheckKeyCreationUsages(all_public_key_usages_, usages);
   if (status.IsError())
     return status;
 
-  crypto::ScopedEVP_PKEY public_key;
+  bssl::UniquePtr<EVP_PKEY> public_key;
   status = ImportUnverifiedPkeyFromSpki(key_data, EVP_PKEY_RSA, &public_key);
   if (status.IsError())
     return status;
 
   // TODO(eroman): Validate the algorithm OID against the webcrypto provided
   // hash. http://crbug.com/389400
 
   return CreateWebCryptoRsaPublicKey(std::move(public_key), algorithm.id(),
                                      algorithm.rsaHashedImportParams()->hash(),
                                      extractable, usages, key);
@@ skipping 55 matching lines @@
   // structured clone).
   *buffer = GetSerializedKeyData(key);
   return Status::Success();
 }
 
 Status RsaHashedAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key,
                                         std::vector<uint8_t>* buffer) const {
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
 
   EVP_PKEY* pkey = GetEVP_PKEY(key);
-  crypto::ScopedRSA rsa(EVP_PKEY_get1_RSA(pkey));
-  if (!rsa.get())
+  RSA* rsa = EVP_PKEY_get0_RSA(pkey);
+  if (!rsa)
     return Status::ErrorUnexpected();
 
   const char* jwk_algorithm =
       GetJwkAlgorithm(key.algorithm().rsaHashedParams()->hash().id());
   if (!jwk_algorithm)
     return Status::ErrorUnexpected();
 
   switch (key.type()) {
     case blink::WebCryptoKeyTypePublic: {
       JwkWriter writer(jwk_algorithm, key.extractable(), key.usages(), "RSA");
@@ skipping 72 matching lines @@
           memcmp(algorithm.rsaHashedParams()->publicExponent().data(),
                  key->algorithm().rsaHashedParams()->publicExponent().data(),
                  key->algorithm().rsaHashedParams()->publicExponent().size())) {
     return Status::ErrorUnexpected();
   }
 
   return Status::Success();
 }
 
 }  // namespace webcrypto