OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/extensions/api/networking_private/networking_private_cry pto.h" | 5 #include "chrome/common/extensions/api/networking_private/networking_private_cry pto.h" |
6 | 6 |
7 #include <openssl/digest.h> | 7 #include <openssl/digest.h> |
8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
9 #include <openssl/rsa.h> | 9 #include <openssl/rsa.h> |
10 #include <openssl/x509.h> | 10 #include <openssl/x509.h> |
11 #include <stddef.h> | 11 #include <stddef.h> |
12 | 12 |
13 #include <memory> | 13 #include <memory> |
14 | 14 |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
17 #include "components/cast_certificate/cast_cert_validator.h" | 17 #include "components/cast_certificate/cast_cert_validator.h" |
18 #include "crypto/openssl_util.h" | 18 #include "crypto/openssl_util.h" |
19 #include "crypto/rsa_private_key.h" | 19 #include "crypto/rsa_private_key.h" |
20 #include "crypto/scoped_openssl_types.h" | |
21 #include "net/cert/pem_tokenizer.h" | 20 #include "net/cert/pem_tokenizer.h" |
22 | 21 |
23 namespace { | 22 namespace { |
24 | 23 |
25 namespace cast_crypto = ::cast_certificate; | 24 namespace cast_crypto = ::cast_certificate; |
26 | 25 |
27 // Parses |pem_data| for a PEM block of |pem_type|. | 26 // Parses |pem_data| for a PEM block of |pem_type|. |
28 // Returns true if a |pem_type| block is found, storing the decoded result in | 27 // Returns true if a |pem_type| block is found, storing the decoded result in |
29 // |der_output|. | 28 // |der_output|. |
30 bool GetDERFromPEM(const std::string& pem_data, | 29 bool GetDERFromPEM(const std::string& pem_data, |
(...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
122 } | 121 } |
123 return true; | 122 return true; |
124 } | 123 } |
125 | 124 |
126 bool EncryptByteString(const std::vector<uint8_t>& pub_key_der, | 125 bool EncryptByteString(const std::vector<uint8_t>& pub_key_der, |
127 const std::string& data, | 126 const std::string& data, |
128 std::vector<uint8_t>* encrypted_output) { | 127 std::vector<uint8_t>* encrypted_output) { |
129 crypto::EnsureOpenSSLInit(); | 128 crypto::EnsureOpenSSLInit(); |
130 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 129 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
131 | 130 |
132 crypto::ScopedRSA rsa( | 131 bssl::UniquePtr<RSA> rsa( |
133 RSA_public_key_from_bytes(pub_key_der.data(), pub_key_der.size())); | 132 RSA_public_key_from_bytes(pub_key_der.data(), pub_key_der.size())); |
134 if (!rsa || RSA_size(rsa.get()) == 0) { | 133 if (!rsa || RSA_size(rsa.get()) == 0) { |
135 LOG(ERROR) << "Failed to parse public key"; | 134 LOG(ERROR) << "Failed to parse public key"; |
136 return false; | 135 return false; |
137 } | 136 } |
138 | 137 |
139 encrypted_output->resize(RSA_size(rsa.get())); | 138 encrypted_output->resize(RSA_size(rsa.get())); |
140 int encrypted_length = RSA_public_encrypt( | 139 int encrypted_length = RSA_public_encrypt( |
141 data.size(), reinterpret_cast<const uint8_t*>(data.data()), | 140 data.size(), reinterpret_cast<const uint8_t*>(data.data()), |
142 encrypted_output->data(), rsa.get(), RSA_PKCS1_PADDING); | 141 encrypted_output->data(), rsa.get(), RSA_PKCS1_PADDING); |
(...skipping 16 matching lines...) Expand all Loading... | |
159 LOG(ERROR) << "Failed to parse private key PEM."; | 158 LOG(ERROR) << "Failed to parse private key PEM."; |
160 return false; | 159 return false; |
161 } | 160 } |
162 std::unique_ptr<crypto::RSAPrivateKey> private_key( | 161 std::unique_ptr<crypto::RSAPrivateKey> private_key( |
163 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(private_key_data)); | 162 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(private_key_data)); |
164 if (!private_key || !private_key->key()) { | 163 if (!private_key || !private_key->key()) { |
165 LOG(ERROR) << "Failed to parse private key DER."; | 164 LOG(ERROR) << "Failed to parse private key DER."; |
166 return false; | 165 return false; |
167 } | 166 } |
168 | 167 |
169 crypto::ScopedRSA rsa(EVP_PKEY_get1_RSA(private_key->key())); | 168 RSA* rsa = EVP_PKEY_get0_RSA(private_key->key()); |
davidben
2016/10/11 18:58:18
get0 is the same as get1 but doesn't take an unnec
| |
170 if (!rsa || RSA_size(rsa.get()) == 0) { | 169 if (!rsa || RSA_size(rsa) == 0) { |
171 LOG(ERROR) << "Failed to get RSA key."; | 170 LOG(ERROR) << "Failed to get RSA key."; |
172 return false; | 171 return false; |
173 } | 172 } |
174 | 173 |
175 uint8_t* output = reinterpret_cast<uint8_t*>( | 174 uint8_t* output = reinterpret_cast<uint8_t*>( |
176 base::WriteInto(decrypted_output, RSA_size(rsa.get()) + 1)); | 175 base::WriteInto(decrypted_output, RSA_size(rsa) + 1)); |
177 int output_length = | 176 int output_length = |
178 RSA_private_decrypt(encrypted_data.size(), &encrypted_data[0], output, | 177 RSA_private_decrypt(encrypted_data.size(), &encrypted_data[0], output, |
179 rsa.get(), RSA_PKCS1_PADDING); | 178 rsa, RSA_PKCS1_PADDING); |
180 if (output_length < 0) { | 179 if (output_length < 0) { |
181 LOG(ERROR) << "Error during decryption."; | 180 LOG(ERROR) << "Error during decryption."; |
182 return false; | 181 return false; |
183 } | 182 } |
184 decrypted_output->resize(output_length); | 183 decrypted_output->resize(output_length); |
185 return true; | 184 return true; |
186 } | 185 } |
187 | 186 |
188 } // namespace networking_private_crypto | 187 } // namespace networking_private_crypto |
OLD | NEW |