| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_EC_PRIVATE_KEY_H_ | 5 #ifndef CRYPTO_EC_PRIVATE_KEY_H_ |
| 6 #define CRYPTO_EC_PRIVATE_KEY_H_ | 6 #define CRYPTO_EC_PRIVATE_KEY_H_ |
| 7 | 7 |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 #include <stdint.h> | 9 #include <stdint.h> |
| 10 | 10 |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 static std::unique_ptr<ECPrivateKey> Create(); | 34 static std::unique_ptr<ECPrivateKey> Create(); |
| 35 | 35 |
| 36 // Create a new instance by importing an existing private key. The format is | 36 // Create a new instance by importing an existing private key. The format is |
| 37 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return | 37 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return |
| 38 // nullptr if initialization fails. | 38 // nullptr if initialization fails. |
| 39 static std::unique_ptr<ECPrivateKey> CreateFromPrivateKeyInfo( | 39 static std::unique_ptr<ECPrivateKey> CreateFromPrivateKeyInfo( |
| 40 const std::vector<uint8_t>& input); | 40 const std::vector<uint8_t>& input); |
| 41 | 41 |
| 42 // Creates a new instance by importing an existing key pair. | 42 // Creates a new instance by importing an existing key pair. |
| 43 // The key pair is given as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo | 43 // The key pair is given as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo |
| 44 // block and an X.509 SubjectPublicKeyInfo block. | 44 // block with empty password and an X.509 SubjectPublicKeyInfo block. |
| 45 // Returns nullptr if initialization fails. | 45 // Returns nullptr if initialization fails. |
| 46 // | 46 // |
| 47 // This function is deprecated. Use CreateFromPrivateKeyInfo for new code. | 47 // This function is deprecated. Use CreateFromPrivateKeyInfo for new code. |
| 48 // See https://crbug.com/603319. | 48 // See https://crbug.com/603319. |
| 49 static std::unique_ptr<ECPrivateKey> CreateFromEncryptedPrivateKeyInfo( | 49 static std::unique_ptr<ECPrivateKey> CreateFromEncryptedPrivateKeyInfo( |
| 50 const std::string& password, | |
| 51 const std::vector<uint8_t>& encrypted_private_key_info, | 50 const std::vector<uint8_t>& encrypted_private_key_info, |
| 52 const std::vector<uint8_t>& subject_public_key_info); | 51 const std::vector<uint8_t>& subject_public_key_info); |
| 53 | 52 |
| 54 // Returns a copy of the object. | 53 // Returns a copy of the object. |
| 55 std::unique_ptr<ECPrivateKey> Copy() const; | 54 std::unique_ptr<ECPrivateKey> Copy() const; |
| 56 | 55 |
| 57 EVP_PKEY* key() { return key_.get(); } | 56 EVP_PKEY* key() { return key_.get(); } |
| 58 | 57 |
| 59 // Exports the private key to a PKCS #8 PrivateKeyInfo block. | 58 // Exports the private key to a PKCS #8 PrivateKeyInfo block. |
| 60 bool ExportPrivateKey(std::vector<uint8_t>* output) const; | 59 bool ExportPrivateKey(std::vector<uint8_t>* output) const; |
| 61 | 60 |
| 62 // Exports the private key as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo | 61 // Exports the private key as an ASN.1-encoded PKCS #8 EncryptedPrivateKeyInfo |
| 63 // block and the public key as an X.509 SubjectPublicKeyInfo block. | 62 // block wth empty password. This was historically used as a workaround for |
| 64 // The |password| and |iterations| are used as inputs to the key derivation | 63 // NSS API deficiencies and does not provide security. |
| 65 // function for generating the encryption key. PKCS #5 recommends a minimum | |
| 66 // of 1000 iterations, on modern systems a larger value may be preferrable. | |
| 67 // | 64 // |
| 68 // This function is deprecated. Use ExportPrivateKey for new code. See | 65 // This function is deprecated. Use ExportPrivateKey for new code. See |
| 69 // https://crbug.com/603319. | 66 // https://crbug.com/603319. |
| 70 bool ExportEncryptedPrivateKey(const std::string& password, | 67 bool ExportEncryptedPrivateKey(std::vector<uint8_t>* output) const; |
| 71 int iterations, | |
| 72 std::vector<uint8_t>* output) const; | |
| 73 | 68 |
| 74 // Exports the public key to an X.509 SubjectPublicKeyInfo block. | 69 // Exports the public key to an X.509 SubjectPublicKeyInfo block. |
| 75 bool ExportPublicKey(std::vector<uint8_t>* output) const; | 70 bool ExportPublicKey(std::vector<uint8_t>* output) const; |
| 76 | 71 |
| 77 // Exports the public key as an EC point in the uncompressed point format. | 72 // Exports the public key as an EC point in the uncompressed point format. |
| 78 bool ExportRawPublicKey(std::string* output) const; | 73 bool ExportRawPublicKey(std::string* output) const; |
| 79 | 74 |
| 80 private: | 75 private: |
| 81 // Constructor is private. Use one of the Create*() methods above instead. | 76 // Constructor is private. Use one of the Create*() methods above instead. |
| 82 ECPrivateKey(); | 77 ECPrivateKey(); |
| 83 | 78 |
| 84 bssl::UniquePtr<EVP_PKEY> key_; | 79 bssl::UniquePtr<EVP_PKEY> key_; |
| 85 | 80 |
| 86 DISALLOW_COPY_AND_ASSIGN(ECPrivateKey); | 81 DISALLOW_COPY_AND_ASSIGN(ECPrivateKey); |
| 87 }; | 82 }; |
| 88 | 83 |
| 89 | 84 |
| 90 } // namespace crypto | 85 } // namespace crypto |
| 91 | 86 |
| 92 #endif // CRYPTO_EC_PRIVATE_KEY_H_ | 87 #endif // CRYPTO_EC_PRIVATE_KEY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2608453002:
Remove the password parameter for ECPrivateKey::ExportEncryptedPrivateKey. (Closed)
