OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/ec_private_key.h" | 5 #include "crypto/ec_private_key.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <utility> | 10 #include <utility> |
11 | 11 |
12 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "crypto/openssl_util.h" | 13 #include "crypto/openssl_util.h" |
14 #include "third_party/boringssl/src/include/openssl/bio.h" | |
15 #include "third_party/boringssl/src/include/openssl/bn.h" | 14 #include "third_party/boringssl/src/include/openssl/bn.h" |
16 #include "third_party/boringssl/src/include/openssl/bytestring.h" | 15 #include "third_party/boringssl/src/include/openssl/bytestring.h" |
17 #include "third_party/boringssl/src/include/openssl/ec.h" | 16 #include "third_party/boringssl/src/include/openssl/ec.h" |
18 #include "third_party/boringssl/src/include/openssl/ec_key.h" | 17 #include "third_party/boringssl/src/include/openssl/ec_key.h" |
19 #include "third_party/boringssl/src/include/openssl/evp.h" | 18 #include "third_party/boringssl/src/include/openssl/evp.h" |
20 #include "third_party/boringssl/src/include/openssl/mem.h" | 19 #include "third_party/boringssl/src/include/openssl/mem.h" |
21 #include "third_party/boringssl/src/include/openssl/pkcs12.h" | 20 #include "third_party/boringssl/src/include/openssl/pkcs8.h" |
22 #include "third_party/boringssl/src/include/openssl/x509.h" | |
23 | 21 |
24 namespace crypto { | 22 namespace crypto { |
25 | 23 |
26 namespace { | |
27 | |
28 // Function pointer definition, for injecting the required key export function | |
29 // into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and | |
30 // |key| is a handle to the input key object. Return 1 on success, 0 otherwise. | |
31 // NOTE: Used with OpenSSL functions, which do not comply with the Chromium | |
32 // style guide, hence the unusual parameter placement / types. | |
33 typedef int (*ExportBioFunction)(BIO* bio, const void* key); | |
34 | |
35 // Helper to export |key| into |output| via the specified ExportBioFunction. | |
36 bool ExportKeyWithBio(const void* key, | |
37 ExportBioFunction export_fn, | |
38 std::vector<uint8_t>* output) { | |
39 if (!key) | |
40 return false; | |
41 | |
42 bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); | |
43 if (!bio) | |
44 return false; | |
45 | |
46 if (!export_fn(bio.get(), key)) | |
47 return false; | |
48 | |
49 const uint8_t* data; | |
50 size_t len; | |
51 if (!BIO_mem_contents(bio.get(), &data, &len)) | |
52 return false; | |
53 | |
54 output->assign(data, data + len); | |
55 return true; | |
56 } | |
57 | |
58 } // namespace | |
59 | |
60 ECPrivateKey::~ECPrivateKey() {} | 24 ECPrivateKey::~ECPrivateKey() {} |
61 | 25 |
62 // static | 26 // static |
63 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() { | 27 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() { |
64 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 28 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
65 | 29 |
66 bssl::UniquePtr<EC_KEY> ec_key( | 30 bssl::UniquePtr<EC_KEY> ec_key( |
67 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | 31 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
68 if (!ec_key || !EC_KEY_generate_key(ec_key.get())) | 32 if (!ec_key || !EC_KEY_generate_key(ec_key.get())) |
69 return nullptr; | 33 return nullptr; |
(...skipping 20 matching lines...) Expand all Loading... |
90 | 54 |
91 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); | 55 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
92 result->key_ = std::move(pkey); | 56 result->key_ = std::move(pkey); |
93 return result; | 57 return result; |
94 } | 58 } |
95 | 59 |
96 // static | 60 // static |
97 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 61 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
98 const std::vector<uint8_t>& encrypted_private_key_info, | 62 const std::vector<uint8_t>& encrypted_private_key_info, |
99 const std::vector<uint8_t>& subject_public_key_info) { | 63 const std::vector<uint8_t>& subject_public_key_info) { |
100 // NOTE: The |subject_public_key_info| can be ignored here, it is only | 64 // TODO(davidben): The |subject_public_key_info| parameter is a remnant of |
101 // useful for the NSS implementation (which uses the public key's SHA1 | 65 // the NSS implementation. Remove it. |
102 // as a lookup key when storing the private one in its store). | |
103 if (encrypted_private_key_info.empty()) | |
104 return nullptr; | |
105 | |
106 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 66 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
107 | 67 |
108 const uint8_t* data = &encrypted_private_key_info[0]; | 68 CBS cbs; |
109 const uint8_t* ptr = data; | 69 CBS_init(&cbs, encrypted_private_key_info.data(), |
110 bssl::UniquePtr<X509_SIG> p8_encrypted( | 70 encrypted_private_key_info.size()); |
111 d2i_X509_SIG(nullptr, &ptr, encrypted_private_key_info.size())); | 71 bssl::UniquePtr<EVP_PKEY> pkey( |
112 if (!p8_encrypted || ptr != data + encrypted_private_key_info.size()) | 72 PKCS8_parse_encrypted_private_key(&cbs, "", 0)); |
113 return nullptr; | |
114 | 73 |
115 // Hack for reading keys generated by an older version of the OpenSSL code. | 74 // Hack for reading keys generated by an older version of the OpenSSL code. |
116 // Some implementations encode the empty password as "\0\0" (passwords are | 75 // Some implementations encode the empty password as "\0\0" (passwords are |
117 // normally encoded in big-endian UCS-2 with a NUL terminator) and some | 76 // normally encoded in big-endian UCS-2 with a NUL terminator) and some |
118 // encode as the empty string. PKCS8_decrypt distinguishes the two by whether | 77 // encode as the empty string. PKCS8_parse_encrypted_private_key |
119 // the password is nullptr. | 78 // distinguishes the two by whether the password is nullptr. |
120 bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> p8_decrypted( | 79 if (!pkey) { |
121 PKCS8_decrypt(p8_encrypted.get(), "", 0)); | 80 CBS_init(&cbs, encrypted_private_key_info.data(), |
122 if (!p8_decrypted) | 81 encrypted_private_key_info.size()); |
123 p8_decrypted.reset(PKCS8_decrypt(p8_encrypted.get(), nullptr, 0)); | 82 pkey.reset(PKCS8_parse_encrypted_private_key(&cbs, nullptr, 0)); |
| 83 } |
124 | 84 |
125 if (!p8_decrypted) | 85 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) |
126 return nullptr; | 86 return nullptr; |
127 | 87 |
128 // Create a new EVP_PKEY for it. | |
129 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); | 88 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
130 result->key_.reset(EVP_PKCS82PKEY(p8_decrypted.get())); | 89 result->key_ = std::move(pkey); |
131 if (!result->key_ || EVP_PKEY_id(result->key_.get()) != EVP_PKEY_EC) | |
132 return nullptr; | |
133 | |
134 return result; | 90 return result; |
135 } | 91 } |
136 | 92 |
137 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const { | 93 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const { |
138 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey()); | 94 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey()); |
139 if (key_) { | 95 if (key_) { |
140 EVP_PKEY_up_ref(key_.get()); | 96 EVP_PKEY_up_ref(key_.get()); |
141 copy->key_.reset(key_.get()); | 97 copy->key_.reset(key_.get()); |
142 } | 98 } |
143 return copy; | 99 return copy; |
(...skipping 10 matching lines...) Expand all Loading... |
154 return false; | 110 return false; |
155 } | 111 } |
156 output->assign(der, der + der_len); | 112 output->assign(der, der + der_len); |
157 OPENSSL_free(der); | 113 OPENSSL_free(der); |
158 return true; | 114 return true; |
159 } | 115 } |
160 | 116 |
161 bool ECPrivateKey::ExportEncryptedPrivateKey( | 117 bool ECPrivateKey::ExportEncryptedPrivateKey( |
162 std::vector<uint8_t>* output) const { | 118 std::vector<uint8_t>* output) const { |
163 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 119 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
164 // Convert into a PKCS#8 object. | |
165 bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> pkcs8(EVP_PKEY2PKCS8(key_.get())); | |
166 if (!pkcs8) | |
167 return false; | |
168 | 120 |
169 // Encrypt the object. | 121 // Encrypt the object. |
170 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC | 122 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC |
171 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL | 123 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL |
172 // equivalent. | 124 // equivalent. |
173 bssl::UniquePtr<X509_SIG> encrypted( | 125 uint8_t* der; |
174 PKCS8_encrypt(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, nullptr, 0, | 126 size_t der_len; |
175 nullptr, 0, 1, pkcs8.get())); | 127 bssl::ScopedCBB cbb; |
176 if (!encrypted) | 128 if (!CBB_init(cbb.get(), 0) || |
| 129 !PKCS8_marshal_encrypted_private_key( |
| 130 cbb.get(), NID_pbe_WithSHA1And3_Key_TripleDES_CBC, |
| 131 nullptr /* cipher */, nullptr /* no password */, 0 /* pass_len */, |
| 132 nullptr /* salt */, 0 /* salt_len */, 1 /* iterations */, |
| 133 key_.get()) || |
| 134 !CBB_finish(cbb.get(), &der, &der_len)) { |
177 return false; | 135 return false; |
178 | 136 } |
179 // Write it into |*output| | 137 output->assign(der, der + der_len); |
180 return ExportKeyWithBio(encrypted.get(), | 138 OPENSSL_free(der); |
181 reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio), | 139 return true; |
182 output); | |
183 } | 140 } |
184 | 141 |
185 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { | 142 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { |
186 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 143 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
187 uint8_t *der; | 144 uint8_t *der; |
188 size_t der_len; | 145 size_t der_len; |
189 bssl::ScopedCBB cbb; | 146 bssl::ScopedCBB cbb; |
190 if (!CBB_init(cbb.get(), 0) || | 147 if (!CBB_init(cbb.get(), 0) || |
191 !EVP_marshal_public_key(cbb.get(), key_.get()) || | 148 !EVP_marshal_public_key(cbb.get(), key_.get()) || |
192 !CBB_finish(cbb.get(), &der, &der_len)) { | 149 !CBB_finish(cbb.get(), &der, &der_len)) { |
(...skipping 22 matching lines...) Expand all Loading... |
215 return false; | 172 return false; |
216 } | 173 } |
217 | 174 |
218 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); | 175 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); |
219 return true; | 176 return true; |
220 } | 177 } |
221 | 178 |
222 ECPrivateKey::ECPrivateKey() {} | 179 ECPrivateKey::ECPrivateKey() {} |
223 | 180 |
224 } // namespace crypto | 181 } // namespace crypto |
OLD | NEW |