| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/ec_private_key.h" | 5 #include "crypto/ec_private_key.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <utility> | 10 #include <utility> |
| 11 | 11 |
| 12 #include "base/logging.h" | 12 #include "base/logging.h" |
| 13 #include "crypto/openssl_util.h" | 13 #include "crypto/openssl_util.h" |
| 14 #include "third_party/boringssl/src/include/openssl/bio.h" | |
| 15 #include "third_party/boringssl/src/include/openssl/bn.h" | 14 #include "third_party/boringssl/src/include/openssl/bn.h" |
| 16 #include "third_party/boringssl/src/include/openssl/bytestring.h" | 15 #include "third_party/boringssl/src/include/openssl/bytestring.h" |
| 17 #include "third_party/boringssl/src/include/openssl/ec.h" | 16 #include "third_party/boringssl/src/include/openssl/ec.h" |
| 18 #include "third_party/boringssl/src/include/openssl/ec_key.h" | 17 #include "third_party/boringssl/src/include/openssl/ec_key.h" |
| 19 #include "third_party/boringssl/src/include/openssl/evp.h" | 18 #include "third_party/boringssl/src/include/openssl/evp.h" |
| 20 #include "third_party/boringssl/src/include/openssl/mem.h" | 19 #include "third_party/boringssl/src/include/openssl/mem.h" |
| 21 #include "third_party/boringssl/src/include/openssl/pkcs12.h" | 20 #include "third_party/boringssl/src/include/openssl/pkcs8.h" |
| 22 #include "third_party/boringssl/src/include/openssl/x509.h" | |
| 23 | 21 |
| 24 namespace crypto { | 22 namespace crypto { |
| 25 | 23 |
| 26 namespace { | |
| 27 | |
| 28 // Function pointer definition, for injecting the required key export function | |
| 29 // into ExportKeyWithBio, below. |bio| is a temporary memory BIO object, and | |
| 30 // |key| is a handle to the input key object. Return 1 on success, 0 otherwise. | |
| 31 // NOTE: Used with OpenSSL functions, which do not comply with the Chromium | |
| 32 // style guide, hence the unusual parameter placement / types. | |
| 33 typedef int (*ExportBioFunction)(BIO* bio, const void* key); | |
| 34 | |
| 35 // Helper to export |key| into |output| via the specified ExportBioFunction. | |
| 36 bool ExportKeyWithBio(const void* key, | |
| 37 ExportBioFunction export_fn, | |
| 38 std::vector<uint8_t>* output) { | |
| 39 if (!key) | |
| 40 return false; | |
| 41 | |
| 42 bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); | |
| 43 if (!bio) | |
| 44 return false; | |
| 45 | |
| 46 if (!export_fn(bio.get(), key)) | |
| 47 return false; | |
| 48 | |
| 49 const uint8_t* data; | |
| 50 size_t len; | |
| 51 if (!BIO_mem_contents(bio.get(), &data, &len)) | |
| 52 return false; | |
| 53 | |
| 54 output->assign(data, data + len); | |
| 55 return true; | |
| 56 } | |
| 57 | |
| 58 } // namespace | |
| 59 | |
| 60 ECPrivateKey::~ECPrivateKey() {} | 24 ECPrivateKey::~ECPrivateKey() {} |
| 61 | 25 |
| 62 // static | 26 // static |
| 63 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() { | 27 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() { |
| 64 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 28 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 65 | 29 |
| 66 bssl::UniquePtr<EC_KEY> ec_key( | 30 bssl::UniquePtr<EC_KEY> ec_key( |
| 67 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); | 31 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
| 68 if (!ec_key || !EC_KEY_generate_key(ec_key.get())) | 32 if (!ec_key || !EC_KEY_generate_key(ec_key.get())) |
| 69 return nullptr; | 33 return nullptr; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 90 | 54 |
| 91 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); | 55 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
| 92 result->key_ = std::move(pkey); | 56 result->key_ = std::move(pkey); |
| 93 return result; | 57 return result; |
| 94 } | 58 } |
| 95 | 59 |
| 96 // static | 60 // static |
| 97 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 61 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
| 98 const std::vector<uint8_t>& encrypted_private_key_info, | 62 const std::vector<uint8_t>& encrypted_private_key_info, |
| 99 const std::vector<uint8_t>& subject_public_key_info) { | 63 const std::vector<uint8_t>& subject_public_key_info) { |
| 100 // NOTE: The |subject_public_key_info| can be ignored here, it is only | 64 // TODO(davidben): The |subject_public_key_info| parameter is a remnant of |
| 101 // useful for the NSS implementation (which uses the public key's SHA1 | 65 // the NSS implementation. Remove it. |
| 102 // as a lookup key when storing the private one in its store). | |
| 103 if (encrypted_private_key_info.empty()) | |
| 104 return nullptr; | |
| 105 | |
| 106 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 66 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 107 | 67 |
| 108 const uint8_t* data = &encrypted_private_key_info[0]; | 68 CBS cbs; |
| 109 const uint8_t* ptr = data; | 69 CBS_init(&cbs, encrypted_private_key_info.data(), |
| 110 bssl::UniquePtr<X509_SIG> p8_encrypted( | 70 encrypted_private_key_info.size()); |
| 111 d2i_X509_SIG(nullptr, &ptr, encrypted_private_key_info.size())); | 71 bssl::UniquePtr<EVP_PKEY> pkey( |
| 112 if (!p8_encrypted || ptr != data + encrypted_private_key_info.size()) | 72 PKCS8_parse_encrypted_private_key(&cbs, "", 0)); |
| 113 return nullptr; | |
| 114 | 73 |
| 115 // Hack for reading keys generated by an older version of the OpenSSL code. | 74 // Hack for reading keys generated by an older version of the OpenSSL code. |
| 116 // Some implementations encode the empty password as "\0\0" (passwords are | 75 // Some implementations encode the empty password as "\0\0" (passwords are |
| 117 // normally encoded in big-endian UCS-2 with a NUL terminator) and some | 76 // normally encoded in big-endian UCS-2 with a NUL terminator) and some |
| 118 // encode as the empty string. PKCS8_decrypt distinguishes the two by whether | 77 // encode as the empty string. PKCS8_parse_encrypted_private_key |
| 119 // the password is nullptr. | 78 // distinguishes the two by whether the password is nullptr. |
| 120 bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> p8_decrypted( | 79 if (!pkey) { |
| 121 PKCS8_decrypt(p8_encrypted.get(), "", 0)); | 80 CBS_init(&cbs, encrypted_private_key_info.data(), |
| 122 if (!p8_decrypted) | 81 encrypted_private_key_info.size()); |
| 123 p8_decrypted.reset(PKCS8_decrypt(p8_encrypted.get(), nullptr, 0)); | 82 pkey.reset(PKCS8_parse_encrypted_private_key(&cbs, nullptr, 0)); |
| 83 } |
| 124 | 84 |
| 125 if (!p8_decrypted) | 85 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) |
| 126 return nullptr; | 86 return nullptr; |
| 127 | 87 |
| 128 // Create a new EVP_PKEY for it. | |
| 129 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); | 88 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey()); |
| 130 result->key_.reset(EVP_PKCS82PKEY(p8_decrypted.get())); | 89 result->key_ = std::move(pkey); |
| 131 if (!result->key_ || EVP_PKEY_id(result->key_.get()) != EVP_PKEY_EC) | |
| 132 return nullptr; | |
| 133 | |
| 134 return result; | 90 return result; |
| 135 } | 91 } |
| 136 | 92 |
| 137 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const { | 93 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const { |
| 138 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey()); | 94 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey()); |
| 139 if (key_) { | 95 if (key_) { |
| 140 EVP_PKEY_up_ref(key_.get()); | 96 EVP_PKEY_up_ref(key_.get()); |
| 141 copy->key_.reset(key_.get()); | 97 copy->key_.reset(key_.get()); |
| 142 } | 98 } |
| 143 return copy; | 99 return copy; |
| (...skipping 10 matching lines...) Expand all Loading... |
| 154 return false; | 110 return false; |
| 155 } | 111 } |
| 156 output->assign(der, der + der_len); | 112 output->assign(der, der + der_len); |
| 157 OPENSSL_free(der); | 113 OPENSSL_free(der); |
| 158 return true; | 114 return true; |
| 159 } | 115 } |
| 160 | 116 |
| 161 bool ECPrivateKey::ExportEncryptedPrivateKey( | 117 bool ECPrivateKey::ExportEncryptedPrivateKey( |
| 162 std::vector<uint8_t>* output) const { | 118 std::vector<uint8_t>* output) const { |
| 163 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 119 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 164 // Convert into a PKCS#8 object. | |
| 165 bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> pkcs8(EVP_PKEY2PKCS8(key_.get())); | |
| 166 if (!pkcs8) | |
| 167 return false; | |
| 168 | 120 |
| 169 // Encrypt the object. | 121 // Encrypt the object. |
| 170 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC | 122 // NOTE: NSS uses SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC |
| 171 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL | 123 // so use NID_pbe_WithSHA1And3_Key_TripleDES_CBC which should be the OpenSSL |
| 172 // equivalent. | 124 // equivalent. |
| 173 bssl::UniquePtr<X509_SIG> encrypted( | 125 uint8_t* der; |
| 174 PKCS8_encrypt(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, nullptr, nullptr, 0, | 126 size_t der_len; |
| 175 nullptr, 0, 1, pkcs8.get())); | 127 bssl::ScopedCBB cbb; |
| 176 if (!encrypted) | 128 if (!CBB_init(cbb.get(), 0) || |
| 129 !PKCS8_marshal_encrypted_private_key( |
| 130 cbb.get(), NID_pbe_WithSHA1And3_Key_TripleDES_CBC, |
| 131 nullptr /* cipher */, nullptr /* no password */, 0 /* pass_len */, |
| 132 nullptr /* salt */, 0 /* salt_len */, 1 /* iterations */, |
| 133 key_.get()) || |
| 134 !CBB_finish(cbb.get(), &der, &der_len)) { |
| 177 return false; | 135 return false; |
| 178 | 136 } |
| 179 // Write it into |*output| | 137 output->assign(der, der + der_len); |
| 180 return ExportKeyWithBio(encrypted.get(), | 138 OPENSSL_free(der); |
| 181 reinterpret_cast<ExportBioFunction>(i2d_PKCS8_bio), | 139 return true; |
| 182 output); | |
| 183 } | 140 } |
| 184 | 141 |
| 185 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { | 142 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const { |
| 186 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 143 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 187 uint8_t *der; | 144 uint8_t *der; |
| 188 size_t der_len; | 145 size_t der_len; |
| 189 bssl::ScopedCBB cbb; | 146 bssl::ScopedCBB cbb; |
| 190 if (!CBB_init(cbb.get(), 0) || | 147 if (!CBB_init(cbb.get(), 0) || |
| 191 !EVP_marshal_public_key(cbb.get(), key_.get()) || | 148 !EVP_marshal_public_key(cbb.get(), key_.get()) || |
| 192 !CBB_finish(cbb.get(), &der, &der_len)) { | 149 !CBB_finish(cbb.get(), &der, &der_len)) { |
| (...skipping 22 matching lines...) Expand all Loading... |
| 215 return false; | 172 return false; |
| 216 } | 173 } |
| 217 | 174 |
| 218 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); | 175 output->assign(reinterpret_cast<const char*>(buf), sizeof(buf)); |
| 219 return true; | 176 return true; |
| 220 } | 177 } |
| 221 | 178 |
| 222 ECPrivateKey::ECPrivateKey() {} | 179 ECPrivateKey::ECPrivateKey() {} |
| 223 | 180 |
| 224 } // namespace crypto | 181 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2781993006:
Use new APIs for parsing encrypted ECPrivateKeys. (Closed)
