net/ssl/openssl_platform_key_win.cc - Issue 992733002: Remove //net (except for Android test stuff) and sdch

Side by Side Diff: net/ssl/openssl_platform_key_win.cc

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master

Patch Set: Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "net/ssl/openssl_platform_key.h"

6

7 #include <windows.h>

8 #include <NCrypt.h>

9

10 #include <string.h>

11

12 #include <algorithm>

13 #include <vector>

14

15 #include <openssl/bn.h>

16 #include <openssl/digest.h>

17 #include <openssl/ec_key.h>

18 #include <openssl/err.h>

19 #include <openssl/engine.h>

20 #include <openssl/evp.h>

21 #include <openssl/md5.h>

22 #include <openssl/obj_mac.h>

23 #include <openssl/rsa.h>

24 #include <openssl/sha.h>

25

26 #include "base/debug/debugger.h"

27 #include "base/debug/stack_trace.h"

28 #include "base/lazy_instance.h"

29 #include "base/logging.h"

30 #include "base/memory/scoped_ptr.h"

31 #include "base/profiler/scoped_tracker.h"

32 #include "base/win/windows_version.h"

33 #include "crypto/scoped_capi_types.h"

34 #include "crypto/wincrypt_shim.h"

35 #include "net/base/net_errors.h"

36 #include "net/cert/x509_certificate.h"

37 #include "net/ssl/openssl_ssl_util.h"

38

39 namespace net {

40

41 namespace {

42

43 using NCryptFreeObjectFunc = SECURITY_STATUS(WINAPI*)(NCRYPT_HANDLE);

44 using NCryptGetPropertyFunc =

45 SECURITY_STATUS(WINAPI*)(NCRYPT_HANDLE, // hObject

46 LPCWSTR, // pszProperty

47 PBYTE, // pbOutput

48 DWORD, // cbOutput

49 DWORD*, // pcbResult

50 DWORD); // dwFlags

51 using NCryptSignHashFunc =

52 SECURITY_STATUS(WINAPI*)(NCRYPT_KEY_HANDLE, // hKey

53 VOID*, // pPaddingInfo

54 PBYTE, // pbHashValue

55 DWORD, // cbHashValue

56 PBYTE, // pbSignature

57 DWORD, // cbSignature

58 DWORD*, // pcbResult

59 DWORD); // dwFlags

60

61 class CNGFunctions {

62 public:

63 CNGFunctions()

64 : ncrypt_free_object_(nullptr),

65 ncrypt_get_property_(nullptr),

66 ncrypt_sign_hash_(nullptr) {

67 HMODULE ncrypt = GetModuleHandle(L"ncrypt.dll");

68 if (ncrypt != nullptr) {

69 ncrypt_free_object_ = reinterpret_cast<NCryptFreeObjectFunc>(

70 GetProcAddress(ncrypt, "NCryptFreeObject"));

71 ncrypt_get_property_ = reinterpret_cast<NCryptGetPropertyFunc>(

72 GetProcAddress(ncrypt, "NCryptGetProperty"));

73 ncrypt_sign_hash_ = reinterpret_cast<NCryptSignHashFunc>(

74 GetProcAddress(ncrypt, "NCryptSignHash"));

75 }

76 }

77

78 NCryptFreeObjectFunc ncrypt_free_object() const {

79 return ncrypt_free_object_;

80 }

81

82 NCryptGetPropertyFunc ncrypt_get_property() const {

83 return ncrypt_get_property_;

84 }

85

86 NCryptSignHashFunc ncrypt_sign_hash() const { return ncrypt_sign_hash_; }

87

88 private:

89 NCryptFreeObjectFunc ncrypt_free_object_;

90 NCryptGetPropertyFunc ncrypt_get_property_;

91 NCryptSignHashFunc ncrypt_sign_hash_;

92 };

93

94 base::LazyInstance<CNGFunctions>::Leaky g_cng_functions =

95 LAZY_INSTANCE_INITIALIZER;

96

97 struct CERT_KEY_CONTEXTDeleter {

98 void operator()(PCERT_KEY_CONTEXT key) {

99 if (key->dwKeySpec == CERT_NCRYPT_KEY_SPEC) {

100 g_cng_functions.Get().ncrypt_free_object()(key->hNCryptKey);

101 } else {

102 CryptReleaseContext(key->hCryptProv, 0);

103 }

104 delete key;

105 }

106 };

107

108 using ScopedCERT_KEY_CONTEXT =

109 scoped_ptr<CERT_KEY_CONTEXT, CERT_KEY_CONTEXTDeleter>;

110

111 // KeyExData contains the data that is contained in the EX_DATA of the

112 // RSA and ECDSA objects that are created to wrap Windows system keys.

113 struct KeyExData {

114 KeyExData(ScopedCERT_KEY_CONTEXT key, DWORD key_length)

115 : key(key.Pass()), key_length(key_length) {}

116

117 ScopedCERT_KEY_CONTEXT key;

118 DWORD key_length;

119 };

120

121 // ExDataDup is called when one of the RSA or EC_KEY objects is

122 // duplicated. This is not supported and should never happen.

123 int ExDataDup(CRYPTO_EX_DATA* to,

124 const CRYPTO_EX_DATA* from,

125 void** from_d,

126 int idx,

127 long argl,

128 void* argp) {

129 CHECK_EQ((void)nullptr, from_d);

130 return 0;

131 }

132

133 // ExDataFree is called when one of the RSA or EC_KEY objects is freed.

134 void ExDataFree(void* parent,

135 void* ptr,

136 CRYPTO_EX_DATA* ex_data,

137 int idx,

138 long argl,

139 void* argp) {

140 KeyExData* data = reinterpret_cast<KeyExData*>(ptr);

141 delete data;

142 }

143

144 extern const RSA_METHOD win_rsa_method;

145 extern const ECDSA_METHOD win_ecdsa_method;

146

147 // BoringSSLEngine is a BoringSSL ENGINE that implements RSA and ECDSA

148 // by forwarding the requested operations to CAPI or CNG.

149 class BoringSSLEngine {

150 public:

151 BoringSSLEngine()

152 : rsa_index_(RSA_get_ex_new_index(0 /* argl */,

153 nullptr /* argp */,

154 nullptr /* new_func */,

155 ExDataDup,

156 ExDataFree)),

157 ec_key_index_(EC_KEY_get_ex_new_index(0 /* argl */,

158 nullptr /* argp */,

159 nullptr /* new_func */,

160 ExDataDup,

161 ExDataFree)),

162 engine_(ENGINE_new()) {

163 ENGINE_set_RSA_method(engine_, &win_rsa_method, sizeof(win_rsa_method));

164 ENGINE_set_ECDSA_method(engine_, &win_ecdsa_method,

165 sizeof(win_ecdsa_method));

166 }

167

168 int rsa_ex_index() const { return rsa_index_; }

169 int ec_key_ex_index() const { return ec_key_index_; }

170

171 const ENGINE* engine() const { return engine_; }

172

173 private:

174 const int rsa_index_;

175 const int ec_key_index_;

176 ENGINE* const engine_;

177 };

178

179 base::LazyInstance<BoringSSLEngine>::Leaky global_boringssl_engine =

180 LAZY_INSTANCE_INITIALIZER;

181

182 // Custom RSA_METHOD that uses the platform APIs for signing.

183

184 const KeyExData* RsaGetExData(const RSA* rsa) {

185 return reinterpret_cast<const KeyExData*>(

186 RSA_get_ex_data(rsa, global_boringssl_engine.Get().rsa_ex_index()));

187 }

188

189 size_t RsaMethodSize(const RSA* rsa) {

190 const KeyExData* ex_data = RsaGetExData(rsa);

191 return (ex_data->key_length + 7) / 8;

192 }

193

194 int RsaMethodSign(int hash_nid,

195 const uint8_t* in,

196 unsigned in_len,

197 uint8_t* out,

198 unsigned* out_len,

199 const RSA* rsa) {

200 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed.

201 tracked_objects::ScopedTracker tracking_profile(

202 FROM_HERE_WITH_EXPLICIT_FUNCTION("424386 RsaMethodSign"));

203

204 // TODO(davidben): Switch BoringSSL's sign hook to using size_t rather than

205 // unsigned.

206 const KeyExData* ex_data = RsaGetExData(rsa);

207 if (!ex_data) {

208 NOTREACHED();

209 OPENSSL_PUT_ERROR(RSA, RSA_sign, ERR_R_INTERNAL_ERROR);

210 return 0;

211 }

212

213 if (ex_data->key->dwKeySpec == CERT_NCRYPT_KEY_SPEC) {

214 BCRYPT_PKCS1_PADDING_INFO rsa_padding_info;

215 switch (hash_nid) {

216 case NID_md5_sha1:

217 rsa_padding_info.pszAlgId = nullptr;

218 break;

219 case NID_sha1:

220 rsa_padding_info.pszAlgId = BCRYPT_SHA1_ALGORITHM;

221 break;

222 case NID_sha256:

223 rsa_padding_info.pszAlgId = BCRYPT_SHA256_ALGORITHM;

224 break;

225 case NID_sha384:

226 rsa_padding_info.pszAlgId = BCRYPT_SHA384_ALGORITHM;

227 break;

228 case NID_sha512:

229 rsa_padding_info.pszAlgId = BCRYPT_SHA512_ALGORITHM;

230 break;

231 default:

232 OPENSSL_PUT_ERROR(RSA, RSA_sign, RSA_R_UNKNOWN_ALGORITHM_TYPE);

233 return 0;

234 }

235

236 DWORD signature_len;

237 SECURITY_STATUS ncrypt_status = g_cng_functions.Get().ncrypt_sign_hash()(

238 ex_data->key->hNCryptKey, &rsa_padding_info, const_cast<PBYTE>(in),

239 in_len, out, RSA_size(rsa), &signature_len, BCRYPT_PAD_PKCS1);

240 if (FAILED(ncrypt_status) \|\| signature_len == 0) {

241 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

242 return 0;

243 }

244 *out_len = signature_len;

245 return 1;

246 }

247

248 ALG_ID hash_alg;

249 switch (hash_nid) {

250 case NID_md5_sha1:

251 hash_alg = CALG_SSL3_SHAMD5;

252 break;

253 case NID_sha1:

254 hash_alg = CALG_SHA1;

255 break;

256 case NID_sha256:

257 hash_alg = CALG_SHA_256;

258 break;

259 case NID_sha384:

260 hash_alg = CALG_SHA_384;

261 break;

262 case NID_sha512:

263 hash_alg = CALG_SHA_512;

264 break;

265 default:

266 OPENSSL_PUT_ERROR(RSA, RSA_sign, RSA_R_UNKNOWN_ALGORITHM_TYPE);

267 return 0;

268 }

269

270 HCRYPTHASH hash;

271 if (!CryptCreateHash(ex_data->key->hCryptProv, hash_alg, 0, 0, &hash)) {

272 PLOG(ERROR) << "CreateCreateHash failed";

273 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

274 return 0;

275 }

276 DWORD hash_len;

277 DWORD arg_len = sizeof(hash_len);

278 if (!CryptGetHashParam(hash, HP_HASHSIZE, reinterpret_cast<BYTE*>(&hash_len),

279 &arg_len, 0)) {

280 PLOG(ERROR) << "CryptGetHashParam HP_HASHSIZE failed";

281 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

282 return 0;

283 }

284 if (hash_len != in_len) {

285 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

286 return 0;

287 }

288 if (!CryptSetHashParam(hash, HP_HASHVAL, const_cast<BYTE*>(in), 0)) {

289 PLOG(ERROR) << "CryptSetHashParam HP_HASHVAL failed";

290 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

291 return 0;

292 }

293 DWORD signature_len = RSA_size(rsa);

294 if (!CryptSignHash(hash, ex_data->key->dwKeySpec, nullptr, 0, out,

295 &signature_len)) {

296 PLOG(ERROR) << "CryptSignHash failed";

297 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

298 return 0;

299 }

300

301 /* CryptoAPI signs in little-endian, so reverse it. */

302 std::reverse(out, out + signature_len);

303 *out_len = signature_len;

304 return 1;

305 }

306

307 int RsaMethodEncrypt(RSA* rsa,

308 size_t* out_len,

309 uint8_t* out,

310 size_t max_out,

311 const uint8_t* in,

312 size_t in_len,

313 int padding) {

314 NOTIMPLEMENTED();

315 OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_ALGORITHM_TYPE);

316 return 0;

317 }

318

319 int RsaMethodSignRaw(RSA* rsa,

320 size_t* out_len,

321 uint8_t* out,

322 size_t max_out,

323 const uint8_t* in,

324 size_t in_len,

325 int padding) {

326 NOTIMPLEMENTED();

327 OPENSSL_PUT_ERROR(RSA, encrypt, RSA_R_UNKNOWN_ALGORITHM_TYPE);

328 return 0;

329 }

330

331 int RsaMethodDecrypt(RSA* rsa,

332 size_t* out_len,

333 uint8_t* out,

334 size_t max_out,

335 const uint8_t* in,

336 size_t in_len,

337 int padding) {

338 NOTIMPLEMENTED();

339 OPENSSL_PUT_ERROR(RSA, decrypt, RSA_R_UNKNOWN_ALGORITHM_TYPE);

340 return 0;

341 }

342

343 int RsaMethodVerifyRaw(RSA* rsa,

344 size_t* out_len,

345 uint8_t* out,

346 size_t max_out,

347 const uint8_t* in,

348 size_t in_len,

349 int padding) {

350 NOTIMPLEMENTED();

351 OPENSSL_PUT_ERROR(RSA, verify_raw, RSA_R_UNKNOWN_ALGORITHM_TYPE);

352 return 0;

353 }

354

355 int RsaMethodSupportsDigest(const RSA* rsa, const EVP_MD* md) {

356 const KeyExData* ex_data = RsaGetExData(rsa);

357 if (!ex_data) {

358 NOTREACHED();

359 return 0;

360 }

361

362 int hash_nid = EVP_MD_type(md);

363 if (ex_data->key->dwKeySpec == CERT_NCRYPT_KEY_SPEC) {

364 // Only hashes which appear in RsaSignPKCS1 are supported.

365 if (hash_nid != NID_sha1 && hash_nid != NID_sha256 &&

366 hash_nid != NID_sha384 && hash_nid != NID_sha512) {

367 return 0;

368 }

369

370 // If the key is a 1024-bit RSA, assume conservatively that it may only be

371 // able to sign SHA-1 hashes. This is the case for older Estonian ID cards

372 // that have 1024-bit RSA keys.

373 //

374 // CNG does provide NCryptIsAlgSupported and NCryptEnumAlgorithms functions,

375 // however they seem to both return NTE_NOT_SUPPORTED when querying the

376 // NCRYPT_PROV_HANDLE at the key's NCRYPT_PROVIDER_HANDLE_PROPERTY.

377 if (ex_data->key_length <= 1024 && hash_nid != NID_sha1)

378 return 0;

379

380 return 1;

381 } else {

382 // If the key is in CAPI, assume conservatively that the CAPI service

383 // provider may only be able to sign SHA-1 hashes.

384 return hash_nid == NID_sha1;

385 }

386 }

387

388 const RSA_METHOD win_rsa_method = {

389 {

390 0, // references

391 1, // is_static

392 },

393 nullptr, // app_data

394

395 nullptr, // init

396 nullptr, // finish

397 RsaMethodSize,

398 RsaMethodSign,

399 nullptr, // verify

400 RsaMethodEncrypt,

401 RsaMethodSignRaw,

402 RsaMethodDecrypt,

403 RsaMethodVerifyRaw,

404 nullptr, // private_transform

405 nullptr, // mod_exp

406 nullptr, // bn_mod_exp

407 RSA_FLAG_OPAQUE,

408 nullptr, // keygen

409 RsaMethodSupportsDigest,

410 };

411

412 // Custom ECDSA_METHOD that uses the platform APIs.

413 // Note that for now, only signing through ECDSA_sign() is really supported.

414 // all other method pointers are either stubs returning errors, or no-ops.

415

416 const KeyExData* EcKeyGetExData(const EC_KEY* ec_key) {

417 return reinterpret_cast<const KeyExData*>(EC_KEY_get_ex_data(

418 ec_key, global_boringssl_engine.Get().ec_key_ex_index()));

419 }

420

421 size_t EcdsaMethodGroupOrderSize(const EC_KEY* ec_key) {

422 const KeyExData* ex_data = EcKeyGetExData(ec_key);

423 // Windows doesn't distinguish the sizes of the curve's degree (which

424 // determines the size of a point on the curve) and the base point's order

425 // (which determines the size of a scalar). For P-256, P-384, and P-521, these

426 // two sizes are the same.

427 //

428 // See

429 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa375520(v=vs.85).a spx

430 // which uses the same length for both.

431 return (ex_data->key_length + 7) / 8;

432 }

433

434 int EcdsaMethodSign(const uint8_t* digest,

435 size_t digest_len,

436 uint8_t* out_sig,

437 unsigned int* out_sig_len,

438 EC_KEY* ec_key) {

439 // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed.

440 tracked_objects::ScopedTracker tracking_profile(

441 FROM_HERE_WITH_EXPLICIT_FUNCTION("424386 EcdsaMethodSign"));

442

443 const KeyExData* ex_data = EcKeyGetExData(ec_key);

444 // Only CNG supports ECDSA.

445 if (!ex_data \|\| ex_data->key->dwKeySpec != CERT_NCRYPT_KEY_SPEC) {

446 NOTREACHED();

447 OPENSSL_PUT_ERROR(RSA, sign_raw, ERR_R_INTERNAL_ERROR);

448 return 0;

449 }

450

451 size_t degree = (ex_data->key_length + 7) / 8;

452 if (degree == 0) {

453 NOTREACHED();

454 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

455 return 0;

456 }

457 std::vector<uint8_t> raw_sig(degree * 2);

458

459 DWORD signature_len;

460 SECURITY_STATUS ncrypt_status = g_cng_functions.Get().ncrypt_sign_hash()(

461 ex_data->key->hNCryptKey, nullptr, const_cast<PBYTE>(digest), digest_len,

462 &raw_sig[0], raw_sig.size(), &signature_len, 0);

463 if (FAILED(ncrypt_status) \|\| signature_len != raw_sig.size()) {

464 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

465 return 0;

466 }

467

468 // Convert the RAW ECDSA signature to a DER-encoded ECDSA-Sig-Value.

469 crypto::ScopedECDSA_SIG sig(ECDSA_SIG_new());

470 if (!sig) {

471 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

472 return 0;

473 }

474 sig->r = BN_bin2bn(&raw_sig[0], degree, nullptr);

475 sig->s = BN_bin2bn(&raw_sig[degree], degree, nullptr);

476 if (!sig->r \|\| !sig->s) {

477 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

478 return 0;

479 }

480

481 // Ensure the DER-encoded signature fits in the bounds.

482 int len = i2d_ECDSA_SIG(sig.get(), nullptr);

483 if (len < 0 \|\| static_cast<size_t>(len) > ECDSA_size(ec_key)) {

484 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

485 return 0;

486 }

487

488 len = i2d_ECDSA_SIG(sig.get(), &out_sig);

489 if (len < 0) {

490 OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);

491 return 0;

492 }

493 *out_sig_len = len;

494 return 1;

495 }

496

497 int EcdsaMethodVerify(const uint8_t* digest,

498 size_t digest_len,

499 const uint8_t* sig,

500 size_t sig_len,

501 EC_KEY* eckey) {

502 NOTIMPLEMENTED();

503 OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED);

504 return 0;

505 }

506

507 const ECDSA_METHOD win_ecdsa_method = {

508 {

509 0, // references

510 1, // is_static

511 },

512 nullptr, // app_data

513

514 nullptr, // init

515 nullptr, // finish

516 EcdsaMethodGroupOrderSize,

517 EcdsaMethodSign,

518 EcdsaMethodVerify,

519 ECDSA_FLAG_OPAQUE,

520 };

521

522 // Determines the key type and length of \|key\|. The type is returned as an

523 // OpenSSL EVP_PKEY type. The key length for RSA key is the size of the RSA

524 // modulus in bits. For an ECDSA key, it is the number of bits to represent the

525 // group order. It returns true on success and false on failure.

526 bool GetKeyInfo(PCERT_KEY_CONTEXT key, int* out_type, DWORD* out_length) {

527 if (key->dwKeySpec == CERT_NCRYPT_KEY_SPEC) {

528 DWORD prop_len;

529 SECURITY_STATUS status = g_cng_functions.Get().ncrypt_get_property()(

530 key->hNCryptKey, NCRYPT_ALGORITHM_GROUP_PROPERTY, nullptr, 0, &prop_len,

531 0);

532 if (FAILED(status) \|\| prop_len == 0 \|\| prop_len % 2 != 0) {

533 LOG(ERROR) << "Could not query CNG key type: " << status;

534 return false;

535 }

536

537 std::vector<BYTE> prop_buf(prop_len);

538 status = g_cng_functions.Get().ncrypt_get_property()(

539 key->hNCryptKey, NCRYPT_ALGORITHM_GROUP_PROPERTY, &prop_buf[0],

540 prop_buf.size(), &prop_len, 0);

541 if (FAILED(status) \|\| prop_len == 0 \|\| prop_len % 2 != 0) {

542 LOG(ERROR) << "Could not query CNG key type: " << status;

543 return false;

544 }

545

546 int type;

547 const wchar_t* alg = reinterpret_cast<const wchar_t*>(&prop_buf[0]);

548 if (wcsncmp(NCRYPT_RSA_ALGORITHM_GROUP, alg, prop_len / 2) == 0) {

549 type = EVP_PKEY_RSA;

550 } else if (wcsncmp(NCRYPT_ECDSA_ALGORITHM_GROUP, alg, prop_len / 2) == 0 \|\|

551 wcsncmp(NCRYPT_ECDH_ALGORITHM_GROUP, alg, prop_len / 2) == 0) {

552 // Importing an ECDSA key via PKCS #12 seems to label it as ECDH rather

553 // than ECDSA, so also allow ECDH.

554 type = EVP_PKEY_EC;

555 } else {

556 LOG(ERROR) << "Unknown CNG key type: "

557 << std::wstring(alg, wcsnlen(alg, prop_len / 2));

558 return false;

559 }

560

561 DWORD length;

562 prop_len;

563 status = g_cng_functions.Get().ncrypt_get_property()(

564 key->hNCryptKey, NCRYPT_LENGTH_PROPERTY,

565 reinterpret_cast<BYTE*>(&length), sizeof(DWORD), &prop_len, 0);

566 if (FAILED(status)) {

567 LOG(ERROR) << "Could not get CNG key length " << status;

568 return false;

569 }

570 DCHECK_EQ(sizeof(DWORD), prop_len);

571

572 *out_type = type;

573 *out_length = length;

574 return true;

575 }

576

577 crypto::ScopedHCRYPTKEY hcryptkey;

578 if (!CryptGetUserKey(key->hCryptProv, key->dwKeySpec, hcryptkey.receive())) {

579 PLOG(ERROR) << "Could not get CAPI key handle";

580 return false;

581 }

582

583 ALG_ID alg_id;

584 DWORD prop_len = sizeof(alg_id);

585 if (!CryptGetKeyParam(hcryptkey.get(), KP_ALGID,

586 reinterpret_cast<BYTE*>(&alg_id), &prop_len, 0)) {

587 PLOG(ERROR) << "Could not query CAPI key type";

588 return false;

589 }

590

591 if (alg_id != CALG_RSA_SIGN && alg_id != CALG_RSA_KEYX) {

592 LOG(ERROR) << "Unknown CAPI key type: " << alg_id;

593 return false;

594 }

595

596 DWORD length;

597 prop_len = sizeof(DWORD);

598 if (!CryptGetKeyParam(hcryptkey.get(), KP_KEYLEN,

599 reinterpret_cast<BYTE*>(&length), &prop_len, 0)) {

600 PLOG(ERROR) << "Could not get CAPI key length";

601 return false;

602 }

603 DCHECK_EQ(sizeof(DWORD), prop_len);

604

605 *out_type = EVP_PKEY_RSA;

606 *out_length = length;

607 return true;

608 }

609

610 crypto::ScopedEVP_PKEY CreateRSAWrapper(ScopedCERT_KEY_CONTEXT key,

611 DWORD key_length) {

612 crypto::ScopedRSA rsa(RSA_new_method(global_boringssl_engine.Get().engine()));

613 if (!rsa)

614 return nullptr;

615

616 RSA_set_ex_data(rsa.get(), global_boringssl_engine.Get().rsa_ex_index(),

617 new KeyExData(key.Pass(), key_length));

618

619 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new());

620 if (!pkey \|\| !EVP_PKEY_set1_RSA(pkey.get(), rsa.get()))

621 return nullptr;

622 return pkey.Pass();

623 }

624

625 crypto::ScopedEVP_PKEY CreateECDSAWrapper(ScopedCERT_KEY_CONTEXT key,

626 DWORD key_length) {

627 crypto::ScopedEC_KEY ec_key(

628 EC_KEY_new_method(global_boringssl_engine.Get().engine()));

629 if (!ec_key)

630 return nullptr;

631

632 EC_KEY_set_ex_data(ec_key.get(),

633 global_boringssl_engine.Get().ec_key_ex_index(),

634 new KeyExData(key.Pass(), key_length));

635

636 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new());

637 if (!pkey \|\| !EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()))

638 return nullptr;

639

640 return pkey.Pass();

641 }

642

643 } // namespace

644

645 crypto::ScopedEVP_PKEY FetchClientCertPrivateKey(

646 const X509Certificate* certificate) {

647 PCCERT_CONTEXT cert_context = certificate->os_cert_handle();

648

649 HCRYPTPROV_OR_NCRYPT_KEY_HANDLE crypt_prov = 0;

650 DWORD key_spec = 0;

651 BOOL must_free = FALSE;

652 DWORD flags = 0;

653 if (base::win::GetVersion() >= base::win::VERSION_VISTA)

654 flags \|= CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG;

655

656 if (!CryptAcquireCertificatePrivateKey(cert_context, flags, nullptr,

657 &crypt_prov, &key_spec, &must_free)) {

658 PLOG(WARNING) << "Could not acquire private key";

659 return nullptr;

660 }

661

662 // Should never get a cached handle back - ownership must always be

663 // transferred.

664 CHECK_EQ(must_free, TRUE);

665 ScopedCERT_KEY_CONTEXT key(new CERT_KEY_CONTEXT);

666 key->dwKeySpec = key_spec;

667 key->hCryptProv = crypt_prov;

668

669 int key_type;

670 DWORD key_length;

671 if (!GetKeyInfo(key.get(), &key_type, &key_length))

672 return nullptr;

673

674 switch (key_type) {

675 case EVP_PKEY_RSA:

676 return CreateRSAWrapper(key.Pass(), key_length);

677 case EVP_PKEY_EC:

678 return CreateECDSAWrapper(key.Pass(), key_length);

679 default:

680 return nullptr;

681 }

682 }

683

684 } // namespace net

OLD	NEW

« no previous file with comments | « net/ssl/openssl_platform_key_mac.cc ('k') | net/ssl/openssl_ssl_util.h » ('j') | no next file with comments »