1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "crypto/rsa_private_key.h" 6 7 #include <openssl/evp.h> 8 #include <openssl/pkcs12.h> 9 #include <openssl/rsa.h> 10 11 #include "base/logging.h" 12 #include "base/memory/scoped_ptr.h" 13 #include "crypto/openssl_util.h" 14 15 namespace crypto { 16 17 namespace { 18 19 // Function pointer definition, for injecting the required key export function 20 // into ExportKey, below. The supplied function should export EVP_PKEY into 21 // the supplied BIO, returning 1 on success or 0 on failure. 22 typedef int (ExportFunction)(BIO*, EVP_PKEY*); 23 24 // Helper to export |key| into |output| via the specified ExportFunction. 25 bool ExportKey(EVP_PKEY* key, 26 ExportFunction export_fn, 27 std::vector<uint8>* output) { 28 if (!key) 29 return false; 30 31 OpenSSLErrStackTracer err_tracer(FROM_HERE); 32 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new(BIO_s_mem())); 33 34 int res = export_fn(bio.get(), key); 35 if (!res) 36 return false; 37 38 char* data = NULL; 39 long len = BIO_get_mem_data(bio.get(), &data); 40 if (!data || len < 0) 41 return false; 42 43 output->assign(data, data + len); 44 return true; 45 } 46 47 } // namespace 48 49 // static 50 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { 51 OpenSSLErrStackTracer err_tracer(FROM_HERE); 52 53 ScopedOpenSSL<RSA, RSA_free> rsa_key(RSA_new()); 54 ScopedOpenSSL<BIGNUM, BN_free> bn(BN_new()); 55 if (!rsa_key.get() || !bn.get() || !BN_set_word(bn.get(), 65537L)) 56 return NULL; 57 58 if (!RSA_generate_key_ex(rsa_key.get(), num_bits, bn.get(), NULL)) 59 return NULL; 60 61 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 62 result->key_ = EVP_PKEY_new(); 63 if (!result->key_ || !EVP_PKEY_set1_RSA(result->key_, rsa_key.get())) 64 return NULL; 65 66 return result.release(); 67 } 68 69 // static 70 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( 71 const std::vector<uint8>& input) { 72 if (input.empty()) 73 return NULL; 74 75 OpenSSLErrStackTracer err_tracer(FROM_HERE); 76 // BIO_new_mem_buf is not const aware, but it does not modify the buffer. 77 char* data = reinterpret_cast<char*>(const_cast<uint8*>(&input[0])); 78 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data, input.size())); 79 if (!bio.get()) 80 return NULL; 81 82 // Importing is a little more involved than exporting, as we must first 83 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key 84 // Info structure returned. 85 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> p8inf( 86 d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL)); 87 if (!p8inf.get()) 88 return NULL; 89 90 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey); 91 result->key_ = EVP_PKCS82PKEY(p8inf.get()); 92 if (!result->key_) 93 return NULL; 94 95 return result.release(); 96 } 97 98 RSAPrivateKey::RSAPrivateKey() 99 : key_(NULL) { 100 } 101 102 RSAPrivateKey::~RSAPrivateKey() { 103 if (key_) 104 EVP_PKEY_free(key_); 105 } 106 107 RSAPrivateKey* RSAPrivateKey::Copy() const { 108 scoped_ptr<RSAPrivateKey> copy(new RSAPrivateKey()); 109 RSA* rsa = EVP_PKEY_get1_RSA(key_); 110 if (!rsa) 111 return NULL; 112 copy->key_ = EVP_PKEY_new(); 113 if (!EVP_PKEY_set1_RSA(copy->key_, rsa)) 114 return NULL; 115 return copy.release(); 116 } 117 118 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const { 119 return ExportKey(key_, i2d_PKCS8PrivateKeyInfo_bio, output); 120 } 121 122 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) const { 123 return ExportKey(key_, i2d_PUBKEY_bio, output); 124 } 125 126 } // namespace crypto 127