// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "crypto/rsa_private_key.h"
#include <openssl/evp.h>
#include <openssl/pkcs12.h>
#include <openssl/rsa.h>
#include "base/logging.h"
#include "base/memory/scoped_ptr.h"
#include "base/stl_util-inl.h"
#include "crypto/openssl_util.h"
namespace crypto {
namespace {
// Function pointer definition, for injecting the required key export function
// into ExportKey, below. The supplied function should export EVP_PKEY into
// the supplied BIO, returning 1 on success or 0 on failure.
typedef int (ExportFunction)(BIO*, EVP_PKEY*);
// Helper to export |key| into |output| via the specified ExportFunction.
bool ExportKey(EVP_PKEY* key,
ExportFunction export_fn,
std::vector<uint8>* output) {
if (!key)
return false;
OpenSSLErrStackTracer err_tracer(FROM_HERE);
ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new(BIO_s_mem()));
int res = export_fn(bio.get(), key);
if (!res)
return false;
char* data = NULL;
long len = BIO_get_mem_data(bio.get(), &data);
if (!data || len < 0)
return false;
STLAssignToVector(output, reinterpret_cast<const uint8*>(data), len);
return true;
}
} // namespace
// static
RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
ScopedOpenSSL<RSA, RSA_free> rsa_key(RSA_new());
ScopedOpenSSL<BIGNUM, BN_free> bn(BN_new());
if (!rsa_key.get() || !bn.get() || !BN_set_word(bn.get(), 65537L))
return NULL;
if (!RSA_generate_key_ex(rsa_key.get(), num_bits, bn.get(), NULL))
return NULL;
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
result->key_ = EVP_PKEY_new();
if (!result->key_ || !EVP_PKEY_set1_RSA(result->key_, rsa_key.get()))
return NULL;
return result.release();
}
// static
RSAPrivateKey* RSAPrivateKey::CreateSensitive(uint16 num_bits) {
NOTIMPLEMENTED();
return NULL;
}
// static
RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
const std::vector<uint8>& input) {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
// BIO_new_mem_buf is not const aware, but it does not modify the buffer.
char* data = reinterpret_cast<char*>(const_cast<uint8*>(
vector_as_array(&input)));
ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data, input.size()));
if (!bio.get())
return NULL;
// Importing is a little more involved than exporting, as we must first
// PKCS#8 decode the input, and then import the EVP_PKEY from Private Key
// Info structure returned.
ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> p8inf(
d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL));
if (!p8inf.get())
return NULL;
scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
result->key_ = EVP_PKCS82PKEY(p8inf.get());
if (!result->key_)
return NULL;
return result.release();
}
// static
RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(
const std::vector<uint8>& input) {
NOTIMPLEMENTED();
return NULL;
}
// static
RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo(
const std::vector<uint8>& input) {
NOTIMPLEMENTED();
return NULL;
}
RSAPrivateKey::RSAPrivateKey()
: key_(NULL) {
}
RSAPrivateKey::~RSAPrivateKey() {
if (key_)
EVP_PKEY_free(key_);
}
bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) {
return ExportKey(key_, i2d_PKCS8PrivateKeyInfo_bio, output);
}
bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
return ExportKey(key_, i2d_PUBKEY_bio, output);
}
} // namespace crypto