crypto/ec_private_key.cc - chromium/src - Git at Google

 // Copyright 2012 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "crypto/ec_private_key.h"

 #include <stddef.h>
 #include <stdint.h>

 #include <utility>

 #include "base/check_op.h"
 #include "crypto/openssl_util.h"
 #include "third_party/boringssl/src/include/openssl/bytestring.h"
 #include "third_party/boringssl/src/include/openssl/ec.h"
 #include "third_party/boringssl/src/include/openssl/ec_key.h"
 #include "third_party/boringssl/src/include/openssl/evp.h"
 #include "third_party/boringssl/src/include/openssl/mem.h"
 #include "third_party/boringssl/src/include/openssl/pkcs8.h"

 namespace crypto {

 ECPrivateKey::~ECPrivateKey() = default;

 // static
 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);

   bssl::UniquePtr<EC_KEY> ec_key(
       EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
   if (!ec_key || !EC_KEY_generate_key(ec_key.get()))
     return nullptr;

   std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
   result->key_.reset(EVP_PKEY_new());
   if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_.get(), ec_key.get()))
     return nullptr;

   CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_.get()));
   return result;
 }

 // static
 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo(
     base::span<const uint8_t> input) {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);

   CBS cbs;
   CBS_init(&cbs, input.data(), input.size());
   bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
   if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
     return nullptr;

   std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
   result->key_ = std::move(pkey);
   return result;
 }

 // static
 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
     base::span<const uint8_t> encrypted_private_key_info) {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);

   CBS cbs;
   CBS_init(&cbs, encrypted_private_key_info.data(),
            encrypted_private_key_info.size());
   bssl::UniquePtr<EVP_PKEY> pkey(
       PKCS8_parse_encrypted_private_key(&cbs, "", 0));

   // Hack for reading keys generated by an older version of the OpenSSL code.
   // Some implementations encode the empty password as "\0\0" (passwords are
   // normally encoded in big-endian UCS-2 with a NUL terminator) and some
   // encode as the empty string. PKCS8_parse_encrypted_private_key
   // distinguishes the two by whether the password is nullptr.
   if (!pkey) {
     CBS_init(&cbs, encrypted_private_key_info.data(),
              encrypted_private_key_info.size());
     pkey.reset(PKCS8_parse_encrypted_private_key(&cbs, nullptr, 0));
   }

   if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
     return nullptr;

   std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
   result->key_ = std::move(pkey);
   return result;
 }

 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const {
   std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey());
   copy->key_ = bssl::UpRef(key_);
   return copy;
 }

 bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);
   uint8_t* der;
   size_t der_len;
   bssl::ScopedCBB cbb;
   if (!CBB_init(cbb.get(), 0) ||
       !EVP_marshal_private_key(cbb.get(), key_.get()) ||
       !CBB_finish(cbb.get(), &der, &der_len)) {
     return false;
   }
   output->assign(der, der + der_len);
   OPENSSL_free(der);
   return true;
 }

 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);
   uint8_t* der;
   size_t der_len;
   bssl::ScopedCBB cbb;
   if (!CBB_init(cbb.get(), 0) ||
       !EVP_marshal_public_key(cbb.get(), key_.get()) ||
       !CBB_finish(cbb.get(), &der, &der_len)) {
     return false;
   }
   output->assign(der, der + der_len);
   OPENSSL_free(der);
   return true;
 }

 bool ECPrivateKey::ExportRawPublicKey(std::string* output) const {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);

   std::array<uint8_t, 65> buf;
   EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_.get());
   if (!EC_POINT_point2oct(EC_KEY_get0_group(ec_key),
                           EC_KEY_get0_public_key(ec_key),
                           POINT_CONVERSION_UNCOMPRESSED, buf.data(), buf.size(),
                           /*ctx=*/nullptr)) {
     return false;
   }

   output->assign(buf.begin(), buf.end());
   return true;
 }

 ECPrivateKey::ECPrivateKey() = default;

 }  // namespace crypto
	// Copyright 2012 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "crypto/ec_private_key.h"

	#include <stddef.h>
	#include <stdint.h>

	#include <utility>

	#include "base/check_op.h"
	#include "crypto/openssl_util.h"
	#include "third_party/boringssl/src/include/openssl/bytestring.h"
	#include "third_party/boringssl/src/include/openssl/ec.h"
	#include "third_party/boringssl/src/include/openssl/ec_key.h"
	#include "third_party/boringssl/src/include/openssl/evp.h"
	#include "third_party/boringssl/src/include/openssl/mem.h"
	#include "third_party/boringssl/src/include/openssl/pkcs8.h"

	namespace crypto {

	ECPrivateKey::~ECPrivateKey() = default;

	// static
	std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);

	bssl::UniquePtr<EC_KEY> ec_key(
	EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
	if (!ec_key \|\| !EC_KEY_generate_key(ec_key.get()))
	return nullptr;

	std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
	result->key_.reset(EVP_PKEY_new());
	if (!result->key_ \|\| !EVP_PKEY_set1_EC_KEY(result->key_.get(), ec_key.get()))
	return nullptr;

	CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_.get()));
	return result;
	}

	// static
	std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo(
	base::span<const uint8_t> input) {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);

	CBS cbs;
	CBS_init(&cbs, input.data(), input.size());
	bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
	if (!pkey \|\| CBS_len(&cbs) != 0 \|\| EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
	return nullptr;

	std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
	result->key_ = std::move(pkey);
	return result;
	}

	// static
	std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
	base::span<const uint8_t> encrypted_private_key_info) {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);

	CBS cbs;
	CBS_init(&cbs, encrypted_private_key_info.data(),
	encrypted_private_key_info.size());
	bssl::UniquePtr<EVP_PKEY> pkey(
	PKCS8_parse_encrypted_private_key(&cbs, "", 0));

	// Hack for reading keys generated by an older version of the OpenSSL code.
	// Some implementations encode the empty password as "\0\0" (passwords are
	// normally encoded in big-endian UCS-2 with a NUL terminator) and some
	// encode as the empty string. PKCS8_parse_encrypted_private_key
	// distinguishes the two by whether the password is nullptr.
	if (!pkey) {
	CBS_init(&cbs, encrypted_private_key_info.data(),
	encrypted_private_key_info.size());
	pkey.reset(PKCS8_parse_encrypted_private_key(&cbs, nullptr, 0));
	}

	if (!pkey \|\| CBS_len(&cbs) != 0 \|\| EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
	return nullptr;

	std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
	result->key_ = std::move(pkey);
	return result;
	}

	std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const {
	std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey());
	copy->key_ = bssl::UpRef(key_);
	return copy;
	}

	bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);
	uint8_t* der;
	size_t der_len;
	bssl::ScopedCBB cbb;
	if (!CBB_init(cbb.get(), 0) \|\|
	!EVP_marshal_private_key(cbb.get(), key_.get()) \|\|
	!CBB_finish(cbb.get(), &der, &der_len)) {
	return false;
	}
	output->assign(der, der + der_len);
	OPENSSL_free(der);
	return true;
	}

	bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);
	uint8_t* der;
	size_t der_len;
	bssl::ScopedCBB cbb;
	if (!CBB_init(cbb.get(), 0) \|\|
	!EVP_marshal_public_key(cbb.get(), key_.get()) \|\|
	!CBB_finish(cbb.get(), &der, &der_len)) {
	return false;
	}
	output->assign(der, der + der_len);
	OPENSSL_free(der);
	return true;
	}

	bool ECPrivateKey::ExportRawPublicKey(std::string* output) const {
	OpenSSLErrStackTracer err_tracer(FROM_HERE);

	std::array<uint8_t, 65> buf;
	EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_.get());
	if (!EC_POINT_point2oct(EC_KEY_get0_group(ec_key),
	EC_KEY_get0_public_key(ec_key),
	POINT_CONVERSION_UNCOMPRESSED, buf.data(), buf.size(),
	/ctx=/nullptr)) {
	return false;
	}

	output->assign(buf.begin(), buf.end());
	return true;
	}

	ECPrivateKey::ECPrivateKey() = default;

	} // namespace crypto