1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/rsa_private_key.h"
7 #include <openssl/bio.h>
8 #include <openssl/bn.h>
9 #include <openssl/evp.h>
10 #include <openssl/pkcs12.h>
11 #include <openssl/rsa.h>
13 #include "base/logging.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "crypto/openssl_util.h"
16 #include "crypto/scoped_openssl_types.h"
22 // Function pointer definition, for injecting the required key export function
23 // into ExportKey, below. The supplied function should export EVP_PKEY into
24 // the supplied BIO, returning 1 on success or 0 on failure.
25 typedef int (ExportFunction
)(BIO
*, EVP_PKEY
*);
27 // Helper to export |key| into |output| via the specified ExportFunction.
28 bool ExportKey(EVP_PKEY
* key
,
29 ExportFunction export_fn
,
30 std::vector
<uint8
>* output
) {
34 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
35 ScopedBIO
bio(BIO_new(BIO_s_mem()));
37 int res
= export_fn(bio
.get(), key
);
42 long len
= BIO_get_mem_data(bio
.get(), &data
);
46 output
->assign(data
, data
+ len
);
53 RSAPrivateKey
* RSAPrivateKey::Create(uint16 num_bits
) {
54 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
56 ScopedRSA
rsa_key(RSA_new());
57 ScopedBIGNUM
bn(BN_new());
58 if (!rsa_key
.get() || !bn
.get() || !BN_set_word(bn
.get(), 65537L))
61 if (!RSA_generate_key_ex(rsa_key
.get(), num_bits
, bn
.get(), NULL
))
64 scoped_ptr
<RSAPrivateKey
> result(new RSAPrivateKey
);
65 result
->key_
= EVP_PKEY_new();
66 if (!result
->key_
|| !EVP_PKEY_set1_RSA(result
->key_
, rsa_key
.get()))
69 return result
.release();
73 RSAPrivateKey
* RSAPrivateKey::CreateFromPrivateKeyInfo(
74 const std::vector
<uint8
>& input
) {
78 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
79 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.
80 char* data
= reinterpret_cast<char*>(const_cast<uint8
*>(&input
[0]));
81 ScopedBIO
bio(BIO_new_mem_buf(data
, input
.size()));
85 // Importing is a little more involved than exporting, as we must first
86 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key
87 // Info structure returned.
88 ScopedOpenSSL
<PKCS8_PRIV_KEY_INFO
, PKCS8_PRIV_KEY_INFO_free
>::Type
p8inf(
89 d2i_PKCS8_PRIV_KEY_INFO_bio(bio
.get(), NULL
));
93 scoped_ptr
<RSAPrivateKey
> result(new RSAPrivateKey
);
94 result
->key_
= EVP_PKCS82PKEY(p8inf
.get());
98 return result
.release();
101 RSAPrivateKey::RSAPrivateKey()
105 RSAPrivateKey::~RSAPrivateKey() {
110 RSAPrivateKey
* RSAPrivateKey::Copy() const {
111 scoped_ptr
<RSAPrivateKey
> copy(new RSAPrivateKey());
112 ScopedRSA
rsa(EVP_PKEY_get1_RSA(key_
));
115 copy
->key_
= EVP_PKEY_new();
116 if (!EVP_PKEY_set1_RSA(copy
->key_
, rsa
.get()))
118 return copy
.release();
121 bool RSAPrivateKey::ExportPrivateKey(std::vector
<uint8
>* output
) const {
122 return ExportKey(key_
, i2d_PKCS8PrivateKeyInfo_bio
, output
);
125 bool RSAPrivateKey::ExportPublicKey(std::vector
<uint8
>* output
) const {
126 return ExportKey(key_
, i2d_PUBKEY_bio
, output
);
129 } // namespace crypto