remoting/base/rsa_key_pair.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "remoting/base/rsa_key_pair.h"
   6
   7 #include <limits>
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/base64.h"
  12 #include "base/logging.h"
  13 #include "base/rand_util.h"
  14 #include "base/time/time.h"
  15 #include "crypto/rsa_private_key.h"
  16 #include "crypto/signature_creator.h"
  17 #include "net/cert/x509_util.h"
  18
  19 namespace remoting {
  20
  21 RsaKeyPair::RsaKeyPair(scoped_ptr<crypto::RSAPrivateKey> key)
  22     : key_(key.Pass()){
  23   DCHECK(key_);
  24 }
  25
  26 RsaKeyPair::~RsaKeyPair() {}
  27
  28 //static
  29 scoped_refptr<RsaKeyPair> RsaKeyPair::Generate() {
  30   scoped_ptr<crypto::RSAPrivateKey> key(crypto::RSAPrivateKey::Create(2048));
  31   if (!key) {
  32     LOG(ERROR) << "Cannot generate private key.";
  33     return NULL;
  34   }
  35   return new RsaKeyPair(key.Pass());
  36 }
  37
  38 //static
  39 scoped_refptr<RsaKeyPair> RsaKeyPair::FromString(
  40     const std::string& key_base64) {
  41   std::string key_str;
  42   if (!base::Base64Decode(key_base64, &key_str)) {
  43     LOG(ERROR) << "Failed to decode private key.";
  44     return NULL;
  45   }
  46
  47   std::vector<uint8> key_buf(key_str.begin(), key_str.end());
  48   scoped_ptr<crypto::RSAPrivateKey> key(
  49       crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_buf));
  50   if (!key) {
  51     LOG(ERROR) << "Invalid private key.";
  52     return NULL;
  53   }
  54
  55   return new RsaKeyPair(key.Pass());
  56 }
  57
  58 std::string RsaKeyPair::ToString() const {
  59   // Check that the key initialized.
  60   DCHECK(key_.get() != NULL);
  61
  62   std::vector<uint8> key_buf;
  63   CHECK(key_->ExportPrivateKey(&key_buf));
  64   std::string key_str(key_buf.begin(), key_buf.end());
  65   std::string key_base64;
  66   base::Base64Encode(key_str, &key_base64);
  67   return key_base64;
  68 }
  69
  70 std::string RsaKeyPair::GetPublicKey() const {
  71   std::vector<uint8> public_key;
  72   CHECK(key_->ExportPublicKey(&public_key));
  73   std::string public_key_str(public_key.begin(), public_key.end());
  74   std::string public_key_base64;
  75   base::Base64Encode(public_key_str, &public_key_base64);
  76   return public_key_base64;
  77 }
  78
  79 std::string RsaKeyPair::SignMessage(const std::string& message) const {
  80   scoped_ptr<crypto::SignatureCreator> signature_creator(
  81       crypto::SignatureCreator::Create(key_.get(),
  82                                        crypto::SignatureCreator::SHA1));
  83   signature_creator->Update(reinterpret_cast<const uint8*>(message.c_str()),
  84                             message.length());
  85   std::vector<uint8> signature_buf;
  86   signature_creator->Final(&signature_buf);
  87   std::string signature_str(signature_buf.begin(), signature_buf.end());
  88   std::string signature_base64;
  89   base::Base64Encode(signature_str, &signature_base64);
  90   return signature_base64;
  91 }
  92
  93 std::string RsaKeyPair::GenerateCertificate() const {
  94   std::string der_cert;
  95   // Certificates are SHA1-signed because |key_| has likely been used to sign
  96   // with SHA1 previously, and you should not re-use a key for signing data with
  97   // multiple signature algorithms.
  98   net::x509_util::CreateSelfSignedCert(
  99       key_.get(),
 100       net::x509_util::DIGEST_SHA1,
 101       "CN=chromoting",
 102       base::RandInt(1, std::numeric_limits<int>::max()),
 103       base::Time::Now(),
 104       base::Time::Now() + base::TimeDelta::FromDays(1),
 105       &der_cert);
 106   return der_cert;
 107 }
 108
 109 }  // namespace remoting