1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/rsa_private_key.h"
7 #include <openssl/evp.h>
8 #include <openssl/pkcs12.h>
9 #include <openssl/rsa.h>
11 #include "base/logging.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "crypto/openssl_util.h"
19 // Function pointer definition, for injecting the required key export function
20 // into ExportKey, below. The supplied function should export EVP_PKEY into
21 // the supplied BIO, returning 1 on success or 0 on failure.
22 typedef int (ExportFunction
)(BIO
*, EVP_PKEY
*);
24 // Helper to export |key| into |output| via the specified ExportFunction.
25 bool ExportKey(EVP_PKEY
* key
,
26 ExportFunction export_fn
,
27 std::vector
<uint8
>* output
) {
31 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
32 ScopedOpenSSL
<BIO
, BIO_free_all
> bio(BIO_new(BIO_s_mem()));
34 int res
= export_fn(bio
.get(), key
);
39 long len
= BIO_get_mem_data(bio
.get(), &data
);
43 output
->assign(data
, data
+ len
);
50 RSAPrivateKey
* RSAPrivateKey::Create(uint16 num_bits
) {
51 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
53 ScopedOpenSSL
<RSA
, RSA_free
> rsa_key(RSA_new());
54 ScopedOpenSSL
<BIGNUM
, BN_free
> bn(BN_new());
55 if (!rsa_key
.get() || !bn
.get() || !BN_set_word(bn
.get(), 65537L))
58 if (!RSA_generate_key_ex(rsa_key
.get(), num_bits
, bn
.get(), NULL
))
61 scoped_ptr
<RSAPrivateKey
> result(new RSAPrivateKey
);
62 result
->key_
= EVP_PKEY_new();
63 if (!result
->key_
|| !EVP_PKEY_set1_RSA(result
->key_
, rsa_key
.get()))
66 return result
.release();
70 RSAPrivateKey
* RSAPrivateKey::CreateSensitive(uint16 num_bits
) {
76 RSAPrivateKey
* RSAPrivateKey::CreateFromPrivateKeyInfo(
77 const std::vector
<uint8
>& input
) {
81 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
82 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.
83 char* data
= reinterpret_cast<char*>(const_cast<uint8
*>(&input
[0]));
84 ScopedOpenSSL
<BIO
, BIO_free_all
> bio(BIO_new_mem_buf(data
, input
.size()));
88 // Importing is a little more involved than exporting, as we must first
89 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key
90 // Info structure returned.
91 ScopedOpenSSL
<PKCS8_PRIV_KEY_INFO
, PKCS8_PRIV_KEY_INFO_free
> p8inf(
92 d2i_PKCS8_PRIV_KEY_INFO_bio(bio
.get(), NULL
));
96 scoped_ptr
<RSAPrivateKey
> result(new RSAPrivateKey
);
97 result
->key_
= EVP_PKCS82PKEY(p8inf
.get());
101 return result
.release();
105 RSAPrivateKey
* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(
106 const std::vector
<uint8
>& input
) {
112 RSAPrivateKey
* RSAPrivateKey::FindFromPublicKeyInfo(
113 const std::vector
<uint8
>& input
) {
118 RSAPrivateKey::RSAPrivateKey()
122 RSAPrivateKey::~RSAPrivateKey() {
127 RSAPrivateKey
* RSAPrivateKey::Copy() const {
128 scoped_ptr
<RSAPrivateKey
> copy(new RSAPrivateKey());
129 RSA
* rsa
= EVP_PKEY_get1_RSA(key_
);
132 copy
->key_
= EVP_PKEY_new();
133 if (!EVP_PKEY_set1_RSA(copy
->key_
, rsa
))
135 return copy
.release();
138 bool RSAPrivateKey::ExportPrivateKey(std::vector
<uint8
>* output
) const {
139 return ExportKey(key_
, i2d_PKCS8PrivateKeyInfo_bio
, output
);
142 bool RSAPrivateKey::ExportPublicKey(std::vector
<uint8
>* output
) const {
143 return ExportKey(key_
, i2d_PUBKEY_bio
, output
);
146 } // namespace crypto