Enable lock even when no password hash is present.
[chromium-blink-merge.git] / crypto / rsa_private_key_openssl.cc
blob8dcde61628f58b6f83859959c5d933b9c5ae1731
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/rsa_private_key.h"
7 #include <openssl/bio.h>
8 #include <openssl/bn.h>
9 #include <openssl/evp.h>
10 #include <openssl/pkcs12.h>
11 #include <openssl/rsa.h>
13 #include "base/logging.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "crypto/openssl_util.h"
16 #include "crypto/scoped_openssl_types.h"
18 namespace crypto {
20 namespace {
22 // Function pointer definition, for injecting the required key export function
23 // into ExportKey, below. The supplied function should export EVP_PKEY into
24 // the supplied BIO, returning 1 on success or 0 on failure.
25 typedef int (ExportFunction)(BIO*, EVP_PKEY*);
27 // Helper to export |key| into |output| via the specified ExportFunction.
28 bool ExportKey(EVP_PKEY* key,
29 ExportFunction export_fn,
30 std::vector<uint8>* output) {
31 if (!key)
32 return false;
34 OpenSSLErrStackTracer err_tracer(FROM_HERE);
35 ScopedBIO bio(BIO_new(BIO_s_mem()));
37 int res = export_fn(bio.get(), key);
38 if (!res)
39 return false;
41 char* data = NULL;
42 long len = BIO_get_mem_data(bio.get(), &data);
43 if (!data || len < 0)
44 return false;
46 output->assign(data, data + len);
47 return true;
50 } // namespace
52 // static
53 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
54 OpenSSLErrStackTracer err_tracer(FROM_HERE);
56 ScopedRSA rsa_key(RSA_new());
57 ScopedBIGNUM bn(BN_new());
58 if (!rsa_key.get() || !bn.get() || !BN_set_word(bn.get(), 65537L))
59 return NULL;
61 if (!RSA_generate_key_ex(rsa_key.get(), num_bits, bn.get(), NULL))
62 return NULL;
64 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
65 result->key_ = EVP_PKEY_new();
66 if (!result->key_ || !EVP_PKEY_set1_RSA(result->key_, rsa_key.get()))
67 return NULL;
69 return result.release();
72 // static
73 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
74 const std::vector<uint8>& input) {
75 if (input.empty())
76 return NULL;
78 OpenSSLErrStackTracer err_tracer(FROM_HERE);
79 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.
80 char* data = reinterpret_cast<char*>(const_cast<uint8*>(&input[0]));
81 ScopedBIO bio(BIO_new_mem_buf(data, input.size()));
82 if (!bio.get())
83 return NULL;
85 // Importing is a little more involved than exporting, as we must first
86 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key
87 // Info structure returned.
88 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>::Type p8inf(
89 d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL));
90 if (!p8inf.get())
91 return NULL;
93 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
94 result->key_ = EVP_PKCS82PKEY(p8inf.get());
95 if (!result->key_)
96 return NULL;
98 return result.release();
101 RSAPrivateKey::RSAPrivateKey()
102 : key_(NULL) {
105 RSAPrivateKey::~RSAPrivateKey() {
106 if (key_)
107 EVP_PKEY_free(key_);
110 RSAPrivateKey* RSAPrivateKey::Copy() const {
111 scoped_ptr<RSAPrivateKey> copy(new RSAPrivateKey());
112 ScopedRSA rsa(EVP_PKEY_get1_RSA(key_));
113 if (!rsa)
114 return NULL;
115 copy->key_ = EVP_PKEY_new();
116 if (!EVP_PKEY_set1_RSA(copy->key_, rsa.get()))
117 return NULL;
118 return copy.release();
121 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const {
122 return ExportKey(key_, i2d_PKCS8PrivateKeyInfo_bio, output);
125 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) const {
126 return ExportKey(key_, i2d_PUBKEY_bio, output);
129 } // namespace crypto