crypto/ec_private_key_nss.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/ec_private_key.h"
   6
   7 extern "C" {
   8 // Work around NSS missing SEC_BEGIN_PROTOS in secmodt.h.  This must come before
   9 // other NSS headers.
  10 #include <secmodt.h>
  11 }
  12
  13 #include <cryptohi.h>
  14 #include <keyhi.h>
  15 #include <pk11pub.h>
  16 #include <secmod.h>
  17
  18 #include "base/lazy_instance.h"
  19 #include "base/logging.h"
  20 #include "base/memory/scoped_ptr.h"
  21 #include "crypto/nss_util.h"
  22 #include "crypto/nss_util_internal.h"
  23 #include "crypto/scoped_nss_types.h"
  24 #include "crypto/third_party/nss/chromium-nss.h"
  25
  26 namespace {
  27
  28 PK11SlotInfo* GetTempKeySlot() {
  29   return PK11_GetInternalSlot();
  30 }
  31
  32 class EllipticCurveSupportChecker {
  33  public:
  34   EllipticCurveSupportChecker() {
  35     // NOTE: we can do this check here only because we use the NSS internal
  36     // slot.  If we support other slots in the future, checking whether they
  37     // support ECDSA may block NSS, and the value may also change as devices are
  38     // inserted/removed, so we would need to re-check on every use.
  39     crypto::EnsureNSSInit();
  40     crypto::ScopedPK11Slot slot(GetTempKeySlot());
  41     supported_ = PK11_DoesMechanism(slot.get(), CKM_EC_KEY_PAIR_GEN) &&
  42         PK11_DoesMechanism(slot.get(), CKM_ECDSA);
  43   }
  44
  45   bool Supported() {
  46     return supported_;
  47   }
  48
  49  private:
  50   bool supported_;
  51 };
  52
  53 static base::LazyInstance<EllipticCurveSupportChecker>::Leaky
  54     g_elliptic_curve_supported = LAZY_INSTANCE_INITIALIZER;
  55
  56 // Copied from rsa_private_key_nss.cc.
  57 static bool ReadAttribute(SECKEYPrivateKey* key,
  58                           CK_ATTRIBUTE_TYPE type,
  59                           std::vector<uint8>* output) {
  60   SECItem item;
  61   SECStatus rv;
  62   rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item);
  63   if (rv != SECSuccess) {
  64     DLOG(ERROR) << "PK11_ReadRawAttribute: " << PORT_GetError();
  65     return false;
  66   }
  67
  68   output->assign(item.data, item.data + item.len);
  69   SECITEM_FreeItem(&item, PR_FALSE);
  70   return true;
  71 }
  72
  73 }  // namespace
  74
  75 namespace crypto {
  76
  77 ECPrivateKey::~ECPrivateKey() {
  78   if (key_)
  79     SECKEY_DestroyPrivateKey(key_);
  80   if (public_key_)
  81     SECKEY_DestroyPublicKey(public_key_);
  82 }
  83
  84 // static
  85 bool ECPrivateKey::IsSupported() {
  86   return g_elliptic_curve_supported.Get().Supported();
  87 }
  88
  89 // static
  90 ECPrivateKey* ECPrivateKey::Create() {
  91   EnsureNSSInit();
  92
  93   ScopedPK11Slot slot(GetTempKeySlot());
  94   return CreateWithParams(slot.get(),
  95                           false /* not permanent */,
  96                           false /* not sensitive */);
  97 }
  98
  99 #if defined(USE_NSS)
 100 // static
 101 ECPrivateKey* ECPrivateKey::CreateSensitive(PK11SlotInfo* slot) {
 102   return CreateWithParams(
 103       slot, true /* permanent */, true /* sensitive */);
 104 }
 105 #endif
 106
 107 // static
 108 ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
 109     const std::string& password,
 110     const std::vector<uint8>& encrypted_private_key_info,
 111     const std::vector<uint8>& subject_public_key_info) {
 112   EnsureNSSInit();
 113
 114   ScopedPK11Slot slot(GetTempKeySlot());
 115   return CreateFromEncryptedPrivateKeyInfoWithParams(
 116       slot.get(),
 117       password,
 118       encrypted_private_key_info,
 119       subject_public_key_info,
 120       false /* not permanent */,
 121       false /* not sensitive */);
 122 }
 123
 124 #if defined(USE_NSS)
 125 // static
 126 ECPrivateKey* ECPrivateKey::CreateSensitiveFromEncryptedPrivateKeyInfo(
 127     PK11SlotInfo* slot,
 128     const std::string& password,
 129     const std::vector<uint8>& encrypted_private_key_info,
 130     const std::vector<uint8>& subject_public_key_info) {
 131   return CreateFromEncryptedPrivateKeyInfoWithParams(
 132       slot,
 133       password,
 134       encrypted_private_key_info,
 135       subject_public_key_info,
 136       true /* permanent */,
 137       true /* sensitive */);
 138 }
 139 #endif
 140
 141 // static
 142 bool ECPrivateKey::ImportFromEncryptedPrivateKeyInfo(
 143     PK11SlotInfo* slot,
 144     const std::string& password,
 145     const uint8* encrypted_private_key_info,
 146     size_t encrypted_private_key_info_len,
 147     CERTSubjectPublicKeyInfo* decoded_spki,
 148     bool permanent,
 149     bool sensitive,
 150     SECKEYPrivateKey** key,
 151     SECKEYPublicKey** public_key) {
 152   if (!slot)
 153     return false;
 154
 155   *public_key = SECKEY_ExtractPublicKey(decoded_spki);
 156
 157   if (!*public_key) {
 158     DLOG(ERROR) << "SECKEY_ExtractPublicKey: " << PORT_GetError();
 159     return false;
 160   }
 161
 162   SECItem encoded_epki = {
 163     siBuffer,
 164     const_cast<unsigned char*>(encrypted_private_key_info),
 165     static_cast<unsigned>(encrypted_private_key_info_len)
 166   };
 167   SECKEYEncryptedPrivateKeyInfo epki;
 168   memset(&epki, 0, sizeof(epki));
 169
 170   ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
 171
 172   SECStatus rv = SEC_QuickDERDecodeItem(
 173       arena.get(),
 174       &epki,
 175       SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate),
 176       &encoded_epki);
 177   if (rv != SECSuccess) {
 178     DLOG(ERROR) << "SEC_QuickDERDecodeItem: " << PORT_GetError();
 179     SECKEY_DestroyPublicKey(*public_key);
 180     *public_key = NULL;
 181     return false;
 182   }
 183
 184   SECItem password_item = {
 185     siBuffer,
 186     reinterpret_cast<unsigned char*>(const_cast<char*>(password.data())),
 187     static_cast<unsigned>(password.size())
 188   };
 189
 190   rv = ImportEncryptedECPrivateKeyInfoAndReturnKey(
 191       slot,
 192       &epki,
 193       &password_item,
 194       NULL,  // nickname
 195       &(*public_key)->u.ec.publicValue,
 196       permanent,
 197       sensitive,
 198       key,
 199       NULL);  // wincx
 200   if (rv != SECSuccess) {
 201     DLOG(ERROR) << "ImportEncryptedECPrivateKeyInfoAndReturnKey: "
 202                 << PORT_GetError();
 203     SECKEY_DestroyPublicKey(*public_key);
 204     *public_key = NULL;
 205     return false;
 206   }
 207
 208   return true;
 209 }
 210
 211 bool ECPrivateKey::ExportEncryptedPrivateKey(
 212     const std::string& password,
 213     int iterations,
 214     std::vector<uint8>* output) {
 215   // We export as an EncryptedPrivateKeyInfo bundle instead of a plain PKCS #8
 216   // PrivateKeyInfo because PK11_ImportDERPrivateKeyInfoAndReturnKey doesn't
 217   // support EC keys.
 218   // https://bugzilla.mozilla.org/show_bug.cgi?id=327773
 219   SECItem password_item = {
 220     siBuffer,
 221     reinterpret_cast<unsigned char*>(const_cast<char*>(password.data())),
 222     static_cast<unsigned>(password.size())
 223   };
 224
 225   SECKEYEncryptedPrivateKeyInfo* encrypted = PK11_ExportEncryptedPrivKeyInfo(
 226       NULL, // Slot, optional.
 227       SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
 228       &password_item,
 229       key_,
 230       iterations,
 231       NULL); // wincx.
 232
 233   if (!encrypted) {
 234     DLOG(ERROR) << "PK11_ExportEncryptedPrivKeyInfo: " << PORT_GetError();
 235     return false;
 236   }
 237
 238   ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
 239   SECItem der_key = {siBuffer, NULL, 0};
 240   SECItem* encoded_item = SEC_ASN1EncodeItem(
 241       arena.get(),
 242       &der_key,
 243       encrypted,
 244       SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate));
 245   SECKEY_DestroyEncryptedPrivateKeyInfo(encrypted, PR_TRUE);
 246   if (!encoded_item) {
 247     DLOG(ERROR) << "SEC_ASN1EncodeItem: " << PORT_GetError();
 248     return false;
 249   }
 250
 251   output->assign(der_key.data, der_key.data + der_key.len);
 252
 253   return true;
 254 }
 255
 256 bool ECPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
 257   ScopedSECItem der_pubkey(
 258       SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_));
 259   if (!der_pubkey.get()) {
 260     return false;
 261   }
 262
 263   output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len);
 264   return true;
 265 }
 266
 267 bool ECPrivateKey::ExportValue(std::vector<uint8>* output) {
 268   return ReadAttribute(key_, CKA_VALUE, output);
 269 }
 270
 271 bool ECPrivateKey::ExportECParams(std::vector<uint8>* output) {
 272   return ReadAttribute(key_, CKA_EC_PARAMS, output);
 273 }
 274
 275 ECPrivateKey::ECPrivateKey() : key_(NULL), public_key_(NULL) {}
 276
 277 // static
 278 ECPrivateKey* ECPrivateKey::CreateWithParams(PK11SlotInfo* slot,
 279                                              bool permanent,
 280                                              bool sensitive) {
 281   if (!slot)
 282     return NULL;
 283
 284   scoped_ptr<ECPrivateKey> result(new ECPrivateKey);
 285
 286   SECOidData* oid_data = SECOID_FindOIDByTag(SEC_OID_SECG_EC_SECP256R1);
 287   if (!oid_data) {
 288     DLOG(ERROR) << "SECOID_FindOIDByTag: " << PORT_GetError();
 289     return NULL;
 290   }
 291
 292   // SECKEYECParams is a SECItem containing the DER encoded ASN.1 ECParameters
 293   // value.  For a named curve, that is just the OBJECT IDENTIFIER of the curve.
 294   // In addition to the oid data, the encoding requires one byte for the ASN.1
 295   // tag and one byte for the length (assuming the length is <= 127).
 296   DCHECK_LE(oid_data->oid.len, 127U);
 297   std::vector<unsigned char> parameters_buf(2 + oid_data->oid.len);
 298   SECKEYECParams ec_parameters = {
 299     siDEROID, &parameters_buf[0],
 300     static_cast<unsigned>(parameters_buf.size())
 301   };
 302
 303   ec_parameters.data[0] = SEC_ASN1_OBJECT_ID;
 304   ec_parameters.data[1] = oid_data->oid.len;
 305   memcpy(ec_parameters.data + 2, oid_data->oid.data, oid_data->oid.len);
 306
 307   result->key_ = PK11_GenerateKeyPair(slot,
 308                                       CKM_EC_KEY_PAIR_GEN,
 309                                       &ec_parameters,
 310                                       &result->public_key_,
 311                                       permanent,
 312                                       sensitive,
 313                                       NULL);
 314   if (!result->key_) {
 315     DLOG(ERROR) << "PK11_GenerateKeyPair: " << PORT_GetError();
 316     return NULL;
 317   }
 318
 319   return result.release();
 320 }
 321
 322 // static
 323 ECPrivateKey* ECPrivateKey::CreateFromEncryptedPrivateKeyInfoWithParams(
 324     PK11SlotInfo* slot,
 325     const std::string& password,
 326     const std::vector<uint8>& encrypted_private_key_info,
 327     const std::vector<uint8>& subject_public_key_info,
 328     bool permanent,
 329     bool sensitive) {
 330   scoped_ptr<ECPrivateKey> result(new ECPrivateKey);
 331
 332   SECItem encoded_spki = {
 333     siBuffer,
 334     const_cast<unsigned char*>(&subject_public_key_info[0]),
 335     static_cast<unsigned>(subject_public_key_info.size())
 336   };
 337   CERTSubjectPublicKeyInfo* decoded_spki = SECKEY_DecodeDERSubjectPublicKeyInfo(
 338       &encoded_spki);
 339   if (!decoded_spki) {
 340     DLOG(ERROR) << "SECKEY_DecodeDERSubjectPublicKeyInfo: " << PORT_GetError();
 341     return NULL;
 342   }
 343
 344   bool success = ImportFromEncryptedPrivateKeyInfo(
 345       slot,
 346       password,
 347       &encrypted_private_key_info[0],
 348       encrypted_private_key_info.size(),
 349       decoded_spki,
 350       permanent,
 351       sensitive,
 352       &result->key_,
 353       &result->public_key_);
 354
 355   SECKEY_DestroySubjectPublicKeyInfo(decoded_spki);
 356
 357   if (success)
 358     return result.release();
 359
 360   return NULL;
 361 }
 362
 363 }  // namespace crypto