1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/ec_private_key.h"
12 #include "base/check_op.h"
13 #if BUILDFLAG(IS_TIZEN_TV)
14 #include "base/logging.h"
16 #include "crypto/openssl_util.h"
17 #include "third_party/boringssl/src/include/openssl/bytestring.h"
18 #include "third_party/boringssl/src/include/openssl/ec.h"
19 #include "third_party/boringssl/src/include/openssl/ec_key.h"
20 #include "third_party/boringssl/src/include/openssl/evp.h"
21 #include "third_party/boringssl/src/include/openssl/mem.h"
22 #include "third_party/boringssl/src/include/openssl/pkcs8.h"
23 #if BUILDFLAG(IS_TIZEN_TV)
24 #include "third_party/boringssl/src/include/openssl/pem.h"
28 ECPrivateKey::~ECPrivateKey() = default;
31 std::unique_ptr<ECPrivateKey> ECPrivateKey::Create() {
32 OpenSSLErrStackTracer err_tracer(FROM_HERE);
34 bssl::UniquePtr<EC_KEY> ec_key(
35 EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
36 if (!ec_key || !EC_KEY_generate_key(ec_key.get()))
39 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
40 result->key_.reset(EVP_PKEY_new());
41 if (!result->key_ || !EVP_PKEY_set1_EC_KEY(result->key_.get(), ec_key.get()))
44 CHECK_EQ(EVP_PKEY_EC, EVP_PKEY_id(result->key_.get()));
49 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromPrivateKeyInfo(
50 base::span<const uint8_t> input) {
51 OpenSSLErrStackTracer err_tracer(FROM_HERE);
54 CBS_init(&cbs, input.data(), input.size());
55 bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
56 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
59 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
60 result->key_ = std::move(pkey);
65 std::unique_ptr<ECPrivateKey> ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
66 base::span<const uint8_t> encrypted_private_key_info) {
67 OpenSSLErrStackTracer err_tracer(FROM_HERE);
70 CBS_init(&cbs, encrypted_private_key_info.data(),
71 encrypted_private_key_info.size());
72 bssl::UniquePtr<EVP_PKEY> pkey(
73 PKCS8_parse_encrypted_private_key(&cbs, "", 0));
75 // Hack for reading keys generated by an older version of the OpenSSL code.
76 // Some implementations encode the empty password as "\0\0" (passwords are
77 // normally encoded in big-endian UCS-2 with a NUL terminator) and some
78 // encode as the empty string. PKCS8_parse_encrypted_private_key
79 // distinguishes the two by whether the password is nullptr.
81 CBS_init(&cbs, encrypted_private_key_info.data(),
82 encrypted_private_key_info.size());
83 pkey.reset(PKCS8_parse_encrypted_private_key(&cbs, nullptr, 0));
86 if (!pkey || CBS_len(&cbs) != 0 || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC)
89 std::unique_ptr<ECPrivateKey> result(new ECPrivateKey());
90 result->key_ = std::move(pkey);
94 std::unique_ptr<ECPrivateKey> ECPrivateKey::Copy() const {
95 std::unique_ptr<ECPrivateKey> copy(new ECPrivateKey());
96 copy->key_ = bssl::UpRef(key_);
100 bool ECPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
101 OpenSSLErrStackTracer err_tracer(FROM_HERE);
105 if (!CBB_init(cbb.get(), 0) ||
106 !EVP_marshal_private_key(cbb.get(), key_.get()) ||
107 !CBB_finish(cbb.get(), &der, &der_len)) {
110 output->assign(der, der + der_len);
115 bool ECPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
116 OpenSSLErrStackTracer err_tracer(FROM_HERE);
120 if (!CBB_init(cbb.get(), 0) ||
121 !EVP_marshal_public_key(cbb.get(), key_.get()) ||
122 !CBB_finish(cbb.get(), &der, &der_len)) {
125 output->assign(der, der + der_len);
130 bool ECPrivateKey::ExportRawPublicKey(std::string* output) const {
131 OpenSSLErrStackTracer err_tracer(FROM_HERE);
133 std::array<uint8_t, 65> buf;
134 EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(key_.get());
135 if (!EC_POINT_point2oct(EC_KEY_get0_group(ec_key),
136 EC_KEY_get0_public_key(ec_key),
137 POINT_CONVERSION_UNCOMPRESSED, buf.data(), buf.size(),
142 output->assign(buf.begin(), buf.end());
146 ECPrivateKey::ECPrivateKey() = default;
148 #if BUILDFLAG(IS_TIZEN_TV)
149 bool ECPrivateKey::ConvertPEMtoDERFromPrivateKey(const std::string& key_buffer,
150 std::vector<uint8_t>* output) {
151 bssl::UniquePtr<BIO> in(
152 BIO_new_mem_buf(const_cast<char*>(key_buffer.data()), key_buffer.size()));
154 LOG(ERROR) << "Can't create a memory BIO";
158 bssl::UniquePtr<BIO> out(BIO_new(BIO_s_mem()));
160 LOG(ERROR) << "BIO_new for converting a format of private key failed";
164 EVP_PKEY* pkey = PEM_read_bio_PrivateKey(in.get(), NULL, NULL, NULL);
166 LOG(ERROR) << "Can't load private key";
170 int ret = i2d_PKCS8PrivateKeyInfo_bio(out.get(), pkey);
173 LOG(ERROR) << "Can't convert a format of private key";
177 char* data = nullptr;
178 long len = BIO_get_mem_data(out.get(), &data);
180 if (!data || len < 0) {
181 LOG(ERROR) << "Can't get der data from BIO";
185 output->assign(data, data + len);
189 } // namespace crypto