1 // Copyright 2023 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/unexportable_key.h"
7 #include "base/check.h"
8 #include "crypto/sha2.h"
9 #include "crypto/signature_verifier.h"
10 #include "third_party/boringssl/src/include/openssl/bytestring.h"
11 #include "third_party/boringssl/src/include/openssl/ec.h"
12 #include "third_party/boringssl/src/include/openssl/ec_key.h"
13 #include "third_party/boringssl/src/include/openssl/ecdsa.h"
14 #include "third_party/boringssl/src/include/openssl/evp.h"
15 #include "third_party/boringssl/src/include/openssl/obj.h"
21 std::vector<uint8_t> CBBToVector(const CBB* cbb) {
22 return std::vector<uint8_t>(CBB_data(cbb), CBB_data(cbb) + CBB_len(cbb));
25 class SoftwareECDSA : public UnexportableSigningKey {
27 explicit SoftwareECDSA(bssl::UniquePtr<EC_KEY> key) : key_(std::move(key)) {}
28 ~SoftwareECDSA() override = default;
30 SignatureVerifier::SignatureAlgorithm Algorithm() const override {
31 return SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256;
34 std::vector<uint8_t> GetSubjectPublicKeyInfo() const override {
35 bssl::UniquePtr<EVP_PKEY> pkey(EVP_PKEY_new());
36 CHECK(EVP_PKEY_set1_EC_KEY(pkey.get(), key_.get()));
39 CHECK(CBB_init(cbb.get(), /*initial_capacity=*/128) &&
40 EVP_marshal_public_key(cbb.get(), pkey.get()));
41 return CBBToVector(cbb.get());
44 std::vector<uint8_t> GetWrappedKey() const override {
47 CBB_init(cbb.get(), /*initial_capacity=*/128) &&
48 EC_KEY_marshal_private_key(cbb.get(), key_.get(),
49 EC_PKEY_NO_PARAMETERS | EC_PKEY_NO_PUBKEY));
50 return CBBToVector(cbb.get());
53 absl::optional<std::vector<uint8_t>> SignSlowly(
54 base::span<const uint8_t> data) override {
55 std::vector<uint8_t> ret(ECDSA_size(key_.get()));
56 std::array<uint8_t, kSHA256Length> digest = SHA256Hash(data);
57 unsigned int ret_size;
58 CHECK(ECDSA_sign(0, digest.data(), digest.size(), ret.data(), &ret_size,
65 bssl::UniquePtr<EC_KEY> key_;
68 class SoftwareProvider : public UnexportableKeyProvider {
70 ~SoftwareProvider() override = default;
72 absl::optional<SignatureVerifier::SignatureAlgorithm> SelectAlgorithm(
73 base::span<const SignatureVerifier::SignatureAlgorithm>
74 acceptable_algorithms) override {
75 for (auto algo : acceptable_algorithms) {
76 if (algo == SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256) {
84 std::unique_ptr<UnexportableSigningKey> GenerateSigningKeySlowly(
85 base::span<const SignatureVerifier::SignatureAlgorithm>
86 acceptable_algorithms) override {
87 if (!SelectAlgorithm(acceptable_algorithms)) {
91 bssl::UniquePtr<EC_KEY> key(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
92 CHECK(EC_KEY_generate_key(key.get()));
94 return std::make_unique<SoftwareECDSA>(std::move(key));
97 std::unique_ptr<UnexportableSigningKey> FromWrappedSigningKeySlowly(
98 base::span<const uint8_t> wrapped_key) override {
99 bssl::UniquePtr<EC_GROUP> p256(
100 EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
102 CBS_init(&cbs, wrapped_key.data(), wrapped_key.size());
103 bssl::UniquePtr<EC_KEY> key(EC_KEY_parse_private_key(&cbs, p256.get()));
104 if (!key || CBS_len(&cbs) != 0) {
107 return std::make_unique<SoftwareECDSA>(std::move(key));
113 std::unique_ptr<UnexportableKeyProvider>
114 GetSoftwareUnsecureUnexportableKeyProvider() {
115 return std::make_unique<SoftwareProvider>();
118 } // namespace crypto