1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/rsa_private_key.h"
7 #include <openssl/evp.h>
8 #include <openssl/pkcs12.h>
9 #include <openssl/rsa.h>
11 #include "base/logging.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "crypto/openssl_util.h"
19 // Function pointer definition, for injecting the required key export function
20 // into ExportKey, below. The supplied function should export EVP_PKEY into
21 // the supplied BIO, returning 1 on success or 0 on failure.
22 typedef int (ExportFunction)(BIO*, EVP_PKEY*);
24 // Helper to export |key| into |output| via the specified ExportFunction.
25 bool ExportKey(EVP_PKEY* key,
26 ExportFunction export_fn,
27 std::vector<uint8>* output) {
31 OpenSSLErrStackTracer err_tracer(FROM_HERE);
32 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new(BIO_s_mem()));
34 int res = export_fn(bio.get(), key);
39 long len = BIO_get_mem_data(bio.get(), &data);
43 output->assign(data, data + len);
50 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
51 OpenSSLErrStackTracer err_tracer(FROM_HERE);
53 ScopedOpenSSL<RSA, RSA_free> rsa_key(RSA_new());
54 ScopedOpenSSL<BIGNUM, BN_free> bn(BN_new());
55 if (!rsa_key.get() || !bn.get() || !BN_set_word(bn.get(), 65537L))
58 if (!RSA_generate_key_ex(rsa_key.get(), num_bits, bn.get(), NULL))
61 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
62 result->key_ = EVP_PKEY_new();
63 if (!result->key_ || !EVP_PKEY_set1_RSA(result->key_, rsa_key.get()))
66 return result.release();
70 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
71 const std::vector<uint8>& input) {
75 OpenSSLErrStackTracer err_tracer(FROM_HERE);
76 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.
77 char* data = reinterpret_cast<char*>(const_cast<uint8*>(&input[0]));
78 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data, input.size()));
82 // Importing is a little more involved than exporting, as we must first
83 // PKCS#8 decode the input, and then import the EVP_PKEY from Private Key
84 // Info structure returned.
85 ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> p8inf(
86 d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL));
90 scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
91 result->key_ = EVP_PKCS82PKEY(p8inf.get());
95 return result.release();
98 RSAPrivateKey::RSAPrivateKey()
102 RSAPrivateKey::~RSAPrivateKey() {
107 RSAPrivateKey* RSAPrivateKey::Copy() const {
108 scoped_ptr<RSAPrivateKey> copy(new RSAPrivateKey());
109 RSA* rsa = EVP_PKEY_get1_RSA(key_);
112 copy->key_ = EVP_PKEY_new();
113 if (!EVP_PKEY_set1_RSA(copy->key_, rsa))
115 return copy.release();
118 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) const {
119 return ExportKey(key_, i2d_PKCS8PrivateKeyInfo_bio, output);
122 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) const {
123 return ExportKey(key_, i2d_PUBKEY_bio, output);
126 } // namespace crypto