crypto/rsa_private_key_nss.cc - platform/external/libchrome - Gitiles

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "crypto/rsa_private_key.h"

 #include <cryptohi.h>
 #include <keyhi.h>
 #include <pk11pub.h>
 #include <stdint.h>

 #include <list>

 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string_util.h"
 #include "crypto/nss_key_util.h"
 #include "crypto/nss_util.h"
 #include "crypto/scoped_nss_types.h"

 // TODO(rafaelw): Consider using NSS's ASN.1 encoder.
 namespace {

 static bool ReadAttribute(SECKEYPrivateKey* key,
                           CK_ATTRIBUTE_TYPE type,
                           std::vector<uint8_t>* output) {
   SECItem item;
   SECStatus rv;
   rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item);
   if (rv != SECSuccess) {
     NOTREACHED();
     return false;
   }

   output->assign(item.data, item.data + item.len);
   SECITEM_FreeItem(&item, PR_FALSE);
   return true;
 }

 }  // namespace

 namespace crypto {

 RSAPrivateKey::~RSAPrivateKey() {
   if (key_)
     SECKEY_DestroyPrivateKey(key_);
   if (public_key_)
     SECKEY_DestroyPublicKey(public_key_);
 }

 // static
 RSAPrivateKey* RSAPrivateKey::Create(uint16_t num_bits) {
   EnsureNSSInit();

   ScopedPK11Slot slot(PK11_GetInternalSlot());
   if (!slot) {
     NOTREACHED();
     return nullptr;
   }

   ScopedSECKEYPublicKey public_key;
   ScopedSECKEYPrivateKey private_key;
   if (!GenerateRSAKeyPairNSS(slot.get(), num_bits, false /* not permanent */,
                              &public_key, &private_key)) {
     return nullptr;
   }

   RSAPrivateKey* rsa_key = new RSAPrivateKey;
   rsa_key->public_key_ = public_key.release();
   rsa_key->key_ = private_key.release();
   return rsa_key;
 }

 // static
 RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
     const std::vector<uint8_t>& input) {
   EnsureNSSInit();

   ScopedPK11Slot slot(PK11_GetInternalSlot());
   if (!slot) {
     NOTREACHED();
     return nullptr;
   }
   ScopedSECKEYPrivateKey key(ImportNSSKeyFromPrivateKeyInfo(
       slot.get(), input, false /* not permanent */));
   if (!key || SECKEY_GetPrivateKeyType(key.get()) != rsaKey)
     return nullptr;
   return RSAPrivateKey::CreateFromKey(key.get());
 }

 // static
 RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) {
   DCHECK(key);
   if (SECKEY_GetPrivateKeyType(key) != rsaKey)
     return NULL;
   RSAPrivateKey* copy = new RSAPrivateKey();
   copy->key_ = SECKEY_CopyPrivateKey(key);
   copy->public_key_ = SECKEY_ConvertToPublicKey(key);
   if (!copy->key_ || !copy->public_key_) {
     NOTREACHED();
     delete copy;
     return NULL;
   }
   return copy;
 }

 RSAPrivateKey* RSAPrivateKey::Copy() const {
   RSAPrivateKey* copy = new RSAPrivateKey();
   copy->key_ = SECKEY_CopyPrivateKey(key_);
   copy->public_key_ = SECKEY_CopyPublicKey(public_key_);
   return copy;
 }

 bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
   PrivateKeyInfoCodec private_key_info(true);

   // Manually read the component attributes of the private key and build up
   // the PrivateKeyInfo.
   if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) ||
       !ReadAttribute(key_, CKA_PUBLIC_EXPONENT,
           private_key_info.public_exponent()) ||
       !ReadAttribute(key_, CKA_PRIVATE_EXPONENT,
           private_key_info.private_exponent()) ||
       !ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) ||
       !ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) ||
       !ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) ||
       !ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) ||
       !ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) {
     NOTREACHED();
     return false;
   }

   return private_key_info.Export(output);
 }

 bool RSAPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
   ScopedSECItem der_pubkey(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_));
   if (!der_pubkey.get()) {
     NOTREACHED();
     return false;
   }

   output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len);
   return true;
 }

 RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) {
   EnsureNSSInit();
 }

 }  // namespace crypto
	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "crypto/rsa_private_key.h"

	#include <cryptohi.h>
	#include <keyhi.h>
	#include <pk11pub.h>
	#include <stdint.h>

	#include <list>

	#include "base/logging.h"
	#include "base/memory/scoped_ptr.h"
	#include "base/strings/string_util.h"
	#include "crypto/nss_key_util.h"
	#include "crypto/nss_util.h"
	#include "crypto/scoped_nss_types.h"

	// TODO(rafaelw): Consider using NSS's ASN.1 encoder.
	namespace {

	static bool ReadAttribute(SECKEYPrivateKey* key,
	CK_ATTRIBUTE_TYPE type,
	std::vector<uint8_t>* output) {
	SECItem item;
	SECStatus rv;
	rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item);
	if (rv != SECSuccess) {
	NOTREACHED();
	return false;
	}

	output->assign(item.data, item.data + item.len);
	SECITEM_FreeItem(&item, PR_FALSE);
	return true;
	}

	} // namespace

	namespace crypto {

	RSAPrivateKey::~RSAPrivateKey() {
	if (key_)
	SECKEY_DestroyPrivateKey(key_);
	if (public_key_)
	SECKEY_DestroyPublicKey(public_key_);
	}

	// static
	RSAPrivateKey* RSAPrivateKey::Create(uint16_t num_bits) {
	EnsureNSSInit();

	ScopedPK11Slot slot(PK11_GetInternalSlot());
	if (!slot) {
	NOTREACHED();
	return nullptr;
	}

	ScopedSECKEYPublicKey public_key;
	ScopedSECKEYPrivateKey private_key;
	if (!GenerateRSAKeyPairNSS(slot.get(), num_bits, false /* not permanent */,
	&public_key, &private_key)) {
	return nullptr;
	}

	RSAPrivateKey* rsa_key = new RSAPrivateKey;
	rsa_key->public_key_ = public_key.release();
	rsa_key->key_ = private_key.release();
	return rsa_key;
	}

	// static
	RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
	const std::vector<uint8_t>& input) {
	EnsureNSSInit();

	ScopedPK11Slot slot(PK11_GetInternalSlot());
	if (!slot) {
	NOTREACHED();
	return nullptr;
	}
	ScopedSECKEYPrivateKey key(ImportNSSKeyFromPrivateKeyInfo(
	slot.get(), input, false /* not permanent */));
	if (!key \|\| SECKEY_GetPrivateKeyType(key.get()) != rsaKey)
	return nullptr;
	return RSAPrivateKey::CreateFromKey(key.get());
	}

	// static
	RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) {
	DCHECK(key);
	if (SECKEY_GetPrivateKeyType(key) != rsaKey)
	return NULL;
	RSAPrivateKey* copy = new RSAPrivateKey();
	copy->key_ = SECKEY_CopyPrivateKey(key);
	copy->public_key_ = SECKEY_ConvertToPublicKey(key);
	if (!copy->key_ \|\| !copy->public_key_) {
	NOTREACHED();
	delete copy;
	return NULL;
	}
	return copy;
	}

	RSAPrivateKey* RSAPrivateKey::Copy() const {
	RSAPrivateKey* copy = new RSAPrivateKey();
	copy->key_ = SECKEY_CopyPrivateKey(key_);
	copy->public_key_ = SECKEY_CopyPublicKey(public_key_);
	return copy;
	}

	bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8_t>* output) const {
	PrivateKeyInfoCodec private_key_info(true);

	// Manually read the component attributes of the private key and build up
	// the PrivateKeyInfo.
	if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) \|\|
	!ReadAttribute(key_, CKA_PUBLIC_EXPONENT,
	private_key_info.public_exponent()) \|\|
	!ReadAttribute(key_, CKA_PRIVATE_EXPONENT,
	private_key_info.private_exponent()) \|\|
	!ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) \|\|
	!ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) \|\|
	!ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) \|\|
	!ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) \|\|
	!ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) {
	NOTREACHED();
	return false;
	}

	return private_key_info.Export(output);
	}

	bool RSAPrivateKey::ExportPublicKey(std::vector<uint8_t>* output) const {
	ScopedSECItem der_pubkey(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_));
	if (!der_pubkey.get()) {
	NOTREACHED();
	return false;
	}

	output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len);
	return true;
	}

	RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) {
	EnsureNSSInit();
	}

	} // namespace crypto