// Copyright 2019 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "util/crypto/rsa_private_key.h" #include #include #include #include #include "openssl/bn.h" #include "openssl/bytestring.h" #include "openssl/evp.h" #include "openssl/mem.h" #include "openssl/rsa.h" #include "util/crypto/openssl_util.h" #include "util/osp_logging.h" namespace openscreen { RSAPrivateKey::~RSAPrivateKey() = default; // static ErrorOr RSAPrivateKey::Create(uint16_t num_bits) { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); bssl::UniquePtr rsa_key(RSA_new()); bssl::UniquePtr exponent(BN_new()); if (!rsa_key.get() || !exponent.get() || !BN_set_word(exponent.get(), 65537L) || !RSA_generate_key_ex(rsa_key.get(), num_bits, exponent.get(), nullptr)) { return Error::Code::kRSAKeyGenerationFailure; } RSAPrivateKey result; result.key_.reset(EVP_PKEY_new()); if (!result.key_ || !EVP_PKEY_set1_RSA(result.key_.get(), rsa_key.get())) { return Error::Code::kEVPInitializationError; } return result; } // static ErrorOr RSAPrivateKey::CreateFromPrivateKeyInfo( const std::vector& input) { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); CBS private_key_cbs; CBS_init(&private_key_cbs, input.data(), input.size()); bssl::UniquePtr private_key( EVP_parse_private_key(&private_key_cbs)); if (!private_key || CBS_len(&private_key_cbs) != 0 || EVP_PKEY_id(private_key.get()) != EVP_PKEY_RSA) { return Error::Code::kEVPInitializationError; } RSAPrivateKey result; result.key_ = std::move(private_key); return result; } // static ErrorOr RSAPrivateKey::CreateFromKey(EVP_PKEY* key) { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); OSP_DCHECK(key); if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA) { return Error::Code::kEVPInitializationError; } RSAPrivateKey result; result.key_ = bssl::UpRef(key); return result; } ErrorOr RSAPrivateKey::Copy() const { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); RSAPrivateKey result; bssl::UniquePtr rsa(EVP_PKEY_get1_RSA(key_.get())); if (!rsa) { return Error::Code::kEVPInitializationError; } result.key_.reset(EVP_PKEY_new()); if (!EVP_PKEY_set1_RSA(result.key_.get(), rsa.get())) { return Error::Code::kEVPInitializationError; } return result; } ErrorOr> RSAPrivateKey::ExportPrivateKey() const { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); uint8_t* der; size_t der_len; bssl::ScopedCBB cbb; if (!CBB_init(cbb.get(), 0) || !EVP_marshal_private_key(cbb.get(), key_.get()) || !CBB_finish(cbb.get(), &der, &der_len)) { return Error::Code::kParseError; } std::vector output(der, der + der_len); // The temporary buffer has to be freed after we properly copy out data. OPENSSL_free(der); return output; } ErrorOr> RSAPrivateKey::ExportPublicKey() const { OpenSSLErrStackTracer err_tracer(CURRENT_LOCATION); uint8_t* der; size_t der_len; bssl::ScopedCBB cbb; if (!CBB_init(cbb.get(), 0) || !EVP_marshal_public_key(cbb.get(), key_.get()) || !CBB_finish(cbb.get(), &der, &der_len)) { return Error::Code::kParseError; } std::vector output(der, der + der_len); // The temporary buffer has to be freed after we properly copy out data. OPENSSL_free(der); return output; } RSAPrivateKey::RSAPrivateKey() = default; } // namespace openscreen