1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CRYPTO_RSA_PRIVATE_KEY_H_ 6 #define CRYPTO_RSA_PRIVATE_KEY_H_ 7 8 #include <stddef.h> 9 #include <stdint.h> 10 11 #include <list> 12 #include <vector> 13 14 #include "base/macros.h" 15 #include "build/build_config.h" 16 #include "crypto/crypto_export.h" 17 18 #if defined(USE_OPENSSL) 19 // Forward declaration for openssl/*.h 20 typedef struct evp_pkey_st EVP_PKEY; 21 #else 22 // Forward declaration. 23 typedef struct PK11SlotInfoStr PK11SlotInfo; 24 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey; 25 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; 26 #endif 27 28 29 namespace crypto { 30 31 // Used internally by RSAPrivateKey for serializing and deserializing 32 // PKCS #8 PrivateKeyInfo and PublicKeyInfo. 33 class PrivateKeyInfoCodec { 34 public: 35 // ASN.1 encoding of the AlgorithmIdentifier from PKCS #8. 36 static const uint8_t kRsaAlgorithmIdentifier[]; 37 38 // ASN.1 tags for some types we use. 39 static const uint8_t kBitStringTag = 0x03; 40 static const uint8_t kIntegerTag = 0x02; 41 static const uint8_t kNullTag = 0x05; 42 static const uint8_t kOctetStringTag = 0x04; 43 static const uint8_t kSequenceTag = 0x30; 44 45 // |big_endian| here specifies the byte-significance of the integer components 46 // that will be parsed & serialized (modulus(), etc...) during Import(), 47 // Export() and ExportPublicKeyInfo() -- not the ASN.1 DER encoding of the 48 // PrivateKeyInfo/PublicKeyInfo (which is always big-endian). 49 explicit PrivateKeyInfoCodec(bool big_endian); 50 51 ~PrivateKeyInfoCodec(); 52 53 // Exports the contents of the integer components to the ASN.1 DER encoding 54 // of the PrivateKeyInfo structure to |output|. 55 bool Export(std::vector<uint8_t>* output); 56 57 // Exports the contents of the integer components to the ASN.1 DER encoding 58 // of the PublicKeyInfo structure to |output|. 59 bool ExportPublicKeyInfo(std::vector<uint8_t>* output); 60 61 // Exports the contents of the integer components to the ASN.1 DER encoding 62 // of the RSAPublicKey structure to |output|. 63 bool ExportPublicKey(std::vector<uint8_t>* output); 64 65 // Parses the ASN.1 DER encoding of the PrivateKeyInfo structure in |input| 66 // and populates the integer components with |big_endian_| byte-significance. 67 // IMPORTANT NOTE: This is currently *not* security-approved for importing 68 // keys from unstrusted sources. 69 bool Import(const std::vector<uint8_t>& input); 70 71 // Accessors to the contents of the integer components of the PrivateKeyInfo 72 // structure. modulus()73 std::vector<uint8_t>* modulus() { return &modulus_; } public_exponent()74 std::vector<uint8_t>* public_exponent() { return &public_exponent_; } private_exponent()75 std::vector<uint8_t>* private_exponent() { return &private_exponent_; } prime1()76 std::vector<uint8_t>* prime1() { return &prime1_; } prime2()77 std::vector<uint8_t>* prime2() { return &prime2_; } exponent1()78 std::vector<uint8_t>* exponent1() { return &exponent1_; } exponent2()79 std::vector<uint8_t>* exponent2() { return &exponent2_; } coefficient()80 std::vector<uint8_t>* coefficient() { return &coefficient_; } 81 82 private: 83 // Utility wrappers for PrependIntegerImpl that use the class's |big_endian_| 84 // value. 85 void PrependInteger(const std::vector<uint8_t>& in, std::list<uint8_t>* out); 86 void PrependInteger(uint8_t* val, int num_bytes, std::list<uint8_t>* data); 87 88 // Prepends the integer stored in |val| - |val + num_bytes| with |big_endian| 89 // byte-significance into |data| as an ASN.1 integer. 90 void PrependIntegerImpl(uint8_t* val, 91 int num_bytes, 92 std::list<uint8_t>* data, 93 bool big_endian); 94 95 // Utility wrappers for ReadIntegerImpl that use the class's |big_endian_| 96 // value. 97 bool ReadInteger(uint8_t** pos, uint8_t* end, std::vector<uint8_t>* out); 98 bool ReadIntegerWithExpectedSize(uint8_t** pos, 99 uint8_t* end, 100 size_t expected_size, 101 std::vector<uint8_t>* out); 102 103 // Reads an ASN.1 integer from |pos|, and stores the result into |out| with 104 // |big_endian| byte-significance. 105 bool ReadIntegerImpl(uint8_t** pos, 106 uint8_t* end, 107 std::vector<uint8_t>* out, 108 bool big_endian); 109 110 // Prepends the integer stored in |val|, starting a index |start|, for 111 // |num_bytes| bytes onto |data|. 112 void PrependBytes(uint8_t* val, 113 int start, 114 int num_bytes, 115 std::list<uint8_t>* data); 116 117 // Helper to prepend an ASN.1 length field. 118 void PrependLength(size_t size, std::list<uint8_t>* data); 119 120 // Helper to prepend an ASN.1 type header. 121 void PrependTypeHeaderAndLength(uint8_t type, 122 uint32_t length, 123 std::list<uint8_t>* output); 124 125 // Helper to prepend an ASN.1 bit string 126 void PrependBitString(uint8_t* val, 127 int num_bytes, 128 std::list<uint8_t>* output); 129 130 // Read an ASN.1 length field. This also checks that the length does not 131 // extend beyond |end|. 132 bool ReadLength(uint8_t** pos, uint8_t* end, uint32_t* result); 133 134 // Read an ASN.1 type header and its length. 135 bool ReadTypeHeaderAndLength(uint8_t** pos, 136 uint8_t* end, 137 uint8_t expected_tag, 138 uint32_t* length); 139 140 // Read an ASN.1 sequence declaration. This consumes the type header and 141 // length field, but not the contents of the sequence. 142 bool ReadSequence(uint8_t** pos, uint8_t* end); 143 144 // Read the RSA AlgorithmIdentifier. 145 bool ReadAlgorithmIdentifier(uint8_t** pos, uint8_t* end); 146 147 // Read one of the two version fields in PrivateKeyInfo. 148 bool ReadVersion(uint8_t** pos, uint8_t* end); 149 150 // The byte-significance of the stored components (modulus, etc..). 151 bool big_endian_; 152 153 // Component integers of the PrivateKeyInfo 154 std::vector<uint8_t> modulus_; 155 std::vector<uint8_t> public_exponent_; 156 std::vector<uint8_t> private_exponent_; 157 std::vector<uint8_t> prime1_; 158 std::vector<uint8_t> prime2_; 159 std::vector<uint8_t> exponent1_; 160 std::vector<uint8_t> exponent2_; 161 std::vector<uint8_t> coefficient_; 162 163 DISALLOW_COPY_AND_ASSIGN(PrivateKeyInfoCodec); 164 }; 165 166 // Encapsulates an RSA private key. Can be used to generate new keys, export 167 // keys to other formats, or to extract a public key. 168 // TODO(hclam): This class should be ref-counted so it can be reused easily. 169 class CRYPTO_EXPORT RSAPrivateKey { 170 public: 171 ~RSAPrivateKey(); 172 173 // Create a new random instance. Can return NULL if initialization fails. 174 static RSAPrivateKey* Create(uint16_t num_bits); 175 176 // Create a new instance by importing an existing private key. The format is 177 // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if 178 // initialization fails. 179 static RSAPrivateKey* CreateFromPrivateKeyInfo( 180 const std::vector<uint8_t>& input); 181 182 #if defined(USE_OPENSSL) 183 // Create a new instance from an existing EVP_PKEY, taking a 184 // reference to it. |key| must be an RSA key. Returns NULL on 185 // failure. 186 static RSAPrivateKey* CreateFromKey(EVP_PKEY* key); 187 #else 188 // Create a new instance by referencing an existing private key 189 // structure. Does not import the key. 190 static RSAPrivateKey* CreateFromKey(SECKEYPrivateKey* key); 191 #endif 192 193 #if defined(USE_OPENSSL) key()194 EVP_PKEY* key() { return key_; } 195 #else key()196 SECKEYPrivateKey* key() { return key_; } public_key()197 SECKEYPublicKey* public_key() { return public_key_; } 198 #endif 199 200 // Creates a copy of the object. 201 RSAPrivateKey* Copy() const; 202 203 // Exports the private key to a PKCS #1 PrivateKey block. 204 bool ExportPrivateKey(std::vector<uint8_t>* output) const; 205 206 // Exports the public key to an X509 SubjectPublicKeyInfo block. 207 bool ExportPublicKey(std::vector<uint8_t>* output) const; 208 209 private: 210 // Constructor is private. Use one of the Create*() methods above instead. 211 RSAPrivateKey(); 212 213 #if defined(USE_OPENSSL) 214 EVP_PKEY* key_; 215 #else 216 SECKEYPrivateKey* key_; 217 SECKEYPublicKey* public_key_; 218 #endif 219 220 DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey); 221 }; 222 223 } // namespace crypto 224 225 #endif // CRYPTO_RSA_PRIVATE_KEY_H_ 226