Allow a crypto::RSAPrivateKey object to be wrapped round a pre-existing

openssl key, as is currently supported for NSS.

Change-Id: I36c848884273fe8e23451259655680b6b7d46a98

BUG=412427

R=davidben@chromium.org

Review URL: https://codereview.chromium.org/559623002

Cr-Commit-Position: refs/heads/master@{#294254}

4 files changed, 43 insertions, 21 deletions

diff --git a/crypto/rsa_private_key.h b/crypto/rsa_private_key.h
index cb19067..221e341 100644
--- a/crypto/rsa_private_key.h
+++ b/crypto/rsa_private_key.h
@@ -216,6 +216,12 @@ class CRYPTO_EXPORT RSAPrivateKey {
   static RSAPrivateKey* FindFromPublicKeyInfoInSlot(
       const std::vector<uint8>& input,
       PK11SlotInfo* slot);
+#elif defined(USE_OPENSSL)
+  // Create a new instance from an existing EVP_PKEY, taking a
+  // reference to it. |key| must be an RSA key. Returns NULL on
+  // failure.
+  static RSAPrivateKey* CreateFromKey(EVP_PKEY* key);
+
 #endif
 
 #if defined(USE_OPENSSL)
diff --git a/crypto/rsa_private_key_nss_unittest.cc b/crypto/rsa_private_key_nss_unittest.cc
index 4adb9db..b91b431 100644
--- a/crypto/rsa_private_key_nss_unittest.cc
+++ b/crypto/rsa_private_key_nss_unittest.cc
@@ -24,27 +24,6 @@ class RSAPrivateKeyNSSTest : public testing::Test {
   DISALLOW_COPY_AND_ASSIGN(RSAPrivateKeyNSSTest);
 };
 
-TEST_F(RSAPrivateKeyNSSTest, CreateFromKeyTest) {
-  scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256));
-
-  scoped_ptr<crypto::RSAPrivateKey> key_copy(
-      RSAPrivateKey::CreateFromKey(key_pair->key()));
-  ASSERT_TRUE(key_copy.get());
-
-  std::vector<uint8> privkey;
-  std::vector<uint8> pubkey;
-  ASSERT_TRUE(key_pair->ExportPrivateKey(&privkey));
-  ASSERT_TRUE(key_pair->ExportPublicKey(&pubkey));
-
-  std::vector<uint8> privkey_copy;
-  std::vector<uint8> pubkey_copy;
-  ASSERT_TRUE(key_copy->ExportPrivateKey(&privkey_copy));
-  ASSERT_TRUE(key_copy->ExportPublicKey(&pubkey_copy));
-
-  ASSERT_EQ(privkey, privkey_copy);
-  ASSERT_EQ(pubkey, pubkey_copy);
-}
-
 TEST_F(RSAPrivateKeyNSSTest, FindFromPublicKey) {
   // Create a keypair, which will put the keys in the user's NSSDB.
   scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256));
diff --git a/crypto/rsa_private_key_openssl.cc b/crypto/rsa_private_key_openssl.cc
index 8dcde61..053c4a2 100644
--- a/crypto/rsa_private_key_openssl.cc
+++ b/crypto/rsa_private_key_openssl.cc
@@ -98,6 +98,16 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
   return result.release();
 }
 
+// static
+RSAPrivateKey* RSAPrivateKey::CreateFromKey(EVP_PKEY* key) {
+  DCHECK(key);
+  if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
+    return NULL;
+  RSAPrivateKey* copy = new RSAPrivateKey();
+  copy->key_ = EVP_PKEY_dup(key);
+  return copy;
+}
+
 RSAPrivateKey::RSAPrivateKey()
     : key_(NULL) {
 }
diff --git a/crypto/rsa_private_key_unittest.cc b/crypto/rsa_private_key_unittest.cc
index de88908..d53d502 100644
--- a/crypto/rsa_private_key_unittest.cc
+++ b/crypto/rsa_private_key_unittest.cc
@@ -403,3 +403,30 @@ TEST(RSAPrivateKeyUnitTest, ShortIntegers) {
   ASSERT_TRUE(0 == memcmp(&output2.front(), &input2.front(),
                           input2.size()));
 }
+
+// The following test can run if either USE_NSS or USE_OPENSSL is defined, but
+// not otherwise (since it uses crypto::RSAPrivateKey::CreateFromKey).
+#if defined(USE_NSS) || defined(USE_OPENSSL)
+TEST(RSAPrivateKeyUnitTest, CreateFromKeyTest) {
+  scoped_ptr<crypto::RSAPrivateKey> key_pair(
+      crypto::RSAPrivateKey::Create(256));
+
+  scoped_ptr<crypto::RSAPrivateKey> key_copy(
+      crypto::RSAPrivateKey::CreateFromKey(key_pair->key()));
+  ASSERT_TRUE(key_copy.get());
+
+  std::vector<uint8> privkey;
+  std::vector<uint8> pubkey;
+  ASSERT_TRUE(key_pair->ExportPrivateKey(&privkey));
+  ASSERT_TRUE(key_pair->ExportPublicKey(&pubkey));
+
+  std::vector<uint8> privkey_copy;
+  std::vector<uint8> pubkey_copy;
+  ASSERT_TRUE(key_copy->ExportPrivateKey(&privkey_copy));
+  ASSERT_TRUE(key_copy->ExportPublicKey(&pubkey_copy));
+
+  ASSERT_EQ(privkey, privkey_copy);
+  ASSERT_EQ(pubkey, pubkey_copy);
+}
+#endif
+