// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "crypto/rsa_private_key.h" #include #include #include #include #include #include "base/debug/leak_annotations.h" #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/strings/string_util.h" #include "crypto/nss_util.h" #include "crypto/nss_util_internal.h" #include "crypto/scoped_nss_types.h" // TODO(rafaelw): Consider using NSS's ASN.1 encoder. namespace { static bool ReadAttribute(SECKEYPrivateKey* key, CK_ATTRIBUTE_TYPE type, std::vector* output) { SECItem item; SECStatus rv; rv = PK11_ReadRawAttribute(PK11_TypePrivKey, key, type, &item); if (rv != SECSuccess) { NOTREACHED(); return false; } output->assign(item.data, item.data + item.len); SECITEM_FreeItem(&item, PR_FALSE); return true; } #if defined(USE_NSS_CERTS) struct PublicKeyInfoDeleter { inline void operator()(CERTSubjectPublicKeyInfo* spki) { SECKEY_DestroySubjectPublicKeyInfo(spki); } }; typedef scoped_ptr ScopedPublicKeyInfo; // The function decodes RSA public key from the |input|. crypto::ScopedSECKEYPublicKey GetRSAPublicKey(const std::vector& input) { // First, decode and save the public key. SECItem key_der; key_der.type = siBuffer; key_der.data = const_cast(&input[0]); key_der.len = input.size(); ScopedPublicKeyInfo spki(SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der)); if (!spki) return crypto::ScopedSECKEYPublicKey(); crypto::ScopedSECKEYPublicKey result(SECKEY_ExtractPublicKey(spki.get())); // Make sure the key is an RSA key.. If not, that's an error. if (!result || result->keyType != rsaKey) return crypto::ScopedSECKEYPublicKey(); return result.Pass(); } #endif // defined(USE_NSS_CERTS) } // namespace namespace crypto { RSAPrivateKey::~RSAPrivateKey() { if (key_) SECKEY_DestroyPrivateKey(key_); if (public_key_) SECKEY_DestroyPublicKey(public_key_); } // static RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) { EnsureNSSInit(); ScopedPK11Slot slot(PK11_GetInternalSlot()); return CreateWithParams(slot.get(), num_bits, false /* not permanent */, false /* not sensitive */); } // static RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo( const std::vector& input) { EnsureNSSInit(); ScopedPK11Slot slot(PK11_GetInternalSlot()); return CreateFromPrivateKeyInfoWithParams( slot.get(), input, false /* not permanent */, false /* not sensitive */); } // static RSAPrivateKey* RSAPrivateKey::CreateFromKey(SECKEYPrivateKey* key) { DCHECK(key); if (SECKEY_GetPrivateKeyType(key) != rsaKey) return NULL; RSAPrivateKey* copy = new RSAPrivateKey(); copy->key_ = SECKEY_CopyPrivateKey(key); copy->public_key_ = SECKEY_ConvertToPublicKey(key); if (!copy->key_ || !copy->public_key_) { NOTREACHED(); delete copy; return NULL; } return copy; } #if defined(USE_NSS_CERTS) // static RSAPrivateKey* RSAPrivateKey::CreateSensitive(PK11SlotInfo* slot, uint16 num_bits) { return CreateWithParams(slot, num_bits, true /* permanent */, true /* sensitive */); } // static RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo( PK11SlotInfo* slot, const std::vector& input) { return CreateFromPrivateKeyInfoWithParams(slot, input, true /* permanent */, true /* sensitive */); } // static RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( const std::vector& input) { scoped_ptr result(InitPublicPart(input)); if (!result) return NULL; ScopedSECItem ck_id( PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); if (!ck_id.get()) { NOTREACHED(); return NULL; } // Search all slots in all modules for the key with the given ID. AutoSECMODListReadLock auto_lock; SECMODModuleList* head = SECMOD_GetDefaultModuleList(); for (SECMODModuleList* item = head; item != NULL; item = item->next) { int slot_count = item->module->loaded ? item->module->slotCount : 0; for (int i = 0; i < slot_count; i++) { // Finally...Look for the key! result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], ck_id.get(), NULL); if (result->key_) return result.release(); } } // We didn't find the key. return NULL; } // static RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfoInSlot( const std::vector& input, PK11SlotInfo* slot) { if (!slot) return NULL; scoped_ptr result(InitPublicPart(input)); if (!result) return NULL; ScopedSECItem ck_id( PK11_MakeIDFromPubKey(&(result->public_key_->u.rsa.modulus))); if (!ck_id.get()) { NOTREACHED(); return NULL; } result->key_ = PK11_FindKeyByKeyID(slot, ck_id.get(), NULL); if (!result->key_) return NULL; return result.release(); } #endif RSAPrivateKey* RSAPrivateKey::Copy() const { RSAPrivateKey* copy = new RSAPrivateKey(); copy->key_ = SECKEY_CopyPrivateKey(key_); copy->public_key_ = SECKEY_CopyPublicKey(public_key_); return copy; } bool RSAPrivateKey::ExportPrivateKey(std::vector* output) const { PrivateKeyInfoCodec private_key_info(true); // Manually read the component attributes of the private key and build up // the PrivateKeyInfo. if (!ReadAttribute(key_, CKA_MODULUS, private_key_info.modulus()) || !ReadAttribute(key_, CKA_PUBLIC_EXPONENT, private_key_info.public_exponent()) || !ReadAttribute(key_, CKA_PRIVATE_EXPONENT, private_key_info.private_exponent()) || !ReadAttribute(key_, CKA_PRIME_1, private_key_info.prime1()) || !ReadAttribute(key_, CKA_PRIME_2, private_key_info.prime2()) || !ReadAttribute(key_, CKA_EXPONENT_1, private_key_info.exponent1()) || !ReadAttribute(key_, CKA_EXPONENT_2, private_key_info.exponent2()) || !ReadAttribute(key_, CKA_COEFFICIENT, private_key_info.coefficient())) { NOTREACHED(); return false; } return private_key_info.Export(output); } bool RSAPrivateKey::ExportPublicKey(std::vector* output) const { ScopedSECItem der_pubkey(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key_)); if (!der_pubkey.get()) { NOTREACHED(); return false; } output->assign(der_pubkey->data, der_pubkey->data + der_pubkey->len); return true; } RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) { EnsureNSSInit(); } // static RSAPrivateKey* RSAPrivateKey::CreateWithParams(PK11SlotInfo* slot, uint16 num_bits, bool permanent, bool sensitive) { if (!slot) return NULL; scoped_ptr result(new RSAPrivateKey); PK11RSAGenParams param; param.keySizeInBits = num_bits; param.pe = 65537L; result->key_ = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, ¶m, &result->public_key_, permanent, sensitive, NULL); if (!result->key_) return NULL; return result.release(); } // static RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams( PK11SlotInfo* slot, const std::vector& input, bool permanent, bool sensitive) { if (!slot) return NULL; scoped_ptr result(new RSAPrivateKey); ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE)); if (!arena) { NOTREACHED(); return NULL; } // Excess data is illegal, but NSS silently accepts it, so first ensure that // |input| consists of a single ASN.1 element. SECItem input_item; input_item.data = const_cast(&input.front()); input_item.len = input.size(); SECItem der_private_key_info; SECStatus rv = SEC_QuickDERDecodeItem(arena.get(), &der_private_key_info, SEC_ASN1_GET(SEC_AnyTemplate), &input_item); if (rv != SECSuccess) return NULL; // Allow the private key to be used for key unwrapping, data decryption, // and signature generation. const unsigned int key_usage = KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_DIGITAL_SIGNATURE; rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( slot, &der_private_key_info, NULL, NULL, permanent, sensitive, key_usage, &result->key_, NULL); if (rv != SECSuccess) return NULL; result->public_key_ = SECKEY_ConvertToPublicKey(result->key_); if (!result->public_key_) return NULL; return result.release(); } #if defined(USE_NSS_CERTS) // static RSAPrivateKey* RSAPrivateKey::InitPublicPart(const std::vector& input) { EnsureNSSInit(); scoped_ptr result(new RSAPrivateKey()); result->public_key_ = GetRSAPublicKey(input).release(); if (!result->public_key_) { NOTREACHED(); return NULL; } return result.release(); } #endif // defined(USE_NSS_CERTS) } // namespace crypto