| // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include <openssl/bytestring.h> |
| #include <openssl/digest.h> |
| #include <openssl/evp.h> |
| #include <openssl/mem.h> |
| #include <stdint.h> |
| |
| #include <memory> |
| |
| #include "base/base64.h" |
| #include "base/location.h" |
| #include "base/logging.h" |
| #include "base/strings/string_piece.h" |
| #include "crypto/auto_cbb.h" |
| #include "crypto/openssl_util.h" |
| #include "crypto/rsa_private_key.h" |
| #include "crypto/scoped_openssl_types.h" |
| #include "net/base/keygen_handler.h" |
| #include "net/base/openssl_private_key_store.h" |
| |
| namespace net { |
| |
| std::string KeygenHandler::GenKeyAndSignChallenge() { |
| std::unique_ptr<crypto::RSAPrivateKey> key( |
| crypto::RSAPrivateKey::Create(key_size_in_bits_)); |
| EVP_PKEY* pkey = key->key(); |
| |
| if (stores_key_) |
| OpenSSLPrivateKeyStore::StoreKeyPair(url_, pkey); |
| |
| // Serialize the following structure, from |
| // https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen. |
| // |
| // PublicKeyAndChallenge ::= SEQUENCE { |
| // spki SubjectPublicKeyInfo, |
| // challenge IA5STRING |
| // } |
| // |
| // SignedPublicKeyAndChallenge ::= SEQUENCE { |
| // publicKeyAndChallenge PublicKeyAndChallenge, |
| // signatureAlgorithm AlgorithmIdentifier, |
| // signature BIT STRING |
| // } |
| // |
| // The signature is over the PublicKeyAndChallenge. |
| |
| // TODO(davidben): If we gain another consumer, factor this code out into |
| // shared logic, sharing OID definitions with the verifier, to support signing |
| // other X.509-style structures. |
| |
| crypto::OpenSSLErrStackTracer tracer(FROM_HERE); |
| |
| // Serialize up to the PublicKeyAndChallenge. |
| crypto::AutoCBB cbb; |
| CBB spkac, public_key_and_challenge, challenge; |
| if (!CBB_init(cbb.get(), 0) || |
| !CBB_add_asn1(cbb.get(), &spkac, CBS_ASN1_SEQUENCE) || |
| !CBB_add_asn1(&spkac, &public_key_and_challenge, CBS_ASN1_SEQUENCE) || |
| !EVP_marshal_public_key(&public_key_and_challenge, pkey) || |
| !CBB_add_asn1(&public_key_and_challenge, &challenge, |
| CBS_ASN1_IA5STRING) || |
| !CBB_add_bytes(&challenge, |
| reinterpret_cast<const uint8_t*>(challenge_.data()), |
| challenge_.size()) || |
| !CBB_flush(&spkac)) { |
| return std::string(); |
| } |
| |
| // Hash what's been written so far. |
| crypto::ScopedEVP_MD_CTX ctx(EVP_MD_CTX_create()); |
| if (!EVP_DigestSignInit(ctx.get(), nullptr, EVP_md5(), nullptr, pkey) || |
| !EVP_DigestSignUpdate(ctx.get(), CBB_data(&spkac), CBB_len(&spkac))) { |
| return std::string(); |
| } |
| |
| // The DER encoding of 1.2.840.113549.1.1.4, MD5 with RSA encryption. |
| static const uint8_t kMd5WithRsaEncryption[] = { |
| 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, |
| }; |
| |
| // Write the signatureAlgorithm. |
| CBB algorithm, oid, null; |
| if (!CBB_add_asn1(&spkac, &algorithm, CBS_ASN1_SEQUENCE) || |
| !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) || |
| !CBB_add_bytes(&oid, kMd5WithRsaEncryption, |
| sizeof(kMd5WithRsaEncryption)) || |
| !CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL)) { |
| return std::string(); |
| } |
| |
| // Compute and write the signature. Note that X.509 signatures, although |
| // always byte strings for RSA, are encoded as BIT STRINGS with a multiple of |
| // 8 bits. |
| CBB sig_bitstring; |
| uint8_t* sig; |
| size_t sig_len; |
| if (!CBB_add_asn1(&spkac, &sig_bitstring, CBS_ASN1_BITSTRING) || |
| !CBB_add_u8(&sig_bitstring, 0 /* no unused bits */) || |
| // Determine the maximum length of the signature. |
| !EVP_DigestSignFinal(ctx.get(), nullptr, &sig_len) || |
| // Reserve |sig_len| bytes and write the signature to |spkac|. |
| !CBB_reserve(&sig_bitstring, &sig, sig_len) || |
| !EVP_DigestSignFinal(ctx.get(), sig, &sig_len) || |
| !CBB_did_write(&sig_bitstring, sig_len)) { |
| return std::string(); |
| } |
| |
| // Finally, the structure is base64-encoded. |
| uint8_t* der; |
| size_t der_len; |
| if (!CBB_finish(cbb.get(), &der, &der_len)) { |
| return std::string(); |
| } |
| std::string result; |
| base::Base64Encode( |
| base::StringPiece(reinterpret_cast<const char*>(der), der_len), &result); |
| OPENSSL_free(der); |
| return result; |
| } |
| |
| } // namespace net |