ECKeyImpl.cpp source code [ClickHouse/contrib/poco/Crypto/src/ECKeyImpl.cpp]

1	//
2	// ECKeyImpl.cpp
3	//
4	//
5	// Library: Crypto
6	// Package: EC
7	// Module: ECKeyImpl
8	//
9	// Copyright (c) 2008, Applied Informatics Software Engineering GmbH.
10	// and Contributors.
11	//
12	// SPDX-License-Identifier: BSL-1.0
13	//
14
15
16	#include "Poco/Crypto/ECKeyImpl.h"
17	#include "Poco/Crypto/X509Certificate.h"
18	#include "Poco/Crypto/PKCS12Container.h"
19	#include "Poco/FileStream.h"
20	#include "Poco/Format.h"
21	#include <sstream>
22	#include <openssl/evp.h>
23	#if OPENSSL_VERSION_NUMBER >= 0x00908000L
24	#include <openssl/bn.h>
25	#endif
26
27
28	namespace Poco {
29	namespace Crypto {
30
31
32	ECKeyImpl::ECKeyImpl(const EVPPKey& key):
33	KeyPairImpl ("ec", KT_EC_IMPL),
34	_pEC(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY>((const* EVP_PKEY*)key)))
35	{
36	checkEC("ECKeyImpl(const EVPPKey&)", "EVP_PKEY_get1_EC_KEY()");
37	}
38
39
40	ECKeyImpl::ECKeyImpl(const X509Certificate& cert):
41	KeyPairImpl ("ec", KT_EC_IMPL),
42	_pEC(`0`)
43	{
44	const X509* pCert = cert.certificate();
45	if (pCert)
46	{
47	EVP_PKEY* pKey = X509_get_pubkey(const_cast<X509*>(pCert));
48	if (pKey)
49	{
50	_pEC = EVP_PKEY_get1_EC_KEY(pKey);
51	EVP_PKEY_free(pKey);
52	checkEC("ECKeyImpl(const const X509Certificate&)", "EVP_PKEY_get1_EC_KEY()");
53	return;
54	}
55	}
56	throw OpenSSLException ("ECKeyImpl(const X509Certificate&)");
57	}
58
59
60	ECKeyImpl::ECKeyImpl(const PKCS12Container& cont):
61	KeyPairImpl ("ec", KT_EC_IMPL),
62	_pEC(EVP_PKEY_get1_EC_KEY(cont.getKey()))
63	{
64	checkEC("ECKeyImpl(const PKCS12Container&)", "EVP_PKEY_get1_EC_KEY()");
65	}
66
67
68	ECKeyImpl::ECKeyImpl(int curve):
69	KeyPairImpl ("ec", KT_EC_IMPL),
70	_pEC(EC_KEY_new_by_curve_name(curve))
71	{
72	poco_check_ptr(_pEC);
73	EC_KEY_set_asn1_flag(_pEC, OPENSSL_EC_NAMED_CURVE);
74	if (!(EC_KEY_generate_key(_pEC)))
75	throw OpenSSLException ("ECKeyImpl(int curve): EC_KEY_generate_key()");
76	checkEC("ECKeyImpl(int curve)", "EC_KEY_generate_key()");
77	}
78
79
80	ECKeyImpl::ECKeyImpl(const std::string& publicKeyFile,
81	const std::string& privateKeyFile,
82	const std::string& privateKeyPassphrase): KeyPairImpl ("ec", KT_EC_IMPL), _pEC(`0`)
83	{
84	if (EVPPKey::loadKey(&_pEC, PEM_read_PrivateKey, EVP_PKEY_get1_EC_KEY, privateKeyFile, privateKeyPassphrase))
85	{
86	checkEC(Poco::format("ECKeyImpl(%s, %s, %s)",
87	publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string ("***")),
88	"PEM_read_PrivateKey() or EVP_PKEY_get1_EC_KEY()");
89	return; // private key is enough
90	}
91
92	// no private key, this must be public key only, otherwise throw
93	if (!EVPPKey::loadKey(&_pEC, PEM_read_PUBKEY, EVP_PKEY_get1_EC_KEY, publicKeyFile))
94	{
95	throw OpenSSLException ("ECKeyImpl(const string&, const string&, const string&");
96	}
97	checkEC(Poco::format("ECKeyImpl(%s, %s, %s)",
98	publicKeyFile, privateKeyFile, privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string ("***")),
99	"PEM_read_PUBKEY() or EVP_PKEY_get1_EC_KEY()");
100	}
101
102
103	ECKeyImpl::ECKeyImpl(std::istream* pPublicKeyStream,
104	std::istream* pPrivateKeyStream,
105	const std::string& privateKeyPassphrase): KeyPairImpl ("ec", KT_EC_IMPL), _pEC(`0`)
106	{
107	if (EVPPKey::loadKey(&_pEC, PEM_read_bio_PrivateKey, EVP_PKEY_get1_EC_KEY, pPrivateKeyStream, privateKeyPassphrase))
108	{
109	checkEC(Poco::format("ECKeyImpl(stream, stream, %s)",
110	privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string ("***")),
111	"PEM_read_bio_PrivateKey() or EVP_PKEY_get1_EC_KEY()");
112	return; // private key is enough
113	}
114
115	// no private key, this must be public key only, otherwise throw
116	if (!EVPPKey::loadKey(&_pEC, PEM_read_bio_PUBKEY, EVP_PKEY_get1_EC_KEY, pPublicKeyStream))
117	{
118	throw OpenSSLException ("ECKeyImpl(istream, istream, const string&");
119	}
120	checkEC(Poco::format("ECKeyImpl(stream, stream, %s)",
121	privateKeyPassphrase.empty() ? privateKeyPassphrase : std::string ("***")),
122	"PEM_read_bio_PUBKEY() or EVP_PKEY_get1_EC_KEY()");
123	}
124
125
126	ECKeyImpl::~ECKeyImpl()
127	{
128	freeEC();
129	}
130
131
132	void ECKeyImpl::checkEC(const std::string& method, const std::string& func) const
133	{
134	if (!_pEC) throw OpenSSLException (Poco::format("%s: %s", method, func));
135	if (!EC_KEY_check_key(_pEC))
136	throw OpenSSLException (Poco::format("%s: EC_KEY_check_key()", method));
137	}
138
139
140	void ECKeyImpl::freeEC()
141	{
142	if (_pEC)
143	{
144	EC_KEY_free(_pEC);
145	_pEC = `0`;
146	}
147	}
148
149
150	int ECKeyImpl::size() const
151	{
152	int sz = -`1`;
153	EVP_PKEY* pKey = EVP_PKEY_new();
154	if (pKey && EVP_PKEY_set1_EC_KEY(pKey, _pEC))
155	{
156	sz = EVP_PKEY_bits(pKey);
157	EVP_PKEY_free(pKey);
158	return sz;
159	}
160	throw OpenSSLException ("ECKeyImpl::size()");
161	}
162
163
164	int ECKeyImpl::groupId() const
165	{
166	if (_pEC)
167	{
168	const EC_GROUP* ecGroup = EC_KEY_get0_group(_pEC);
169	if (ecGroup)
170	{
171	return EC_GROUP_get_curve_name(ecGroup);
172	}
173	else
174	{
175	throw OpenSSLException ("ECKeyImpl::groupId()");
176	}
177	}
178	throw NullPointerException ("ECKeyImpl::groupId() => _pEC");
179	}
180
181
182	std::string ECKeyImpl::getCurveName(int nid)
183	{
184	std::string curveName;
185	size_t len = EC_get_builtin_curves(NULL, `0`);
186	EC_builtin_curve* pCurves =
187	(EC_builtin_curve) OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) len));
188	if (!pCurves) return curveName;
189
190	if (!EC_get_builtin_curves(pCurves, len))
191	{
192	OPENSSL_free(pCurves);
193	return curveName;
194	}
195
196	if (-`1` == nid) nid = pCurves[`0`].nid;
197	const int bufLen = `128`;
198	char buf[bufLen];
199	std::memset(buf, `0`, bufLen);
200	OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), `0`);
201	curveName = buf;
202	OPENSSL_free(pCurves);
203	return curveName;
204	}
205
206
207	int ECKeyImpl::getCurveNID(std::string& name)
208	{
209	std::string curveName;
210	size_t len = EC_get_builtin_curves(NULL, `0`);
211	EC_builtin_curve* pCurves =
212	(EC_builtin_curve)OPENSSL_malloc(static_cast<int>(sizeof(EC_builtin_curve) len));
213	if (!pCurves) return -`1`;
214
215	if (!EC_get_builtin_curves(pCurves, len))
216	{
217	OPENSSL_free(pCurves);
218	return -`1`;
219	}
220
221	int nid = -`1`;
222	const int bufLen = `128`;
223	char buf[bufLen];
224	if (name.empty())
225	{
226	std::memset(buf, `0`, bufLen);
227	OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(nid), `0`);
228	name = buf;
229	nid = pCurves[`0`].nid;
230	}
231	else
232	{
233	for (int i = `0`; i < len; ++i)
234	{
235	std::memset(buf, `0`, bufLen);
236	OBJ_obj2txt(buf, bufLen, OBJ_nid2obj(pCurves[i].nid), `0`);
237	if (strncmp(name.c_str(), buf, name.size() > bufLen ? bufLen : name.size()) == `0`)
238	{
239	nid = pCurves[i].nid;
240	break;
241	}
242	}
243	}
244
245	OPENSSL_free(pCurves);
246	return nid;
247	}
248
249
250	bool ECKeyImpl::hasCurve(const std::string& name)
251	{
252	std::string tmp(name);
253	return (-`1` != getCurveNID(tmp));
254	}
255
256
257	} } // namespace Poco::Crypto
258

Browse the source code of ClickHouse/contrib/poco/Crypto/src/ECKeyImpl.cpp