Add net/android/keystore.h

net/android/keystore_openssl.cc

Index: net/android/keystore_openssl.cc
diff --git a/net/android/keystore_openssl.cc b/net/android/keystore_openssl.cc
new file mode 100644
index 0000000000000000000000000000000000000000..caed395d7f41ecbc05f90d25b75f6553f9ba2924
--- /dev/null
+++ b/net/android/keystore_openssl.cc
@@ -0,0 +1,250 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/android/keystore_openssl.h"
+
+#include <jni.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+
+#include "base/android/jni_android.h"
+#include "base/android/scoped_java_ref.h"
+#include "base/basictypes.h"
+#include "base/logging.h"
+#include "crypto/openssl_util.h"
+#include "net/android/keystore.h"
+#include "net/base/ssl_client_cert_type.h"
+
+// IMPORTANT NOTE: The following code will currently only work when used
+// to implement client certificate support with OpenSSL. That's because
+// only signing is implemented here.
+//
+
+// The OpenSSL EVP_PKEY type is a generic wrapper around key pairs.
+// Internally, it can hold a pointer to a RSA, DSA or ECDA structure,
+// which model keypair implementations of each respective crypto
+// algorithm.
+//
+// The RSA type has a 'method' field pointer to a vtable-like structure
+// called a RSA_METHOD. This contains several function pointers that
+// correspond to operations on RSA keys (e.g. decode/encode with public
+// key, decode/encode with private key, signing, validation), as well as
+// a few flags.
+//
+// For example, the RSA_sign() function will call "method->rsa_sign()" if
+// method->rsa_sign is not NULL, otherwise, it will perform a regular
+// signing operation using the other fields in the RSA structure (which
+// are used to hold the typical modulus / exponent / parameters for the
+// key pair).
+//
+// This source file thus defines a custom RSA_METHOD structure, which
+// fields points to static methods used to implement the corresponding
+// RSA operation using platform Android APIs.
+//
+// However, the platform APIs require a jobject JNI reference to work.
+// It must be stored in the RSA instance, or made accessible when the
+// custom RSA methods are called. This is done by using RSA_set_app_data()
+// and RSA_get_app_data().
+//
+// One can thus _directly_ create a new EVP_PKEY that uses a custom RSA
+// object with the following:
+//
+//    RSA* rsa = RSA_new()
+//    RSA_set_method(&custom_rsa_method);
+//    RSA_set_app_data(rsa, jni_private_key);
+//
+//    EVP_PKEY* pkey = EVP_PKEY_new();
+//    EVP_PKEY_assign_RSA(pkey, rsa);
+//
+// Note that because EVP_PKEY_assign_RSA() is used, instead of
+// EVP_PKEY_set1_RSA(), the new EVP_PKEY now owns the RSA object, and
+// will destroy it when it is itself destroyed.
+//
+// Similarly, custom DSA_METHOD and ECDSA_METHOD are defined by this source
+// file.
+//
+// Note that there is no need to define an OpenSSL ENGINE here. These
+// are objects that can be used to expose custom methods (i.e. either
+// RSA_METHOD, DSA_METHOD, ECDSA_METHOD, and a large number of other ones
+// for types not related to this source file), and make them used by
+// default for a lot of operations. Very fortunately, this is not needed
+// here, which saves a lot of complexity.
+//
+
+namespace {
+
+///////////////////////////////////////////////////////////////////////////
+//
+// Custom RSA_METHOD to be used to use the platform APIs.
+// Note that for now, only signing through RSA_sign() is really supported.
+// all other method pointers are either stubs returning errors, or no-ops.
+//
+// See <openssl/rsa.h> for exact declaration of RSA_METHOD.
+//
+
+int RsaMethodPubEnc(int flen,
+                    const unsigned char* from,
+                    unsigned char* to,
+                    RSA* rsa,
+                    int padding) {
+  NOTIMPLEMENTED();
+  RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+  return -1;
+}
+
+int RsaMethodPubDec(int flen,
+                    const unsigned char* from,
+                    unsigned char* to,
+                    RSA* rsa,
+                    int padding) {
+  NOTIMPLEMENTED();
+  RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+  return -1;
+}
+
+int RsaMethodPrivEnc(int flen,
+                     const unsigned char *from,
+                     unsigned char *to,
+                     RSA *rsa,
+                     int padding) {
+  NOTIMPLEMENTED();
+  RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+  return -1;
+}
+
+int RsaMethodPrivDec(int flen,
+                     const unsigned char* from,
+                     unsigned char* to,
+                     RSA* rsa,
+                     int padding) {
+  NOTIMPLEMENTED();
+  RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+  return -1;
+}
+
+int RsaMethodInit(RSA* rsa) {
+  // Required to ensure that RsaMethodSign will be called.
+  rsa->flags |= RSA_FLAG_SIGN_VER;
+  return 0;
+}
+
+int RsaMethodFinish(RSA* rsa) {
+  // Ensure the global JNI reference is destroyed with this key.
+  jobject key = reinterpret_cast<jobject>(RSA_get_app_data(rsa));
+  if (key != NULL) {
+    RSA_set_app_data(rsa, NULL);
+    JNIEnv* env = base::android::AttachCurrentThread();
+    env->DeleteGlobalRef(key);
+  }
+  // Actual return value is ignored by OpenSSL. There are no docs
+  // explaining what this is supposed to be.
+  return 0;
+}
+
+int RsaMethodSign(int type,
+                  const unsigned char* message,
+                  unsigned int message_len,
+                  unsigned char* signature,
+                  unsigned int* signature_len,
+                  const RSA* rsa) {
+  // This is only used for client certificate support.
+  DCHECK_EQ(NID_md5_sha1, type);
+  if (type != NID_md5_sha1) {
+    RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE);
+    return 0;
+  }
+  // Retrieve private key JNI reference.
+  jobject private_key = reinterpret_cast<jobject>(RSA_get_app_data(rsa));
+  if (!private_key) {
+    LOG(WARNING) << "Null JNI reference passed to RsaMethodSign!";
+    return 0;
+  }
+  // Sign message with it through JNI.
+  base::StringPiece message_piece(reinterpret_cast<const char*>(message),
+                                  static_cast<size_t>(message_len));
+  std::vector<uint8> result;
+
+  if (!net::android::SignWithPrivateKey(
+        private_key, message_piece, &result)) {
+    LOG(WARNING) << "Could not sign message in RsaMethodSign!";
+    return 0;
+  }
+  // Copy result to OpenSSL-provided buffer
+  memcpy(signature, &result[0], result.size());
+  *signature_len = static_cast<unsigned int>(result.size());
+  return 1;
+}
+
+const RSA_METHOD android_rsa_method = {
+  /* .name = */ "Android signing-only RSA method",
+  /* .rsa_pub_enc = */ RsaMethodPubEnc,
+  /* .rsa_pub_dec = */ RsaMethodPubDec,
+  /* .rsa_priv_enc = */ RsaMethodPrivEnc,
+  /* .rsa_priv_dec = */ RsaMethodPrivDec,
+  /* .rsa_mod_exp = */ NULL,
+  /* .bn_mod_exp = */ NULL,
+  /* .init = */ RsaMethodInit,
+  /* .finish = */ RsaMethodFinish,
+  /* .flags = */ RSA_FLAG_SIGN_VER,  // indicates that rsa_sign is usable.
+  /* .app_data = */ NULL,
+  /* .rsa_sign = */ RsaMethodSign,
+  /* .rsa_verify = */ NULL,
+  /* .rsa_keygen = */ NULL,
+};
+
+}  // namespace
+
+
+namespace net {
+namespace android {
+
+EVP_PKEY* GetOpenSSLPrivateKeyWrapper(jobject private_key) {
+  // Create scoped JNI global reference from the private key.
+  // This ensure that it will be usable from any thread, not only
+  // from the caller's.
+  //
+  // Note: "ScopedJavaGlobalRef<jobject> ref(a_jobject)" doesn't
+  // compile. Route around this by creating an empty object first,
+  // then resetting it.
+  base::android::ScopedJavaGlobalRef<jobject> global_key;
+  global_key.Reset(NULL, private_key);
+  if (global_key.is_null())
+    return NULL;
+
+  // Create new empty EVP_PKEY instance.
+  crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> pkey(EVP_PKEY_new());
+  if (!pkey.get())
+    return NULL;
+
+  // Create sub key type, depending on private key's algorithm type.
+  SSLClientCertType key_type = GetPrivateKeySigningType(global_key.obj());
+  switch (key_type) {
+    case CLIENT_CERT_RSA_SIGN:
+      {
+        RSA* rsa = RSA_new();
+        RSA_set_method(rsa, &android_rsa_method);
+        RSA_set_app_data(rsa, global_key.Release());
+        EVP_PKEY_assign_RSA(pkey.get(), rsa);
+      }
+      break;
+    case CLIENT_CERT_DSS_SIGN:
+      // TODO(digit): Implement this.
+      NOTIMPLEMENTED();
+      return NULL;
+    case CLIENT_CERT_ECDSA_SIGN:
+      // TODO(digit): Implement this.
+      NOTIMPLEMENTED();
+      return NULL;
+    default:
+      LOG(WARNING)
+          << "GetOpenSSLPrivateKeyWrapper() called with invalid key type";
+      return NULL;
+  }
+
+  return pkey.release();
+}
+
+}  // namespace android
+}  // namespace net