Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 368bc7749eaa2e1321d552e45a96d83b5500ba47 / . / asymmetric_key.cpp
blob: 297fb3825df495ba6ca907646e3c249e7535b3d1 [file] [log] [blame]
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]17#include <openssl/evp.h>
18#include <openssl/x509.h>
19
Shawn Willden368bc772014-08-27 06:45:34 -0600[diff] [blame^]20#include <keymaster/key_blob.h>
Shawn Willden98d9b922014-08-26 08:14:10 -0600[diff] [blame]21#include <keymaster/keymaster_defs.h>
22
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]23#include "asymmetric_key.h"
24#include "dsa_operation.h"
25#include "ecdsa_operation.h"
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]26#include "openssl_utils.h"
27#include "rsa_operation.h"
28
29namespace keymaster {
30
31const uint32_t RSA_DEFAULT_KEY_SIZE = 2048;
32const uint64_t RSA_DEFAULT_EXPONENT = 65537;
33
34const uint32_t DSA_DEFAULT_KEY_SIZE = 2048;
35
36const uint32_t ECDSA_DEFAULT_KEY_SIZE = 192;
37
38keymaster_error_t AsymmetricKey::LoadKey(const KeyBlob& blob) {
39 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> evp_key(EVP_PKEY_new());
40 if (evp_key.get() == NULL)
41 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
42
43 EVP_PKEY* tmp_pkey = evp_key.get();
44 const uint8_t* key_material = blob.key_material();
45 if (d2i_PrivateKey(evp_key_type(), &tmp_pkey, &key_material, blob.key_material_length()) ==
46 NULL) {
47 return KM_ERROR_INVALID_KEY_BLOB;
48 }
49 if (!EvpToInternal(evp_key.get()))
50 return KM_ERROR_UNKNOWN_ERROR;
51
52 return KM_ERROR_OK;
53}
54
55keymaster_error_t AsymmetricKey::key_material(UniquePtr<uint8_t[]>* material, size_t* size) const {
56 if (material == NULL || size == NULL)
57 return KM_ERROR_OUTPUT_PARAMETER_NULL;
58
59 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
60 if (pkey.get() == NULL)
61 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
62
63 if (!InternalToEvp(pkey.get()))
64 return KM_ERROR_UNKNOWN_ERROR;
65
66 *size = i2d_PrivateKey(pkey.get(), NULL /* key_data*/);
67 if (*size <= 0)
68 return KM_ERROR_UNKNOWN_ERROR;
69
70 material->reset(new uint8_t[*size]);
71 uint8_t* tmp = material->get();
72 i2d_PrivateKey(pkey.get(), &tmp);
73
74 return KM_ERROR_OK;
75}
76
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]77keymaster_error_t AsymmetricKey::formatted_key_material(keymaster_key_format_t format,
78 UniquePtr<uint8_t[]>* material,
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]79 size_t* size) const {
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]80 if (format != KM_KEY_FORMAT_X509)
81 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
82
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]83 if (material == NULL || size == NULL)
84 return KM_ERROR_OUTPUT_PARAMETER_NULL;
85
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame]86 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
87 if (!InternalToEvp(pkey.get()))
88 return KM_ERROR_UNKNOWN_ERROR;
89
90 int key_data_length = i2d_PUBKEY(pkey.get(), NULL);
91 if (key_data_length <= 0)
92 return KM_ERROR_UNKNOWN_ERROR;
93
94 material->reset(new uint8_t[key_data_length]);
95 if (material->get() == NULL)
96 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
97
98 uint8_t* tmp = material->get();
99 if (i2d_PUBKEY(pkey.get(), &tmp) != key_data_length) {
100 material->reset();
101 return KM_ERROR_UNKNOWN_ERROR;
102 }
103
104 *size = key_data_length;
105 return KM_ERROR_OK;
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]106}
107
108Operation* AsymmetricKey::CreateOperation(keymaster_purpose_t purpose, keymaster_error_t* error) {
109 keymaster_digest_t digest;
110 if (!authorizations().GetTagValue(TAG_DIGEST, &digest) || digest != KM_DIGEST_NONE) {
111 *error = KM_ERROR_UNSUPPORTED_DIGEST;
112 return NULL;
113 }
114
115 keymaster_padding_t padding;
116 if (!authorizations().GetTagValue(TAG_PADDING, &padding) || padding != KM_PAD_NONE) {
117 *error = KM_ERROR_UNSUPPORTED_PADDING_MODE;
118 return NULL;
119 }
120
121 return CreateOperation(purpose, digest, padding, error);
122}
123
124/* static */
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]125RsaKey* RsaKey::GenerateKey(const AuthorizationSet& key_description, const Logger& logger,
126 keymaster_error_t* error) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]127 if (!error)
128 return NULL;
129
130 AuthorizationSet authorizations(key_description);
131
132 uint64_t public_exponent = RSA_DEFAULT_EXPONENT;
133 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent))
134 authorizations.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, public_exponent));
135
136 uint32_t key_size = RSA_DEFAULT_KEY_SIZE;
137 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
138 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
139
140 UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
141 UniquePtr<RSA, RSA_Delete> rsa_key(RSA_new());
142 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
143 if (rsa_key.get() == NULL || pkey.get() == NULL) {
144 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
145 return NULL;
146 }
147
148 if (!BN_set_word(exponent.get(), public_exponent) ||
149 !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */)) {
150 *error = KM_ERROR_UNKNOWN_ERROR;
151 return NULL;
152 }
153
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]154 RsaKey* new_key = new RsaKey(rsa_key.release(), authorizations, logger);
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]155 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
156 return new_key;
157}
158
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]159/* static */
160RsaKey* RsaKey::ImportKey(const AuthorizationSet& key_description, EVP_PKEY* pkey,
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]161 const Logger& logger, keymaster_error_t* error) {
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]162 if (!error)
163 return NULL;
164 *error = KM_ERROR_UNKNOWN_ERROR;
165
166 UniquePtr<RSA, RSA_Delete> rsa_key(EVP_PKEY_get1_RSA(pkey));
167 if (!rsa_key.get())
168 return NULL;
169
170 AuthorizationSet authorizations(key_description);
171
172 uint64_t public_exponent;
173 if (authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
174 // public_exponent specified, make sure it matches the key
175 UniquePtr<BIGNUM, BIGNUM_Delete> public_exponent_bn(BN_new());
176 if (!BN_set_word(public_exponent_bn.get(), public_exponent))
177 return NULL;
178 if (BN_cmp(public_exponent_bn.get(), rsa_key->e) != 0) {
179 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
180 return NULL;
181 }
182 } else {
183 // public_exponent not specified, use the one from the key.
184 public_exponent = BN_get_word(rsa_key->e);
185 if (public_exponent == 0xffffffffL) {
186 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
187 return NULL;
188 }
189 authorizations.push_back(TAG_RSA_PUBLIC_EXPONENT, public_exponent);
190 }
191
192 uint32_t key_size;
193 if (authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
194 // key_size specified, make sure it matches the key.
195 if (RSA_size(rsa_key.get()) != (int)key_size) {
196 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
197 return NULL;
198 }
199 } else {
200 key_size = RSA_size(rsa_key.get()) * 8;
201 authorizations.push_back(TAG_KEY_SIZE, key_size);
202 }
203
204 keymaster_algorithm_t algorithm;
205 if (authorizations.GetTagValue(TAG_ALGORITHM, &algorithm)) {
206 if (algorithm != KM_ALGORITHM_RSA) {
207 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
208 return NULL;
209 }
210 } else {
211 authorizations.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
212 }
213
214 // Don't bother with the other parameters. If the necessary padding, digest, purpose, etc. are
215 // missing, the error will be diagnosed when the key is used (when auth checking is
216 // implemented).
217 *error = KM_ERROR_OK;
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]218 return new RsaKey(rsa_key.release(), authorizations, logger);
Shawn Willden437fbd12014-08-20 11:59:49 -0600[diff] [blame]219}
220
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]221RsaKey::RsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
222 : AsymmetricKey(blob, logger) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]223 if (error)
224 *error = LoadKey(blob);
225}
226
227Operation* RsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
228 keymaster_padding_t padding, keymaster_error_t* error) {
229 Operation* op;
230 switch (purpose) {
231 case KM_PURPOSE_SIGN:
232 op = new RsaSignOperation(purpose, digest, padding, rsa_key_.release());
233 break;
234 case KM_PURPOSE_VERIFY:
235 op = new RsaVerifyOperation(purpose, digest, padding, rsa_key_.release());
236 break;
237 default:
238 *error = KM_ERROR_UNIMPLEMENTED;
239 return NULL;
240 }
241 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
242 return op;
243}
244
245bool RsaKey::EvpToInternal(const EVP_PKEY* pkey) {
246 rsa_key_.reset(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey)));
247 return rsa_key_.get() != NULL;
248}
249
250bool RsaKey::InternalToEvp(EVP_PKEY* pkey) const {
251 return EVP_PKEY_set1_RSA(pkey, rsa_key_.get()) == 1;
252}
253
254template <keymaster_tag_t Tag>
255static void GetDsaParamData(const AuthorizationSet& auths, TypedTag<KM_BIGNUM, Tag> tag,
256 keymaster_blob_t* blob) {
257 if (!auths.GetTagValue(tag, blob))
258 blob->data = NULL;
259}
260
261// Store the specified DSA param in auths
262template <keymaster_tag_t Tag>
263static void SetDsaParamData(AuthorizationSet* auths, TypedTag<KM_BIGNUM, Tag> tag, BIGNUM* number) {
264 keymaster_blob_t blob;
265 convert_bn_to_blob(number, &blob);
266 auths->push_back(Authorization(tag, blob));
267 delete[] blob.data;
268}
269
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]270DsaKey* DsaKey::GenerateKey(const AuthorizationSet& key_description, const Logger& logger,
271 keymaster_error_t* error) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]272 if (!error)
273 return NULL;
274
275 AuthorizationSet authorizations(key_description);
276
277 keymaster_blob_t g_blob;
278 GetDsaParamData(authorizations, TAG_DSA_GENERATOR, &g_blob);
279
280 keymaster_blob_t p_blob;
281 GetDsaParamData(authorizations, TAG_DSA_P, &p_blob);
282
283 keymaster_blob_t q_blob;
284 GetDsaParamData(authorizations, TAG_DSA_Q, &q_blob);
285
286 uint32_t key_size = DSA_DEFAULT_KEY_SIZE;
287 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
288 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
289
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]290 UniquePtr<DSA, DSA_Delete> dsa_key(DSA_new());
291 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
292 if (dsa_key.get() == NULL || pkey.get() == NULL) {
293 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
294 return NULL;
295 }
296
297 // If anything goes wrong in the next section, it's a param problem.
298 *error = KM_ERROR_INVALID_DSA_PARAMS;
299
300 if (g_blob.data == NULL && p_blob.data == NULL && q_blob.data == NULL) {
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]301 logger.log("DSA parameters unspecified, generating them for key size %d\n", key_size);
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]302 if (!DSA_generate_parameters_ex(dsa_key.get(), key_size, NULL /* seed */, 0 /* seed_len */,
303 NULL /* counter_ret */, NULL /* h_ret */,
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]304 NULL /* callback */)) {
305 logger.log("DSA parameter generation failed.\n");
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]306 return NULL;
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]307 }
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]308
309 SetDsaParamData(&authorizations, TAG_DSA_GENERATOR, dsa_key->g);
310 SetDsaParamData(&authorizations, TAG_DSA_P, dsa_key->p);
311 SetDsaParamData(&authorizations, TAG_DSA_Q, dsa_key->q);
312 } else if (g_blob.data == NULL || p_blob.data == NULL || q_blob.data == NULL) {
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]313 logger.log("Some DSA parameters provided. Provide all or none\n");
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]314 return NULL;
315 } else {
316 // All params provided. Use them.
317 dsa_key->g = BN_bin2bn(g_blob.data, g_blob.data_length, NULL);
318 dsa_key->p = BN_bin2bn(p_blob.data, p_blob.data_length, NULL);
319 dsa_key->q = BN_bin2bn(q_blob.data, q_blob.data_length, NULL);
320
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]321 if (dsa_key->g == NULL || dsa_key->p == NULL || dsa_key->q == NULL) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]322 return NULL;
Shawn Willden407d4122014-08-25 16:49:13 -0600[diff] [blame]323 }
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]324 }
325
326 if (!DSA_generate_key(dsa_key.get())) {
327 *error = KM_ERROR_UNKNOWN_ERROR;
328 return NULL;
329 }
330
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]331 DsaKey* new_key = new DsaKey(dsa_key.release(), authorizations, logger);
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]332 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
333 return new_key;
334}
335
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]336DsaKey::DsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
337 : AsymmetricKey(blob, logger) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]338 if (error)
339 *error = LoadKey(blob);
340}
341
342Operation* DsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
343 keymaster_padding_t padding, keymaster_error_t* error) {
344 Operation* op;
345 switch (purpose) {
346 case KM_PURPOSE_SIGN:
347 op = new DsaSignOperation(purpose, digest, padding, dsa_key_.release());
348 break;
349 case KM_PURPOSE_VERIFY:
350 op = new DsaVerifyOperation(purpose, digest, padding, dsa_key_.release());
351 break;
352 default:
353 *error = KM_ERROR_UNIMPLEMENTED;
354 return NULL;
355 }
356 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
357 return op;
358}
359
360bool DsaKey::EvpToInternal(const EVP_PKEY* pkey) {
361 dsa_key_.reset(EVP_PKEY_get1_DSA(const_cast<EVP_PKEY*>(pkey)));
362 return dsa_key_.get() != NULL;
363}
364
365bool DsaKey::InternalToEvp(EVP_PKEY* pkey) const {
366 return EVP_PKEY_set1_DSA(pkey, dsa_key_.get()) == 1;
367}
368
369/* static */
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]370EcdsaKey* EcdsaKey::GenerateKey(const AuthorizationSet& key_description, const Logger& logger,
371 keymaster_error_t* error) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]372 if (!error)
373 return NULL;
374
375 AuthorizationSet authorizations(key_description);
376
377 uint32_t key_size = ECDSA_DEFAULT_KEY_SIZE;
378 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
379 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
380
381 UniquePtr<EC_KEY, ECDSA_Delete> ecdsa_key(EC_KEY_new());
382 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
383 if (ecdsa_key.get() == NULL || pkey.get() == NULL) {
384 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
385 return NULL;
386 }
387
388 UniquePtr<EC_GROUP, EC_GROUP_Delete> group(choose_group(key_size));
389 if (group.get() == NULL) {
390 // Technically, could also have been a memory allocation problem.
391 *error = KM_ERROR_UNSUPPORTED_KEY_SIZE;
392 return NULL;
393 }
394
395 EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
396 EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
397
398 if (EC_KEY_set_group(ecdsa_key.get(), group.get()) != 1 ||
399 EC_KEY_generate_key(ecdsa_key.get()) != 1 || EC_KEY_check_key(ecdsa_key.get()) < 0) {
400 *error = KM_ERROR_UNKNOWN_ERROR;
401 return NULL;
402 }
403
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]404 EcdsaKey* new_key = new EcdsaKey(ecdsa_key.release(), authorizations, logger);
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]405 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
406 return new_key;
407}
408
409/* static */
410EC_GROUP* EcdsaKey::choose_group(size_t key_size_bits) {
411 switch (key_size_bits) {
412 case 192:
413 return EC_GROUP_new_by_curve_name(NID_X9_62_prime192v1);
414 break;
415 case 224:
416 return EC_GROUP_new_by_curve_name(NID_secp224r1);
417 break;
418 case 256:
419 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
420 break;
421 case 384:
422 return EC_GROUP_new_by_curve_name(NID_secp384r1);
423 break;
424 case 521:
425 return EC_GROUP_new_by_curve_name(NID_secp521r1);
426 break;
427 default:
428 return NULL;
429 break;
430 }
431}
432
Shawn Willden2f3be362014-08-25 11:31:39 -0600[diff] [blame]433EcdsaKey::EcdsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
434 : AsymmetricKey(blob, logger) {
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]435 if (error)
436 *error = LoadKey(blob);
437}
438
439Operation* EcdsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
440 keymaster_padding_t padding, keymaster_error_t* error) {
441 Operation* op;
442 switch (purpose) {
443 case KM_PURPOSE_SIGN:
444 op = new EcdsaSignOperation(purpose, digest, padding, ecdsa_key_.release());
445 break;
446 case KM_PURPOSE_VERIFY:
447 op = new EcdsaVerifyOperation(purpose, digest, padding, ecdsa_key_.release());
448 break;
449 default:
450 *error = KM_ERROR_UNIMPLEMENTED;
451 return NULL;
452 }
453 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
454 return op;
455}
456
457bool EcdsaKey::EvpToInternal(const EVP_PKEY* pkey) {
458 ecdsa_key_.reset(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pkey)));
459 return ecdsa_key_.get() != NULL;
460}
461
462bool EcdsaKey::InternalToEvp(EVP_PKEY* pkey) const {
463 return EVP_PKEY_set1_EC_KEY(pkey, ecdsa_key_.get()) == 1;
464}
465
466} // namespace keymaster