| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <openssl/ec.h> | |
| 6 #include <openssl/ecdh.h> | |
| 7 #include <openssl/evp.h> | |
| 8 | |
| 9 #include "base/logging.h" | |
| 10 #include "base/stl_util.h" | |
| 11 #include "components/webcrypto/algorithm_implementation.h" | |
| 12 #include "components/webcrypto/crypto_data.h" | |
| 13 #include "components/webcrypto/generate_key_result.h" | |
| 14 #include "components/webcrypto/openssl/ec_algorithm_openssl.h" | |
| 15 #include "components/webcrypto/openssl/key_openssl.h" | |
| 16 #include "components/webcrypto/openssl/util_openssl.h" | |
| 17 #include "components/webcrypto/status.h" | |
| 18 #include "components/webcrypto/webcrypto_util.h" | |
| 19 #include "crypto/openssl_util.h" | |
| 20 #include "crypto/scoped_openssl_types.h" | |
| 21 #include "crypto/secure_util.h" | |
| 22 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
| 23 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | |
| 24 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | |
| 25 | |
| 26 namespace webcrypto { | |
| 27 | |
| 28 namespace { | |
| 29 | |
| 30 // TODO(eroman): Support the "raw" format for ECDH key import + export, as | |
| 31 // specified by WebCrypto spec. | |
| 32 | |
| 33 // TODO(eroman): Allow id-ecDH in SPKI and PKCS#8 import | |
| 34 // (http://crbug.com/389400) | |
| 35 | |
| 36 class EcdhImplementation : public EcAlgorithm { | |
| 37 public: | |
| 38 EcdhImplementation() | |
| 39 : EcAlgorithm(0, | |
| 40 blink::WebCryptoKeyUsageDeriveKey | | |
| 41 blink::WebCryptoKeyUsageDeriveBits) {} | |
| 42 | |
| 43 const char* GetJwkAlgorithm( | |
| 44 const blink::WebCryptoNamedCurve curve) const override { | |
| 45 // JWK import for ECDH does not enforce any required value for "alg". | |
| 46 return ""; | |
| 47 } | |
| 48 | |
| 49 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm, | |
| 50 const blink::WebCryptoKey& base_key, | |
| 51 bool has_optional_length_bits, | |
| 52 unsigned int optional_length_bits, | |
| 53 std::vector<uint8_t>* derived_bytes) const override { | |
| 54 if (base_key.type() != blink::WebCryptoKeyTypePrivate) | |
| 55 return Status::ErrorUnexpectedKeyType(); | |
| 56 | |
| 57 // Verify the "publicKey" parameter. The only guarantee from Blink is that | |
| 58 // it is a valid WebCryptoKey, but it could be any type. | |
| 59 const blink::WebCryptoKey& public_key = | |
| 60 algorithm.ecdhKeyDeriveParams()->publicKey(); | |
| 61 | |
| 62 if (public_key.type() != blink::WebCryptoKeyTypePublic) | |
| 63 return Status::ErrorEcdhPublicKeyWrongType(); | |
| 64 | |
| 65 // Make sure it is an EC key. | |
| 66 if (!public_key.algorithm().ecParams()) | |
| 67 return Status::ErrorEcdhPublicKeyWrongType(); | |
| 68 | |
| 69 // TODO(eroman): This is not described by the spec: | |
| 70 // https://www.w3.org/Bugs/Public/show_bug.cgi?id=27404 | |
| 71 if (public_key.algorithm().id() != blink::WebCryptoAlgorithmIdEcdh) | |
| 72 return Status::ErrorEcdhPublicKeyWrongAlgorithm(); | |
| 73 | |
| 74 // The public and private keys come from different key pairs, however their | |
| 75 // curves must match. | |
| 76 if (public_key.algorithm().ecParams()->namedCurve() != | |
| 77 base_key.algorithm().ecParams()->namedCurve()) { | |
| 78 return Status::ErrorEcdhCurveMismatch(); | |
| 79 } | |
| 80 | |
| 81 crypto::ScopedEC_KEY public_key_ec( | |
| 82 EVP_PKEY_get1_EC_KEY(AsymKeyOpenSsl::Cast(public_key)->key())); | |
| 83 | |
| 84 const EC_POINT* public_key_point = | |
| 85 EC_KEY_get0_public_key(public_key_ec.get()); | |
| 86 | |
| 87 crypto::ScopedEC_KEY private_key_ec( | |
| 88 EVP_PKEY_get1_EC_KEY(AsymKeyOpenSsl::Cast(base_key)->key())); | |
| 89 | |
| 90 // The size of the shared secret is the field size in bytes (rounded up). | |
| 91 // Note that, if rounding was required, the most significant bits of the | |
| 92 // secret are zero. So for P-521, the maximum length is 528 bits, not 521. | |
| 93 int field_size_bytes = NumBitsToBytes( | |
| 94 EC_GROUP_get_degree(EC_KEY_get0_group(private_key_ec.get()))); | |
| 95 | |
| 96 // If a desired key length was not specified, default to the field size | |
| 97 // (rounded up to nearest byte). | |
| 98 unsigned int length_bits = | |
| 99 has_optional_length_bits ? optional_length_bits : field_size_bytes * 8; | |
| 100 | |
| 101 // Short-circuit when deriving an empty key. | |
| 102 // TODO(eroman): ECDH_compute_key() is not happy when given a NULL output. | |
| 103 // http://crbug.com/464194. | |
| 104 if (length_bits == 0) { | |
| 105 derived_bytes->clear(); | |
| 106 return Status::Success(); | |
| 107 } | |
| 108 | |
| 109 if (length_bits > static_cast<unsigned int>(field_size_bytes * 8)) | |
| 110 return Status::ErrorEcdhLengthTooBig(field_size_bytes * 8); | |
| 111 | |
| 112 // Resize to target length in bytes (BoringSSL can operate on a shorter | |
| 113 // buffer than field_size_bytes). | |
| 114 derived_bytes->resize(NumBitsToBytes(length_bits)); | |
| 115 | |
| 116 int result = | |
| 117 ECDH_compute_key(vector_as_array(derived_bytes), derived_bytes->size(), | |
| 118 public_key_point, private_key_ec.get(), 0); | |
| 119 if (result < 0 || static_cast<size_t>(result) != derived_bytes->size()) | |
| 120 return Status::OperationError(); | |
| 121 | |
| 122 TruncateToBitLength(length_bits, derived_bytes); | |
| 123 return Status::Success(); | |
| 124 } | |
| 125 }; | |
| 126 | |
| 127 } // namespace | |
| 128 | |
| 129 AlgorithmImplementation* CreatePlatformEcdhImplementation() { | |
| 130 return new EcdhImplementation; | |
| 131 } | |
| 132 | |
| 133 } // namespace webcrypto | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1304063015:
[refactor] Rename the webcrypto/openssl and webcrypto/test directories. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@jwk_refactor