| Index: components/webcrypto/openssl/rsa_sign_openssl.cc
|
| diff --git a/components/webcrypto/openssl/rsa_sign_openssl.cc b/components/webcrypto/openssl/rsa_sign_openssl.cc
|
| deleted file mode 100644
|
| index 41d14e87d2364613171da21eae3807968a1e7bfe..0000000000000000000000000000000000000000
|
| --- a/components/webcrypto/openssl/rsa_sign_openssl.cc
|
| +++ /dev/null
|
| @@ -1,146 +0,0 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "base/numerics/safe_math.h"
|
| -#include "base/stl_util.h"
|
| -#include "components/webcrypto/crypto_data.h"
|
| -#include "components/webcrypto/openssl/key_openssl.h"
|
| -#include "components/webcrypto/openssl/rsa_sign_openssl.h"
|
| -#include "components/webcrypto/openssl/util_openssl.h"
|
| -#include "components/webcrypto/status.h"
|
| -#include "crypto/openssl_util.h"
|
| -#include "crypto/scoped_openssl_types.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
|
| -
|
| -namespace webcrypto {
|
| -
|
| -namespace {
|
| -
|
| -// Extracts the OpenSSL key and digest from a WebCrypto key. The returned
|
| -// pointers will remain valid as long as |key| is alive.
|
| -Status GetPKeyAndDigest(const blink::WebCryptoKey& key,
|
| - EVP_PKEY** pkey,
|
| - const EVP_MD** digest) {
|
| - *pkey = AsymKeyOpenSsl::Cast(key)->key();
|
| -
|
| - *digest = GetDigest(key.algorithm().rsaHashedParams()->hash().id());
|
| - if (!*digest)
|
| - return Status::ErrorUnsupported();
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -// Sets the PSS parameters on |pctx| if the key is for RSA-PSS.
|
| -//
|
| -// Otherwise returns Success without doing anything.
|
| -Status ApplyRsaPssOptions(const blink::WebCryptoKey& key,
|
| - const EVP_MD* const mgf_digest,
|
| - unsigned int salt_length_bytes,
|
| - EVP_PKEY_CTX* pctx) {
|
| - // Only apply RSA-PSS options if the key is for RSA-PSS.
|
| - if (key.algorithm().id() != blink::WebCryptoAlgorithmIdRsaPss) {
|
| - DCHECK_EQ(0u, salt_length_bytes);
|
| - DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, key.algorithm().id());
|
| - return Status::Success();
|
| - }
|
| -
|
| - // BoringSSL takes a signed int for the salt length, and interprets
|
| - // negative values in a special manner. Make sure not to silently underflow.
|
| - base::CheckedNumeric<int> salt_length_bytes_int(salt_length_bytes);
|
| - if (!salt_length_bytes_int.IsValid()) {
|
| - // TODO(eroman): Give a better error message.
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - if (1 != EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
|
| - 1 != EVP_PKEY_CTX_set_rsa_mgf1_md(pctx, mgf_digest) ||
|
| - 1 != EVP_PKEY_CTX_set_rsa_pss_saltlen(
|
| - pctx, salt_length_bytes_int.ValueOrDie())) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| -Status RsaSign(const blink::WebCryptoKey& key,
|
| - unsigned int pss_salt_length_bytes,
|
| - const CryptoData& data,
|
| - std::vector<uint8_t>* buffer) {
|
| - if (key.type() != blink::WebCryptoKeyTypePrivate)
|
| - return Status::ErrorUnexpectedKeyType();
|
| -
|
| - crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| - crypto::ScopedEVP_MD_CTX ctx(EVP_MD_CTX_create());
|
| - EVP_PKEY_CTX* pctx = NULL; // Owned by |ctx|.
|
| -
|
| - EVP_PKEY* private_key = NULL;
|
| - const EVP_MD* digest = NULL;
|
| - Status status = GetPKeyAndDigest(key, &private_key, &digest);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // NOTE: A call to EVP_DigestSignFinal() with a NULL second parameter
|
| - // returns a maximum allocation size, while the call without a NULL returns
|
| - // the real one, which may be smaller.
|
| - size_t sig_len = 0;
|
| - if (!ctx.get() ||
|
| - !EVP_DigestSignInit(ctx.get(), &pctx, digest, NULL, private_key)) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - // Set PSS-specific options (if applicable).
|
| - status = ApplyRsaPssOptions(key, digest, pss_salt_length_bytes, pctx);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - if (!EVP_DigestSignUpdate(ctx.get(), data.bytes(), data.byte_length()) ||
|
| - !EVP_DigestSignFinal(ctx.get(), NULL, &sig_len)) {
|
| - return Status::OperationError();
|
| - }
|
| -
|
| - buffer->resize(sig_len);
|
| - if (!EVP_DigestSignFinal(ctx.get(), vector_as_array(buffer), &sig_len))
|
| - return Status::OperationError();
|
| -
|
| - buffer->resize(sig_len);
|
| - return Status::Success();
|
| -}
|
| -
|
| -Status RsaVerify(const blink::WebCryptoKey& key,
|
| - unsigned int pss_salt_length_bytes,
|
| - const CryptoData& signature,
|
| - const CryptoData& data,
|
| - bool* signature_match) {
|
| - if (key.type() != blink::WebCryptoKeyTypePublic)
|
| - return Status::ErrorUnexpectedKeyType();
|
| -
|
| - crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
|
| - crypto::ScopedEVP_MD_CTX ctx(EVP_MD_CTX_create());
|
| - EVP_PKEY_CTX* pctx = NULL; // Owned by |ctx|.
|
| -
|
| - EVP_PKEY* public_key = NULL;
|
| - const EVP_MD* digest = NULL;
|
| - Status status = GetPKeyAndDigest(key, &public_key, &digest);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - if (!EVP_DigestVerifyInit(ctx.get(), &pctx, digest, NULL, public_key))
|
| - return Status::OperationError();
|
| -
|
| - // Set PSS-specific options (if applicable).
|
| - status = ApplyRsaPssOptions(key, digest, pss_salt_length_bytes, pctx);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - if (!EVP_DigestVerifyUpdate(ctx.get(), data.bytes(), data.byte_length()))
|
| - return Status::OperationError();
|
| -
|
| - *signature_match = 1 == EVP_DigestVerifyFinal(ctx.get(), signature.bytes(),
|
| - signature.byte_length());
|
| - return Status::Success();
|
| -}
|
| -
|
| -} // namespace webcrypto
|
|
|
Chromium Code Reviews
Issue 1304063015:
[refactor] Rename the webcrypto/openssl and webcrypto/test directories. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@jwk_refactor