OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <sechash.h> | 9 #include <sechash.h> |
10 | 10 |
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
190 // Not a supported algorithm. | 190 // Not a supported algorithm. |
191 return CKM_INVALID_MECHANISM; | 191 return CKM_INVALID_MECHANISM; |
192 } | 192 } |
193 } | 193 } |
194 | 194 |
195 Status AesCbcEncryptDecrypt( | 195 Status AesCbcEncryptDecrypt( |
196 CK_ATTRIBUTE_TYPE operation, | 196 CK_ATTRIBUTE_TYPE operation, |
197 const blink::WebCryptoAlgorithm& algorithm, | 197 const blink::WebCryptoAlgorithm& algorithm, |
198 const blink::WebCryptoKey& key, | 198 const blink::WebCryptoKey& key, |
199 const unsigned char* data, | 199 const unsigned char* data, |
200 unsigned data_size, | 200 unsigned int data_size, |
201 blink::WebArrayBuffer* buffer) { | 201 blink::WebArrayBuffer* buffer) { |
202 DCHECK_EQ(blink::WebCryptoAlgorithmIdAesCbc, algorithm.id()); | 202 DCHECK_EQ(blink::WebCryptoAlgorithmIdAesCbc, algorithm.id()); |
203 DCHECK_EQ(algorithm.id(), key.algorithm().id()); | 203 DCHECK_EQ(algorithm.id(), key.algorithm().id()); |
204 DCHECK_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 204 DCHECK_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
205 DCHECK(operation == CKA_ENCRYPT || operation == CKA_DECRYPT); | 205 DCHECK(operation == CKA_ENCRYPT || operation == CKA_DECRYPT); |
206 | 206 |
207 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); | 207 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); |
208 | 208 |
209 const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams(); | 209 const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams(); |
210 if (params->iv().size() != AES_BLOCK_SIZE) | 210 if (params->iv().size() != AES_BLOCK_SIZE) |
211 return Status::ErrorIncorrectSizeAesCbcIv(); | 211 return Status::ErrorIncorrectSizeAesCbcIv(); |
212 | 212 |
213 SECItem iv_item; | 213 SECItem iv_item; |
214 iv_item.type = siBuffer; | 214 iv_item.type = siBuffer; |
215 iv_item.data = const_cast<unsigned char*>(params->iv().data()); | 215 iv_item.data = const_cast<unsigned char*>(params->iv().data()); |
216 iv_item.len = params->iv().size(); | 216 iv_item.len = params->iv().size(); |
217 | 217 |
218 crypto::ScopedSECItem param(PK11_ParamFromIV(CKM_AES_CBC_PAD, &iv_item)); | 218 crypto::ScopedSECItem param(PK11_ParamFromIV(CKM_AES_CBC_PAD, &iv_item)); |
219 if (!param) | 219 if (!param) |
220 return Status::Error(); | 220 return Status::Error(); |
221 | 221 |
222 crypto::ScopedPK11Context context(PK11_CreateContextBySymKey( | 222 crypto::ScopedPK11Context context(PK11_CreateContextBySymKey( |
223 CKM_AES_CBC_PAD, operation, sym_key->key(), param.get())); | 223 CKM_AES_CBC_PAD, operation, sym_key->key(), param.get())); |
224 | 224 |
225 if (!context.get()) | 225 if (!context.get()) |
226 return Status::Error(); | 226 return Status::Error(); |
227 | 227 |
228 // Oddly PK11_CipherOp takes input and output lengths as "int" rather than | 228 // Oddly PK11_CipherOp takes input and output lengths as "int" rather than |
229 // "unsigned". Do some checks now to avoid integer overflowing. | 229 // "unsigned int". Do some checks now to avoid integer overflowing. |
230 if (data_size >= INT_MAX - AES_BLOCK_SIZE) { | 230 if (data_size >= INT_MAX - AES_BLOCK_SIZE) { |
231 // TODO(eroman): Handle this by chunking the input fed into NSS. Right now | 231 // TODO(eroman): Handle this by chunking the input fed into NSS. Right now |
232 // it doesn't make much difference since the one-shot API would end up | 232 // it doesn't make much difference since the one-shot API would end up |
233 // blowing out the memory and crashing anyway. | 233 // blowing out the memory and crashing anyway. |
234 return Status::ErrorDataTooLarge(); | 234 return Status::ErrorDataTooLarge(); |
235 } | 235 } |
236 | 236 |
237 // PK11_CipherOp does an invalid memory access when given empty decryption | 237 // PK11_CipherOp does an invalid memory access when given empty decryption |
238 // input, or input which is not a multiple of the block size. See also | 238 // input, or input which is not a multiple of the block size. See also |
239 // https://bugzilla.mozilla.com/show_bug.cgi?id=921687. | 239 // https://bugzilla.mozilla.com/show_bug.cgi?id=921687. |
240 if (operation == CKA_DECRYPT && | 240 if (operation == CKA_DECRYPT && |
241 (data_size == 0 || (data_size % AES_BLOCK_SIZE != 0))) { | 241 (data_size == 0 || (data_size % AES_BLOCK_SIZE != 0))) { |
242 return Status::Error(); | 242 return Status::Error(); |
243 } | 243 } |
244 | 244 |
245 // TODO(eroman): Refine the output buffer size. It can be computed exactly for | 245 // TODO(eroman): Refine the output buffer size. It can be computed exactly for |
246 // encryption, and can be smaller for decryption. | 246 // encryption, and can be smaller for decryption. |
247 unsigned output_max_len = data_size + AES_BLOCK_SIZE; | 247 unsigned int output_max_len = data_size + AES_BLOCK_SIZE; |
248 CHECK_GT(output_max_len, data_size); | 248 CHECK_GT(output_max_len, data_size); |
249 | 249 |
250 *buffer = blink::WebArrayBuffer::create(output_max_len, 1); | 250 *buffer = blink::WebArrayBuffer::create(output_max_len, 1); |
251 | 251 |
252 unsigned char* buffer_data = reinterpret_cast<unsigned char*>(buffer->data()); | 252 unsigned char* buffer_data = reinterpret_cast<unsigned char*>(buffer->data()); |
253 | 253 |
254 int output_len; | 254 int output_len; |
255 if (SECSuccess != PK11_CipherOp(context.get(), | 255 if (SECSuccess != PK11_CipherOp(context.get(), |
256 buffer_data, | 256 buffer_data, |
257 &output_len, | 257 &output_len, |
(...skipping 16 matching lines...) Expand all Loading... |
274 } | 274 } |
275 | 275 |
276 // Helper to either encrypt or decrypt for AES-GCM. The result of encryption is | 276 // Helper to either encrypt or decrypt for AES-GCM. The result of encryption is |
277 // the concatenation of the ciphertext and the authentication tag. Similarly, | 277 // the concatenation of the ciphertext and the authentication tag. Similarly, |
278 // this is the expectation for the input to decryption. | 278 // this is the expectation for the input to decryption. |
279 Status AesGcmEncryptDecrypt( | 279 Status AesGcmEncryptDecrypt( |
280 bool encrypt, | 280 bool encrypt, |
281 const blink::WebCryptoAlgorithm& algorithm, | 281 const blink::WebCryptoAlgorithm& algorithm, |
282 const blink::WebCryptoKey& key, | 282 const blink::WebCryptoKey& key, |
283 const unsigned char* data, | 283 const unsigned char* data, |
284 unsigned data_size, | 284 unsigned int data_size, |
285 blink::WebArrayBuffer* buffer) { | 285 blink::WebArrayBuffer* buffer) { |
286 DCHECK_EQ(blink::WebCryptoAlgorithmIdAesGcm, algorithm.id()); | 286 DCHECK_EQ(blink::WebCryptoAlgorithmIdAesGcm, algorithm.id()); |
287 DCHECK_EQ(algorithm.id(), key.algorithm().id()); | 287 DCHECK_EQ(algorithm.id(), key.algorithm().id()); |
288 DCHECK_EQ(blink::WebCryptoKeyTypeSecret, key.type()); | 288 DCHECK_EQ(blink::WebCryptoKeyTypeSecret, key.type()); |
289 | 289 |
290 if (!g_aes_gcm_support.Get().IsSupported()) | 290 if (!g_aes_gcm_support.Get().IsSupported()) |
291 return Status::ErrorUnsupported(); | 291 return Status::ErrorUnsupported(); |
292 | 292 |
293 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); | 293 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); |
294 | 294 |
295 const blink::WebCryptoAesGcmParams* params = algorithm.aesGcmParams(); | 295 const blink::WebCryptoAesGcmParams* params = algorithm.aesGcmParams(); |
296 if (!params) | 296 if (!params) |
297 return Status::ErrorUnexpected(); | 297 return Status::ErrorUnexpected(); |
298 | 298 |
299 // TODO(eroman): The spec doesn't define the default value. Assume 128 for now | 299 // TODO(eroman): The spec doesn't define the default value. Assume 128 for now |
300 // since that is the maximum tag length: | 300 // since that is the maximum tag length: |
301 // http://www.w3.org/2012/webcrypto/track/issues/46 | 301 // http://www.w3.org/2012/webcrypto/track/issues/46 |
302 unsigned tag_length_bits = 128; | 302 unsigned int tag_length_bits = 128; |
303 if (params->hasTagLengthBits()) | 303 if (params->hasTagLengthBits()) |
304 tag_length_bits = params->optionalTagLengthBits(); | 304 tag_length_bits = params->optionalTagLengthBits(); |
305 | 305 |
306 if (tag_length_bits > 128 || (tag_length_bits % 8) != 0) | 306 if (tag_length_bits > 128 || (tag_length_bits % 8) != 0) |
307 return Status::ErrorInvalidAesGcmTagLength(); | 307 return Status::ErrorInvalidAesGcmTagLength(); |
308 | 308 |
309 unsigned tag_length_bytes = tag_length_bits / 8; | 309 unsigned int tag_length_bytes = tag_length_bits / 8; |
310 | 310 |
311 CK_GCM_PARAMS gcm_params = {0}; | 311 CK_GCM_PARAMS gcm_params = {0}; |
312 gcm_params.pIv = | 312 gcm_params.pIv = |
313 const_cast<unsigned char*>(algorithm.aesGcmParams()->iv().data()); | 313 const_cast<unsigned char*>(algorithm.aesGcmParams()->iv().data()); |
314 gcm_params.ulIvLen = algorithm.aesGcmParams()->iv().size(); | 314 gcm_params.ulIvLen = algorithm.aesGcmParams()->iv().size(); |
315 | 315 |
316 gcm_params.pAAD = | 316 gcm_params.pAAD = |
317 const_cast<unsigned char*>(params->optionalAdditionalData().data()); | 317 const_cast<unsigned char*>(params->optionalAdditionalData().data()); |
318 gcm_params.ulAADLen = params->optionalAdditionalData().size(); | 318 gcm_params.ulAADLen = params->optionalAdditionalData().size(); |
319 | 319 |
320 gcm_params.ulTagBits = tag_length_bits; | 320 gcm_params.ulTagBits = tag_length_bits; |
321 | 321 |
322 SECItem param; | 322 SECItem param; |
323 param.type = siBuffer; | 323 param.type = siBuffer; |
324 param.data = reinterpret_cast<unsigned char*>(&gcm_params); | 324 param.data = reinterpret_cast<unsigned char*>(&gcm_params); |
325 param.len = sizeof(gcm_params); | 325 param.len = sizeof(gcm_params); |
326 | 326 |
327 unsigned buffer_size = 0; | 327 unsigned int buffer_size = 0; |
328 | 328 |
329 // Calculate the output buffer size. | 329 // Calculate the output buffer size. |
330 if (encrypt) { | 330 if (encrypt) { |
331 // TODO(eroman): This is ugly, abstract away the safe integer arithmetic. | 331 // TODO(eroman): This is ugly, abstract away the safe integer arithmetic. |
332 if (data_size > (UINT_MAX - tag_length_bytes)) | 332 if (data_size > (UINT_MAX - tag_length_bytes)) |
333 return Status::ErrorDataTooLarge(); | 333 return Status::ErrorDataTooLarge(); |
334 buffer_size = data_size + tag_length_bytes; | 334 buffer_size = data_size + tag_length_bytes; |
335 } else { | 335 } else { |
336 // TODO(eroman): In theory the buffer allocated for the plain text should be | 336 // TODO(eroman): In theory the buffer allocated for the plain text should be |
337 // sized as |data_size - tag_length_bytes|. | 337 // sized as |data_size - tag_length_bytes|. |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
379 case blink::WebCryptoAlgorithmIdHmac: | 379 case blink::WebCryptoAlgorithmIdHmac: |
380 return WebCryptoHashToHMACMechanism(algorithm.hmacKeyParams()->hash()); | 380 return WebCryptoHashToHMACMechanism(algorithm.hmacKeyParams()->hash()); |
381 default: | 381 default: |
382 return CKM_INVALID_MECHANISM; | 382 return CKM_INVALID_MECHANISM; |
383 } | 383 } |
384 } | 384 } |
385 | 385 |
386 // Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros, | 386 // Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros, |
387 // to unsigned long. | 387 // to unsigned long. |
388 bool BigIntegerToLong(const uint8* data, | 388 bool BigIntegerToLong(const uint8* data, |
389 unsigned data_size, | 389 unsigned int data_size, |
390 unsigned long* result) { | 390 unsigned long* result) { |
391 // TODO(padolph): Is it correct to say that empty data is an error, or does it | 391 // TODO(padolph): Is it correct to say that empty data is an error, or does it |
392 // mean value 0? See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23655 | 392 // mean value 0? See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23655 |
393 if (data_size == 0) | 393 if (data_size == 0) |
394 return false; | 394 return false; |
395 | 395 |
396 *result = 0; | 396 *result = 0; |
397 for (size_t i = 0; i < data_size; ++i) { | 397 for (size_t i = 0; i < data_size; ++i) { |
398 size_t reverse_i = data_size - i - 1; | 398 size_t reverse_i = data_size - i - 1; |
399 | 399 |
400 if (reverse_i >= sizeof(unsigned long) && data[i]) | 400 if (reverse_i >= sizeof(unsigned long) && data[i]) |
401 return false; // Too large for a long. | 401 return false; // Too large for a long. |
402 | 402 |
403 *result |= data[i] << 8 * reverse_i; | 403 *result |= data[i] << 8 * reverse_i; |
404 } | 404 } |
405 return true; | 405 return true; |
406 } | 406 } |
407 | 407 |
408 bool IsAlgorithmRsa(const blink::WebCryptoAlgorithm& algorithm) { | 408 bool IsAlgorithmRsa(const blink::WebCryptoAlgorithm& algorithm) { |
409 return algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || | 409 return algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || |
410 algorithm.id() == blink::WebCryptoAlgorithmIdRsaOaep || | 410 algorithm.id() == blink::WebCryptoAlgorithmIdRsaOaep || |
411 algorithm.id() == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5; | 411 algorithm.id() == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5; |
412 } | 412 } |
413 | 413 |
414 Status ImportKeyInternalRaw( | 414 Status ImportKeyInternalRaw( |
415 const unsigned char* key_data, | 415 const unsigned char* key_data, |
416 unsigned key_data_size, | 416 unsigned int key_data_size, |
417 const blink::WebCryptoAlgorithm& algorithm, | 417 const blink::WebCryptoAlgorithm& algorithm, |
418 bool extractable, | 418 bool extractable, |
419 blink::WebCryptoKeyUsageMask usage_mask, | 419 blink::WebCryptoKeyUsageMask usage_mask, |
420 blink::WebCryptoKey* key) { | 420 blink::WebCryptoKey* key) { |
421 | 421 |
422 DCHECK(!algorithm.isNull()); | 422 DCHECK(!algorithm.isNull()); |
423 | 423 |
424 blink::WebCryptoKeyType type; | 424 blink::WebCryptoKeyType type; |
425 switch (algorithm.id()) { | 425 switch (algorithm.id()) { |
426 case blink::WebCryptoAlgorithmIdHmac: | 426 case blink::WebCryptoAlgorithmIdHmac: |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
559 // TODO(padolph): Handle other key types. | 559 // TODO(padolph): Handle other key types. |
560 break; | 560 break; |
561 default: | 561 default: |
562 break; | 562 break; |
563 } | 563 } |
564 return blink::WebCryptoAlgorithm::createNull(); | 564 return blink::WebCryptoAlgorithm::createNull(); |
565 } | 565 } |
566 | 566 |
567 Status ImportKeyInternalSpki( | 567 Status ImportKeyInternalSpki( |
568 const unsigned char* key_data, | 568 const unsigned char* key_data, |
569 unsigned key_data_size, | 569 unsigned int key_data_size, |
570 const blink::WebCryptoAlgorithm& algorithm_or_null, | 570 const blink::WebCryptoAlgorithm& algorithm_or_null, |
571 bool extractable, | 571 bool extractable, |
572 blink::WebCryptoKeyUsageMask usage_mask, | 572 blink::WebCryptoKeyUsageMask usage_mask, |
573 blink::WebCryptoKey* key) { | 573 blink::WebCryptoKey* key) { |
574 | 574 |
575 DCHECK(key); | 575 DCHECK(key); |
576 | 576 |
577 if (!key_data_size) | 577 if (!key_data_size) |
578 return Status::ErrorImportEmptyKeyData(); | 578 return Status::ErrorImportEmptyKeyData(); |
579 DCHECK(key_data); | 579 DCHECK(key_data); |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
630 DCHECK(spki_der->data); | 630 DCHECK(spki_der->data); |
631 DCHECK(spki_der->len); | 631 DCHECK(spki_der->len); |
632 | 632 |
633 *buffer = webcrypto::CreateArrayBuffer(spki_der->data, spki_der->len); | 633 *buffer = webcrypto::CreateArrayBuffer(spki_der->data, spki_der->len); |
634 | 634 |
635 return Status::Success(); | 635 return Status::Success(); |
636 } | 636 } |
637 | 637 |
638 Status ImportKeyInternalPkcs8( | 638 Status ImportKeyInternalPkcs8( |
639 const unsigned char* key_data, | 639 const unsigned char* key_data, |
640 unsigned key_data_size, | 640 unsigned int key_data_size, |
641 const blink::WebCryptoAlgorithm& algorithm_or_null, | 641 const blink::WebCryptoAlgorithm& algorithm_or_null, |
642 bool extractable, | 642 bool extractable, |
643 blink::WebCryptoKeyUsageMask usage_mask, | 643 blink::WebCryptoKeyUsageMask usage_mask, |
644 blink::WebCryptoKey* key) { | 644 blink::WebCryptoKey* key) { |
645 | 645 |
646 DCHECK(key); | 646 DCHECK(key); |
647 | 647 |
648 if (!key_data_size) | 648 if (!key_data_size) |
649 return Status::ErrorImportEmptyKeyData(); | 649 return Status::ErrorImportEmptyKeyData(); |
650 DCHECK(key_data); | 650 DCHECK(key_data); |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
687 } | 687 } |
688 | 688 |
689 // ----------------------------------- | 689 // ----------------------------------- |
690 // Hmac | 690 // Hmac |
691 // ----------------------------------- | 691 // ----------------------------------- |
692 | 692 |
693 Status SignHmac( | 693 Status SignHmac( |
694 const blink::WebCryptoAlgorithm& algorithm, | 694 const blink::WebCryptoAlgorithm& algorithm, |
695 const blink::WebCryptoKey& key, | 695 const blink::WebCryptoKey& key, |
696 const unsigned char* data, | 696 const unsigned char* data, |
697 unsigned data_size, | 697 unsigned int data_size, |
698 blink::WebArrayBuffer* buffer) { | 698 blink::WebArrayBuffer* buffer) { |
699 DCHECK_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 699 DCHECK_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
700 | 700 |
701 const blink::WebCryptoHmacParams* params = algorithm.hmacParams(); | 701 const blink::WebCryptoHmacParams* params = algorithm.hmacParams(); |
702 if (!params) | 702 if (!params) |
703 return Status::ErrorUnexpected(); | 703 return Status::ErrorUnexpected(); |
704 | 704 |
705 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); | 705 SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); |
706 | 706 |
707 DCHECK_EQ(PK11_GetMechanism(sym_key->key()), | 707 DCHECK_EQ(PK11_GetMechanism(sym_key->key()), |
(...skipping 30 matching lines...) Expand all Loading... |
738 } | 738 } |
739 | 739 |
740 DCHECK_EQ(buffer->byteLength(), signature_item.len); | 740 DCHECK_EQ(buffer->byteLength(), signature_item.len); |
741 return Status::Success(); | 741 return Status::Success(); |
742 } | 742 } |
743 | 743 |
744 Status VerifyHmac( | 744 Status VerifyHmac( |
745 const blink::WebCryptoAlgorithm& algorithm, | 745 const blink::WebCryptoAlgorithm& algorithm, |
746 const blink::WebCryptoKey& key, | 746 const blink::WebCryptoKey& key, |
747 const unsigned char* signature, | 747 const unsigned char* signature, |
748 unsigned signature_size, | 748 unsigned int signature_size, |
749 const unsigned char* data, | 749 const unsigned char* data, |
750 unsigned data_size, | 750 unsigned int data_size, |
751 bool* signature_match) { | 751 bool* signature_match) { |
752 DCHECK_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); | 752 DCHECK_EQ(blink::WebCryptoAlgorithmIdHmac, algorithm.id()); |
753 | 753 |
754 blink::WebArrayBuffer result; | 754 blink::WebArrayBuffer result; |
755 Status status = SignHmac(algorithm, key, data, data_size, &result); | 755 Status status = SignHmac(algorithm, key, data, data_size, &result); |
756 if (status.IsError()) | 756 if (status.IsError()) |
757 return status; | 757 return status; |
758 | 758 |
759 // Handling of truncated signatures is underspecified in the WebCrypto | 759 // Handling of truncated signatures is underspecified in the WebCrypto |
760 // spec, so here we fail verification if a truncated signature is being | 760 // spec, so here we fail verification if a truncated signature is being |
761 // verified. | 761 // verified. |
762 // See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23097 | 762 // See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23097 |
763 *signature_match = | 763 *signature_match = |
764 result.byteLength() == signature_size && | 764 result.byteLength() == signature_size && |
765 crypto::SecureMemEqual(result.data(), signature, signature_size); | 765 crypto::SecureMemEqual(result.data(), signature, signature_size); |
766 | 766 |
767 return Status::Success(); | 767 return Status::Success(); |
768 } | 768 } |
769 | 769 |
770 // ----------------------------------- | 770 // ----------------------------------- |
771 // RsaEsPkcs1v1_5 | 771 // RsaEsPkcs1v1_5 |
772 // ----------------------------------- | 772 // ----------------------------------- |
773 | 773 |
774 Status EncryptRsaEsPkcs1v1_5( | 774 Status EncryptRsaEsPkcs1v1_5( |
775 const blink::WebCryptoAlgorithm& algorithm, | 775 const blink::WebCryptoAlgorithm& algorithm, |
776 const blink::WebCryptoKey& key, | 776 const blink::WebCryptoKey& key, |
777 const unsigned char* data, | 777 const unsigned char* data, |
778 unsigned data_size, | 778 unsigned int data_size, |
779 blink::WebArrayBuffer* buffer) { | 779 blink::WebArrayBuffer* buffer) { |
780 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm.id()); | 780 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm.id()); |
781 | 781 |
782 // RSAES encryption does not support empty input | 782 // RSAES encryption does not support empty input |
783 if (!data_size) | 783 if (!data_size) |
784 return Status::Error(); | 784 return Status::Error(); |
785 DCHECK(data); | 785 DCHECK(data); |
786 | 786 |
787 if (key.type() != blink::WebCryptoKeyTypePublic) | 787 if (key.type() != blink::WebCryptoKeyTypePublic) |
788 return Status::ErrorUnexpectedKeyType(); | 788 return Status::ErrorUnexpectedKeyType(); |
789 | 789 |
790 PublicKeyHandle* const public_key = | 790 PublicKeyHandle* const public_key = |
791 reinterpret_cast<PublicKeyHandle*>(key.handle()); | 791 reinterpret_cast<PublicKeyHandle*>(key.handle()); |
792 | 792 |
793 const unsigned encrypted_length_bytes = | 793 const unsigned int encrypted_length_bytes = |
794 SECKEY_PublicKeyStrength(public_key->key()); | 794 SECKEY_PublicKeyStrength(public_key->key()); |
795 | 795 |
796 // RSAES can operate on messages up to a length of k - 11, where k is the | 796 // RSAES can operate on messages up to a length of k - 11, where k is the |
797 // octet length of the RSA modulus. | 797 // octet length of the RSA modulus. |
798 if (encrypted_length_bytes < 11 || encrypted_length_bytes - 11 < data_size) | 798 if (encrypted_length_bytes < 11 || encrypted_length_bytes - 11 < data_size) |
799 return Status::ErrorDataTooLarge(); | 799 return Status::ErrorDataTooLarge(); |
800 | 800 |
801 *buffer = blink::WebArrayBuffer::create(encrypted_length_bytes, 1); | 801 *buffer = blink::WebArrayBuffer::create(encrypted_length_bytes, 1); |
802 unsigned char* const buffer_data = | 802 unsigned char* const buffer_data = |
803 reinterpret_cast<unsigned char*>(buffer->data()); | 803 reinterpret_cast<unsigned char*>(buffer->data()); |
804 | 804 |
805 if (PK11_PubEncryptPKCS1(public_key->key(), | 805 if (PK11_PubEncryptPKCS1(public_key->key(), |
806 buffer_data, | 806 buffer_data, |
807 const_cast<unsigned char*>(data), | 807 const_cast<unsigned char*>(data), |
808 data_size, | 808 data_size, |
809 NULL) != SECSuccess) { | 809 NULL) != SECSuccess) { |
810 return Status::Error(); | 810 return Status::Error(); |
811 } | 811 } |
812 return Status::Success(); | 812 return Status::Success(); |
813 } | 813 } |
814 | 814 |
815 Status DecryptRsaEsPkcs1v1_5( | 815 Status DecryptRsaEsPkcs1v1_5( |
816 const blink::WebCryptoAlgorithm& algorithm, | 816 const blink::WebCryptoAlgorithm& algorithm, |
817 const blink::WebCryptoKey& key, | 817 const blink::WebCryptoKey& key, |
818 const unsigned char* data, | 818 const unsigned char* data, |
819 unsigned data_size, | 819 unsigned int data_size, |
820 blink::WebArrayBuffer* buffer) { | 820 blink::WebArrayBuffer* buffer) { |
821 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm.id()); | 821 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5, algorithm.id()); |
822 | 822 |
823 // RSAES decryption does not support empty input | 823 // RSAES decryption does not support empty input |
824 if (!data_size) | 824 if (!data_size) |
825 return Status::Error(); | 825 return Status::Error(); |
826 DCHECK(data); | 826 DCHECK(data); |
827 | 827 |
828 if (key.type() != blink::WebCryptoKeyTypePrivate) | 828 if (key.type() != blink::WebCryptoKeyTypePrivate) |
829 return Status::ErrorUnexpectedKeyType(); | 829 return Status::ErrorUnexpectedKeyType(); |
830 | 830 |
831 PrivateKeyHandle* const private_key = | 831 PrivateKeyHandle* const private_key = |
832 reinterpret_cast<PrivateKeyHandle*>(key.handle()); | 832 reinterpret_cast<PrivateKeyHandle*>(key.handle()); |
833 | 833 |
834 const int modulus_length_bytes = | 834 const int modulus_length_bytes = |
835 PK11_GetPrivateModulusLen(private_key->key()); | 835 PK11_GetPrivateModulusLen(private_key->key()); |
836 if (modulus_length_bytes <= 0) | 836 if (modulus_length_bytes <= 0) |
837 return Status::ErrorUnexpected(); | 837 return Status::ErrorUnexpected(); |
838 const unsigned max_output_length_bytes = modulus_length_bytes; | 838 const unsigned int max_output_length_bytes = modulus_length_bytes; |
839 | 839 |
840 *buffer = blink::WebArrayBuffer::create(max_output_length_bytes, 1); | 840 *buffer = blink::WebArrayBuffer::create(max_output_length_bytes, 1); |
841 unsigned char* const buffer_data = | 841 unsigned char* const buffer_data = |
842 reinterpret_cast<unsigned char*>(buffer->data()); | 842 reinterpret_cast<unsigned char*>(buffer->data()); |
843 | 843 |
844 unsigned output_length_bytes = 0; | 844 unsigned int output_length_bytes = 0; |
845 if (PK11_PrivDecryptPKCS1(private_key->key(), | 845 if (PK11_PrivDecryptPKCS1(private_key->key(), |
846 buffer_data, | 846 buffer_data, |
847 &output_length_bytes, | 847 &output_length_bytes, |
848 max_output_length_bytes, | 848 max_output_length_bytes, |
849 const_cast<unsigned char*>(data), | 849 const_cast<unsigned char*>(data), |
850 data_size) != SECSuccess) { | 850 data_size) != SECSuccess) { |
851 return Status::Error(); | 851 return Status::Error(); |
852 } | 852 } |
853 DCHECK_LE(output_length_bytes, max_output_length_bytes); | 853 DCHECK_LE(output_length_bytes, max_output_length_bytes); |
854 webcrypto::ShrinkBuffer(buffer, output_length_bytes); | 854 webcrypto::ShrinkBuffer(buffer, output_length_bytes); |
855 return Status::Success(); | 855 return Status::Success(); |
856 } | 856 } |
857 | 857 |
858 // ----------------------------------- | 858 // ----------------------------------- |
859 // RsaSsaPkcs1v1_5 | 859 // RsaSsaPkcs1v1_5 |
860 // ----------------------------------- | 860 // ----------------------------------- |
861 | 861 |
862 Status SignRsaSsaPkcs1v1_5( | 862 Status SignRsaSsaPkcs1v1_5( |
863 const blink::WebCryptoAlgorithm& algorithm, | 863 const blink::WebCryptoAlgorithm& algorithm, |
864 const blink::WebCryptoKey& key, | 864 const blink::WebCryptoKey& key, |
865 const unsigned char* data, | 865 const unsigned char* data, |
866 unsigned data_size, | 866 unsigned int data_size, |
867 blink::WebArrayBuffer* buffer) { | 867 blink::WebArrayBuffer* buffer) { |
868 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, algorithm.id()); | 868 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, algorithm.id()); |
869 | 869 |
870 if (key.type() != blink::WebCryptoKeyTypePrivate) | 870 if (key.type() != blink::WebCryptoKeyTypePrivate) |
871 return Status::ErrorUnexpectedKeyType(); | 871 return Status::ErrorUnexpectedKeyType(); |
872 | 872 |
873 if (webcrypto::GetInnerHashAlgorithm(algorithm).isNull()) | 873 if (webcrypto::GetInnerHashAlgorithm(algorithm).isNull()) |
874 return Status::ErrorUnexpected(); | 874 return Status::ErrorUnexpected(); |
875 | 875 |
876 PrivateKeyHandle* const private_key = | 876 PrivateKeyHandle* const private_key = |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
912 | 912 |
913 *buffer = webcrypto::CreateArrayBuffer(signature_item->data, | 913 *buffer = webcrypto::CreateArrayBuffer(signature_item->data, |
914 signature_item->len); | 914 signature_item->len); |
915 return Status::Success(); | 915 return Status::Success(); |
916 } | 916 } |
917 | 917 |
918 Status VerifyRsaSsaPkcs1v1_5( | 918 Status VerifyRsaSsaPkcs1v1_5( |
919 const blink::WebCryptoAlgorithm& algorithm, | 919 const blink::WebCryptoAlgorithm& algorithm, |
920 const blink::WebCryptoKey& key, | 920 const blink::WebCryptoKey& key, |
921 const unsigned char* signature, | 921 const unsigned char* signature, |
922 unsigned signature_size, | 922 unsigned int signature_size, |
923 const unsigned char* data, | 923 const unsigned char* data, |
924 unsigned data_size, | 924 unsigned int data_size, |
925 bool* signature_match) { | 925 bool* signature_match) { |
926 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, algorithm.id()); | 926 DCHECK_EQ(blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, algorithm.id()); |
927 | 927 |
928 if (key.type() != blink::WebCryptoKeyTypePublic) | 928 if (key.type() != blink::WebCryptoKeyTypePublic) |
929 return Status::ErrorUnexpectedKeyType(); | 929 return Status::ErrorUnexpectedKeyType(); |
930 | 930 |
931 PublicKeyHandle* const public_key = | 931 PublicKeyHandle* const public_key = |
932 reinterpret_cast<PublicKeyHandle*>(key.handle()); | 932 reinterpret_cast<PublicKeyHandle*>(key.handle()); |
933 DCHECK(public_key); | 933 DCHECK(public_key); |
934 DCHECK(public_key->key()); | 934 DCHECK(public_key->key()); |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1051 extractable, | 1051 extractable, |
1052 algorithm, | 1052 algorithm, |
1053 usage_mask); | 1053 usage_mask); |
1054 | 1054 |
1055 return Status::Success(); | 1055 return Status::Success(); |
1056 } | 1056 } |
1057 | 1057 |
1058 // Get the secret key length in bytes from generation parameters. This resolves | 1058 // Get the secret key length in bytes from generation parameters. This resolves |
1059 // any defaults. | 1059 // any defaults. |
1060 Status GetGenerateSecretKeyLength(const blink::WebCryptoAlgorithm& algorithm, | 1060 Status GetGenerateSecretKeyLength(const blink::WebCryptoAlgorithm& algorithm, |
1061 unsigned* keylen_bytes) { | 1061 unsigned int* keylen_bytes) { |
1062 *keylen_bytes = 0; | 1062 *keylen_bytes = 0; |
1063 | 1063 |
1064 switch (algorithm.id()) { | 1064 switch (algorithm.id()) { |
1065 case blink::WebCryptoAlgorithmIdAesCbc: | 1065 case blink::WebCryptoAlgorithmIdAesCbc: |
1066 case blink::WebCryptoAlgorithmIdAesGcm: | 1066 case blink::WebCryptoAlgorithmIdAesGcm: |
1067 case blink::WebCryptoAlgorithmIdAesKw: { | 1067 case blink::WebCryptoAlgorithmIdAesKw: { |
1068 const blink::WebCryptoAesKeyGenParams* params = | 1068 const blink::WebCryptoAesKeyGenParams* params = |
1069 algorithm.aesKeyGenParams(); | 1069 algorithm.aesKeyGenParams(); |
1070 DCHECK(params); | 1070 DCHECK(params); |
1071 // Ensure the key length is a multiple of 8 bits. Let NSS verify further | 1071 // Ensure the key length is a multiple of 8 bits. Let NSS verify further |
(...skipping 26 matching lines...) Expand all Loading... |
1098 } // namespace | 1098 } // namespace |
1099 | 1099 |
1100 void WebCryptoImpl::Init() { | 1100 void WebCryptoImpl::Init() { |
1101 crypto::EnsureNSSInit(); | 1101 crypto::EnsureNSSInit(); |
1102 } | 1102 } |
1103 | 1103 |
1104 Status WebCryptoImpl::EncryptInternal( | 1104 Status WebCryptoImpl::EncryptInternal( |
1105 const blink::WebCryptoAlgorithm& algorithm, | 1105 const blink::WebCryptoAlgorithm& algorithm, |
1106 const blink::WebCryptoKey& key, | 1106 const blink::WebCryptoKey& key, |
1107 const unsigned char* data, | 1107 const unsigned char* data, |
1108 unsigned data_size, | 1108 unsigned int data_size, |
1109 blink::WebArrayBuffer* buffer) { | 1109 blink::WebArrayBuffer* buffer) { |
1110 | 1110 |
1111 DCHECK_EQ(algorithm.id(), key.algorithm().id()); | 1111 DCHECK_EQ(algorithm.id(), key.algorithm().id()); |
1112 DCHECK(key.handle()); | 1112 DCHECK(key.handle()); |
1113 DCHECK(buffer); | 1113 DCHECK(buffer); |
1114 | 1114 |
1115 switch (algorithm.id()) { | 1115 switch (algorithm.id()) { |
1116 case blink::WebCryptoAlgorithmIdAesCbc: | 1116 case blink::WebCryptoAlgorithmIdAesCbc: |
1117 return AesCbcEncryptDecrypt( | 1117 return AesCbcEncryptDecrypt( |
1118 CKA_ENCRYPT, algorithm, key, data, data_size, buffer); | 1118 CKA_ENCRYPT, algorithm, key, data, data_size, buffer); |
1119 case blink::WebCryptoAlgorithmIdAesGcm: | 1119 case blink::WebCryptoAlgorithmIdAesGcm: |
1120 return AesGcmEncryptDecrypt( | 1120 return AesGcmEncryptDecrypt( |
1121 true, algorithm, key, data, data_size, buffer); | 1121 true, algorithm, key, data, data_size, buffer); |
1122 case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: | 1122 case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: |
1123 return EncryptRsaEsPkcs1v1_5(algorithm, key, data, data_size, buffer); | 1123 return EncryptRsaEsPkcs1v1_5(algorithm, key, data, data_size, buffer); |
1124 default: | 1124 default: |
1125 return Status::ErrorUnsupported(); | 1125 return Status::ErrorUnsupported(); |
1126 } | 1126 } |
1127 } | 1127 } |
1128 | 1128 |
1129 Status WebCryptoImpl::DecryptInternal( | 1129 Status WebCryptoImpl::DecryptInternal( |
1130 const blink::WebCryptoAlgorithm& algorithm, | 1130 const blink::WebCryptoAlgorithm& algorithm, |
1131 const blink::WebCryptoKey& key, | 1131 const blink::WebCryptoKey& key, |
1132 const unsigned char* data, | 1132 const unsigned char* data, |
1133 unsigned data_size, | 1133 unsigned int data_size, |
1134 blink::WebArrayBuffer* buffer) { | 1134 blink::WebArrayBuffer* buffer) { |
1135 | 1135 |
1136 DCHECK_EQ(algorithm.id(), key.algorithm().id()); | 1136 DCHECK_EQ(algorithm.id(), key.algorithm().id()); |
1137 DCHECK(key.handle()); | 1137 DCHECK(key.handle()); |
1138 DCHECK(buffer); | 1138 DCHECK(buffer); |
1139 | 1139 |
1140 switch (algorithm.id()) { | 1140 switch (algorithm.id()) { |
1141 case blink::WebCryptoAlgorithmIdAesCbc: | 1141 case blink::WebCryptoAlgorithmIdAesCbc: |
1142 return AesCbcEncryptDecrypt( | 1142 return AesCbcEncryptDecrypt( |
1143 CKA_DECRYPT, algorithm, key, data, data_size, buffer); | 1143 CKA_DECRYPT, algorithm, key, data, data_size, buffer); |
1144 case blink::WebCryptoAlgorithmIdAesGcm: | 1144 case blink::WebCryptoAlgorithmIdAesGcm: |
1145 return AesGcmEncryptDecrypt( | 1145 return AesGcmEncryptDecrypt( |
1146 false, algorithm, key, data, data_size, buffer); | 1146 false, algorithm, key, data, data_size, buffer); |
1147 case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: | 1147 case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: |
1148 return DecryptRsaEsPkcs1v1_5(algorithm, key, data, data_size, buffer); | 1148 return DecryptRsaEsPkcs1v1_5(algorithm, key, data, data_size, buffer); |
1149 default: | 1149 default: |
1150 return Status::ErrorUnsupported(); | 1150 return Status::ErrorUnsupported(); |
1151 } | 1151 } |
1152 } | 1152 } |
1153 | 1153 |
1154 Status WebCryptoImpl::DigestInternal( | 1154 Status WebCryptoImpl::DigestInternal( |
1155 const blink::WebCryptoAlgorithm& algorithm, | 1155 const blink::WebCryptoAlgorithm& algorithm, |
1156 const unsigned char* data, | 1156 const unsigned char* data, |
1157 unsigned data_size, | 1157 unsigned int data_size, |
1158 blink::WebArrayBuffer* buffer) { | 1158 blink::WebArrayBuffer* buffer) { |
1159 HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm); | 1159 HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm); |
1160 if (hash_type == HASH_AlgNULL) | 1160 if (hash_type == HASH_AlgNULL) |
1161 return Status::ErrorUnsupported(); | 1161 return Status::ErrorUnsupported(); |
1162 | 1162 |
1163 HASHContext* context = HASH_Create(hash_type); | 1163 HASHContext* context = HASH_Create(hash_type); |
1164 if (!context) | 1164 if (!context) |
1165 return Status::Error(); | 1165 return Status::Error(); |
1166 | 1166 |
1167 HASH_Begin(context); | 1167 HASH_Begin(context); |
1168 | 1168 |
1169 HASH_Update(context, data, data_size); | 1169 HASH_Update(context, data, data_size); |
1170 | 1170 |
1171 unsigned hash_result_length = HASH_ResultLenContext(context); | 1171 unsigned int hash_result_length = HASH_ResultLenContext(context); |
1172 DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX)); | 1172 DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX)); |
1173 | 1173 |
1174 *buffer = blink::WebArrayBuffer::create(hash_result_length, 1); | 1174 *buffer = blink::WebArrayBuffer::create(hash_result_length, 1); |
1175 | 1175 |
1176 unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data()); | 1176 unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data()); |
1177 | 1177 |
1178 unsigned result_length = 0; | 1178 unsigned int result_length = 0; |
1179 HASH_End(context, digest, &result_length, hash_result_length); | 1179 HASH_End(context, digest, &result_length, hash_result_length); |
1180 | 1180 |
1181 HASH_Destroy(context); | 1181 HASH_Destroy(context); |
1182 | 1182 |
1183 if (result_length != hash_result_length) | 1183 if (result_length != hash_result_length) |
1184 return Status::ErrorUnexpected(); | 1184 return Status::ErrorUnexpected(); |
1185 return Status::Success(); | 1185 return Status::Success(); |
1186 } | 1186 } |
1187 | 1187 |
1188 Status WebCryptoImpl::GenerateSecretKeyInternal( | 1188 Status WebCryptoImpl::GenerateSecretKeyInternal( |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1233 return GenerateRsaKeyPair(algorithm, extractable, usage_mask, | 1233 return GenerateRsaKeyPair(algorithm, extractable, usage_mask, |
1234 public_key, private_key); | 1234 public_key, private_key); |
1235 default: | 1235 default: |
1236 return Status::ErrorUnsupported(); | 1236 return Status::ErrorUnsupported(); |
1237 } | 1237 } |
1238 } | 1238 } |
1239 | 1239 |
1240 Status WebCryptoImpl::ImportKeyInternal( | 1240 Status WebCryptoImpl::ImportKeyInternal( |
1241 blink::WebCryptoKeyFormat format, | 1241 blink::WebCryptoKeyFormat format, |
1242 const unsigned char* key_data, | 1242 const unsigned char* key_data, |
1243 unsigned key_data_size, | 1243 unsigned int key_data_size, |
1244 const blink::WebCryptoAlgorithm& algorithm_or_null, | 1244 const blink::WebCryptoAlgorithm& algorithm_or_null, |
1245 bool extractable, | 1245 bool extractable, |
1246 blink::WebCryptoKeyUsageMask usage_mask, | 1246 blink::WebCryptoKeyUsageMask usage_mask, |
1247 blink::WebCryptoKey* key) { | 1247 blink::WebCryptoKey* key) { |
1248 | 1248 |
1249 switch (format) { | 1249 switch (format) { |
1250 case blink::WebCryptoKeyFormatRaw: | 1250 case blink::WebCryptoKeyFormatRaw: |
1251 // A 'raw'-formatted key import requires an input algorithm. | 1251 // A 'raw'-formatted key import requires an input algorithm. |
1252 if (algorithm_or_null.isNull()) | 1252 if (algorithm_or_null.isNull()) |
1253 return Status::ErrorMissingAlgorithmImportRawKey(); | 1253 return Status::ErrorMissingAlgorithmImportRawKey(); |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1291 return Status::ErrorUnsupported(); | 1291 return Status::ErrorUnsupported(); |
1292 default: | 1292 default: |
1293 return Status::ErrorUnsupported(); | 1293 return Status::ErrorUnsupported(); |
1294 } | 1294 } |
1295 } | 1295 } |
1296 | 1296 |
1297 Status WebCryptoImpl::SignInternal( | 1297 Status WebCryptoImpl::SignInternal( |
1298 const blink::WebCryptoAlgorithm& algorithm, | 1298 const blink::WebCryptoAlgorithm& algorithm, |
1299 const blink::WebCryptoKey& key, | 1299 const blink::WebCryptoKey& key, |
1300 const unsigned char* data, | 1300 const unsigned char* data, |
1301 unsigned data_size, | 1301 unsigned int data_size, |
1302 blink::WebArrayBuffer* buffer) { | 1302 blink::WebArrayBuffer* buffer) { |
1303 | 1303 |
1304 // Note: It is not an error to sign empty data. | 1304 // Note: It is not an error to sign empty data. |
1305 | 1305 |
1306 DCHECK(buffer); | 1306 DCHECK(buffer); |
1307 DCHECK_NE(0, key.usages() & blink::WebCryptoKeyUsageSign); | 1307 DCHECK_NE(0, key.usages() & blink::WebCryptoKeyUsageSign); |
1308 | 1308 |
1309 switch (algorithm.id()) { | 1309 switch (algorithm.id()) { |
1310 case blink::WebCryptoAlgorithmIdHmac: | 1310 case blink::WebCryptoAlgorithmIdHmac: |
1311 return SignHmac(algorithm, key, data, data_size, buffer); | 1311 return SignHmac(algorithm, key, data, data_size, buffer); |
1312 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: | 1312 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: |
1313 return SignRsaSsaPkcs1v1_5(algorithm, key, data, data_size, buffer); | 1313 return SignRsaSsaPkcs1v1_5(algorithm, key, data, data_size, buffer); |
1314 default: | 1314 default: |
1315 return Status::ErrorUnsupported(); | 1315 return Status::ErrorUnsupported(); |
1316 } | 1316 } |
1317 } | 1317 } |
1318 | 1318 |
1319 Status WebCryptoImpl::VerifySignatureInternal( | 1319 Status WebCryptoImpl::VerifySignatureInternal( |
1320 const blink::WebCryptoAlgorithm& algorithm, | 1320 const blink::WebCryptoAlgorithm& algorithm, |
1321 const blink::WebCryptoKey& key, | 1321 const blink::WebCryptoKey& key, |
1322 const unsigned char* signature, | 1322 const unsigned char* signature, |
1323 unsigned signature_size, | 1323 unsigned int signature_size, |
1324 const unsigned char* data, | 1324 const unsigned char* data, |
1325 unsigned data_size, | 1325 unsigned int data_size, |
1326 bool* signature_match) { | 1326 bool* signature_match) { |
1327 | 1327 |
1328 if (!signature_size) { | 1328 if (!signature_size) { |
1329 // None of the algorithms generate valid zero-length signatures so this | 1329 // None of the algorithms generate valid zero-length signatures so this |
1330 // will necessarily fail verification. Early return to protect | 1330 // will necessarily fail verification. Early return to protect |
1331 // implementations from dealing with a NULL signature pointer. | 1331 // implementations from dealing with a NULL signature pointer. |
1332 *signature_match = false; | 1332 *signature_match = false; |
1333 return Status::Success(); | 1333 return Status::Success(); |
1334 } | 1334 } |
1335 | 1335 |
1336 DCHECK(signature); | 1336 DCHECK(signature); |
1337 | 1337 |
1338 switch (algorithm.id()) { | 1338 switch (algorithm.id()) { |
1339 case blink::WebCryptoAlgorithmIdHmac: | 1339 case blink::WebCryptoAlgorithmIdHmac: |
1340 return VerifyHmac(algorithm, key, signature, signature_size, | 1340 return VerifyHmac(algorithm, key, signature, signature_size, |
1341 data, data_size, signature_match); | 1341 data, data_size, signature_match); |
1342 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: | 1342 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: |
1343 return VerifyRsaSsaPkcs1v1_5(algorithm, key, signature, signature_size, | 1343 return VerifyRsaSsaPkcs1v1_5(algorithm, key, signature, signature_size, |
1344 data, data_size, signature_match); | 1344 data, data_size, signature_match); |
1345 default: | 1345 default: |
1346 return Status::ErrorUnsupported(); | 1346 return Status::ErrorUnsupported(); |
1347 } | 1347 } |
1348 } | 1348 } |
1349 | 1349 |
1350 Status WebCryptoImpl::ImportRsaPublicKeyInternal( | 1350 Status WebCryptoImpl::ImportRsaPublicKeyInternal( |
1351 const unsigned char* modulus_data, | 1351 const unsigned char* modulus_data, |
1352 unsigned modulus_size, | 1352 unsigned int modulus_size, |
1353 const unsigned char* exponent_data, | 1353 const unsigned char* exponent_data, |
1354 unsigned exponent_size, | 1354 unsigned int exponent_size, |
1355 const blink::WebCryptoAlgorithm& algorithm, | 1355 const blink::WebCryptoAlgorithm& algorithm, |
1356 bool extractable, | 1356 bool extractable, |
1357 blink::WebCryptoKeyUsageMask usage_mask, | 1357 blink::WebCryptoKeyUsageMask usage_mask, |
1358 blink::WebCryptoKey* key) { | 1358 blink::WebCryptoKey* key) { |
1359 | 1359 |
1360 if (!modulus_size) | 1360 if (!modulus_size) |
1361 return Status::ErrorImportRsaEmptyModulus(); | 1361 return Status::ErrorImportRsaEmptyModulus(); |
1362 | 1362 |
1363 if (!exponent_size) | 1363 if (!exponent_size) |
1364 return Status::ErrorImportRsaEmptyExponent(); | 1364 return Status::ErrorImportRsaEmptyExponent(); |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1403 | 1403 |
1404 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), | 1404 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), |
1405 blink::WebCryptoKeyTypePublic, | 1405 blink::WebCryptoKeyTypePublic, |
1406 extractable, | 1406 extractable, |
1407 algorithm, | 1407 algorithm, |
1408 usage_mask); | 1408 usage_mask); |
1409 return Status::Success(); | 1409 return Status::Success(); |
1410 } | 1410 } |
1411 | 1411 |
1412 } // namespace content | 1412 } // namespace content |
OLD | NEW |