OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto_impl.h" |
6 | 6 |
7 #include <pk11pub.h> | |
7 #include <sechash.h> | 8 #include <sechash.h> |
8 | 9 |
9 #include "base/logging.h" | 10 #include "base/logging.h" |
10 #include "crypto/nss_util.h" | 11 #include "crypto/nss_util.h" |
12 #include "crypto/scoped_nss_types.h" | |
11 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 13 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
15 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
13 | 16 |
14 namespace content { | 17 namespace content { |
15 | 18 |
19 namespace { | |
20 | |
21 class KeyHandleBase : public WebKit::WebCryptoKeyHandle { | |
22 public: | |
23 bool Initialize() { | |
24 slot_.reset(PK11_GetInternalSlot()); | |
25 return slot_.get() != NULL; | |
26 } | |
27 | |
28 CK_MECHANISM_TYPE mechanism() const { return mechanism_; } | |
29 PK11SlotInfo* slot() { return slot_.get(); } | |
30 | |
31 protected: | |
32 explicit KeyHandleBase(CK_MECHANISM_TYPE mechanism) | |
33 : mechanism_(mechanism) { | |
34 } | |
35 | |
36 CK_MECHANISM_TYPE mechanism_; | |
Ryan Sleevi
2013/09/12 22:01:56
This is duplicating what the PK11SymKey already st
Bryan Eyler
2013/09/12 23:09:56
None, other than I didn't realize that could be re
| |
37 crypto::ScopedPK11Slot slot_; | |
38 }; | |
39 | |
40 class SymKeyHandle : public KeyHandleBase { | |
41 public: | |
42 explicit SymKeyHandle(CK_MECHANISM_TYPE mechanism) | |
43 : KeyHandleBase(mechanism) { | |
44 } | |
45 | |
46 void set_key(crypto::ScopedPK11SymKey key) { | |
47 DCHECK(!key_.get()); | |
48 key_ = key.Pass(); | |
49 } | |
50 | |
51 PK11SymKey* key() { return key_.get(); } | |
52 | |
53 private: | |
54 crypto::ScopedPK11SymKey key_; | |
Ryan Sleevi
2013/09/12 22:01:56
The PK11SymKey holds onto its PK11SlotInfoStr. The
Ryan Sleevi
2013/09/12 22:15:02
s/key/slot
Bryan Eyler
2013/09/12 23:09:56
Removed tracking of slot.
With the removal of tra
| |
55 | |
56 DISALLOW_COPY_AND_ASSIGN(SymKeyHandle); | |
57 }; | |
58 | |
59 CK_FLAGS WebCryptoKeyUsageMaskToNSSFlags( | |
60 WebKit::WebCryptoKeyUsageMask mask) { | |
61 return ((mask & WebKit::WebCryptoKeyUsageEncrypt) ? CKF_ENCRYPT : 0) | | |
62 ((mask & WebKit::WebCryptoKeyUsageDecrypt) ? CKF_DECRYPT : 0) | | |
63 ((mask & WebKit::WebCryptoKeyUsageSign) ? CKF_SIGN : 0) | | |
64 ((mask & WebKit::WebCryptoKeyUsageVerify) ? CKF_VERIFY : 0) | | |
65 ((mask & WebKit::WebCryptoKeyUsageDeriveKey) ? CKF_DERIVE : 0) | | |
66 ((mask & WebKit::WebCryptoKeyUsageWrapKey) ? CKF_WRAP : 0) | | |
67 ((mask & WebKit::WebCryptoKeyUsageUnwrapKey) ? CKF_UNWRAP : 0); | |
Ryan Sleevi
2013/09/12 22:01:56
design: Don't use this?
Ryan Sleevi
2013/09/12 22:15:02
eric pointed out some confusion: We should not be
Bryan Eyler
2013/09/12 23:09:56
Done.
| |
68 } | |
69 | |
70 HASH_HashType WebCryptoAlgorithmToNSSHashType( | |
71 const WebKit::WebCryptoAlgorithm& algorithm) { | |
72 switch (algorithm.id()) { | |
73 case WebKit::WebCryptoAlgorithmIdSha1: | |
74 return HASH_AlgSHA1; | |
75 case WebKit::WebCryptoAlgorithmIdSha224: | |
76 return HASH_AlgSHA224; | |
77 case WebKit::WebCryptoAlgorithmIdSha256: | |
78 return HASH_AlgSHA256; | |
79 case WebKit::WebCryptoAlgorithmIdSha384: | |
80 return HASH_AlgSHA384; | |
81 case WebKit::WebCryptoAlgorithmIdSha512: | |
82 return HASH_AlgSHA512; | |
83 default: | |
84 // Not a digest algorithm. | |
85 return HASH_AlgNULL; | |
86 } | |
87 } | |
88 | |
89 CK_MECHANISM_TYPE WebCryptoAlgorithmToHMACMechanism( | |
90 const WebKit::WebCryptoAlgorithm& algorithm) { | |
91 switch (algorithm.id()) { | |
92 case WebKit::WebCryptoAlgorithmIdSha1: | |
93 return CKM_SHA_1_HMAC; | |
94 case WebKit::WebCryptoAlgorithmIdSha256: | |
95 return CKM_SHA256_HMAC; | |
96 default: | |
97 // Not a supported algorithm. | |
98 return CKM_INVALID_MECHANISM; | |
99 } | |
100 } | |
101 | |
102 } // namespace | |
103 | |
16 bool WebCryptoImpl::DigestInternal( | 104 bool WebCryptoImpl::DigestInternal( |
17 const WebKit::WebCryptoAlgorithm& algorithm, | 105 const WebKit::WebCryptoAlgorithm& algorithm, |
18 const unsigned char* data, | 106 const unsigned char* data, |
19 unsigned data_size, | 107 unsigned data_size, |
20 WebKit::WebArrayBuffer* buffer) { | 108 WebKit::WebArrayBuffer* buffer) { |
21 HASH_HashType hash_type = HASH_AlgNULL; | 109 HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm); |
22 | 110 if (hash_type == HASH_AlgNULL) { |
23 switch (algorithm.id()) { | 111 return false; |
24 case WebKit::WebCryptoAlgorithmIdSha1: | |
25 hash_type = HASH_AlgSHA1; | |
26 break; | |
27 case WebKit::WebCryptoAlgorithmIdSha224: | |
28 hash_type = HASH_AlgSHA224; | |
29 break; | |
30 case WebKit::WebCryptoAlgorithmIdSha256: | |
31 hash_type = HASH_AlgSHA256; | |
32 break; | |
33 case WebKit::WebCryptoAlgorithmIdSha384: | |
34 hash_type = HASH_AlgSHA384; | |
35 break; | |
36 case WebKit::WebCryptoAlgorithmIdSha512: | |
37 hash_type = HASH_AlgSHA512; | |
38 break; | |
39 default: | |
40 // Not a digest algorithm. | |
41 return false; | |
42 } | 112 } |
43 | 113 |
44 crypto::EnsureNSSInit(); | 114 crypto::EnsureNSSInit(); |
45 | 115 |
46 HASHContext* context = HASH_Create(hash_type); | 116 HASHContext* context = HASH_Create(hash_type); |
47 if (!context) { | 117 if (!context) { |
48 return false; | 118 return false; |
49 } | 119 } |
50 | 120 |
51 HASH_Begin(context); | 121 HASH_Begin(context); |
52 | 122 |
53 HASH_Update(context, data, data_size); | 123 HASH_Update(context, data, data_size); |
54 | 124 |
55 size_t hash_result_length = HASH_ResultLenContext(context); | 125 unsigned hash_result_length = HASH_ResultLenContext(context); |
56 DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX)); | 126 DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX)); |
57 | 127 |
58 *buffer = WebKit::WebArrayBuffer::create(hash_result_length, 1); | 128 *buffer = WebKit::WebArrayBuffer::create(hash_result_length, 1); |
59 | 129 |
60 unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data()); | 130 unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data()); |
61 | 131 |
62 uint32 result_length = 0; | 132 unsigned result_length = 0; |
63 HASH_End(context, digest, &result_length, hash_result_length); | 133 HASH_End(context, digest, &result_length, hash_result_length); |
64 | 134 |
65 HASH_Destroy(context); | 135 HASH_Destroy(context); |
66 | 136 |
67 return result_length == hash_result_length; | 137 return result_length == hash_result_length; |
68 } | 138 } |
69 | 139 |
140 bool WebCryptoImpl::ImportKeyInternal( | |
141 WebKit::WebCryptoKeyFormat format, | |
142 const unsigned char* key_data, | |
143 unsigned key_data_size, | |
144 const WebKit::WebCryptoAlgorithm& algorithm, | |
145 WebKit::WebCryptoKeyUsageMask usage_mask, | |
146 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, | |
147 WebKit::WebCryptoKeyType* type) { | |
148 switch (algorithm.id()) { | |
149 case WebKit::WebCryptoAlgorithmIdHmac: | |
150 *type = WebKit::WebCryptoKeyTypeSecret; | |
151 break; | |
152 // TODO(bryaneyler): Support more key types. | |
153 default: | |
154 return false; | |
155 } | |
156 | |
157 // TODO(bryaneyler): Need to split handling for symmetric and asymmetric keys. | |
158 // Currently only supporting symmetric. | |
159 scoped_ptr<SymKeyHandle> sym_key; | |
160 | |
161 crypto::EnsureNSSInit(); | |
162 | |
163 switch(algorithm.id()) { | |
164 case WebKit::WebCryptoAlgorithmIdHmac: { | |
165 const WebKit::WebCryptoHmacParams* params = algorithm.hmacParams(); | |
166 if (!params) { | |
167 return false; | |
168 } | |
169 | |
170 CK_MECHANISM_TYPE mechanism = | |
171 WebCryptoAlgorithmToHMACMechanism(params->hash()); | |
172 if (mechanism == CKM_INVALID_MECHANISM) { | |
173 return false; | |
174 } | |
175 | |
176 sym_key.reset(new SymKeyHandle(mechanism)); | |
177 | |
178 if (!sym_key->Initialize()) { | |
179 return false; | |
180 } | |
181 | |
182 break; | |
183 } | |
184 default: | |
185 return false; | |
186 } | |
187 | |
188 SECItem key_item = { siBuffer, NULL, 0 }; | |
189 | |
190 switch (format) { | |
191 case WebKit::WebCryptoKeyFormatRaw: | |
192 key_item.data = const_cast<unsigned char*>(key_data); | |
193 key_item.len = key_data_size; | |
194 break; | |
195 // TODO(bryaneyler): Handle additional formats. | |
196 default: | |
197 return false; | |
198 } | |
199 | |
200 crypto::ScopedPK11SymKey pk11_sym_key( | |
201 PK11_ImportSymKeyWithFlags(sym_key->slot(), | |
202 sym_key->mechanism(), | |
203 PK11_OriginUnwrap, | |
204 CKA_FLAGS_ONLY, | |
205 &key_item, | |
206 WebCryptoKeyUsageMaskToNSSFlags(usage_mask), | |
207 false, | |
208 NULL)); | |
209 sym_key->set_key(pk11_sym_key.Pass()); | |
210 if (!sym_key->key()) { | |
211 NOTREACHED(); | |
212 return false; | |
213 } | |
214 | |
215 *handle = sym_key.Pass(); | |
216 | |
217 return true; | |
218 } | |
219 | |
220 bool WebCryptoImpl::SignInternal( | |
221 const WebKit::WebCryptoAlgorithm& algorithm, | |
222 const WebKit::WebCryptoKey& key, | |
223 const unsigned char* data, | |
224 unsigned data_size, | |
225 WebKit::WebArrayBuffer* buffer) { | |
226 WebKit::WebArrayBuffer result; | |
227 | |
228 switch (algorithm.id()) { | |
229 case WebKit::WebCryptoAlgorithmIdHmac: { | |
230 const WebKit::WebCryptoHmacParams* params = algorithm.hmacParams(); | |
231 if (!params) { | |
232 return false; | |
233 } | |
234 | |
235 SymKeyHandle* sym_key = | |
236 const_cast<SymKeyHandle*>( | |
237 reinterpret_cast<const SymKeyHandle*>(key.handle())); | |
238 | |
239 DCHECK_EQ(sym_key->mechanism(), | |
240 WebCryptoAlgorithmToHMACMechanism(params->hash())); | |
241 DCHECK_NE(0, key.usages() & WebKit::WebCryptoKeyUsageSign); | |
Ryan Sleevi
2013/09/12 22:01:56
What's this DCHECK guarding against?
The WebKit A
Bryan Eyler
2013/09/12 23:09:56
I guess - just a sanity check that the params in m
| |
242 | |
243 SECItem param_item = { siBuffer, NULL, 0 }; | |
244 SECItem data_item = { | |
245 siBuffer, | |
246 const_cast<unsigned char*>(data), | |
247 data_size | |
248 }; | |
249 // First call is to figure out the length. | |
250 SECItem signature_item = { siBuffer, NULL, 0 }; | |
251 | |
252 if (PK11_SignWithSymKey(sym_key->key(), | |
253 sym_key->mechanism(), | |
254 ¶m_item, | |
255 &signature_item, | |
256 &data_item) != SECSuccess) { | |
257 NOTREACHED(); | |
258 return false; | |
259 } | |
260 | |
261 DCHECK_LT(0u, signature_item.len); | |
262 | |
263 result = WebKit::WebArrayBuffer::create(signature_item.len, 1); | |
264 signature_item.data = reinterpret_cast<unsigned char*>(result.data()); | |
265 | |
266 if (PK11_SignWithSymKey(sym_key->key(), | |
267 sym_key->mechanism(), | |
268 ¶m_item, | |
269 &signature_item, | |
270 &data_item) != SECSuccess) { | |
271 NOTREACHED(); | |
272 return false; | |
273 } | |
274 | |
275 DCHECK_EQ(result.byteLength(), signature_item.len); | |
276 | |
277 break; | |
278 } | |
279 default: | |
280 return false; | |
281 } | |
282 | |
283 *buffer = result; | |
284 return true; | |
285 } | |
286 | |
70 } // namespace content | 287 } // namespace content |
OLD | NEW |