OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "jwk.h" | 5 #include "jwk.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <functional> | 8 #include <functional> |
9 #include <map> | 9 #include <map> |
10 | 10 |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 // | "HS256" | HMAC using SHA-256 hash algorithm | | 103 // | "HS256" | HMAC using SHA-256 hash algorithm | |
104 // | "HS384" | HMAC using SHA-384 hash algorithm | | 104 // | "HS384" | HMAC using SHA-384 hash algorithm | |
105 // | "HS512" | HMAC using SHA-512 hash algorithm | | 105 // | "HS512" | HMAC using SHA-512 hash algorithm | |
106 // | "RS1" | RSASSA using SHA-1 hash algorithm | 106 // | "RS1" | RSASSA using SHA-1 hash algorithm |
107 // | "RS256" | RSASSA using SHA-256 hash algorithm | | 107 // | "RS256" | RSASSA using SHA-256 hash algorithm | |
108 // | "RS384" | RSASSA using SHA-384 hash algorithm | | 108 // | "RS384" | RSASSA using SHA-384 hash algorithm | |
109 // | "RS512" | RSASSA using SHA-512 hash algorithm | | 109 // | "RS512" | RSASSA using SHA-512 hash algorithm | |
110 // +--------------+-------------------------------------------------------| | 110 // +--------------+-------------------------------------------------------| |
111 // | Key Management Algorithm | | 111 // | Key Management Algorithm | |
112 // +--------------+-------------------------------------------------------+ | 112 // +--------------+-------------------------------------------------------+ |
113 // | "RSA1_5" | RSAES-PKCS1-V1_5 [RFC3447] | | |
114 // | "RSA-OAEP" | RSAES using Optimal Asymmetric Encryption Padding | | 113 // | "RSA-OAEP" | RSAES using Optimal Asymmetric Encryption Padding | |
115 // | | (OAEP) [RFC3447], with the default parameters | | 114 // | | (OAEP) [RFC3447], with the default parameters | |
116 // | | specified by RFC3447 in Section A.2.1 | | 115 // | | specified by RFC3447 in Section A.2.1 | |
117 // | "A128KW" | Advanced Encryption Standard (AES) Key Wrap Algorithm | | 116 // | "A128KW" | Advanced Encryption Standard (AES) Key Wrap Algorithm | |
118 // | | [RFC3394] using 128 bit keys | | 117 // | | [RFC3394] using 128 bit keys | |
119 // | "A192KW" | AES Key Wrap Algorithm using 192 bit keys | | 118 // | "A192KW" | AES Key Wrap Algorithm using 192 bit keys | |
120 // | "A256KW" | AES Key Wrap Algorithm using 256 bit keys | | 119 // | "A256KW" | AES Key Wrap Algorithm using 256 bit keys | |
121 // | "A128GCM" | AES in Galois/Counter Mode (GCM) [NIST.800-38D] using | | 120 // | "A128GCM" | AES in Galois/Counter Mode (GCM) [NIST.800-38D] using | |
122 // | | 128 bit keys | | 121 // | | 128 bit keys | |
123 // | "A192GCM" | AES GCM using 192 bit keys | | 122 // | "A192GCM" | AES GCM using 192 bit keys | |
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
301 blink::WebCryptoAlgorithmIdSha1>); | 300 blink::WebCryptoAlgorithmIdSha1>); |
302 alg_to_info_["RS256"] = | 301 alg_to_info_["RS256"] = |
303 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, | 302 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, |
304 blink::WebCryptoAlgorithmIdSha256>); | 303 blink::WebCryptoAlgorithmIdSha256>); |
305 alg_to_info_["RS384"] = | 304 alg_to_info_["RS384"] = |
306 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, | 305 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, |
307 blink::WebCryptoAlgorithmIdSha384>); | 306 blink::WebCryptoAlgorithmIdSha384>); |
308 alg_to_info_["RS512"] = | 307 alg_to_info_["RS512"] = |
309 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, | 308 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaSsaImportAlgorithm, |
310 blink::WebCryptoAlgorithmIdSha512>); | 309 blink::WebCryptoAlgorithmIdSha512>); |
311 alg_to_info_["RSA1_5"] = JwkAlgorithmInfo( | |
312 &BindAlgorithmId<CreateAlgorithm, | |
313 blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5>); | |
314 alg_to_info_["RSA-OAEP"] = | 310 alg_to_info_["RSA-OAEP"] = |
315 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, | 311 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, |
316 blink::WebCryptoAlgorithmIdSha1>); | 312 blink::WebCryptoAlgorithmIdSha1>); |
317 alg_to_info_["RSA-OAEP-256"] = | 313 alg_to_info_["RSA-OAEP-256"] = |
318 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, | 314 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, |
319 blink::WebCryptoAlgorithmIdSha256>); | 315 blink::WebCryptoAlgorithmIdSha256>); |
320 alg_to_info_["RSA-OAEP-384"] = | 316 alg_to_info_["RSA-OAEP-384"] = |
321 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, | 317 JwkAlgorithmInfo(&BindAlgorithmId<CreateRsaOaepImportAlgorithm, |
322 blink::WebCryptoAlgorithmIdSha384>); | 318 blink::WebCryptoAlgorithmIdSha384>); |
323 alg_to_info_["RSA-OAEP-512"] = | 319 alg_to_info_["RSA-OAEP-512"] = |
(...skipping 334 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
658 break; | 654 break; |
659 case blink::WebCryptoAlgorithmIdSha512: | 655 case blink::WebCryptoAlgorithmIdSha512: |
660 jwk_dict->SetString("alg", "HS512"); | 656 jwk_dict->SetString("alg", "HS512"); |
661 break; | 657 break; |
662 default: | 658 default: |
663 NOTREACHED(); | 659 NOTREACHED(); |
664 return Status::ErrorUnexpected(); | 660 return Status::ErrorUnexpected(); |
665 } | 661 } |
666 break; | 662 break; |
667 } | 663 } |
668 case blink::WebCryptoKeyAlgorithmParamsTypeRsa: | |
669 switch (algorithm.id()) { | |
670 case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: | |
671 jwk_dict->SetString("alg", "RSA1_5"); | |
672 break; | |
673 default: | |
674 NOTREACHED(); | |
675 return Status::ErrorUnexpected(); | |
676 } | |
677 break; | |
678 case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed: | 664 case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed: |
679 switch (algorithm.id()) { | 665 switch (algorithm.id()) { |
680 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: { | 666 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: { |
681 switch (algorithm.rsaHashedParams()->hash().id()) { | 667 switch (algorithm.rsaHashedParams()->hash().id()) { |
682 case blink::WebCryptoAlgorithmIdSha1: | 668 case blink::WebCryptoAlgorithmIdSha1: |
683 jwk_dict->SetString("alg", "RS1"); | 669 jwk_dict->SetString("alg", "RS1"); |
684 break; | 670 break; |
685 case blink::WebCryptoAlgorithmIdSha256: | 671 case blink::WebCryptoAlgorithmIdSha256: |
686 jwk_dict->SetString("alg", "RS256"); | 672 jwk_dict->SetString("alg", "RS256"); |
687 break; | 673 break; |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
723 } | 709 } |
724 break; | 710 break; |
725 default: | 711 default: |
726 return Status::ErrorUnsupported(); | 712 return Status::ErrorUnsupported(); |
727 } | 713 } |
728 return Status::Success(); | 714 return Status::Success(); |
729 } | 715 } |
730 | 716 |
731 bool IsRsaKey(const blink::WebCryptoKey& key) { | 717 bool IsRsaKey(const blink::WebCryptoKey& key) { |
732 const blink::WebCryptoAlgorithmId algorithm_id = key.algorithm().id(); | 718 const blink::WebCryptoAlgorithmId algorithm_id = key.algorithm().id(); |
733 return algorithm_id == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || | 719 return algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
734 algorithm_id == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || | |
735 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep; | 720 algorithm_id == blink::WebCryptoAlgorithmIdRsaOaep; |
736 } | 721 } |
737 | 722 |
738 Status ImportRsaKey(base::DictionaryValue* dict, | 723 Status ImportRsaKey(base::DictionaryValue* dict, |
739 const blink::WebCryptoAlgorithm& algorithm, | 724 const blink::WebCryptoAlgorithm& algorithm, |
740 bool extractable, | 725 bool extractable, |
741 blink::WebCryptoKeyUsageMask usage_mask, | 726 blink::WebCryptoKeyUsageMask usage_mask, |
742 blink::WebCryptoKey* key) { | 727 blink::WebCryptoKey* key) { |
743 // An RSA public key must have an "n" (modulus) and an "e" (exponent) entry | 728 // An RSA public key must have an "n" (modulus) and an "e" (exponent) entry |
744 // in the JWK, while an RSA private key must have those, plus at least a "d" | 729 // in the JWK, while an RSA private key must have those, plus at least a "d" |
(...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1021 | 1006 |
1022 std::string json; | 1007 std::string json; |
1023 base::JSONWriter::Write(&jwk_dict, &json); | 1008 base::JSONWriter::Write(&jwk_dict, &json); |
1024 buffer->assign(json.data(), json.data() + json.size()); | 1009 buffer->assign(json.data(), json.data() + json.size()); |
1025 return Status::Success(); | 1010 return Status::Success(); |
1026 } | 1011 } |
1027 | 1012 |
1028 } // namespace webcrypto | 1013 } // namespace webcrypto |
1029 | 1014 |
1030 } // namespace content | 1015 } // namespace content |
OLD | NEW |