[webcrypto] Add RSA key generation using NSS.

content/renderer/webcrypto/webcrypto_impl_nss.cc

Index: content/renderer/webcrypto/webcrypto_impl_nss.cc
diff --git a/content/renderer/webcrypto/webcrypto_impl_nss.cc b/content/renderer/webcrypto/webcrypto_impl_nss.cc
index a20f72fb6bfd1bfe4336cb9a60deb8f15e3bd3f0..9d5a08ec1c3a92eb281df8bf3ec9b6745cd22c89 100644
--- a/content/renderer/webcrypto/webcrypto_impl_nss.cc
+++ b/content/renderer/webcrypto/webcrypto_impl_nss.cc
@@ -24,10 +24,7 @@ namespace {
 
 class SymKeyHandle : public WebKit::WebCryptoKeyHandle {
  public:
-  explicit SymKeyHandle(crypto::ScopedPK11SymKey key) {
-    DCHECK(!key_.get());
-    key_ = key.Pass();
-  }
+  explicit SymKeyHandle(crypto::ScopedPK11SymKey key) : key_(key.Pass()) {}
 
   PK11SymKey* key() { return key_.get(); }
 
@@ -37,6 +34,32 @@ class SymKeyHandle : public WebKit::WebCryptoKeyHandle {
   DISALLOW_COPY_AND_ASSIGN(SymKeyHandle);
 };
 
+class PublicKeyHandle : public WebKit::WebCryptoKeyHandle {
+ public:
+  explicit PublicKeyHandle(crypto::ScopedSECKEYPublicKey key)
+      : key_(key.Pass()) {}
+
+  SECKEYPublicKey* key() { return key_.get(); }
+
+ private:
+  crypto::ScopedSECKEYPublicKey key_;
+
+  DISALLOW_COPY_AND_ASSIGN(PublicKeyHandle);
+};
+
+class PrivateKeyHandle : public WebKit::WebCryptoKeyHandle {
+ public:
+  explicit PrivateKeyHandle(crypto::ScopedSECKEYPrivateKey key)
+      : key_(key.Pass()) {}
+
+  SECKEYPrivateKey* key() { return key_.get(); }
+
+ private:
+  crypto::ScopedSECKEYPrivateKey key_;
+
+  DISALLOW_COPY_AND_ASSIGN(PrivateKeyHandle);
+};
+
 HASH_HashType WebCryptoAlgorithmToNSSHashType(
     const WebKit::WebCryptoAlgorithm& algorithm) {
   switch (algorithm.id()) {
@@ -193,6 +216,26 @@ unsigned int WebCryptoHmacAlgorithmToBlockSize(
   }
 }
 
+// Convert a (big-endian) WebCrypto BigInteger, with or without leading zeros,

[eroman, 2013/10/28 20:00:47]

minor nit: "Convert" --> "Converts".

Google C++ style asks for passive tense in function comments
(http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml?showone=Functi...)

[padolph, 2013/10/28 21:08:53]

Done.

+// to unsigned long.
+bool BigIntegerToLong(const uint8* data,
+                      unsigned data_size,
+                      unsigned long* result) {
+  if (data_size == 0)
+    return false;  // TODO(padolph): Is this correct?

[eroman, 2013/10/28 20:00:47]

You can link to https://www.w3.org/Bugs/Public/show_bug.cgi?id=23655

[padolph, 2013/10/28 21:08:53]

Done.

+
+  *result = 0;
+  for (size_t i = 0; i < data_size; ++i) {
+    size_t reverse_i = data_size - i - 1;
+
+    if (reverse_i >= sizeof(unsigned long) && data[i])
+      return false;  // Too large for a long.
+
+    *result |= data[i] << 8 * reverse_i;
+  }
+  return true;
+}
+
 }  // namespace
 
 void WebCryptoImpl::Init() {
@@ -323,6 +366,81 @@ bool WebCryptoImpl::GenerateKeyInternal(
   return true;
 }
 
+bool WebCryptoImpl::GenerateKeyPairInternal(
+    const WebKit::WebCryptoAlgorithm& algorithm,
+    scoped_ptr<WebKit::WebCryptoKeyHandle>* public_key_handle,
+    scoped_ptr<WebKit::WebCryptoKeyHandle>* private_key_handle) {
+
+  // TODO(padolph) Handle other asymmetric algorithm key generation

[eroman, 2013/10/28 20:00:47]

minor nit:  put colon after closing paren.

[padolph, 2013/10/28 21:08:53]

Done.

+  switch (algorithm.id()) {
+    case WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
+    case WebKit::WebCryptoAlgorithmIdRsaOaep:
+    case WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: {
+      const WebKit::WebCryptoRsaKeyGenParams* const params =
+          algorithm.rsaKeyGenParams();
+      DCHECK(params);
+
+      crypto::ScopedPK11Slot slot(PK11_GetInternalKeySlot());
+      unsigned long public_exponent;
+      if (!slot || !params->modulusLength() ||
+          !params->publicExponent().size() ||

[eroman, 2013/10/28 20:00:47]

This check is not needed, since it is OK to call .data() on an empty WebVector.

BigIntegerToLong() handles the empty length.

[padolph, 2013/10/28 21:08:53]

Done.

+          !BigIntegerToLong(params->publicExponent().data(),
+                            params->publicExponent().size(),
+                            &public_exponent) ||
+          !public_exponent) {

[eroman, 2013/10/28 20:00:47]

Is this check necessary, or will NSS fail later with 0 exponent? (No change
necessary, just wondering).

[padolph, 2013/10/28 21:08:53]

NSS fails correctly in this case, but I thought it was a good idea to shortcut
this failure if we know ahead of time. IIRC, NSS spent considerable cycles
before failing that cost is sidestepped by this check.

+        return false;
+      }
+
+      PK11RSAGenParams rsa_gen_params;
+      rsa_gen_params.keySizeInBits = params->modulusLength();
+      rsa_gen_params.pe = public_exponent;
+
+      // Flags are verified at the Blink layer; here the flags are set to all
+      // possible operations for the given key type.
+      CK_FLAGS operation_flags;
+      switch (algorithm.id()) {
+        case WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
+          operation_flags = CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP;
+          break;
+        case WebKit::WebCryptoAlgorithmIdRsaOaep:
+          operation_flags = CKF_ENCRYPT | CKF_DECRYPT | CKF_WRAP | CKF_UNWRAP;

[eroman, 2013/10/28 20:00:47]

[optional]: since this line is the same as above, could use fall-through.

[padolph, 2013/10/28 21:08:53]

Done.

+          break;
+        case WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
+          operation_flags = CKF_SIGN | CKF_VERIFY;
+          break;
+        default:
+          NOTREACHED();
+          return false;
+      }
+      const CK_FLAGS operation_flags_mask = CKF_ENCRYPT | CKF_DECRYPT |
+                                            CKF_SIGN | CKF_VERIFY | CKF_WRAP |
+                                            CKF_UNWRAP;
+      const PK11AttrFlags attribute_flags = 0;  // default all PK11_ATTR_ flags
+
+      SECKEYPublicKey* sec_public_key;
+      crypto::ScopedSECKEYPrivateKey private_key(
+          PK11_GenerateKeyPairWithOpFlags(slot.get(),
+                                          CKM_RSA_PKCS_KEY_PAIR_GEN,
+                                          &rsa_gen_params,
+                                          &sec_public_key,
+                                          attribute_flags,
+                                          operation_flags,
+                                          operation_flags_mask,
+                                          NULL));
+      if (!private_key) {
+        return false;
+      }
+      crypto::ScopedSECKEYPublicKey public_key(sec_public_key);
+
+      public_key_handle->reset(new PublicKeyHandle(public_key.Pass()));
+      private_key_handle->reset(new PrivateKeyHandle(private_key.Pass()));
+
+      return true;
+    }
+    default:
+      return false;
+  }
+}
 
 bool WebCryptoImpl::ImportKeyInternal(
     WebKit::WebCryptoKeyFormat format,