Chromium Code Reviews Chromium Code Reviews| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <cryptohi.h> | |
| 6 #include <pk11pub.h> | |
| 7 #include <secerr.h> | |
| 8 #include <sechash.h> | |
| 9 | |
| 10 #include "base/logging.h" | |
| 11 #include "content/child/webcrypto/crypto_data.h" | |
| 12 #include "content/child/webcrypto/jwk.h" | |
| 13 #include "content/child/webcrypto/nss/key_nss.h" | |
| 14 #include "content/child/webcrypto/nss/sym_key_nss.h" | |
| 15 #include "content/child/webcrypto/nss/util_nss.h" | |
| 16 #include "content/child/webcrypto/status.h" | |
| 17 #include "content/child/webcrypto/webcrypto_util.h" | |
| 18 #include "crypto/secure_util.h" | |
| 19 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
| 20 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | |
| 21 | |
| 22 namespace content { | |
| 23 | |
| 24 namespace webcrypto { | |
| 25 | |
| 26 namespace { | |
| 27 | |
| 28 const blink::WebCryptoKeyUsageMask kAllKeyUsages = | |
| 29 blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify; | |
| 30 | |
| 31 bool WebCryptoHashToHMACMechanism(const blink::WebCryptoAlgorithm& algorithm, | |
| 32 CK_MECHANISM_TYPE* mechanism) { | |
| 33 switch (algorithm.id()) { | |
| 34 case blink::WebCryptoAlgorithmIdSha1: | |
| 35 *mechanism = CKM_SHA_1_HMAC; | |
| 36 return true; | |
| 37 case blink::WebCryptoAlgorithmIdSha256: | |
| 38 *mechanism = CKM_SHA256_HMAC; | |
| 39 return true; | |
| 40 case blink::WebCryptoAlgorithmIdSha384: | |
| 41 *mechanism = CKM_SHA384_HMAC; | |
| 42 return true; | |
| 43 case blink::WebCryptoAlgorithmIdSha512: | |
| 44 *mechanism = CKM_SHA512_HMAC; | |
| 45 return true; | |
| 46 default: | |
| 47 return false; | |
| 48 } | |
| 49 } | |
| 50 | |
| 51 class HmacImplementation : public AlgorithmImplementation { | |
| 52 public: | |
| 53 HmacImplementation() {} | |
| 54 | |
| 55 virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, | |
| 56 bool extractable, | |
| 57 blink::WebCryptoKeyUsageMask usage_mask, | |
| 58 blink::WebCryptoKey* key) const OVERRIDE { | |
| 59 const blink::WebCryptoHmacKeyGenParams* params = | |
| 60 algorithm.hmacKeyGenParams(); | |
| 61 | |
| 62 const blink::WebCryptoAlgorithm& hash = params->hash(); | |
| 63 CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; | |
| 64 if (!WebCryptoHashToHMACMechanism(hash, &mechanism)) | |
| 65 return Status::ErrorUnsupported(); | |
| 66 | |
| 67 unsigned int keylen_bits = 0; | |
| 68 Status status = GetHmacKeyGenLength(params, &keylen_bits); | |
| 69 if (status.IsError()) | |
| 70 return status; | |
| 71 | |
| 72 return GenerateSecretKeyNss( | |
| 73 blink::WebCryptoKeyAlgorithm::createHmac(hash.id(), keylen_bits), | |
| 74 extractable, | |
| 75 usage_mask, | |
| 76 keylen_bits / 8, | |
| 77 mechanism, | |
| 78 key); | |
| 79 } | |
| 80 | |
| 81 virtual Status VerifyKeyUsagesBeforeImportKey( | |
| 82 blink::WebCryptoKeyFormat format, | |
| 83 blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE { | |
| 84 switch (format) { | |
| 85 case blink::WebCryptoKeyFormatRaw: | |
| 86 case blink::WebCryptoKeyFormatJwk: | |
| 87 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); | |
| 88 default: | |
| 89 return Status::ErrorUnsupportedImportKeyFormat(); | |
| 90 } | |
| 91 } | |
| 92 | |
| 93 virtual Status VerifyKeyUsagesBeforeGenerateKey( | |
| 94 blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE { | |
| 95 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); | |
| 96 } | |
| 97 | |
| 98 virtual Status ImportKeyRaw(const CryptoData& key_data, | |
| 99 const blink::WebCryptoAlgorithm& algorithm, | |
| 100 bool extractable, | |
| 101 blink::WebCryptoKeyUsageMask usage_mask, | |
| 102 blink::WebCryptoKey* key) const OVERRIDE { | |
| 103 const blink::WebCryptoAlgorithm& hash = | |
| 104 algorithm.hmacImportParams()->hash(); | |
| 105 | |
| 106 CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; | |
| 107 if (!WebCryptoHashToHMACMechanism(hash, &mechanism)) | |
| 108 return Status::ErrorUnsupported(); | |
| 109 | |
| 110 // TODO(eroman): check for overflow. | |
| 111 unsigned int keylen_bits = key_data.byte_length() * 8; | |
| 112 return ImportKeyRawNss( | |
| 113 key_data, | |
| 114 blink::WebCryptoKeyAlgorithm::createHmac(hash.id(), keylen_bits), | |
| 115 extractable, | |
| 116 usage_mask, | |
| 117 mechanism, | |
| 118 CKF_SIGN | CKF_VERIFY, | |
| 119 key); | |
| 120 } | |
| 121 | |
| 122 virtual Status ImportKeyJwk(const CryptoData& key_data, | |
| 123 const blink::WebCryptoAlgorithm& algorithm, | |
| 124 bool extractable, | |
| 125 blink::WebCryptoKeyUsageMask usage_mask, | |
| 126 blink::WebCryptoKey* key) const OVERRIDE { | |
| 127 const char* algorithm_name = | |
| 128 GetJwkHmacAlgorithmName(algorithm.hmacImportParams()->hash().id()); | |
| 129 if (!algorithm_name) | |
| 130 return Status::ErrorUnexpected(); | |
| 131 | |
| 132 std::vector<uint8> raw_data; | |
| 133 Status status = ReadSecretKeyJwk( | |
| 134 key_data, algorithm_name, extractable, usage_mask, &raw_data); | |
| 135 if (status.IsError()) | |
| 136 return status; | |
| 137 | |
| 138 return ImportKeyRaw( | |
| 139 CryptoData(raw_data), algorithm, extractable, usage_mask, key); | |
| 140 } | |
| 141 | |
| 142 virtual Status ExportKeyRaw(const blink::WebCryptoKey& key, | |
| 143 std::vector<uint8>* buffer) const OVERRIDE { | |
| 144 *buffer = SymKeyNss::Cast(key)->raw_key_data(); | |
| 145 return Status::Success(); | |
| 146 } | |
| 147 | |
| 148 virtual Status ExportKeyJwk(const blink::WebCryptoKey& key, | |
| 149 std::vector<uint8>* buffer) const OVERRIDE { | |
| 150 SymKeyNss* sym_key = SymKeyNss::Cast(key); | |
| 151 const std::vector<uint8>& raw_data = sym_key->raw_key_data(); | |
| 152 | |
| 153 const char* algorithm_name = | |
| 154 GetJwkHmacAlgorithmName(key.algorithm().hmacParams()->hash().id()); | |
| 155 if (!algorithm_name) | |
| 156 return Status::ErrorUnexpected(); | |
| 157 | |
| 158 WriteSecretKeyJwk(CryptoData(raw_data), | |
| 159 algorithm_name, | |
| 160 key.extractable(), | |
| 161 key.usages(), | |
| 162 buffer); | |
| 163 | |
| 164 return Status::Success(); | |
| 165 } | |
| 166 | |
| 167 virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm, | |
| 168 const blink::WebCryptoKey& key, | |
| 169 const CryptoData& data, | |
| 170 std::vector<uint8>* buffer) const OVERRIDE { | |
| 171 const blink::WebCryptoAlgorithm& hash = | |
| 172 key.algorithm().hmacParams()->hash(); | |
| 173 PK11SymKey* sym_key = SymKeyNss::Cast(key)->key(); | |
| 174 | |
| 175 CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; | |
| 176 if (!WebCryptoHashToHMACMechanism(hash, &mechanism)) | |
| 177 return Status::ErrorUnexpected(); | |
| 178 | |
| 179 SECItem param_item = {siBuffer, NULL, 0}; | |
| 180 SECItem data_item = MakeSECItemForBuffer(data); | |
| 181 // First call is to figure out the length. | |
| 182 SECItem signature_item = {siBuffer, NULL, 0}; | |
| 183 | |
| 184 if (PK11_SignWithSymKey( | |
| 185 sym_key, mechanism, ¶m_item, &signature_item, &data_item) != | |
| 186 SECSuccess) { | |
| 187 return Status::OperationError(); | |
| 188 } | |
| 189 | |
| 190 DCHECK_NE(0u, signature_item.len); | |
| 191 | |
| 192 buffer->resize(signature_item.len); | |
| 193 signature_item.data = Uint8VectorStart(buffer); | |
| 194 | |
| 195 if (PK11_SignWithSymKey( | |
| 196 sym_key, mechanism, ¶m_item, &signature_item, &data_item) != | |
| 197 SECSuccess) { | |
| 198 return Status::OperationError(); | |
| 199 } | |
| 200 | |
| 201 DCHECK_EQ(buffer->size(), signature_item.len); | |
|
Ryan Sleevi
2014/07/17 00:06:54
What is this DCHECK measuring? The caller of this
eroman
2014/07/17 20:37:25
Done, changed to CHECK().
| |
| 202 return Status::Success(); | |
| 203 } | |
| 204 | |
| 205 virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm, | |
| 206 const blink::WebCryptoKey& key, | |
| 207 const CryptoData& signature, | |
| 208 const CryptoData& data, | |
| 209 bool* signature_match) const OVERRIDE { | |
| 210 std::vector<uint8> result; | |
| 211 Status status = Sign(algorithm, key, data, &result); | |
| 212 | |
| 213 if (status.IsError()) | |
| 214 return status; | |
| 215 | |
| 216 // Do not allow verification of truncated MACs. | |
| 217 *signature_match = result.size() == signature.byte_length() && | |
| 218 crypto::SecureMemEqual(Uint8VectorStart(result), | |
| 219 signature.bytes(), | |
| 220 signature.byte_length()); | |
| 221 | |
| 222 return Status::Success(); | |
| 223 } | |
| 224 }; | |
| 225 | |
| 226 } // namespace | |
| 227 | |
| 228 AlgorithmImplementation* CreatePlatformHmacImplementation() { | |
| 229 return new HmacImplementation; | |
| 230 } | |
| 231 | |
| 232 } // namespace webcrypto | |
| 233 | |
| 234 } // namespace content | |
| OLD | NEW |
