Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(95)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/nss/rsa_ssa_nss.cc

Issue 379383002: Refactor WebCrypto code (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase onto master (no longer has BoringSSL) Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/child/webcrypto/nss/rsa_oaep_nss.cc ('k') | content/child/webcrypto/nss/sha_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <cryptohi.h>
6
7 #include "content/child/webcrypto/crypto_data.h"
8 #include "content/child/webcrypto/nss/key_nss.h"
9 #include "content/child/webcrypto/nss/rsa_key_nss.h"
10 #include "content/child/webcrypto/nss/util_nss.h"
11 #include "content/child/webcrypto/status.h"
12 #include "crypto/scoped_nss_types.h"
13 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
14
15 namespace content {
16
17 namespace webcrypto {
18
19 namespace {
20
21 class RsaSsaImplementation : public RsaHashedAlgorithm {
22 public:
23 RsaSsaImplementation()
24 : RsaHashedAlgorithm(CKF_SIGN | CKF_VERIFY,
25 blink::WebCryptoKeyUsageVerify,
26 blink::WebCryptoKeyUsageSign) {}
27
28 virtual const char* GetJwkAlgorithm(
29 const blink::WebCryptoAlgorithmId hash) const OVERRIDE {
30 switch (hash) {
31 case blink::WebCryptoAlgorithmIdSha1:
32 return "RS1";
33 case blink::WebCryptoAlgorithmIdSha256:
34 return "RS256";
35 case blink::WebCryptoAlgorithmIdSha384:
36 return "RS384";
37 case blink::WebCryptoAlgorithmIdSha512:
38 return "RS512";
39 default:
40 return NULL;
41 }
42 }
43
44 virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm,
45 const blink::WebCryptoKey& key,
46 const CryptoData& data,
47 std::vector<uint8>* buffer) const OVERRIDE {
48 if (key.type() != blink::WebCryptoKeyTypePrivate)
49 return Status::ErrorUnexpectedKeyType();
50
51 SECKEYPrivateKey* private_key = PrivateKeyNss::Cast(key)->key();
52
53 const blink::WebCryptoAlgorithm& hash =
54 key.algorithm().rsaHashedParams()->hash();
55
56 // Pick the NSS signing algorithm by combining RSA-SSA (RSA PKCS1) and the
57 // inner hash of the input Web Crypto algorithm.
58 SECOidTag sign_alg_tag;
59 switch (hash.id()) {
60 case blink::WebCryptoAlgorithmIdSha1:
61 sign_alg_tag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
62 break;
63 case blink::WebCryptoAlgorithmIdSha256:
64 sign_alg_tag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
65 break;
66 case blink::WebCryptoAlgorithmIdSha384:
67 sign_alg_tag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
68 break;
69 case blink::WebCryptoAlgorithmIdSha512:
70 sign_alg_tag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
71 break;
72 default:
73 return Status::ErrorUnsupported();
74 }
75
76 crypto::ScopedSECItem signature_item(SECITEM_AllocItem(NULL, NULL, 0));
77 if (SEC_SignData(signature_item.get(),
78 data.bytes(),
79 data.byte_length(),
80 private_key,
81 sign_alg_tag) != SECSuccess) {
82 return Status::OperationError();
83 }
84
85 buffer->assign(signature_item->data,
86 signature_item->data + signature_item->len);
87 return Status::Success();
88 }
89
90 virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm,
91 const blink::WebCryptoKey& key,
92 const CryptoData& signature,
93 const CryptoData& data,
94 bool* signature_match) const OVERRIDE {
95 if (key.type() != blink::WebCryptoKeyTypePublic)
96 return Status::ErrorUnexpectedKeyType();
97
98 SECKEYPublicKey* public_key = PublicKeyNss::Cast(key)->key();
99
100 const blink::WebCryptoAlgorithm& hash =
101 key.algorithm().rsaHashedParams()->hash();
102
103 const SECItem signature_item = MakeSECItemForBuffer(signature);
104
105 SECOidTag hash_alg_tag;
106 switch (hash.id()) {
107 case blink::WebCryptoAlgorithmIdSha1:
108 hash_alg_tag = SEC_OID_SHA1;
109 break;
110 case blink::WebCryptoAlgorithmIdSha256:
111 hash_alg_tag = SEC_OID_SHA256;
112 break;
113 case blink::WebCryptoAlgorithmIdSha384:
114 hash_alg_tag = SEC_OID_SHA384;
115 break;
116 case blink::WebCryptoAlgorithmIdSha512:
117 hash_alg_tag = SEC_OID_SHA512;
118 break;
119 default:
120 return Status::ErrorUnsupported();
121 }
122
123 *signature_match =
124 SECSuccess == VFY_VerifyDataDirect(data.bytes(),
125 data.byte_length(),
126 public_key,
127 &signature_item,
128 SEC_OID_PKCS1_RSA_ENCRYPTION,
129 hash_alg_tag,
130 NULL,
131 NULL);
132 return Status::Success();
133 }
134 };
135
136 } // namespace
137
138 AlgorithmImplementation* CreatePlatformRsaSsaImplementation() {
139 return new RsaSsaImplementation;
140 }
141
142 } // namespace webcrypto
143
144 } // namespace content
OLDNEW
« no previous file with comments | « content/child/webcrypto/nss/rsa_oaep_nss.cc ('k') | content/child/webcrypto/nss/sha_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698