[webcrypto] Add RSAES-PKCS1-v1_5 encrypt and decrypt for NSS.

content/renderer/webcrypto/webcrypto_impl_nss.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/renderer/webcrypto/webcrypto_impl.h"
 
 #include <cryptohi.h>
 #include <pk11pub.h>
 #include <sechash.h>
 
@@ skipping 232 matching lines @@
 void WebCryptoImpl::Init() {
   crypto::EnsureNSSInit();
 }
 
 bool WebCryptoImpl::EncryptInternal(
     const blink::WebCryptoAlgorithm& algorithm,
     const blink::WebCryptoKey& key,
     const unsigned char* data,
     unsigned data_size,
     blink::WebArrayBuffer* buffer) {
+
+  DCHECK_EQ(algorithm.id(), key.algorithm().id());
+  DCHECK(key.handle());
+  DCHECK(buffer);
+
   if (algorithm.id() == blink::WebCryptoAlgorithmIdAesCbc) {
     return AesCbcEncryptDecrypt(
         CKA_ENCRYPT, algorithm, key, data, data_size, buffer);
+  } else if (algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5) {

[eroman, 2013/11/21 02:07:01]

@rsleevi: Can you review this file as well? (Since I am a crypto and NSS
neophyte)

+
+    // RSAES encryption does not support empty input
+    if (!data_size)
+      return false;
+    DCHECK(data);
+
+    if (key.type() != blink::WebCryptoKeyTypePublic)
+      return false;
+
+    PublicKeyHandle* const public_key =
+        reinterpret_cast<PublicKeyHandle*>(key.handle());
+
+    const unsigned encrypted_length_bytes =
+        SECKEY_PublicKeyStrength(public_key->key());
+
+    // RSAES can operate on messages up to a length of k - 11, where k is the
+    // octet length of the RSA modulus.
+    if (encrypted_length_bytes < 11 || encrypted_length_bytes - 11 < data_size)
+      return false;
+
+    *buffer = blink::WebArrayBuffer::create(encrypted_length_bytes, 1);
+    unsigned char* const buffer_data =
+        reinterpret_cast<unsigned char*>(buffer->data());
+
+    if (PK11_PubEncryptPKCS1(public_key->key(),
+                             buffer_data,
+                             const_cast<unsigned char*>(data),
+                             data_size,
+                             NULL) != SECSuccess) {
+      return false;
+    }
+    return true;
   }
 
   return false;
 }
 
 bool WebCryptoImpl::DecryptInternal(
     const blink::WebCryptoAlgorithm& algorithm,
     const blink::WebCryptoKey& key,
     const unsigned char* data,
     unsigned data_size,
     blink::WebArrayBuffer* buffer) {
+
+  DCHECK_EQ(algorithm.id(), key.algorithm().id());
+  DCHECK(key.handle());
+  DCHECK(buffer);
+
   if (algorithm.id() == blink::WebCryptoAlgorithmIdAesCbc) {
     return AesCbcEncryptDecrypt(
         CKA_DECRYPT, algorithm, key, data, data_size, buffer);
+  } else if (algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5) {
+
+    // RSAES decryption does not support empty input
+    if (!data_size)
+      return false;
+    DCHECK(data);
+
+    if (key.type() != blink::WebCryptoKeyTypePrivate)
+      return false;
+
+    PrivateKeyHandle* const private_key =
+        reinterpret_cast<PrivateKeyHandle*>(key.handle());
+
+    const int modulus_length_bytes =
+        PK11_GetPrivateModulusLen(private_key->key());
+    if (modulus_length_bytes <= 0)
+      return false;
+    const unsigned max_output_length_bytes = modulus_length_bytes;
+
+    *buffer = blink::WebArrayBuffer::create(max_output_length_bytes, 1);
+    unsigned char* const buffer_data =
+        reinterpret_cast<unsigned char*>(buffer->data());
+
+    unsigned output_length_bytes = 0;
+    if (PK11_PrivDecryptPKCS1(private_key->key(),
+                              buffer_data,
+                              &output_length_bytes,
+                              max_output_length_bytes,
+                              const_cast<unsigned char*>(data),
+                              data_size) != SECSuccess) {
+      return false;
+    }
+    DCHECK_LE(output_length_bytes, max_output_length_bytes);
+    WebCryptoImpl::ShrinkBuffer(buffer, output_length_bytes);
+    return true;
   }
 
   return false;
 }
 
 bool WebCryptoImpl::DigestInternal(
     const blink::WebCryptoAlgorithm& algorithm,
     const unsigned char* data,
     unsigned data_size,
     blink::WebArrayBuffer* buffer) {
@@ skipping 362 matching lines @@
       break;
     }
     default:
       return false;
   }
 
   return true;
 }
 
 }  // namespace content