Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / components / webcrypto / algorithms / rsa_oaep.cc
blobf68a4112dd9674107f4fb4f7ed92bf8e93aa8bdb
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include <openssl/evp.h>
7 #include "base/stl_util.h"
8 #include "components/webcrypto/algorithms/rsa.h"
9 #include "components/webcrypto/algorithms/util_openssl.h"
10 #include "components/webcrypto/crypto_data.h"
11 #include "components/webcrypto/key.h"
12 #include "components/webcrypto/status.h"
13 #include "crypto/openssl_util.h"
14 #include "crypto/scoped_openssl_types.h"
15 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
16 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
18 namespace webcrypto {
20 namespace {
22 typedef int (*InitFunc)(EVP_PKEY_CTX* ctx);
23 typedef int (*EncryptDecryptFunc)(EVP_PKEY_CTX* ctx,
24 unsigned char* out,
25 size_t* outlen,
26 const unsigned char* in,
27 size_t inlen);
29 // Helper for doing either RSA-OAEP encryption or decryption.
31 // To encrypt call with:
32 // init_func=EVP_PKEY_encrypt_init, encrypt_decrypt_func=EVP_PKEY_encrypt
34 // To decrypt call with:
35 // init_func=EVP_PKEY_decrypt_init, encrypt_decrypt_func=EVP_PKEY_decrypt
36 Status CommonEncryptDecrypt(InitFunc init_func,
37 EncryptDecryptFunc encrypt_decrypt_func,
38 const blink::WebCryptoAlgorithm& algorithm,
39 const blink::WebCryptoKey& key,
40 const CryptoData& data,
41 std::vector<uint8_t>* buffer) {
42 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
44 EVP_PKEY* pkey = GetEVP_PKEY(key);
45 const EVP_MD* digest =
46 GetDigest(key.algorithm().rsaHashedParams()->hash().id());
47 if (!digest)
48 return Status::ErrorUnsupported();
50 crypto::ScopedEVP_PKEY_CTX ctx(EVP_PKEY_CTX_new(pkey, NULL));
52 if (!init_func(ctx.get()) ||
53 1 != EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_PKCS1_OAEP_PADDING) ||
54 1 != EVP_PKEY_CTX_set_rsa_oaep_md(ctx.get(), digest) ||
55 1 != EVP_PKEY_CTX_set_rsa_mgf1_md(ctx.get(), digest)) {
56 return Status::OperationError();
59 const blink::WebVector<uint8_t>& label =
60 algorithm.rsaOaepParams()->optionalLabel();
62 if (label.size()) {
63 // Make a copy of the label, since the ctx takes ownership of it when
64 // calling set0_rsa_oaep_label().
65 crypto::ScopedOpenSSLBytes label_copy;
66 label_copy.reset(static_cast<uint8_t*>(OPENSSL_malloc(label.size())));
67 memcpy(label_copy.get(), label.data(), label.size());
69 if (1 != EVP_PKEY_CTX_set0_rsa_oaep_label(ctx.get(), label_copy.release(),
70 label.size())) {
71 return Status::OperationError();
75 // Determine the maximum length of the output.
76 size_t outlen = 0;
77 if (!encrypt_decrypt_func(ctx.get(), NULL, &outlen, data.bytes(),
78 data.byte_length())) {
79 return Status::OperationError();
81 buffer->resize(outlen);
83 // Do the actual encryption/decryption.
84 if (!encrypt_decrypt_func(ctx.get(), vector_as_array(buffer), &outlen,
85 data.bytes(), data.byte_length())) {
86 return Status::OperationError();
88 buffer->resize(outlen);
90 return Status::Success();
93 class RsaOaepImplementation : public RsaHashedAlgorithm {
94 public:
95 RsaOaepImplementation()
96 : RsaHashedAlgorithm(
97 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageWrapKey,
98 blink::WebCryptoKeyUsageDecrypt |
99 blink::WebCryptoKeyUsageUnwrapKey) {}
101 const char* GetJwkAlgorithm(
102 const blink::WebCryptoAlgorithmId hash) const override {
103 switch (hash) {
104 case blink::WebCryptoAlgorithmIdSha1:
105 return "RSA-OAEP";
106 case blink::WebCryptoAlgorithmIdSha256:
107 return "RSA-OAEP-256";
108 case blink::WebCryptoAlgorithmIdSha384:
109 return "RSA-OAEP-384";
110 case blink::WebCryptoAlgorithmIdSha512:
111 return "RSA-OAEP-512";
112 default:
113 return NULL;
117 Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
118 const blink::WebCryptoKey& key,
119 const CryptoData& data,
120 std::vector<uint8_t>* buffer) const override {
121 if (key.type() != blink::WebCryptoKeyTypePublic)
122 return Status::ErrorUnexpectedKeyType();
124 return CommonEncryptDecrypt(EVP_PKEY_encrypt_init, EVP_PKEY_encrypt,
125 algorithm, key, data, buffer);
128 Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
129 const blink::WebCryptoKey& key,
130 const CryptoData& data,
131 std::vector<uint8_t>* buffer) const override {
132 if (key.type() != blink::WebCryptoKeyTypePrivate)
133 return Status::ErrorUnexpectedKeyType();
135 return CommonEncryptDecrypt(EVP_PKEY_decrypt_init, EVP_PKEY_decrypt,
136 algorithm, key, data, buffer);
140 } // namespace
142 scoped_ptr<AlgorithmImplementation> CreateRsaOaepImplementation() {
143 return make_scoped_ptr(new RsaOaepImplementation);
146 } // namespace webcrypto