1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
11 #include "base/stl_util.h"
12 #include "content/child/webcrypto/crypto_data.h"
13 #include "content/child/webcrypto/nss/key_nss.h"
14 #include "content/child/webcrypto/nss/rsa_key_nss.h"
15 #include "content/child/webcrypto/nss/util_nss.h"
16 #include "content/child/webcrypto/status.h"
17 #include "content/child/webcrypto/webcrypto_util.h"
18 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
19 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
27 Status
NssSupportsRsaOaep() {
28 if (NssRuntimeSupport::Get()->IsRsaOaepSupported())
29 return Status::Success();
30 return Status::ErrorUnsupported(
31 "NSS version doesn't support RSA-OAEP. Try using version 3.16.2 or "
35 CK_MECHANISM_TYPE
WebCryptoHashToMGFMechanism(
36 const blink::WebCryptoAlgorithm
& algorithm
) {
37 switch (algorithm
.id()) {
38 case blink::WebCryptoAlgorithmIdSha1
:
40 case blink::WebCryptoAlgorithmIdSha256
:
41 return CKG_MGF1_SHA256
;
42 case blink::WebCryptoAlgorithmIdSha384
:
43 return CKG_MGF1_SHA384
;
44 case blink::WebCryptoAlgorithmIdSha512
:
45 return CKG_MGF1_SHA512
;
47 return CKM_INVALID_MECHANISM
;
51 CK_MECHANISM_TYPE
WebCryptoHashToDigestMechanism(
52 const blink::WebCryptoAlgorithm
& algorithm
) {
53 switch (algorithm
.id()) {
54 case blink::WebCryptoAlgorithmIdSha1
:
56 case blink::WebCryptoAlgorithmIdSha256
:
58 case blink::WebCryptoAlgorithmIdSha384
:
60 case blink::WebCryptoAlgorithmIdSha512
:
63 // Not a supported algorithm.
64 return CKM_INVALID_MECHANISM
;
68 bool InitializeRsaOaepParams(const blink::WebCryptoAlgorithm
& hash
,
69 const CryptoData
& label
,
70 CK_RSA_PKCS_OAEP_PARAMS
* oaep_params
) {
71 oaep_params
->source
= CKZ_DATA_SPECIFIED
;
72 oaep_params
->pSourceData
= const_cast<unsigned char*>(label
.bytes());
73 oaep_params
->ulSourceDataLen
= label
.byte_length();
74 oaep_params
->mgf
= WebCryptoHashToMGFMechanism(hash
);
75 oaep_params
->hashAlg
= WebCryptoHashToDigestMechanism(hash
);
77 if (oaep_params
->mgf
== CKM_INVALID_MECHANISM
||
78 oaep_params
->hashAlg
== CKM_INVALID_MECHANISM
) {
85 Status
EncryptRsaOaep(SECKEYPublicKey
* key
,
86 const blink::WebCryptoAlgorithm
& hash
,
87 const CryptoData
& label
,
88 const CryptoData
& data
,
89 std::vector
<uint8_t>* buffer
) {
90 CK_RSA_PKCS_OAEP_PARAMS oaep_params
= {0};
91 if (!InitializeRsaOaepParams(hash
, label
, &oaep_params
))
92 return Status::ErrorUnsupported();
95 param
.type
= siBuffer
;
96 param
.data
= reinterpret_cast<unsigned char*>(&oaep_params
);
97 param
.len
= sizeof(oaep_params
);
99 buffer
->resize(SECKEY_PublicKeyStrength(key
));
100 unsigned char* buffer_data
= vector_as_array(buffer
);
101 unsigned int output_len
;
102 if (NssRuntimeSupport::Get()->pk11_pub_encrypt_func()(key
,
110 NULL
) != SECSuccess
) {
111 return Status::OperationError();
114 CHECK_LE(output_len
, buffer
->size());
115 buffer
->resize(output_len
);
116 return Status::Success();
119 Status
DecryptRsaOaep(SECKEYPrivateKey
* key
,
120 const blink::WebCryptoAlgorithm
& hash
,
121 const CryptoData
& label
,
122 const CryptoData
& data
,
123 std::vector
<uint8_t>* buffer
) {
124 Status status
= NssSupportsRsaOaep();
125 if (status
.IsError())
128 CK_RSA_PKCS_OAEP_PARAMS oaep_params
= {0};
129 if (!InitializeRsaOaepParams(hash
, label
, &oaep_params
))
130 return Status::ErrorUnsupported();
133 param
.type
= siBuffer
;
134 param
.data
= reinterpret_cast<unsigned char*>(&oaep_params
);
135 param
.len
= sizeof(oaep_params
);
137 const int modulus_length_bytes
= PK11_GetPrivateModulusLen(key
);
138 if (modulus_length_bytes
<= 0)
139 return Status::ErrorUnexpected();
141 buffer
->resize(modulus_length_bytes
);
143 unsigned char* buffer_data
= vector_as_array(buffer
);
144 unsigned int output_len
;
145 if (NssRuntimeSupport::Get()->pk11_priv_decrypt_func()(key
,
152 data
.byte_length()) !=
154 return Status::OperationError();
157 CHECK_LE(output_len
, buffer
->size());
158 buffer
->resize(output_len
);
159 return Status::Success();
162 class RsaOaepImplementation
: public RsaHashedAlgorithm
{
164 RsaOaepImplementation()
165 : RsaHashedAlgorithm(
166 CKF_ENCRYPT
| CKF_DECRYPT
| CKF_WRAP
| CKF_UNWRAP
,
167 blink::WebCryptoKeyUsageEncrypt
| blink::WebCryptoKeyUsageWrapKey
,
168 blink::WebCryptoKeyUsageDecrypt
|
169 blink::WebCryptoKeyUsageUnwrapKey
) {}
171 virtual Status
VerifyKeyUsagesBeforeGenerateKeyPair(
172 blink::WebCryptoKeyUsageMask combined_usage_mask
,
173 blink::WebCryptoKeyUsageMask
* public_usage_mask
,
174 blink::WebCryptoKeyUsageMask
* private_usage_mask
) const OVERRIDE
{
175 Status status
= NssSupportsRsaOaep();
176 if (status
.IsError())
178 return RsaHashedAlgorithm::VerifyKeyUsagesBeforeGenerateKeyPair(
179 combined_usage_mask
, public_usage_mask
, private_usage_mask
);
182 virtual Status
VerifyKeyUsagesBeforeImportKey(
183 blink::WebCryptoKeyFormat format
,
184 blink::WebCryptoKeyUsageMask usage_mask
) const OVERRIDE
{
185 Status status
= NssSupportsRsaOaep();
186 if (status
.IsError())
188 return RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey(format
,
192 virtual const char* GetJwkAlgorithm(
193 const blink::WebCryptoAlgorithmId hash
) const OVERRIDE
{
195 case blink::WebCryptoAlgorithmIdSha1
:
197 case blink::WebCryptoAlgorithmIdSha256
:
198 return "RSA-OAEP-256";
199 case blink::WebCryptoAlgorithmIdSha384
:
200 return "RSA-OAEP-384";
201 case blink::WebCryptoAlgorithmIdSha512
:
202 return "RSA-OAEP-512";
208 virtual Status
Encrypt(const blink::WebCryptoAlgorithm
& algorithm
,
209 const blink::WebCryptoKey
& key
,
210 const CryptoData
& data
,
211 std::vector
<uint8_t>* buffer
) const OVERRIDE
{
212 if (key
.type() != blink::WebCryptoKeyTypePublic
)
213 return Status::ErrorUnexpectedKeyType();
215 return EncryptRsaOaep(
216 PublicKeyNss::Cast(key
)->key(),
217 key
.algorithm().rsaHashedParams()->hash(),
218 CryptoData(algorithm
.rsaOaepParams()->optionalLabel()),
223 virtual Status
Decrypt(const blink::WebCryptoAlgorithm
& algorithm
,
224 const blink::WebCryptoKey
& key
,
225 const CryptoData
& data
,
226 std::vector
<uint8_t>* buffer
) const OVERRIDE
{
227 if (key
.type() != blink::WebCryptoKeyTypePrivate
)
228 return Status::ErrorUnexpectedKeyType();
230 return DecryptRsaOaep(
231 PrivateKeyNss::Cast(key
)->key(),
232 key
.algorithm().rsaHashedParams()->hash(),
233 CryptoData(algorithm
.rsaOaepParams()->optionalLabel()),
241 AlgorithmImplementation
* CreatePlatformRsaOaepImplementation() {
242 return new RsaOaepImplementation
;
245 } // namespace webcrypto
247 } // namespace content