// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/webcrypto/algorithms/rsa.h" #include <utility> #include <string_view> #include "base/check_op.h" #include "base/containers/span.h" #include "components/webcrypto/algorithms/asymmetric_key_util.h" #include "components/webcrypto/algorithms/util.h" #include "components/webcrypto/blink_key_handle.h" #include "components/webcrypto/generate_key_result.h" #include "components/webcrypto/jwk.h" #include "components/webcrypto/status.h" #include "crypto/openssl_util.h" #include "third_party/blink/public/platform/web_crypto_algorithm_params.h" #include "third_party/blink/public/platform/web_crypto_key_algorithm.h" #include "third_party/boringssl/src/include/openssl/bn.h" #include "third_party/boringssl/src/include/openssl/evp.h" #include "third_party/boringssl/src/include/openssl/rsa.h" namespace webcrypto { namespace { // Describes the RSA components for a parsed key. The names of the properties // correspond with those from the JWK spec. Note that Chromium's WebCrypto // implementation does not support multi-primes, so there is no parsed field // for "oth". struct JwkRsaInfo { … }; // Parses a UTF-8 encoded JWK (key_data), and extracts the RSA components to // |*result|. Returns Status::Success() on success, otherwise an error. // In order for this to succeed: // * expected_alg must match the JWK's "alg", if present. // * expected_extractable must be consistent with the JWK's "ext", if // present. // * expected_usages must be a subset of the JWK's "key_ops" if present. Status ReadRsaKeyJwk(base::span<const uint8_t> key_data, std::string_view expected_alg, bool expected_extractable, blink::WebCryptoKeyUsageMask expected_usages, JwkRsaInfo* result) { … } // Converts a BIGNUM to a big endian byte array. std::vector<uint8_t> BIGNUMToVector(const BIGNUM* n) { … } // Creates a blink::WebCryptoAlgorithm having the modulus length and public // exponent of |key|. Status CreateRsaHashedKeyAlgorithm( blink::WebCryptoAlgorithmId rsa_algorithm, blink::WebCryptoAlgorithmId hash_algorithm, EVP_PKEY* key, blink::WebCryptoKeyAlgorithm* key_algorithm) { … } // Creates a WebCryptoKey that wraps |private_key|. Status CreateWebCryptoRsaPrivateKey( bssl::UniquePtr<EVP_PKEY> private_key, const blink::WebCryptoAlgorithmId rsa_algorithm_id, const blink::WebCryptoAlgorithm& hash, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) { … } // Creates a WebCryptoKey that wraps |public_key|. Status CreateWebCryptoRsaPublicKey( bssl::UniquePtr<EVP_PKEY> public_key, const blink::WebCryptoAlgorithmId rsa_algorithm_id, const blink::WebCryptoAlgorithm& hash, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) { … } Status ImportRsaPrivateKey(const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, const JwkRsaInfo& params, blink::WebCryptoKey* key) { … } Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, base::span<const uint8_t> n, base::span<const uint8_t> e, blink::WebCryptoKey* key) { … } // Synthesizes an import algorithm given a key algorithm, so that // deserialization can re-use the ImportKey*() methods. blink::WebCryptoAlgorithm SynthesizeImportAlgorithmForClone( const blink::WebCryptoKeyAlgorithm& algorithm) { … } } // namespace Status RsaHashedAlgorithm::GenerateKey( const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask combined_usages, GenerateKeyResult* result) const { … } Status RsaHashedAlgorithm::ImportKey(blink::WebCryptoKeyFormat format, base::span<const uint8_t> key_data, const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) const { … } Status RsaHashedAlgorithm::ExportKey(blink::WebCryptoKeyFormat format, const blink::WebCryptoKey& key, std::vector<uint8_t>* buffer) const { … } Status RsaHashedAlgorithm::ImportKeyPkcs8( base::span<const uint8_t> key_data, const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) const { … } Status RsaHashedAlgorithm::ImportKeySpki( base::span<const uint8_t> key_data, const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) const { … } Status RsaHashedAlgorithm::ImportKeyJwk( base::span<const uint8_t> key_data, const blink::WebCryptoAlgorithm& algorithm, bool extractable, blink::WebCryptoKeyUsageMask usages, blink::WebCryptoKey* key) const { … } Status RsaHashedAlgorithm::ExportKeyPkcs8(const blink::WebCryptoKey& key, std::vector<uint8_t>* buffer) const { … } Status RsaHashedAlgorithm::ExportKeySpki(const blink::WebCryptoKey& key, std::vector<uint8_t>* buffer) const { … } Status RsaHashedAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key, std::vector<uint8_t>* buffer) const { … } // TODO(eroman): Defer import to the crypto thread. http://crbug.com/430763 Status RsaHashedAlgorithm::DeserializeKeyForClone( const blink::WebCryptoKeyAlgorithm& algorithm, blink::WebCryptoKeyType type, bool extractable, blink::WebCryptoKeyUsageMask usages, base::span<const uint8_t> key_data, blink::WebCryptoKey* key) const { … } } // namespace webcrypto
Codebase Browser
chromium