diff options
Diffstat (limited to 'Source/WebCore/crypto')
97 files changed, 6699 insertions, 238 deletions
diff --git a/Source/WebCore/crypto/CommonCryptoUtilities.cpp b/Source/WebCore/crypto/CommonCryptoUtilities.cpp new file mode 100644 index 000000000..6d4668ef2 --- /dev/null +++ b/Source/WebCore/crypto/CommonCryptoUtilities.cpp @@ -0,0 +1,173 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CommonCryptoUtilities.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#if USE(APPLE_INTERNAL_SDK) +#include <CommonCrypto/CommonBigNum.h> +#endif + +typedef CCCryptorStatus CCStatus; +extern "C" CCBigNumRef CCBigNumFromData(CCStatus *status, const void *s, size_t len); +extern "C" size_t CCBigNumToData(CCStatus *status, const CCBigNumRef bn, void *to); +extern "C" uint32_t CCBigNumByteCount(const CCBigNumRef bn); +extern "C" CCBigNumRef CCCreateBigNum(CCStatus *status); +extern "C" void CCBigNumFree(CCBigNumRef bn); +extern "C" CCBigNumRef CCBigNumCopy(CCStatus *status, const CCBigNumRef bn); +extern "C" CCStatus CCBigNumSubI(CCBigNumRef result, const CCBigNumRef a, const uint32_t b); +extern "C" CCStatus CCBigNumMod(CCBigNumRef result, CCBigNumRef dividend, CCBigNumRef modulus); +extern "C" CCStatus CCBigNumInverseMod(CCBigNumRef result, const CCBigNumRef a, const CCBigNumRef modulus); + +namespace WebCore { + +bool getCommonCryptoDigestAlgorithm(CryptoAlgorithmIdentifier hashFunction, CCDigestAlgorithm& algorithm) +{ + switch (hashFunction) { + case CryptoAlgorithmIdentifier::SHA_1: + algorithm = kCCDigestSHA1; + return true; + case CryptoAlgorithmIdentifier::SHA_224: + algorithm = kCCDigestSHA224; + return true; + case CryptoAlgorithmIdentifier::SHA_256: + algorithm = kCCDigestSHA256; + return true; + case CryptoAlgorithmIdentifier::SHA_384: + algorithm = kCCDigestSHA384; + return true; + case CryptoAlgorithmIdentifier::SHA_512: + algorithm = kCCDigestSHA512; + return true; + default: + return false; + } +} + +CCBigNum::CCBigNum(CCBigNumRef number) + : m_number(number) +{ +} + +CCBigNum::CCBigNum(const uint8_t* data, size_t size) +{ + CCStatus status = kCCSuccess; + m_number = CCBigNumFromData(&status, data, size); + RELEASE_ASSERT(!status); +} + +CCBigNum::~CCBigNum() +{ + CCBigNumFree(m_number); +} + +CCBigNum::CCBigNum(const CCBigNum& other) +{ + CCStatus status = kCCSuccess; + m_number = CCBigNumCopy(&status, other.m_number); + RELEASE_ASSERT(!status); +} + +CCBigNum::CCBigNum(CCBigNum&& other) +{ + m_number = other.m_number; + other.m_number = nullptr; +} + +CCBigNum& CCBigNum::operator=(const CCBigNum& other) +{ + if (this == &other) + return *this; + + CCBigNumFree(m_number); + + CCStatus status = kCCSuccess; + m_number = CCBigNumCopy(&status, other.m_number); + RELEASE_ASSERT(!status); + return *this; +} + +CCBigNum& CCBigNum::operator=(CCBigNum&& other) +{ + if (this == &other) + return *this; + + m_number = other.m_number; + other.m_number = nullptr; + + return *this; +} + +Vector<uint8_t> CCBigNum::data() const +{ + Vector<uint8_t> result(CCBigNumByteCount(m_number)); + CCStatus status = kCCSuccess; + CCBigNumToData(&status, m_number, result.data()); + RELEASE_ASSERT(!status); + + return result; +} + +CCBigNum CCBigNum::operator-(uint32_t b) const +{ + CCStatus status = kCCSuccess; + CCBigNumRef result = CCCreateBigNum(&status); + RELEASE_ASSERT(!status); + + status = CCBigNumSubI(result, m_number, b); + RELEASE_ASSERT(!status); + + return result; +} + +CCBigNum CCBigNum::operator%(const CCBigNum& modulus) const +{ + CCStatus status = kCCSuccess; + CCBigNumRef result = CCCreateBigNum(&status); + RELEASE_ASSERT(!status); + + status = CCBigNumMod(result, m_number, modulus.m_number); + RELEASE_ASSERT(!status); + + return result; +} + +CCBigNum CCBigNum::inverse(const CCBigNum& modulus) const +{ + CCStatus status = kCCSuccess; + CCBigNumRef result = CCCreateBigNum(&status); + RELEASE_ASSERT(!status); + + status = CCBigNumInverseMod(result, m_number, modulus.m_number); + RELEASE_ASSERT(!status); + + return result; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CommonCryptoUtilities.h b/Source/WebCore/crypto/CommonCryptoUtilities.h new file mode 100644 index 000000000..6af968d21 --- /dev/null +++ b/Source/WebCore/crypto/CommonCryptoUtilities.h @@ -0,0 +1,116 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmIdentifier.h" +#include <CommonCrypto/CommonCryptor.h> +#include <wtf/Vector.h> + +#if USE(APPLE_INTERNAL_SDK) +#include <CommonCrypto/CommonRSACryptor.h> +#include <CommonCrypto/CommonRandomSPI.h> +#endif + +#ifndef _CC_RSACRYPTOR_H_ +enum { + kCCDigestNone = 0, + kCCDigestSHA1 = 8, + kCCDigestSHA224 = 9, + kCCDigestSHA256 = 10, + kCCDigestSHA384 = 11, + kCCDigestSHA512 = 12, +}; +typedef uint32_t CCDigestAlgorithm; + +enum { + ccRSAKeyPublic = 0, + ccRSAKeyPrivate = 1 +}; +typedef uint32_t CCRSAKeyType; + +enum { + ccPKCS1Padding = 1001, + ccOAEPPadding = 1002 +}; +typedef uint32_t CCAsymmetricPadding; + +enum { + kCCNotVerified = -4306 +}; +#endif + +typedef struct _CCBigNumRef *CCBigNumRef; + +typedef struct __CCRandom *CCRandomRef; +extern const CCRandomRef kCCRandomDefault; +extern "C" int CCRandomCopyBytes(CCRandomRef rnd, void *bytes, size_t count); + +typedef struct _CCRSACryptor *CCRSACryptorRef; +extern "C" CCCryptorStatus CCRSACryptorEncrypt(CCRSACryptorRef publicKey, CCAsymmetricPadding padding, const void *plainText, size_t plainTextLen, void *cipherText, size_t *cipherTextLen, const void *tagData, size_t tagDataLen, CCDigestAlgorithm digestType); +extern "C" CCCryptorStatus CCRSACryptorDecrypt(CCRSACryptorRef privateKey, CCAsymmetricPadding padding, const void *cipherText, size_t cipherTextLen, void *plainText, size_t *plainTextLen, const void *tagData, size_t tagDataLen, CCDigestAlgorithm digestType); +extern "C" CCCryptorStatus CCRSACryptorSign(CCRSACryptorRef privateKey, CCAsymmetricPadding padding, const void *hashToSign, size_t hashSignLen, CCDigestAlgorithm digestType, size_t saltLen, void *signedData, size_t *signedDataLen); +extern "C" CCCryptorStatus CCRSACryptorVerify(CCRSACryptorRef publicKey, CCAsymmetricPadding padding, const void *hash, size_t hashLen, CCDigestAlgorithm digestType, size_t saltLen, const void *signedData, size_t signedDataLen); +extern "C" CCCryptorStatus CCRSACryptorCreateFromData(CCRSAKeyType keyType, uint8_t *modulus, size_t modulusLength, uint8_t *exponent, size_t exponentLength, uint8_t *p, size_t pLength, uint8_t *q, size_t qLength, CCRSACryptorRef *ref); +extern "C" CCCryptorStatus CCRSACryptorGeneratePair(size_t keysize, uint32_t e, CCRSACryptorRef *publicKey, CCRSACryptorRef *privateKey); +extern "C" CCRSACryptorRef CCRSACryptorGetPublicKeyFromPrivateKey(CCRSACryptorRef privkey); +extern "C" void CCRSACryptorRelease(CCRSACryptorRef key); +extern "C" CCCryptorStatus CCRSAGetKeyComponents(CCRSACryptorRef rsaKey, uint8_t *modulus, size_t *modulusLength, uint8_t *exponent, size_t *exponentLength, uint8_t *p, size_t *pLength, uint8_t *q, size_t *qLength); +extern "C" CCRSAKeyType CCRSAGetKeyType(CCRSACryptorRef key); +extern "C" CCCryptorStatus CCCryptorGCM(CCOperation op, CCAlgorithm alg, const void* key, size_t keyLength, const void* iv, size_t ivLen, const void* aData, size_t aDataLen, const void* dataIn, size_t dataInLength, void* dataOut, const void* tag, size_t* tagLength); +extern "C" CCCryptorStatus CCRSACryptorImport(const void *keyPackage, size_t keyPackageLen, CCRSACryptorRef *key); +extern "C" CCCryptorStatus CCRSACryptorExport(CCRSACryptorRef key, void *out, size_t *outLen); + +namespace WebCore { + +class CCBigNum { +public: + CCBigNum(const uint8_t*, size_t); + ~CCBigNum(); + + CCBigNum(const CCBigNum&); + CCBigNum(CCBigNum&&); + CCBigNum& operator=(const CCBigNum&); + CCBigNum& operator=(CCBigNum&&); + + Vector<uint8_t> data() const; + + CCBigNum operator-(uint32_t) const; + CCBigNum operator%(const CCBigNum&) const; + CCBigNum inverse(const CCBigNum& modulus) const; + +private: + CCBigNum(CCBigNumRef); + + CCBigNumRef m_number; +}; + +bool getCommonCryptoDigestAlgorithm(CryptoAlgorithmIdentifier, CCDigestAlgorithm&); + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoAlgorithm.cpp b/Source/WebCore/crypto/CryptoAlgorithm.cpp new file mode 100644 index 000000000..fcca683c1 --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithm.cpp @@ -0,0 +1,142 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" + +namespace WebCore { + +void CryptoAlgorithm::encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&, WorkQueue&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&, WorkQueue&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::sign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&, WorkQueue&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::verify(Ref<CryptoKey>&&, Vector<uint8_t>&&, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&, WorkQueue&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&, WorkQueue&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::generateKey(const CryptoAlgorithmParameters&, bool, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&& exceptionCallback) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&& exceptionCallback) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::wrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +void CryptoAlgorithm::unwrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&& exceptionCallback) +{ + exceptionCallback(NOT_SUPPORTED_ERR); +} + +ExceptionOr<void> CryptoAlgorithm::encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::sign(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::verify(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, const CryptoOperationData&, BoolCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::generateKey(const CryptoAlgorithmParametersDeprecated&, bool, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&&, ScriptExecutionContext&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::deriveKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, CryptoAlgorithm*, bool, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::deriveBits(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, unsigned long, VectorCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&&) +{ + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithm::encryptForWrapKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + return encrypt(parameters, key, data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithm::decryptForUnwrapKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + return decrypt(parameters, key, data, WTFMove(callback), WTFMove(failureCallback)); +} + +} + +#endif diff --git a/Source/WebCore/crypto/CryptoAlgorithm.h b/Source/WebCore/crypto/CryptoAlgorithm.h new file mode 100644 index 000000000..a8d23272e --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithm.h @@ -0,0 +1,97 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoKeyPair.h" +#include "CryptoKeyUsage.h" +#include "ExceptionOr.h" +#include "JsonWebKey.h" +#include "SubtleCrypto.h" +#include <wtf/Function.h> +#include <wtf/Vector.h> +#include <wtf/WorkQueue.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmParameters; +class CryptoAlgorithmParametersDeprecated; +class CryptoKey; +class CryptoKeyData; +class ScriptExecutionContext; + +// Data is mutable, so async operations should copy it first. +using CryptoOperationData = std::pair<const uint8_t*, size_t>; + +using KeyData = Variant<Vector<uint8_t>, JsonWebKey>; +using KeyOrKeyPair = Variant<RefPtr<CryptoKey>, CryptoKeyPair>; + +class CryptoAlgorithm : public RefCounted<CryptoAlgorithm> { +public: + virtual ~CryptoAlgorithm() = default; + + virtual CryptoAlgorithmIdentifier identifier() const = 0; + + using BoolCallback = WTF::Function<void(bool)>; + using KeyCallback = WTF::Function<void(CryptoKey&)>; + using KeyOrKeyPairCallback = WTF::Function<void(KeyOrKeyPair&&)>; + using VectorCallback = WTF::Function<void(const Vector<uint8_t>&)>; + using VoidCallback = WTF::Function<void()>; + using ExceptionCallback = WTF::Function<void(ExceptionCode)>; + using KeyDataCallback = WTF::Function<void(SubtleCrypto::KeyFormat, KeyData&&)>; + + virtual void encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + virtual void decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + virtual void sign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + virtual void verify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + virtual void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + virtual void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&); + virtual void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&); + virtual void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&); + virtual void wrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&); + virtual void unwrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&); + + // The following will be deprecated. + virtual ExceptionOr<void> encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> sign(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> verify(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData& signature, const CryptoOperationData&, BoolCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&); + virtual ExceptionOr<void> deriveKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& baseKey, CryptoAlgorithm* derivedKeyType, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> deriveBits(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& baseKey, unsigned long length, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback); + + // These are only different from encrypt/decrypt because some algorithms may not expose encrypt/decrypt. + virtual ExceptionOr<void> encryptForWrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + virtual ExceptionOr<void> decryptForUnwrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoAlgorithmIdentifier.h b/Source/WebCore/crypto/CryptoAlgorithmIdentifier.h index 403b0a173..13ef2e9cb 100644 --- a/Source/WebCore/crypto/CryptoAlgorithmIdentifier.h +++ b/Source/WebCore/crypto/CryptoAlgorithmIdentifier.h @@ -23,8 +23,7 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoAlgorithmIdentifier_h -#define CryptoAlgorithmIdentifier_h +#pragma once #if ENABLE(SUBTLE_CRYPTO) @@ -55,7 +54,6 @@ enum class CryptoAlgorithmIdentifier { PBKDF2 }; -} +} // namespace WebCore #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoAlgorithmIdentifier_h diff --git a/Source/WebCore/crypto/CryptoAlgorithmParameters.h b/Source/WebCore/crypto/CryptoAlgorithmParameters.h new file mode 100644 index 000000000..b94152104 --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithmParameters.h @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include <wtf/TypeCasts.h> +#include <wtf/text/WTFString.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmParameters { +public: + enum class Class { + None, + AesCbcParams, + AesKeyGenParams, + HmacKeyParams, + RsaHashedKeyGenParams, + RsaHashedImportParams, + RsaKeyGenParams, + RsaOaepParams, + }; + + // FIXME: Consider merging name and identifier. + String name; + CryptoAlgorithmIdentifier identifier; + + virtual ~CryptoAlgorithmParameters() { } + + virtual Class parametersClass() const { return Class::None; } +}; + +} // namespace WebCore + +#define SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(ToClassName) \ +SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::CryptoAlgorithm##ToClassName) \ +static bool isType(const WebCore::CryptoAlgorithmParameters& parameters) { return parameters.parametersClass() == WebCore::CryptoAlgorithmParameters::Class::ToClassName; } \ +SPECIALIZE_TYPE_TRAITS_END() + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoAlgorithmParameters.idl b/Source/WebCore/crypto/CryptoAlgorithmParameters.idl new file mode 100644 index 000000000..19db57606 --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithmParameters.idl @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, +] dictionary CryptoAlgorithmParameters { + required DOMString name; +}; diff --git a/Source/WebCore/crypto/CryptoAlgorithmParametersDeprecated.h b/Source/WebCore/crypto/CryptoAlgorithmParametersDeprecated.h new file mode 100644 index 000000000..24a5e8fe7 --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithmParametersDeprecated.h @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#if ENABLE(SUBTLE_CRYPTO) + +#include <wtf/RefCounted.h> +#include <wtf/TypeCasts.h> + +namespace WebCore { + +class CryptoAlgorithmParametersDeprecated : public RefCounted<CryptoAlgorithmParametersDeprecated> { +public: + virtual ~CryptoAlgorithmParametersDeprecated() { } + + enum class Class { + None, + AesCbcParams, + AesKeyGenParams, + HmacKeyParams, + HmacParams, + RsaKeyGenParams, + RsaKeyParamsWithHash, + RsaOaepParams, + RsaSsaParams + }; + virtual Class parametersClass() const { return Class::None; } +}; + +} // namespace WebCore + +#define SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(ToClassName) \ +SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::CryptoAlgorithm##ToClassName##Deprecated) \ + static bool isType(const WebCore::CryptoAlgorithmParametersDeprecated& parameters) { return parameters.parametersClass() == WebCore::CryptoAlgorithmParametersDeprecated::Class::ToClassName; } \ +SPECIALIZE_TYPE_TRAITS_END() + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoAlgorithmRegistry.cpp b/Source/WebCore/crypto/CryptoAlgorithmRegistry.cpp new file mode 100644 index 000000000..22dcfcbcd --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithmRegistry.cpp @@ -0,0 +1,101 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRegistry.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithm.h" +#include <wtf/Lock.h> +#include <wtf/NeverDestroyed.h> + +namespace WebCore { + +static StaticLock registryMutex; + +CryptoAlgorithmRegistry& CryptoAlgorithmRegistry::singleton() +{ + static NeverDestroyed<CryptoAlgorithmRegistry> registry; + return registry; +} + +CryptoAlgorithmRegistry::CryptoAlgorithmRegistry() +{ + platformRegisterAlgorithms(); +} + +std::optional<CryptoAlgorithmIdentifier> CryptoAlgorithmRegistry::identifier(const String& name) +{ + if (name.isEmpty()) + return std::nullopt; + + std::lock_guard<StaticLock> lock(registryMutex); + + // FIXME: How is it helpful to call isolatedCopy on the argument to find? + auto identifier = m_identifiers.find(name.isolatedCopy()); + if (identifier == m_identifiers.end()) + return std::nullopt; + + return identifier->value; +} + +String CryptoAlgorithmRegistry::name(CryptoAlgorithmIdentifier identifier) +{ + std::lock_guard<StaticLock> lock(registryMutex); + + auto contructor = m_constructors.find(static_cast<unsigned>(identifier)); + if (contructor == m_constructors.end()) + return { }; + + return contructor->value.first.isolatedCopy(); +} + +RefPtr<CryptoAlgorithm> CryptoAlgorithmRegistry::create(CryptoAlgorithmIdentifier identifier) +{ + std::lock_guard<StaticLock> lock(registryMutex); + + auto contructor = m_constructors.find(static_cast<unsigned>(identifier)); + if (contructor == m_constructors.end()) + return nullptr; + + return contructor->value.second(); +} + +void CryptoAlgorithmRegistry::registerAlgorithm(const String& name, CryptoAlgorithmIdentifier identifier, CryptoAlgorithmConstructor constructor) +{ + std::lock_guard<StaticLock> lock(registryMutex); + + ASSERT(!m_identifiers.contains(name)); + ASSERT(!m_constructors.contains(static_cast<unsigned>(identifier))); + + m_identifiers.add(name, identifier); + m_constructors.add(static_cast<unsigned>(identifier), std::make_pair(name, constructor)); +} + + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoAlgorithmRegistry.h b/Source/WebCore/crypto/CryptoAlgorithmRegistry.h new file mode 100644 index 000000000..75a9c2eab --- /dev/null +++ b/Source/WebCore/crypto/CryptoAlgorithmRegistry.h @@ -0,0 +1,71 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include <wtf/Forward.h> +#include <wtf/HashMap.h> +#include <wtf/Noncopyable.h> +#include <wtf/text/StringHash.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithm; + +class CryptoAlgorithmRegistry { + WTF_MAKE_NONCOPYABLE(CryptoAlgorithmRegistry); + friend class NeverDestroyed<CryptoAlgorithmRegistry>; + +public: + static CryptoAlgorithmRegistry& singleton(); + + std::optional<CryptoAlgorithmIdentifier> identifier(const String&); + String name(CryptoAlgorithmIdentifier); + + RefPtr<CryptoAlgorithm> create(CryptoAlgorithmIdentifier); + +private: + CryptoAlgorithmRegistry(); + void platformRegisterAlgorithms(); + + using CryptoAlgorithmConstructor = Ref<CryptoAlgorithm> (*)(); + + template<typename AlgorithmClass> void registerAlgorithm() + { + registerAlgorithm(AlgorithmClass::s_name, AlgorithmClass::s_identifier, AlgorithmClass::create); + } + + void registerAlgorithm(const String& name, CryptoAlgorithmIdentifier, CryptoAlgorithmConstructor); + + HashMap<String, CryptoAlgorithmIdentifier, ASCIICaseInsensitiveHash> m_identifiers; + HashMap<unsigned, std::pair<String, CryptoAlgorithmConstructor>> m_constructors; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoKey.cpp b/Source/WebCore/crypto/CryptoKey.cpp index 5db0e4e43..6420e57be 100644 --- a/Source/WebCore/crypto/CryptoKey.cpp +++ b/Source/WebCore/crypto/CryptoKey.cpp @@ -28,15 +28,13 @@ #if ENABLE(SUBTLE_CRYPTO) -#include "CryptoAlgorithmDescriptionBuilder.h" #include "CryptoAlgorithmRegistry.h" #include <wtf/CryptographicallyRandomNumber.h> -#include <wtf/text/WTFString.h> namespace WebCore { -CryptoKey::CryptoKey(CryptoAlgorithmIdentifier algorithm, CryptoKeyType type, bool extractable, CryptoKeyUsage usages) - : m_algorithm(algorithm) +CryptoKey::CryptoKey(CryptoAlgorithmIdentifier algorithmIdentifier, Type type, bool extractable, CryptoKeyUsageBitmap usages) + : m_algorithmIdentifier(algorithmIdentifier) , m_type(type) , m_extractable(extractable) , m_usages(usages) @@ -47,49 +45,30 @@ CryptoKey::~CryptoKey() { } -String CryptoKey::type() const -{ - switch (m_type) { - case CryptoKeyType::Secret: - return ASCIILiteral("secret"); - case CryptoKeyType::Public: - return ASCIILiteral("public"); - case CryptoKeyType::Private: - return ASCIILiteral("private"); - } -} - -void CryptoKey::buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder& builder) const -{ - builder.add("name", CryptoAlgorithmRegistry::shared().nameForIdentifier(m_algorithm)); - // Subclasses will add other keys. -} - -Vector<String> CryptoKey::usages() const +auto CryptoKey::usages() const -> Vector<CryptoKeyUsage> { // The result is ordered alphabetically. - Vector<String> result; + Vector<CryptoKeyUsage> result; if (m_usages & CryptoKeyUsageDecrypt) - result.append(ASCIILiteral("decrypt")); + result.append(CryptoKeyUsage::Decrypt); if (m_usages & CryptoKeyUsageDeriveBits) - result.append(ASCIILiteral("deriveBits")); + result.append(CryptoKeyUsage::DeriveBits); if (m_usages & CryptoKeyUsageDeriveKey) - result.append(ASCIILiteral("deriveKey")); + result.append(CryptoKeyUsage::DeriveKey); if (m_usages & CryptoKeyUsageEncrypt) - result.append(ASCIILiteral("encrypt")); + result.append(CryptoKeyUsage::Encrypt); if (m_usages & CryptoKeyUsageSign) - result.append(ASCIILiteral("sign")); + result.append(CryptoKeyUsage::Sign); if (m_usages & CryptoKeyUsageUnwrapKey) - result.append(ASCIILiteral("unwrapKey")); + result.append(CryptoKeyUsage::UnwrapKey); if (m_usages & CryptoKeyUsageVerify) - result.append(ASCIILiteral("verify")); + result.append(CryptoKeyUsage::Verify); if (m_usages & CryptoKeyUsageWrapKey) - result.append(ASCIILiteral("wrapKey")); - + result.append(CryptoKeyUsage::WrapKey); return result; } -#if !PLATFORM(MAC) +#if !OS(DARWIN) || PLATFORM(GTK) Vector<uint8_t> CryptoKey::randomData(size_t size) { Vector<uint8_t> result(size); @@ -97,6 +76,7 @@ Vector<uint8_t> CryptoKey::randomData(size_t size) return result; } #endif + } // namespace WebCore #endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoKey.h b/Source/WebCore/crypto/CryptoKey.h index 3a1be6900..df06b5456 100644 --- a/Source/WebCore/crypto/CryptoKey.h +++ b/Source/WebCore/crypto/CryptoKey.h @@ -23,17 +23,18 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKey_h -#define CryptoKey_h +#pragma once + +#if ENABLE(SUBTLE_CRYPTO) #include "CryptoAlgorithmIdentifier.h" #include "CryptoKeyType.h" #include "CryptoKeyUsage.h" #include <wtf/Forward.h> -#include <wtf/RefCounted.h> +#include <wtf/ThreadSafeRefCounted.h> +#include <wtf/TypeCasts.h> #include <wtf/Vector.h> - -#if ENABLE(SUBTLE_CRYPTO) +#include <wtf/text/WTFString.h> namespace WebCore { @@ -41,42 +42,84 @@ class CryptoAlgorithmDescriptionBuilder; class CryptoKeyData; enum class CryptoKeyClass { - HMAC, AES, + HMAC, RSA }; -class CryptoKey : public RefCounted<CryptoKey> { +enum class KeyAlgorithmClass { + AES, + HMAC, + HRSA, + RSA, +}; + +class KeyAlgorithm { public: - CryptoKey(CryptoAlgorithmIdentifier, CryptoKeyType, bool extractable, CryptoKeyUsage); + virtual ~KeyAlgorithm() + { + } + + virtual KeyAlgorithmClass keyAlgorithmClass() const = 0; + + const String& name() const { return m_name; } + +protected: + explicit KeyAlgorithm(const String& name) + : m_name(name) + { + } + +private: + String m_name; +}; + +class CryptoKey : public ThreadSafeRefCounted<CryptoKey> { +public: + using Type = CryptoKeyType; + CryptoKey(CryptoAlgorithmIdentifier, Type, bool extractable, CryptoKeyUsageBitmap); virtual ~CryptoKey(); virtual CryptoKeyClass keyClass() const = 0; - String type() const; + Type type() const; bool extractable() const { return m_extractable; } - virtual void buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder&) const; - Vector<String> usages() const; + virtual std::unique_ptr<KeyAlgorithm> buildAlgorithm() const = 0; + + // Only for binding purpose. + Vector<CryptoKeyUsage> usages() const; - CryptoAlgorithmIdentifier algorithmIdentifier() const { return m_algorithm; } - CryptoKeyUsage usagesBitmap() const { return m_usages; } - bool allows(CryptoKeyUsage usage) const { return usage == (m_usages & usage); } + CryptoAlgorithmIdentifier algorithmIdentifier() const { return m_algorithmIdentifier; } + CryptoKeyUsageBitmap usagesBitmap() const { return m_usages; } + void setUsagesBitmap(CryptoKeyUsageBitmap usage) { m_usages = usage; }; + bool allows(CryptoKeyUsageBitmap usage) const { return usage == (m_usages & usage); } virtual std::unique_ptr<CryptoKeyData> exportData() const = 0; static Vector<uint8_t> randomData(size_t); private: - CryptoAlgorithmIdentifier m_algorithm; - CryptoKeyType m_type; + CryptoAlgorithmIdentifier m_algorithmIdentifier; + Type m_type; bool m_extractable; - CryptoKeyUsage m_usages; + CryptoKeyUsageBitmap m_usages; }; -#define CRYPTO_KEY_TYPE_CASTS(ToClassName) \ - TYPE_CASTS_BASE(ToClassName, CryptoKey, key, WebCore::is##ToClassName(*key), WebCore::is##ToClassName(key)) +inline auto CryptoKey::type() const -> Type +{ + return m_type; +} } // namespace WebCore +#define SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY(ToClassName, KeyClass) \ +SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::ToClassName) \ + static bool isType(const WebCore::CryptoKey& key) { return key.keyClass() == WebCore::KeyClass; } \ +SPECIALIZE_TYPE_TRAITS_END() + +#define SPECIALIZE_TYPE_TRAITS_KEY_ALGORITHM(ToClassName, KeyAlgorithmClass) \ +SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::ToClassName) \ + static bool isType(const WebCore::KeyAlgorithm& algorithm) { return algorithm.keyAlgorithmClass() == WebCore::KeyAlgorithmClass; } \ +SPECIALIZE_TYPE_TRAITS_END() + #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKey_h diff --git a/Source/WebCore/crypto/CryptoKey.idl b/Source/WebCore/crypto/CryptoKey.idl index bc14da866..708a8d11d 100644 --- a/Source/WebCore/crypto/CryptoKey.idl +++ b/Source/WebCore/crypto/CryptoKey.idl @@ -24,32 +24,19 @@ */ enum KeyType { - "secret", "public", - "private" -}; - -enum KeyUsage { - "encrypt", - "decrypt", - "sign", - "verify", - "deriveKey", - "deriveBits", - "wrapKey", - "unwrapKey" + "private", + "secret" }; [ Conditional=SUBTLE_CRYPTO, + Exposed=(Window,Worker), GenerateIsReachable=Impl, - InterfaceName=Key, - JSNoStaticTables, - NoInterfaceObject, SkipVTableValidation ] interface CryptoKey { readonly attribute KeyType type; readonly attribute boolean extractable; - [Custom] readonly attribute Algorithm algorithm; - readonly attribute KeyUsage[] usages; + [CachedAttribute, CustomGetter] readonly attribute object algorithm; + [CachedAttribute] readonly attribute sequence<CryptoKeyUsage> usages; }; diff --git a/Source/WebCore/crypto/CryptoKeyData.h b/Source/WebCore/crypto/CryptoKeyData.h index 30e166b25..2c2adbcd5 100644 --- a/Source/WebCore/crypto/CryptoKeyData.h +++ b/Source/WebCore/crypto/CryptoKeyData.h @@ -23,13 +23,13 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyData_h -#define CryptoKeyData_h - -#include <wtf/Noncopyable.h> +#pragma once #if ENABLE(SUBTLE_CRYPTO) +#include <wtf/Noncopyable.h> +#include <wtf/TypeCasts.h> + namespace WebCore { class CryptoKeyData { @@ -52,10 +52,11 @@ private: Format m_format; }; -#define CRYPTO_KEY_DATA_CASTS(ToClassName) \ - TYPE_CASTS_BASE(ToClassName, CryptoKeyData, keyData, WebCore::is##ToClassName(*keyData), WebCore::is##ToClassName(keyData)) - } // namespace WebCore +#define SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY_DATA(ToClassName, Format) \ +SPECIALIZE_TYPE_TRAITS_BEGIN(WebCore::ToClassName) \ + static bool isType(const WebCore::CryptoKeyData& keyData) { return keyData.format() == WebCore::Format; } \ +SPECIALIZE_TYPE_TRAITS_END() + #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyData_h diff --git a/Source/WebCore/crypto/CryptoKeyPair.h b/Source/WebCore/crypto/CryptoKeyPair.h new file mode 100644 index 000000000..d188fed33 --- /dev/null +++ b/Source/WebCore/crypto/CryptoKeyPair.h @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include <wtf/RefCounted.h> +#include <wtf/RefPtr.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoKey; + +struct CryptoKeyPair { + RefPtr<CryptoKey> publicKey; + RefPtr<CryptoKey> privateKey; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoKeyPair.idl b/Source/WebCore/crypto/CryptoKeyPair.idl index acc148203..961f5b112 100644 --- a/Source/WebCore/crypto/CryptoKeyPair.idl +++ b/Source/WebCore/crypto/CryptoKeyPair.idl @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Apple Inc. All rights reserved. + * Copyright (C) 2013-2016 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -25,12 +25,8 @@ [ Conditional=SUBTLE_CRYPTO, - ImplementationLacksVTable, - InterfaceName=KeyPair, - JSCustomMarkFunction, - NoInterfaceObject, - OperationsNotDeletable -] interface CryptoKeyPair { - readonly attribute CryptoKey publicKey; - readonly attribute CryptoKey privateKey; + JSGenerateToJSObject +] dictionary CryptoKeyPair { + CryptoKey publicKey; + CryptoKey privateKey; }; diff --git a/Source/WebCore/crypto/CryptoKeySerialization.h b/Source/WebCore/crypto/CryptoKeySerialization.h new file mode 100644 index 000000000..926388fbe --- /dev/null +++ b/Source/WebCore/crypto/CryptoKeySerialization.h @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoKeyUsage.h" +#include <wtf/Noncopyable.h> +#include <wtf/Optional.h> +#include <wtf/RefPtr.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithm; +class CryptoAlgorithmParametersDeprecated; +class CryptoKeyData; + +typedef std::pair<const uint8_t*, size_t> CryptoOperationData; + +struct CryptoAlgorithmPair { + RefPtr<CryptoAlgorithm> algorithm; + RefPtr<CryptoAlgorithmParametersDeprecated> parameters; +}; + +class CryptoKeySerialization { + WTF_MAKE_NONCOPYABLE(CryptoKeySerialization); +public: + CryptoKeySerialization() { } + virtual ~CryptoKeySerialization() { } + + // Returns false if suggested algorithm was not compatible with one stored in the serialization. + virtual std::optional<CryptoAlgorithmPair> reconcileAlgorithm(CryptoAlgorithm*, CryptoAlgorithmParametersDeprecated*) const = 0; + + virtual void reconcileUsages(CryptoKeyUsageBitmap&) const = 0; + virtual void reconcileExtractable(bool&) const = 0; + + virtual std::unique_ptr<CryptoKeyData> keyData() const = 0; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/CryptoKeyType.h b/Source/WebCore/crypto/CryptoKeyType.h index f76ad39ce..6245d015e 100644 --- a/Source/WebCore/crypto/CryptoKeyType.h +++ b/Source/WebCore/crypto/CryptoKeyType.h @@ -23,20 +23,18 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyType_h -#define CryptoKeyType_h +#pragma once #if ENABLE(SUBTLE_CRYPTO) namespace WebCore { enum class CryptoKeyType { - Secret, Public, - Private + Private, + Secret }; } // namespace WebCore #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyType_h diff --git a/Source/WebCore/crypto/CryptoKeyUsage.h b/Source/WebCore/crypto/CryptoKeyUsage.h index 6bbebf8d0..9da11b47a 100644 --- a/Source/WebCore/crypto/CryptoKeyUsage.h +++ b/Source/WebCore/crypto/CryptoKeyUsage.h @@ -23,8 +23,7 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyUsage_h -#define CryptoKeyUsage_h +#pragma once #if ENABLE(SUBTLE_CRYPTO) @@ -41,9 +40,20 @@ enum { CryptoKeyUsageUnwrapKey = 1 << 7 }; -typedef int CryptoKeyUsage; +typedef int CryptoKeyUsageBitmap; -} +// Only for binding purpose. +enum class CryptoKeyUsage { + Encrypt, + Decrypt, + Sign, + Verify, + DeriveKey, + DeriveBits, + WrapKey, + UnwrapKey +}; + +} // namespace WebCore #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyUsage_h diff --git a/Source/WebCore/crypto/CryptoKeyUsage.idl b/Source/WebCore/crypto/CryptoKeyUsage.idl new file mode 100644 index 000000000..cd4983482 --- /dev/null +++ b/Source/WebCore/crypto/CryptoKeyUsage.idl @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, +] enum CryptoKeyUsage { + "encrypt", + "decrypt", + "sign", + "verify", + "deriveKey", + "deriveBits", + "wrapKey", + "unwrapKey" +}; diff --git a/Source/WebCore/crypto/JsonWebKey.h b/Source/WebCore/crypto/JsonWebKey.h new file mode 100644 index 000000000..bf43b0b93 --- /dev/null +++ b/Source/WebCore/crypto/JsonWebKey.h @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoKeyUsage.h" +#include "RsaOtherPrimesInfo.h" +#include <wtf/Vector.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +struct JsonWebKey { + String kty; + String use; + // FIXME: Consider merging key_ops and usages. + std::optional<Vector<CryptoKeyUsage>> key_ops; + CryptoKeyUsageBitmap usages; + String alg; + + std::optional<bool> ext; + + String crv; + String x; + String y; + String d; + String n; + String e; + String p; + String q; + String dp; + String dq; + String qi; + std::optional<Vector<RsaOtherPrimesInfo>> oth; + String k; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/JsonWebKey.idl b/Source/WebCore/crypto/JsonWebKey.idl new file mode 100644 index 000000000..5d25372ce --- /dev/null +++ b/Source/WebCore/crypto/JsonWebKey.idl @@ -0,0 +1,53 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + JSGenerateToJSObject, +] dictionary JsonWebKey { + // The following fields are defined in Section 3.1 of JSON Web Key + required DOMString kty; + DOMString use; + sequence<CryptoKeyUsage> key_ops; + DOMString alg; + + // The following fields are defined in JSON Web Key Parameters Registration + boolean ext; + + // The following fields are defined in Section 6 of JSON Web Algorithms + DOMString crv; + DOMString x; + DOMString y; + DOMString d; + DOMString n; + DOMString e; + DOMString p; + DOMString q; + DOMString dp; + DOMString dq; + DOMString qi; + sequence<RsaOtherPrimesInfo> oth; + DOMString k; +}; diff --git a/Source/WebCore/crypto/RsaOtherPrimesInfo.h b/Source/WebCore/crypto/RsaOtherPrimesInfo.h new file mode 100644 index 000000000..9e1f58509 --- /dev/null +++ b/Source/WebCore/crypto/RsaOtherPrimesInfo.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include <wtf/text/WTFString.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +struct RsaOtherPrimesInfo { + String r; + String d; + String t; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/RsaOtherPrimesInfo.idl b/Source/WebCore/crypto/RsaOtherPrimesInfo.idl new file mode 100644 index 000000000..253535980 --- /dev/null +++ b/Source/WebCore/crypto/RsaOtherPrimesInfo.idl @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + JSGenerateToJSObject, +] dictionary RsaOtherPrimesInfo { + // The following fields are defined in Section 6.3.2.7 of JSON Web Algorithms + required DOMString r; + required DOMString d; + required DOMString t; +}; diff --git a/Source/WebCore/crypto/SerializedCryptoKeyWrap.h b/Source/WebCore/crypto/SerializedCryptoKeyWrap.h new file mode 100644 index 000000000..02cf82c5e --- /dev/null +++ b/Source/WebCore/crypto/SerializedCryptoKeyWrap.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2014 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include <wtf/Vector.h> +#include <wtf/text/WTFString.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +// The purpose of the following APIs is to protect serialized CryptoKey data in IndexedDB or +// any other local storage that go through the structured clone algorithm. However, a side effect +// of this extra layer of protection is redundant communications between mainThread(document) and +// workerThreads. Please refer to WorkerGlobalScope for detailed explanation. P.S. This extra layer +// of protection is not required by the spec as of 11 December 2014: +// https://www.w3.org/TR/WebCryptoAPI/#security-developers + +WEBCORE_EXPORT bool getDefaultWebCryptoMasterKey(Vector<uint8_t>&); +WEBCORE_EXPORT bool deleteDefaultWebCryptoMasterKey(); + +WEBCORE_EXPORT bool wrapSerializedCryptoKey(const Vector<uint8_t>& masterKey, const Vector<uint8_t>& key, Vector<uint8_t>& result); +WEBCORE_EXPORT bool unwrapSerializedCryptoKey(const Vector<uint8_t>& masterKey, const Vector<uint8_t>& wrappedKey, Vector<uint8_t>& key); + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/SubtleCrypto.cpp b/Source/WebCore/crypto/SubtleCrypto.cpp new file mode 100644 index 000000000..f691f6b09 --- /dev/null +++ b/Source/WebCore/crypto/SubtleCrypto.cpp @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "SubtleCrypto.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +SubtleCrypto::SubtleCrypto(ScriptExecutionContext& context) + : ContextDestructionObserver(&context) + , m_workQueue(WorkQueue::create("com.apple.WebKit.CryptoQueue")) +{ +} + +} + +#endif diff --git a/Source/WebCore/crypto/SubtleCrypto.h b/Source/WebCore/crypto/SubtleCrypto.h index 70d490c41..39b945f16 100644 --- a/Source/WebCore/crypto/SubtleCrypto.h +++ b/Source/WebCore/crypto/SubtleCrypto.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Apple Inc. All rights reserved. + * Copyright (C) 2016 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,31 +23,31 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SubtleCrypto_h -#define SubtleCrypto_h +#pragma once #include "ContextDestructionObserver.h" -#include <wtf/PassRefPtr.h> +#include <wtf/Ref.h> #include <wtf/RefCounted.h> +#include <wtf/WorkQueue.h> #if ENABLE(SUBTLE_CRYPTO) namespace WebCore { -class Document; - class SubtleCrypto : public ContextDestructionObserver, public RefCounted<SubtleCrypto> { public: - static PassRefPtr<SubtleCrypto> create(Document& document) { return adoptRef(new SubtleCrypto(document)); } + enum class KeyFormat { Raw, Spki, Pkcs8, Jwk }; + + static Ref<SubtleCrypto> create(ScriptExecutionContext& context) { return adoptRef(*new SubtleCrypto(context)); } - Document* document() const; + WorkQueue& workQueue() { return m_workQueue.get(); }; private: - SubtleCrypto(Document&); + SubtleCrypto(ScriptExecutionContext&); + + Ref<WorkQueue> m_workQueue; }; } #endif - -#endif // SubtleCrypto_h diff --git a/Source/WebCore/crypto/SubtleCrypto.idl b/Source/WebCore/crypto/SubtleCrypto.idl index c985f39c8..af7806905 100644 --- a/Source/WebCore/crypto/SubtleCrypto.idl +++ b/Source/WebCore/crypto/SubtleCrypto.idl @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Apple Inc. All rights reserved. + * Copyright (C) 2016 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,20 +23,24 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ +enum KeyFormat { "raw", "spki", "pkcs8", "jwk" }; + [ Conditional=SUBTLE_CRYPTO, - InterfaceName=WebKitSubtleCrypto, - GenerateIsReachable=ImplDocument, - NoInterfaceObject, + Exposed=(Window,Worker), + GenerateIsReachable=ImplScriptExecutionContext, ] interface SubtleCrypto { - [Custom] Promise encrypt(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); - [Custom] Promise decrypt(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); - [Custom] Promise sign(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); - [Custom] Promise verify(AlgorithmIdentifier algorithm, Key key, CryptoOperationData signature, sequence<CryptoOperationData> data); - [Custom] Promise digest(AlgorithmIdentifier algorithm, sequence<CryptoOperationData> data); - [Custom] Promise generateKey(AlgorithmIdentifier algorithm, optional boolean extractable, optional KeyUsage[] keyUsages); - [Custom] Promise importKey(KeyFormat format, CryptoOperationData keyData, AlgorithmIdentifier? algorithm, optional boolean extractable, optional KeyUsage[] keyUsages); - [Custom] Promise exportKey(KeyFormat format, Key key); - [Custom] Promise wrapKey(KeyFormat format, Key key, Key wrappingKey, AlgorithmIdentifier wrapAlgorithm); - [Custom] Promise unwrapKey(KeyFormat format, CryptoOperationData wrappedKey, Key unwrappingKey, AlgorithmIdentifier unwrapAlgorithm, AlgorithmIdentifier? unwrappedKeyAlgorithm, optional boolean extractable, optional KeyUsage[] keyUsages); + [Custom] Promise<any> encrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); + [Custom] Promise<any> decrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); + [Custom] Promise<any> sign(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); + [Custom] Promise<any> verify(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource signature, BufferSource data); + [Custom] Promise<any> digest(AlgorithmIdentifier algorithm, BufferSource data); + [Custom] Promise<any> deriveKey(AlgorithmIdentifier algorithm, CryptoKey baseKey, AlgorithmIdentifier derivedKeyType, boolean extractable, sequence<KeyUsage> keyUsages); + [Custom] Promise<ArrayBuffer> deriveBits(AlgorithmIdentifier algorithm, CryptoKey baseKey, unsigned long length); + // FIXME: Should this return a Promise<(CryptoKey or CryptoKeyPair)>? + [Custom] Promise<any> generateKey(AlgorithmIdentifier algorithm, boolean extractable, sequence<CryptoKeyUsage> keyUsages); + [Custom] Promise<CryptoKey> importKey(KeyFormat format, (BufferSource or JsonWebKey) keyData, AlgorithmIdentifier algorithm, boolen extractable, sequence<CryptoKeyUsage> keyUsages); + [Custom] Promise<any> exportKey(KeyFormat format, CryptoKey key); + [Custom] Promise<any> wrapKey(KeyFormat format, CryptoKey key, CryptoKey wrappingKey, AlgorithmIdentifier wrapAlgorithm); + [Custom] Promise<CryptoKey> unwrapKey(KeyFormat format, BufferSource wrappedKey, CryptoKey unwrappingKey, AlgorithmIdentifier unwrapAlgorithm, AlgorithmIdentifier unwrappedKeyAlgorithm, boolean extractable, sequence<KeyUsage> keyUsages); }; diff --git a/Source/WebCore/crypto/WebKitSubtleCrypto.cpp b/Source/WebCore/crypto/WebKitSubtleCrypto.cpp new file mode 100644 index 000000000..3b68af9cc --- /dev/null +++ b/Source/WebCore/crypto/WebKitSubtleCrypto.cpp @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "WebKitSubtleCrypto.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "Document.h" + +namespace WebCore { + +WebKitSubtleCrypto::WebKitSubtleCrypto(Document& document) + : ContextDestructionObserver(&document) +{ +} + +Document* WebKitSubtleCrypto::document() const +{ + return downcast<Document>(scriptExecutionContext()); +} + +} + +#endif diff --git a/Source/WebCore/crypto/WebKitSubtleCrypto.h b/Source/WebCore/crypto/WebKitSubtleCrypto.h new file mode 100644 index 000000000..67e2f42a7 --- /dev/null +++ b/Source/WebCore/crypto/WebKitSubtleCrypto.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "ContextDestructionObserver.h" +#include <wtf/RefCounted.h> +#include <wtf/Ref.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class Document; + +class WebKitSubtleCrypto : public ContextDestructionObserver, public RefCounted<WebKitSubtleCrypto> { +public: + static Ref<WebKitSubtleCrypto> create(Document& document) { return adoptRef(*new WebKitSubtleCrypto(document)); } + + Document* document() const; + +private: + WebKitSubtleCrypto(Document&); +}; + +} + +#endif diff --git a/Source/WebCore/crypto/WebKitSubtleCrypto.idl b/Source/WebCore/crypto/WebKitSubtleCrypto.idl new file mode 100644 index 000000000..0f85393a1 --- /dev/null +++ b/Source/WebCore/crypto/WebKitSubtleCrypto.idl @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + GenerateIsReachable=ImplDocument, + NoInterfaceObject, +] interface WebKitSubtleCrypto { + [Custom] Promise<ArrayBuffer> encrypt(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); + [Custom] Promise<ArrayBuffer> decrypt(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); + [Custom] Promise<ArrayBuffer> sign(AlgorithmIdentifier algorithm, Key key, sequence<CryptoOperationData> data); + [Custom] Promise<boolean> verify(AlgorithmIdentifier algorithm, Key key, CryptoOperationData signature, sequence<CryptoOperationData> data); + [Custom] Promise<ArrayBuffer> digest(AlgorithmIdentifier algorithm, sequence<CryptoOperationData> data); + [Custom] Promise<(CryptoKey or CryptoKeyPair)> generateKey(AlgorithmIdentifier algorithm, optional boolean extractable, optional sequence<KeyUsage> keyUsages); + [Custom] Promise<CryptoKey> importKey(KeyFormat format, CryptoOperationData keyData, AlgorithmIdentifier? algorithm, optional boolean extractable, optional sequence<KeyUsage> keyUsages); + [Custom] Promise<ArrayBuffer> exportKey(KeyFormat format, Key key); + [Custom] Promise<ArrayBuffer> wrapKey(KeyFormat format, Key key, Key wrappingKey, AlgorithmIdentifier wrapAlgorithm); + [Custom] Promise<CryptoKey> unwrapKey(KeyFormat format, CryptoOperationData wrappedKey, Key unwrappingKey, AlgorithmIdentifier unwrapAlgorithm, AlgorithmIdentifier? unwrappedKeyAlgorithm, optional boolean extractable, optional sequence<KeyUsage> keyUsages); +}; diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp new file mode 100644 index 000000000..513970448 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.cpp @@ -0,0 +1,230 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmAES_CBC.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmAesCbcParams.h" +#include "CryptoAlgorithmAesCbcParamsDeprecated.h" +#include "CryptoAlgorithmAesKeyGenParams.h" +#include "CryptoAlgorithmAesKeyGenParamsDeprecated.h" +#include "CryptoKeyAES.h" +#include "CryptoKeyDataOctetSequence.h" +#include "ExceptionCode.h" + +namespace WebCore { + +static const char* const ALG128 = "A128CBC"; +static const char* const ALG192 = "A192CBC"; +static const char* const ALG256 = "A256CBC"; +static const size_t IVSIZE = 16; + +static inline bool usagesAreInvalidForCryptoAlgorithmAES_CBC(CryptoKeyUsageBitmap usages) +{ + return usages & (CryptoKeyUsageSign | CryptoKeyUsageVerify | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits); +} + +Ref<CryptoAlgorithm> CryptoAlgorithmAES_CBC::create() +{ + return adoptRef(*new CryptoAlgorithmAES_CBC); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmAES_CBC::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmAES_CBC::keyAlgorithmMatches(const CryptoAlgorithmAesCbcParamsDeprecated&, const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + ASSERT(is<CryptoKeyAES>(key)); + return true; +} + +void CryptoAlgorithmAES_CBC::encrypt(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& key, Vector<uint8_t>&& plainText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + ASSERT(parameters); + auto& aesParameters = downcast<CryptoAlgorithmAesCbcParams>(*parameters); + if (aesParameters.ivVector().size() != IVSIZE) { + exceptionCallback(OperationError); + return; + } + platformEncrypt(WTFMove(parameters), WTFMove(key), WTFMove(plainText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmAES_CBC::decrypt(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& key, Vector<uint8_t>&& cipherText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + ASSERT(parameters); + auto& aesParameters = downcast<CryptoAlgorithmAesCbcParams>(*parameters); + if (aesParameters.ivVector().size() != IVSIZE) { + exceptionCallback(OperationError); + return; + } + platformDecrypt(WTFMove(parameters), WTFMove(key), WTFMove(cipherText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmAES_CBC::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&) +{ + const auto& aesParameters = downcast<CryptoAlgorithmAesKeyGenParams>(parameters); + + if (usagesAreInvalidForCryptoAlgorithmAES_CBC(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + auto result = CryptoKeyAES::generate(CryptoAlgorithmIdentifier::AES_CBC, aesParameters.length, extractable, usages); + if (!result) { + exceptionCallback(OperationError); + return; + } + + callback(WTFMove(result)); +} + +void CryptoAlgorithmAES_CBC::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + if (usagesAreInvalidForCryptoAlgorithmAES_CBC(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + RefPtr<CryptoKeyAES> result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = CryptoKeyAES::importRaw(parameters->identifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + case SubtleCrypto::KeyFormat::Jwk: { + auto checkAlgCallback = [](size_t length, const String& alg) -> bool { + switch (length) { + case CryptoKeyAES::s_length128: + return alg.isNull() || alg == ALG128; + case CryptoKeyAES::s_length192: + return alg.isNull() || alg == ALG192; + case CryptoKeyAES::s_length256: + return alg.isNull() || alg == ALG256; + } + return false; + }; + result = CryptoKeyAES::importJwk(parameters->identifier, WTFMove(WTF::get<JsonWebKey>(data)), extractable, usages, WTFMove(checkAlgCallback)); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmAES_CBC::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& aesKey = downcast<CryptoKeyAES>(key.get()); + + if (aesKey.key().isEmpty()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = Vector<uint8_t>(aesKey.key()); + break; + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = aesKey.exportJwk(); + switch (aesKey.key().size() * 8) { + case CryptoKeyAES::s_length128: + jwk.alg = String(ALG128); + break; + case CryptoKeyAES::s_length192: + jwk.alg = String(ALG192); + break; + case CryptoKeyAES::s_length256: + jwk.alg = String(ALG256); + break; + default: + ASSERT_NOT_REACHED(); + } + result = WTFMove(jwk); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::encrypt(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& aesCBCParameters = downcast<CryptoAlgorithmAesCbcParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(aesCBCParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformEncrypt(aesCBCParameters, downcast<CryptoKeyAES>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::decrypt(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& aesCBCParameters = downcast<CryptoAlgorithmAesCbcParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(aesCBCParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformDecrypt(aesCBCParameters, downcast<CryptoKeyAES>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext&) +{ + auto& aesParameters = downcast<CryptoAlgorithmAesKeyGenParamsDeprecated>(parameters); + + auto result = CryptoKeyAES::generate(CryptoAlgorithmIdentifier::AES_CBC, aesParameters.length, extractable, usages); + if (!result) { + failureCallback(); + return { }; + } + + callback(WTFMove(result)); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&&) +{ + if (!is<CryptoKeyDataOctetSequence>(keyData)) + return Exception { NOT_SUPPORTED_ERR }; + auto& keyDataOctetSequence = downcast<CryptoKeyDataOctetSequence>(keyData); + callback(CryptoKeyAES::create(CryptoAlgorithmIdentifier::AES_CBC, keyDataOctetSequence.octetSequence(), extractable, usage)); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.h new file mode 100644 index 000000000..e56e48e5f --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_CBC.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmAesCbcParamsDeprecated; +class CryptoKeyAES; + +class CryptoAlgorithmAES_CBC final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "AES-CBC"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::AES_CBC; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmAES_CBC() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + + ExceptionOr<void> encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoAlgorithmAesCbcParamsDeprecated& algorithmParameters, const CryptoKey&) const; + void platformEncrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + void platformDecrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + ExceptionOr<void> platformEncrypt(const CryptoAlgorithmAesCbcParamsDeprecated&, const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformDecrypt(const CryptoAlgorithmAesCbcParamsDeprecated&, const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.cpp new file mode 100644 index 000000000..8b60efdef --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.cpp @@ -0,0 +1,212 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmAES_KW.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmAesKeyGenParams.h" +#include "CryptoAlgorithmAesKeyGenParamsDeprecated.h" +#include "CryptoKeyAES.h" +#include "CryptoKeyDataOctetSequence.h" +#include "ExceptionCode.h" +#include <wtf/Variant.h> + +namespace WebCore { + +static const char* const ALG128 = "A128KW"; +static const char* const ALG192 = "A192KW"; +static const char* const ALG256 = "A256KW"; + +static inline bool usagesAreInvalidForCryptoAlgorithmAES_KW(CryptoKeyUsageBitmap usages) +{ + return usages & (CryptoKeyUsageSign | CryptoKeyUsageVerify | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits | CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt); +} + +Ref<CryptoAlgorithm> CryptoAlgorithmAES_KW::create() +{ + return adoptRef(*new CryptoAlgorithmAES_KW); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmAES_KW::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmAES_KW::keyAlgorithmMatches(const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + ASSERT(is<CryptoKeyAES>(key)); + return true; +} + +void CryptoAlgorithmAES_KW::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&) +{ + if (usagesAreInvalidForCryptoAlgorithmAES_KW(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + auto result = CryptoKeyAES::generate(CryptoAlgorithmIdentifier::AES_KW, downcast<CryptoAlgorithmAesKeyGenParams>(parameters).length, extractable, usages); + if (!result) { + exceptionCallback(OperationError); + return; + } + + callback(WTFMove(result)); +} + +void CryptoAlgorithmAES_KW::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + if (usagesAreInvalidForCryptoAlgorithmAES_KW(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + RefPtr<CryptoKeyAES> result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = CryptoKeyAES::importRaw(parameters->identifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + case SubtleCrypto::KeyFormat::Jwk: { + result = CryptoKeyAES::importJwk(parameters->identifier, WTFMove(WTF::get<JsonWebKey>(data)), extractable, usages, [](size_t length, const String& alg) -> bool { + switch (length) { + case CryptoKeyAES::s_length128: + return alg.isNull() || alg == ALG128; + case CryptoKeyAES::s_length192: + return alg.isNull() || alg == ALG192; + case CryptoKeyAES::s_length256: + return alg.isNull() || alg == ALG256; + } + return false; + }); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmAES_KW::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& aesKey = downcast<CryptoKeyAES>(key.get()); + + if (aesKey.key().isEmpty()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = Vector<uint8_t>(aesKey.key()); + break; + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = aesKey.exportJwk(); + switch (aesKey.key().size() * 8) { + case CryptoKeyAES::s_length128: + jwk.alg = String(ALG128); + break; + case CryptoKeyAES::s_length192: + jwk.alg = String(ALG192); + break; + case CryptoKeyAES::s_length256: + jwk.alg = String(ALG256); + break; + default: + ASSERT_NOT_REACHED(); + } + result = WTFMove(jwk); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +void CryptoAlgorithmAES_KW::wrapKey(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + if (data.size() % 8) { + exceptionCallback(OperationError); + return; + } + platformWrapKey(WTFMove(key), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback)); +} + +void CryptoAlgorithmAES_KW::unwrapKey(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + platformUnwrapKey(WTFMove(key), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback)); +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::encryptForWrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + if (!keyAlgorithmMatches(key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformEncrypt(downcast<CryptoKeyAES>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::decryptForUnwrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + if (!keyAlgorithmMatches(key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformDecrypt(downcast<CryptoKeyAES>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext&) +{ + auto result = CryptoKeyAES::generate(CryptoAlgorithmIdentifier::AES_KW, downcast<CryptoAlgorithmAesKeyGenParamsDeprecated>(parameters).length, extractable, usages); + if (!result) { + failureCallback(); + return { }; + } + + callback(WTFMove(result)); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&&) +{ + if (!is<CryptoKeyDataOctetSequence>(keyData)) + return Exception { NOT_SUPPORTED_ERR }; + callback(CryptoKeyAES::create(CryptoAlgorithmIdentifier::AES_KW, downcast<CryptoKeyDataOctetSequence>(keyData).octetSequence(), extractable, usage)); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.h new file mode 100644 index 000000000..00294e391 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmAES_KW.h @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoKeyAES; + +class CryptoAlgorithmAES_KW final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "AES-KW"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::AES_KW; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmAES_KW() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + void wrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&) final; + void unwrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&) final; + + ExceptionOr<void> encryptForWrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> decryptForUnwrapKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoKey&) const; + void platformWrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&); + void platformUnwrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&); + ExceptionOr<void> platformEncrypt(const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformDecrypt(const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp new file mode 100644 index 000000000..be064a370 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp @@ -0,0 +1,238 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmHMAC.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmHmacKeyParams.h" +#include "CryptoAlgorithmHmacKeyParamsDeprecated.h" +#include "CryptoAlgorithmHmacParamsDeprecated.h" +#include "CryptoKeyDataOctetSequence.h" +#include "CryptoKeyHMAC.h" +#include "ExceptionCode.h" +#include <wtf/Variant.h> + +namespace WebCore { + +static const char* const ALG1 = "HS1"; +static const char* const ALG224 = "HS224"; +static const char* const ALG256 = "HS256"; +static const char* const ALG384 = "HS384"; +static const char* const ALG512 = "HS512"; + +static inline bool usagesAreInvalidForCryptoAlgorithmHMAC(CryptoKeyUsageBitmap usages) +{ + return usages & (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey); +} + +Ref<CryptoAlgorithm> CryptoAlgorithmHMAC::create() +{ + return adoptRef(*new CryptoAlgorithmHMAC); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmHMAC::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmHMAC::keyAlgorithmMatches(const CryptoAlgorithmHmacParamsDeprecated& parameters, const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + + if (downcast<CryptoKeyHMAC>(key).hashAlgorithmIdentifier() != parameters.hash) + return false; + + return true; +} + +void CryptoAlgorithmHMAC::sign(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + platformSign(WTFMove(key), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmHMAC::verify(Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + platformVerify(WTFMove(key), WTFMove(signature), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmHMAC::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&) +{ + const auto& hmacParameters = downcast<CryptoAlgorithmHmacKeyParams>(parameters); + + if (usagesAreInvalidForCryptoAlgorithmHMAC(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + if (hmacParameters.length && !hmacParameters.length.value()) { + exceptionCallback(OperationError); + return; + } + + auto result = CryptoKeyHMAC::generate(hmacParameters.length.value_or(0), hmacParameters.hashIdentifier, extractable, usages); + if (!result) { + exceptionCallback(OperationError); + return; + } + + callback(WTFMove(result)); +} + +void CryptoAlgorithmHMAC::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + const auto& hmacParameters = downcast<CryptoAlgorithmHmacKeyParams>(*parameters); + + if (usagesAreInvalidForCryptoAlgorithmHMAC(usages)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + RefPtr<CryptoKeyHMAC> result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = CryptoKeyHMAC::importRaw(hmacParameters.length.value_or(0), hmacParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + case SubtleCrypto::KeyFormat::Jwk: { + auto checkAlgCallback = [](CryptoAlgorithmIdentifier hash, const String& alg) -> bool { + switch (hash) { + case CryptoAlgorithmIdentifier::SHA_1: + return alg.isNull() || alg == ALG1; + case CryptoAlgorithmIdentifier::SHA_224: + return alg.isNull() || alg == ALG224; + case CryptoAlgorithmIdentifier::SHA_256: + return alg.isNull() || alg == ALG256; + case CryptoAlgorithmIdentifier::SHA_384: + return alg.isNull() || alg == ALG384; + case CryptoAlgorithmIdentifier::SHA_512: + return alg.isNull() || alg == ALG512; + default: + return false; + } + return false; + }; + result = CryptoKeyHMAC::importJwk(hmacParameters.length.value_or(0), hmacParameters.hashIdentifier, WTFMove(WTF::get<JsonWebKey>(data)), extractable, usages, WTFMove(checkAlgCallback)); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmHMAC::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& hmacKey = downcast<CryptoKeyHMAC>(key.get()); + + if (hmacKey.key().isEmpty()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Raw: + result = Vector<uint8_t>(hmacKey.key()); + break; + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = hmacKey.exportJwk(); + switch (hmacKey.hashAlgorithmIdentifier()) { + case CryptoAlgorithmIdentifier::SHA_1: + jwk.alg = String(ALG1); + break; + case CryptoAlgorithmIdentifier::SHA_224: + jwk.alg = String(ALG224); + break; + case CryptoAlgorithmIdentifier::SHA_256: + jwk.alg = String(ALG256); + break; + case CryptoAlgorithmIdentifier::SHA_384: + jwk.alg = String(ALG384); + break; + case CryptoAlgorithmIdentifier::SHA_512: + jwk.alg = String(ALG512); + break; + default: + ASSERT_NOT_REACHED(); + } + result = WTFMove(jwk); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +ExceptionOr<void> CryptoAlgorithmHMAC::sign(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& hmacParameters = downcast<CryptoAlgorithmHmacParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(hmacParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformSign(hmacParameters, downcast<CryptoKeyHMAC>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmHMAC::verify(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& expectedSignature, const CryptoOperationData& data, BoolCallback&& callback, VoidCallback&& failureCallback) +{ + auto& hmacParameters = downcast<CryptoAlgorithmHmacParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(hmacParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformVerify(hmacParameters, downcast<CryptoKeyHMAC>(key), expectedSignature, data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmHMAC::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext&) +{ + auto& hmacParameters = downcast<CryptoAlgorithmHmacKeyParamsDeprecated>(parameters); + auto result = CryptoKeyHMAC::generate(hmacParameters.hasLength ? hmacParameters.length : 0, hmacParameters.hash, extractable, usages); + if (!result) { + failureCallback(); + return { }; + } + callback(WTFMove(result)); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmHMAC::importKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&&) +{ + if (!is<CryptoKeyDataOctetSequence>(keyData)) + return Exception { NOT_SUPPORTED_ERR }; + callback(CryptoKeyHMAC::create(downcast<CryptoKeyDataOctetSequence>(keyData).octetSequence(), downcast<CryptoAlgorithmHmacParamsDeprecated>(parameters).hash, extractable, usage)); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h new file mode 100644 index 000000000..3ad69c92e --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h @@ -0,0 +1,68 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmHmacParamsDeprecated; +class CryptoKeyHMAC; + +class CryptoAlgorithmHMAC final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "HMAC"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::HMAC; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmHMAC() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void sign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void verify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + + // The following will be deprecated. + ExceptionOr<void> sign(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> verify(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData& signature, const CryptoOperationData&, BoolCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoAlgorithmHmacParamsDeprecated& algorithmParameters, const CryptoKey&) const; + void platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + void platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + ExceptionOr<void> platformSign(const CryptoAlgorithmHmacParamsDeprecated&, const CryptoKeyHMAC&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformVerify(const CryptoAlgorithmHmacParamsDeprecated&, const CryptoKeyHMAC&, const CryptoOperationData& signature, const CryptoOperationData&, BoolCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp new file mode 100644 index 000000000..8a8b4f2f8 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp @@ -0,0 +1,234 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSAES_PKCS1_v1_5.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRsaKeyGenParams.h" +#include "CryptoAlgorithmRsaKeyGenParamsDeprecated.h" +#include "CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h" +#include "CryptoKeyDataRSAComponents.h" +#include "CryptoKeyPair.h" +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include <wtf/Variant.h> + +namespace WebCore { + +static const char* const ALG = "RSA1_5"; + +Ref<CryptoAlgorithm> CryptoAlgorithmRSAES_PKCS1_v1_5::create() +{ + return adoptRef(*new CryptoAlgorithmRSAES_PKCS1_v1_5); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmRSAES_PKCS1_v1_5::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmRSAES_PKCS1_v1_5::keyAlgorithmMatches(const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + ASSERT(is<CryptoKeyRSA>(key)); + + return true; +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&& key, Vector<uint8_t>&& plainText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + if (key->type() != CryptoKeyType::Public) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformEncrypt(WTFMove(key), WTFMove(plainText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&& key, Vector<uint8_t>&& cipherText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + if (key->type() != CryptoKeyType::Private) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformDecrypt(WTFMove(key), WTFMove(cipherText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context) +{ + const auto& rsaParameters = downcast<CryptoAlgorithmRsaKeyGenParams>(parameters); + + if (usages & (CryptoKeyUsageSign | CryptoKeyUsageVerify | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + pair.publicKey->setUsagesBitmap(pair.publicKey->usagesBitmap() & CryptoKeyUsageEncrypt); + pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & CryptoKeyUsageDecrypt); + capturedCallback(WTFMove(pair)); + }; + auto failureCallback = [capturedCallback = WTFMove(exceptionCallback)]() { + capturedCallback(OperationError); + }; + // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect. + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, CryptoAlgorithmIdentifier::SHA_1, false, rsaParameters.modulusLength, rsaParameters.publicExponentVector(), extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + RefPtr<CryptoKeyRSA> result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data)); + if (usages && ((!key.d.isNull() && (usages ^ CryptoKeyUsageDecrypt)) || (key.d.isNull() && (usages ^ CryptoKeyUsageEncrypt)))) { + exceptionCallback(SYNTAX_ERR); + return; + } + if (usages && !key.use.isNull() && key.use != "enc") { + exceptionCallback(DataError); + return; + } + if (!key.alg.isNull() && key.alg != ALG) { + exceptionCallback(DataError); + return; + } + result = CryptoKeyRSA::importJwk(parameters->identifier, std::nullopt, WTFMove(key), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + if (usages && (usages ^ CryptoKeyUsageEncrypt)) { + exceptionCallback(SYNTAX_ERR); + return; + } + result = CryptoKeyRSA::importSpki(parameters->identifier, std::nullopt, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + if (usages && (usages ^ CryptoKeyUsageDecrypt)) { + exceptionCallback(SYNTAX_ERR); + return; + } + result = CryptoKeyRSA::importPkcs8(parameters->identifier, std::nullopt, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& rsaKey = downcast<CryptoKeyRSA>(key.get()); + + if (!rsaKey.keySizeInBits()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = rsaKey.exportJwk(); + jwk.alg = String(ALG); + result = WTFMove(jwk); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + auto spki = rsaKey.exportSpki(); + if (spki.hasException()) { + exceptionCallback(spki.releaseException().code()); + return; + } + result = spki.releaseReturnValue(); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + auto pkcs8 = rsaKey.exportPkcs8(); + if (pkcs8.hasException()) { + exceptionCallback(pkcs8.releaseException().code()); + return; + } + result = pkcs8.releaseReturnValue(); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + if (!keyAlgorithmMatches(key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformEncrypt(downcast<CryptoKeyRSA>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + if (!keyAlgorithmMatches(key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformDecrypt(downcast<CryptoKeyRSA>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext& context) +{ + auto& rsaParameters = downcast<CryptoAlgorithmRsaKeyGenParamsDeprecated>(parameters); + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + capturedCallback(WTFMove(pair)); + }; + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHashDeprecated>(parameters); + auto& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData); + auto result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaComponents, extractable, usage); + if (!result) { + failureCallback(); + return { }; + } + callback(*result); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.h new file mode 100644 index 000000000..a988f947c --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRSAESParams; +class CryptoKeyRSA; + +class CryptoAlgorithmRSAES_PKCS1_v1_5 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "RSAES-PKCS1-v1_5"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmRSAES_PKCS1_v1_5() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + + ExceptionOr<void> encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoKey&) const; + void platformEncrypt(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + void platformDecrypt(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + ExceptionOr<void> platformEncrypt(const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformDecrypt(const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp new file mode 100644 index 000000000..e3e9ed053 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp @@ -0,0 +1,289 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRsaHashedImportParams.h" +#include "CryptoAlgorithmRsaHashedKeyGenParams.h" +#include "CryptoAlgorithmRsaKeyGenParamsDeprecated.h" +#include "CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h" +#include "CryptoAlgorithmRsaSsaParamsDeprecated.h" +#include "CryptoKeyDataRSAComponents.h" +#include "CryptoKeyPair.h" +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include <wtf/Variant.h> + +namespace WebCore { + +static const char* const ALG1 = "RS1"; +static const char* const ALG224 = "RS224"; +static const char* const ALG256 = "RS256"; +static const char* const ALG384 = "RS384"; +static const char* const ALG512 = "RS512"; + +Ref<CryptoAlgorithm> CryptoAlgorithmRSASSA_PKCS1_v1_5::create() +{ + return adoptRef(*new CryptoAlgorithmRSASSA_PKCS1_v1_5); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmRSASSA_PKCS1_v1_5::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmRSASSA_PKCS1_v1_5::keyAlgorithmMatches(const CryptoAlgorithmRsaSsaParamsDeprecated& algorithmParameters, const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + + CryptoAlgorithmIdentifier keyHash; + if (downcast<CryptoKeyRSA>(key).isRestrictedToHash(keyHash) && keyHash != algorithmParameters.hash) + return false; + + return true; +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::sign(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + if (key->type() != CryptoKeyType::Private) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformSign(WTFMove(key), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::verify(Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + if (key->type() != CryptoKeyType::Public) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformVerify(WTFMove(key), WTFMove(signature), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context) +{ + const auto& rsaParameters = downcast<CryptoAlgorithmRsaHashedKeyGenParams>(parameters); + + if (usages & (CryptoKeyUsageDecrypt | CryptoKeyUsageEncrypt | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + pair.publicKey->setUsagesBitmap(pair.publicKey->usagesBitmap() & CryptoKeyUsageVerify); + pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & CryptoKeyUsageSign); + capturedCallback(WTFMove(pair)); + }; + auto failureCallback = [capturedCallback = WTFMove(exceptionCallback)]() { + capturedCallback(OperationError); + }; + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.hashIdentifier, true, rsaParameters.modulusLength, rsaParameters.publicExponentVector(), extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + const auto& rsaParameters = downcast<CryptoAlgorithmRsaHashedImportParams>(*parameters); + + RefPtr<CryptoKeyRSA> result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data)); + + if (usages && ((!key.d.isNull() && (usages ^ CryptoKeyUsageSign)) || (key.d.isNull() && (usages ^ CryptoKeyUsageVerify)))) { + exceptionCallback(SYNTAX_ERR); + return; + } + if (usages && !key.use.isNull() && key.use != "sig") { + exceptionCallback(DataError); + return; + } + + bool isMatched = false; + switch (rsaParameters.hashIdentifier) { + case CryptoAlgorithmIdentifier::SHA_1: + isMatched = key.alg.isNull() || key.alg == ALG1; + break; + case CryptoAlgorithmIdentifier::SHA_224: + isMatched = key.alg.isNull() || key.alg == ALG224; + break; + case CryptoAlgorithmIdentifier::SHA_256: + isMatched = key.alg.isNull() || key.alg == ALG256; + break; + case CryptoAlgorithmIdentifier::SHA_384: + isMatched = key.alg.isNull() || key.alg == ALG384; + break; + case CryptoAlgorithmIdentifier::SHA_512: + isMatched = key.alg.isNull() || key.alg == ALG512; + break; + default: + break; + } + if (!isMatched) { + exceptionCallback(DataError); + return; + } + + result = CryptoKeyRSA::importJwk(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(key), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + if (usages && (usages ^ CryptoKeyUsageVerify)) { + exceptionCallback(SYNTAX_ERR); + return; + } + // FIXME: <webkit.org/b/165436> + result = CryptoKeyRSA::importSpki(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + if (usages && (usages ^ CryptoKeyUsageSign)) { + exceptionCallback(SYNTAX_ERR); + return; + } + // FIXME: <webkit.org/b/165436> + result = CryptoKeyRSA::importPkcs8(parameters->identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& rsaKey = downcast<CryptoKeyRSA>(key.get()); + + if (!rsaKey.keySizeInBits()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = rsaKey.exportJwk(); + switch (rsaKey.hashAlgorithmIdentifier()) { + case CryptoAlgorithmIdentifier::SHA_1: + jwk.alg = String(ALG1); + break; + case CryptoAlgorithmIdentifier::SHA_224: + jwk.alg = String(ALG224); + break; + case CryptoAlgorithmIdentifier::SHA_256: + jwk.alg = String(ALG256); + break; + case CryptoAlgorithmIdentifier::SHA_384: + jwk.alg = String(ALG384); + break; + case CryptoAlgorithmIdentifier::SHA_512: + jwk.alg = String(ALG512); + break; + default: + ASSERT_NOT_REACHED(); + } + result = WTFMove(jwk); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + auto spki = rsaKey.exportSpki(); + if (spki.hasException()) { + exceptionCallback(spki.releaseException().code()); + return; + } + result = spki.releaseReturnValue(); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + auto pkcs8 = rsaKey.exportPkcs8(); + if (pkcs8.hasException()) { + exceptionCallback(pkcs8.releaseException().code()); + return; + } + result = pkcs8.releaseReturnValue(); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::sign(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaSSAParameters = downcast<CryptoAlgorithmRsaSsaParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(rsaSSAParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformSign(rsaSSAParameters, downcast<CryptoKeyRSA>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::verify(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& signature, const CryptoOperationData& data, BoolCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaSSAParameters = downcast<CryptoAlgorithmRsaSsaParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(rsaSSAParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformVerify(rsaSSAParameters, downcast<CryptoKeyRSA>(key), signature, data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext& context) +{ + auto& rsaParameters = downcast<CryptoAlgorithmRsaKeyGenParamsDeprecated>(parameters); + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + capturedCallback(WTFMove(pair)); + }; + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaKeyParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHashDeprecated>(parameters); + auto& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData); + auto result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage); + if (!result) { + failureCallback(); + return { }; + } + callback(*result); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h new file mode 100644 index 000000000..01d8693b5 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaSsaParamsDeprecated; +class CryptoKeyRSA; + +class CryptoAlgorithmRSASSA_PKCS1_v1_5 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "RSASSA-PKCS1-v1_5"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmRSASSA_PKCS1_v1_5() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void sign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void verify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + + ExceptionOr<void> sign(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> verify(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData& signature, const CryptoOperationData&, BoolCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoAlgorithmRsaSsaParamsDeprecated& algorithmParameters, const CryptoKey&) const; + void platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + void platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + ExceptionOr<void> platformSign(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformVerify(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData& signature, const CryptoOperationData&, BoolCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp new file mode 100644 index 000000000..df4d30aa8 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp @@ -0,0 +1,305 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSA_OAEP.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRsaHashedImportParams.h" +#include "CryptoAlgorithmRsaHashedKeyGenParams.h" +#include "CryptoAlgorithmRsaKeyGenParamsDeprecated.h" +#include "CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h" +#include "CryptoAlgorithmRsaOaepParamsDeprecated.h" +#include "CryptoKeyDataRSAComponents.h" +#include "CryptoKeyPair.h" +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include <wtf/Variant.h> + +namespace WebCore { + +static const char* const ALG1 = "RSA-OAEP"; +static const char* const ALG224 = "RSA-OAEP-224"; +static const char* const ALG256 = "RSA-OAEP-256"; +static const char* const ALG384 = "RSA-OAEP-384"; +static const char* const ALG512 = "RSA-OAEP-512"; + +Ref<CryptoAlgorithm> CryptoAlgorithmRSA_OAEP::create() +{ + return adoptRef(*new CryptoAlgorithmRSA_OAEP); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmRSA_OAEP::identifier() const +{ + return s_identifier; +} + +bool CryptoAlgorithmRSA_OAEP::keyAlgorithmMatches(const CryptoAlgorithmRsaOaepParamsDeprecated& algorithmParameters, const CryptoKey& key) const +{ + if (key.algorithmIdentifier() != s_identifier) + return false; + + CryptoAlgorithmIdentifier keyHash; + if (downcast<CryptoKeyRSA>(key).isRestrictedToHash(keyHash) && keyHash != algorithmParameters.hash) + return false; + + return true; +} + +void CryptoAlgorithmRSA_OAEP::encrypt(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& key, Vector<uint8_t>&& plainText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + ASSERT(parameters); + if (key->type() != CryptoKeyType::Public) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformEncrypt(WTFMove(parameters), WTFMove(key), WTFMove(plainText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSA_OAEP::decrypt(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& key, Vector<uint8_t>&& cipherText, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + ASSERT(parameters); + if (key->type() != CryptoKeyType::Private) { + exceptionCallback(INVALID_ACCESS_ERR); + return; + } + platformDecrypt(WTFMove(parameters), WTFMove(key), WTFMove(cipherText), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue); +} + +void CryptoAlgorithmRSA_OAEP::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context) +{ + const auto& rsaParameters = downcast<CryptoAlgorithmRsaHashedKeyGenParams>(parameters); + + if (usages & (CryptoKeyUsageSign | CryptoKeyUsageVerify | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits)) { + exceptionCallback(SYNTAX_ERR); + return; + } + + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + pair.publicKey->setUsagesBitmap(pair.publicKey->usagesBitmap() & (CryptoKeyUsageEncrypt | CryptoKeyUsageWrapKey)); + pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & (CryptoKeyUsageDecrypt | CryptoKeyUsageUnwrapKey)); + capturedCallback(WTFMove(pair)); + }; + auto failureCallback = [capturedCallback = WTFMove(exceptionCallback)]() { + capturedCallback(OperationError); + }; + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.hashIdentifier, true, rsaParameters.modulusLength, rsaParameters.publicExponentVector(), extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); +} + +void CryptoAlgorithmRSA_OAEP::importKey(SubtleCrypto::KeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + ASSERT(parameters); + const auto& rsaParameters = downcast<CryptoAlgorithmRsaHashedImportParams>(*parameters); + + RefPtr<CryptoKeyRSA> result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data)); + + bool isUsagesAllowed = false; + if (!key.d.isNull()) { + isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageDecrypt); + isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageUnwrapKey); + isUsagesAllowed = isUsagesAllowed || !(usages ^ (CryptoKeyUsageDecrypt | CryptoKeyUsageUnwrapKey)); + } else { + isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageEncrypt); + isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageWrapKey); + isUsagesAllowed = isUsagesAllowed || !(usages ^ (CryptoKeyUsageEncrypt | CryptoKeyUsageWrapKey)); + } + isUsagesAllowed = isUsagesAllowed || !usages; + if (!isUsagesAllowed) { + exceptionCallback(SYNTAX_ERR); + return; + } + + if (usages && !key.use.isNull() && key.use != "enc") { + exceptionCallback(DataError); + return; + } + + bool isMatched = false; + switch (rsaParameters.hashIdentifier) { + case CryptoAlgorithmIdentifier::SHA_1: + isMatched = key.alg.isNull() || key.alg == ALG1; + break; + case CryptoAlgorithmIdentifier::SHA_224: + isMatched = key.alg.isNull() || key.alg == ALG224; + break; + case CryptoAlgorithmIdentifier::SHA_256: + isMatched = key.alg.isNull() || key.alg == ALG256; + break; + case CryptoAlgorithmIdentifier::SHA_384: + isMatched = key.alg.isNull() || key.alg == ALG384; + break; + case CryptoAlgorithmIdentifier::SHA_512: + isMatched = key.alg.isNull() || key.alg == ALG512; + break; + default: + break; + } + if (!isMatched) { + exceptionCallback(DataError); + return; + } + + result = CryptoKeyRSA::importJwk(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(key), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + if (usages && (usages ^ CryptoKeyUsageEncrypt) && (usages ^ CryptoKeyUsageWrapKey) && (usages ^ (CryptoKeyUsageEncrypt | CryptoKeyUsageWrapKey))) { + exceptionCallback(SYNTAX_ERR); + return; + } + // FIXME: <webkit.org/b/165436> + result = CryptoKeyRSA::importSpki(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + if (usages && (usages ^ CryptoKeyUsageDecrypt) && (usages ^ CryptoKeyUsageUnwrapKey) && (usages ^ (CryptoKeyUsageDecrypt | CryptoKeyUsageUnwrapKey))) { + exceptionCallback(SYNTAX_ERR); + return; + } + // FIXME: <webkit.org/b/165436> + result = CryptoKeyRSA::importPkcs8(parameters->identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + if (!result) { + exceptionCallback(DataError); + return; + } + + callback(*result); +} + +void CryptoAlgorithmRSA_OAEP::exportKey(SubtleCrypto::KeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) +{ + const auto& rsaKey = downcast<CryptoKeyRSA>(key.get()); + + if (!rsaKey.keySizeInBits()) { + exceptionCallback(OperationError); + return; + } + + KeyData result; + switch (format) { + case SubtleCrypto::KeyFormat::Jwk: { + JsonWebKey jwk = rsaKey.exportJwk(); + switch (rsaKey.hashAlgorithmIdentifier()) { + case CryptoAlgorithmIdentifier::SHA_1: + jwk.alg = String(ALG1); + break; + case CryptoAlgorithmIdentifier::SHA_224: + jwk.alg = String(ALG224); + break; + case CryptoAlgorithmIdentifier::SHA_256: + jwk.alg = String(ALG256); + break; + case CryptoAlgorithmIdentifier::SHA_384: + jwk.alg = String(ALG384); + break; + case CryptoAlgorithmIdentifier::SHA_512: + jwk.alg = String(ALG512); + break; + default: + ASSERT_NOT_REACHED(); + } + result = WTFMove(jwk); + break; + } + case SubtleCrypto::KeyFormat::Spki: { + // FIXME: <webkit.org/b/165437> + auto spki = rsaKey.exportSpki(); + if (spki.hasException()) { + exceptionCallback(spki.releaseException().code()); + return; + } + result = spki.releaseReturnValue(); + break; + } + case SubtleCrypto::KeyFormat::Pkcs8: { + // FIXME: <webkit.org/b/165437> + auto pkcs8 = rsaKey.exportPkcs8(); + if (pkcs8.hasException()) { + exceptionCallback(pkcs8.releaseException().code()); + return; + } + result = pkcs8.releaseReturnValue(); + break; + } + default: + exceptionCallback(NOT_SUPPORTED_ERR); + return; + } + + callback(format, WTFMove(result)); +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::encrypt(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaOAEPParameters = downcast<CryptoAlgorithmRsaOaepParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(rsaOAEPParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformEncrypt(rsaOAEPParameters, downcast<CryptoKeyRSA>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::decrypt(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKey& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaOAEPParameters = downcast<CryptoAlgorithmRsaOaepParamsDeprecated>(parameters); + if (!keyAlgorithmMatches(rsaOAEPParameters, key)) + return Exception { NOT_SUPPORTED_ERR }; + return platformDecrypt(rsaOAEPParameters, downcast<CryptoKeyRSA>(key), data, WTFMove(callback), WTFMove(failureCallback)); +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::generateKey(const CryptoAlgorithmParametersDeprecated& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext& context) +{ + auto& rsaParameters = downcast<CryptoAlgorithmRsaKeyGenParamsDeprecated>(parameters); + auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { + capturedCallback(WTFMove(pair)); + }; + CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::importKey(const CryptoAlgorithmParametersDeprecated& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsageBitmap usage, KeyCallback&& callback, VoidCallback&& failureCallback) +{ + auto& rsaKeyParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHashDeprecated>(parameters); + auto& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData); + auto result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSA_OAEP, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage); + if (!result) { + failureCallback(); + return { }; + } + callback(*result); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.h new file mode 100644 index 000000000..4aea6a4b8 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaOaepParamsDeprecated; +class CryptoKeyRSA; + +class CryptoAlgorithmRSA_OAEP final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "RSA-OAEP"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::RSA_OAEP; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmRSA_OAEP() = default; + CryptoAlgorithmIdentifier identifier() const final; + + void encrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void decrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + void generateKey(const CryptoAlgorithmParameters&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, ExceptionCallback&&, ScriptExecutionContext&) final; + void importKey(SubtleCrypto::KeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final; + void exportKey(SubtleCrypto::KeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final; + + ExceptionOr<void> encrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> decrypt(const CryptoAlgorithmParametersDeprecated&, const CryptoKey&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; + ExceptionOr<void> generateKey(const CryptoAlgorithmParametersDeprecated&, bool extractable, CryptoKeyUsageBitmap, KeyOrKeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext&) final; + ExceptionOr<void> importKey(const CryptoAlgorithmParametersDeprecated&, const CryptoKeyData&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, VoidCallback&& failureCallback) final; + + bool keyAlgorithmMatches(const CryptoAlgorithmRsaOaepParamsDeprecated& algorithmParameters, const CryptoKey&) const; + void platformEncrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + void platformDecrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&); + ExceptionOr<void> platformEncrypt(const CryptoAlgorithmRsaOaepParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); + ExceptionOr<void> platformDecrypt(const CryptoAlgorithmRsaOaepParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback); +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.cpp new file mode 100644 index 000000000..addf84d2b --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmSHA1.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <pal/crypto/CryptoDigest.h> + +namespace WebCore { + +Ref<CryptoAlgorithm> CryptoAlgorithmSHA1::create() +{ + return adoptRef(*new CryptoAlgorithmSHA1); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmSHA1::identifier() const +{ + return s_identifier; +} + +void CryptoAlgorithmSHA1::digest(Vector<uint8_t>&& message, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); + if (!digest) { + exceptionCallback(OperationError); + return; + } + + context.ref(); + workQueue.dispatch([digest = WTFMove(digest), message = WTFMove(message), callback = WTFMove(callback), &context]() mutable { + digest->addBytes(message.data(), message.size()); + auto result = digest->computeHash(); + context.postTask([callback = WTFMove(callback), result = WTFMove(result)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmSHA1::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); + if (!digest) { + failureCallback(); + return { }; + } + digest->addBytes(data.first, data.second); + callback(digest->computeHash()); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.h new file mode 100644 index 000000000..f355b49d5 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA1.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmSHA1 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "SHA-1"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::SHA_1; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmSHA1() = default; + CryptoAlgorithmIdentifier identifier() const final; + void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.cpp new file mode 100644 index 000000000..634c5a3d9 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmSHA224.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <pal/crypto/CryptoDigest.h> + +namespace WebCore { + +Ref<CryptoAlgorithm> CryptoAlgorithmSHA224::create() +{ + return adoptRef(*new CryptoAlgorithmSHA224); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmSHA224::identifier() const +{ + return s_identifier; +} + +void CryptoAlgorithmSHA224::digest(Vector<uint8_t>&& message, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_224); + if (!digest) { + exceptionCallback(OperationError); + return; + } + + context.ref(); + workQueue.dispatch([digest = WTFMove(digest), message = WTFMove(message), callback = WTFMove(callback), &context]() mutable { + digest->addBytes(message.data(), message.size()); + auto result = digest->computeHash(); + context.postTask([callback = WTFMove(callback), result = WTFMove(result)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmSHA224::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_224); + if (!digest) { + failureCallback(); + return { }; + } + digest->addBytes(data.first, data.second); + callback(digest->computeHash()); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.h new file mode 100644 index 000000000..a5b1f6383 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA224.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmSHA224 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "SHA-224"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::SHA_224; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmSHA224() = default; + CryptoAlgorithmIdentifier identifier() const final; + void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.cpp new file mode 100644 index 000000000..0ea0506b9 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmSHA256.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <pal/crypto/CryptoDigest.h> + +namespace WebCore { + +Ref<CryptoAlgorithm> CryptoAlgorithmSHA256::create() +{ + return adoptRef(*new CryptoAlgorithmSHA256); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmSHA256::identifier() const +{ + return s_identifier; +} + +void CryptoAlgorithmSHA256::digest(Vector<uint8_t>&& message, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_256); + if (!digest) { + exceptionCallback(OperationError); + return; + } + + context.ref(); + workQueue.dispatch([digest = WTFMove(digest), message = WTFMove(message), callback = WTFMove(callback), &context]() mutable { + digest->addBytes(message.data(), message.size()); + auto result = digest->computeHash(); + context.postTask([callback = WTFMove(callback), result = WTFMove(result)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmSHA256::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_256); + if (!digest) { + failureCallback(); + return { }; + } + digest->addBytes(data.first, data.second); + callback(digest->computeHash()); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.h new file mode 100644 index 000000000..c2acc82f6 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA256.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmSHA256 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "SHA-256"; + static const CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::SHA_256; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmSHA256() = default; + CryptoAlgorithmIdentifier identifier() const final; + void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.cpp new file mode 100644 index 000000000..88f313629 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmSHA384.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <pal/crypto/CryptoDigest.h> + +namespace WebCore { + +Ref<CryptoAlgorithm> CryptoAlgorithmSHA384::create() +{ + return adoptRef(*new CryptoAlgorithmSHA384); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmSHA384::identifier() const +{ + return s_identifier; +} + +void CryptoAlgorithmSHA384::digest(Vector<uint8_t>&& message, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_384); + if (!digest) { + exceptionCallback(OperationError); + return; + } + + context.ref(); + workQueue.dispatch([digest = WTFMove(digest), message = WTFMove(message), callback = WTFMove(callback), &context]() mutable { + digest->addBytes(message.data(), message.size()); + auto result = digest->computeHash(); + context.postTask([callback = WTFMove(callback), result = WTFMove(result)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmSHA384::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_384); + if (!digest) { + failureCallback(); + return { }; + } + digest->addBytes(data.first, data.second); + callback(digest->computeHash()); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.h new file mode 100644 index 000000000..4f7bab449 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA384.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmSHA384 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "SHA-384"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::SHA_384; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmSHA384() = default; + CryptoAlgorithmIdentifier identifier() const final; + void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.cpp b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.cpp new file mode 100644 index 000000000..0103f0953 --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmSHA512.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <pal/crypto/CryptoDigest.h> + +namespace WebCore { + +Ref<CryptoAlgorithm> CryptoAlgorithmSHA512::create() +{ + return adoptRef(*new CryptoAlgorithmSHA512); +} + +CryptoAlgorithmIdentifier CryptoAlgorithmSHA512::identifier() const +{ + return s_identifier; +} + +void CryptoAlgorithmSHA512::digest(Vector<uint8_t>&& message, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_512); + if (!digest) { + exceptionCallback(OperationError); + return; + } + + context.ref(); + workQueue.dispatch([digest = WTFMove(digest), message = WTFMove(message), callback = WTFMove(callback), &context]() mutable { + digest->addBytes(message.data(), message.size()); + auto result = digest->computeHash(); + context.postTask([callback = WTFMove(callback), result = WTFMove(result)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmSHA512::digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + auto digest = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_512); + if (!digest) { + failureCallback(); + return { }; + } + digest->addBytes(data.first, data.second); + callback(digest->computeHash()); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.h b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.h new file mode 100644 index 000000000..b53971e6f --- /dev/null +++ b/Source/WebCore/crypto/algorithms/CryptoAlgorithmSHA512.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithm.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmSHA512 final : public CryptoAlgorithm { +public: + static constexpr const char* s_name = "SHA-512"; + static constexpr CryptoAlgorithmIdentifier s_identifier = CryptoAlgorithmIdentifier::SHA_512; + static Ref<CryptoAlgorithm> create(); + +private: + CryptoAlgorithmSHA512() = default; + CryptoAlgorithmIdentifier identifier() const final; + void digest(Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) final; + ExceptionOr<void> digest(const CryptoAlgorithmParametersDeprecated&, const CryptoOperationData&, VectorCallback&&, VoidCallback&& failureCallback) final; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp b/Source/WebCore/crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp new file mode 100644 index 000000000..746e3bee0 --- /dev/null +++ b/Source/WebCore/crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp @@ -0,0 +1,194 @@ +/* + * Copyright (C) 2014 Igalia S.L. + * Copyright (C) 2016 SoftAtHome + * Copyright (C) 2016 Apple Inc. + * Copyright (C) 2016 Yusuke Suzuki <utatane.tea@gmail.com>. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmHMAC.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmHmacParamsDeprecated.h" +#include "CryptoKeyHMAC.h" +#include "ExceptionCode.h" +#include "ScriptExecutionContext.h" +#include <gcrypt.h> +#include <wtf/CryptographicUtilities.h> + +namespace WebCore { + +static int getGCryptDigestAlgorithm(CryptoAlgorithmIdentifier hashFunction) +{ + switch (hashFunction) { + case CryptoAlgorithmIdentifier::SHA_1: + return GCRY_MAC_HMAC_SHA1; + case CryptoAlgorithmIdentifier::SHA_224: + return GCRY_MAC_HMAC_SHA224; + case CryptoAlgorithmIdentifier::SHA_256: + return GCRY_MAC_HMAC_SHA256; + case CryptoAlgorithmIdentifier::SHA_384: + return GCRY_MAC_HMAC_SHA384; + case CryptoAlgorithmIdentifier::SHA_512: + return GCRY_MAC_HMAC_SHA512; + default: + return GCRY_MAC_NONE; + } +} + +static std::optional<Vector<uint8_t>> calculateSignature(int algorithm, const Vector<uint8_t>& key, const uint8_t* data, size_t dataLength) +{ + size_t digestLength = gcry_mac_get_algo_maclen(algorithm); + const void* keyData = key.data() ? key.data() : reinterpret_cast<const uint8_t*>(""); + + bool result = false; + Vector<uint8_t> signature; + + gcry_mac_hd_t hd; + gcry_error_t err; + + err = gcry_mac_open(&hd, algorithm, 0, nullptr); + if (err) + goto cleanup; + + err = gcry_mac_setkey(hd, keyData, key.size()); + if (err) + goto cleanup; + + err = gcry_mac_write(hd, data, dataLength); + if (err) + goto cleanup; + + signature.resize(digestLength); + err = gcry_mac_read(hd, signature.data(), &digestLength); + if (err) + goto cleanup; + + signature.resize(digestLength); + result = true; + +cleanup: + if (hd) + gcry_mac_close(hd); + + if (!result) + return std::nullopt; + + return WTFMove(signature); +} + +static std::optional<Vector<uint8_t>> calculateSignature(int algorithm, const Vector<uint8_t>& key, const CryptoOperationData& data) +{ + return calculateSignature(algorithm, key, data.first, data.second); +} + +void CryptoAlgorithmHMAC::platformSign(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + context.ref(); + workQueue.dispatch([key = WTFMove(key), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable { + auto& hmacKey = downcast<CryptoKeyHMAC>(key.get()); + auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier()); + if (algorithm != GCRY_MAC_NONE) { + auto result = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size()); + if (result) { + // We should only dereference callbacks after being back to the Document/Worker threads. + context.postTask([callback = WTFMove(callback), result = WTFMove(*result), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + return; + } + } + // We should only dereference callbacks after being back to the Document/Worker threads. + context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) { + exceptionCallback(OperationError); + context.deref(); + }); + }); +} + +void CryptoAlgorithmHMAC::platformVerify(Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) +{ + context.ref(); + workQueue.dispatch([key = WTFMove(key), signature = WTFMove(signature), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable { + auto& hmacKey = downcast<CryptoKeyHMAC>(key.get()); + auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier()); + if (algorithm != GCRY_MAC_NONE) { + auto expectedSignature = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size()); + if (expectedSignature) { + // Using a constant time comparison to prevent timing attacks. + bool result = signature.size() == expectedSignature->size() && !constantTimeMemcmp(expectedSignature->data(), signature.data(), expectedSignature->size()); + // We should only dereference callbacks after being back to the Document/Worker threads. + context.postTask([callback = WTFMove(callback), result, exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { + callback(result); + context.deref(); + }); + return; + } + } + // We should only dereference callbacks after being back to the Document/Worker threads. + context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) { + exceptionCallback(OperationError); + context.deref(); + }); + }); +} + +ExceptionOr<void> CryptoAlgorithmHMAC::platformSign(const CryptoAlgorithmHmacParamsDeprecated& parameters, const CryptoKeyHMAC& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback) +{ + int algorithm = getGCryptDigestAlgorithm(parameters.hash); + if (algorithm == GCRY_MAC_NONE) + return Exception { NOT_SUPPORTED_ERR }; + + auto signature = calculateSignature(algorithm, key.key(), data); + if (signature) + callback(*signature); + else + failureCallback(); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmHMAC::platformVerify(const CryptoAlgorithmHmacParamsDeprecated& parameters, const CryptoKeyHMAC& key, const CryptoOperationData& expectedSignature, const CryptoOperationData& data, BoolCallback&& callback, VoidCallback&& failureCallback) +{ + int algorithm = getGCryptDigestAlgorithm(parameters.hash); + if (algorithm == GCRY_MAC_NONE) + return Exception { NOT_SUPPORTED_ERR }; + + auto signature = calculateSignature(algorithm, key.key(), data); + if (!signature) { + failureCallback(); + return { }; + } + + // Using a constant time comparison to prevent timing attacks. + bool result = signature.value().size() == expectedSignature.second && !constantTimeMemcmp(signature.value().data(), expectedSignature.first, signature.value().size()); + + callback(result); + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp b/Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp new file mode 100644 index 000000000..853b070bf --- /dev/null +++ b/Source/WebCore/crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp @@ -0,0 +1,64 @@ +/* + * Copyright (C) 2016 Yusuke Suzuki <utatane.tea@gmail.com>. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRsaSsaParamsDeprecated.h" +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include "NotImplemented.h" +#include <gcrypt.h> +#include <wtf/CryptographicUtilities.h> + +namespace WebCore { + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&&, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, const CryptoOperationData&, BoolCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_CBCGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_CBCGnuTLS.cpp new file mode 100644 index 000000000..c1d2d29ca --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_CBCGnuTLS.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmAES_CBC.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +void CryptoAlgorithmAES_CBC::platformEncrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmAES_CBC::platformDecrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::platformEncrypt(const CryptoAlgorithmAesCbcParamsDeprecated&, const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmAES_CBC::platformDecrypt(const CryptoAlgorithmAesCbcParamsDeprecated&, const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp new file mode 100644 index 000000000..9a58b64ca --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmAES_KW.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +void CryptoAlgorithmAES_KW::platformWrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&) +{ + notImplemented(); +} + +void CryptoAlgorithmAES_KW::platformUnwrapKey(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::platformEncrypt(const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmAES_KW::platformDecrypt(const CryptoKeyAES&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp new file mode 100644 index 000000000..3935c5515 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp @@ -0,0 +1,109 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmHMAC.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmHmacParamsDeprecated.h" +#include "CryptoKeyHMAC.h" +#include "ExceptionCode.h" +#include "NotImplemented.h" +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> +#include <wtf/CryptographicUtilities.h> + +namespace WebCore { + +static gnutls_mac_algorithm_t getGnutlsDigestAlgorithm(CryptoAlgorithmIdentifier hashFunction) +{ + switch (hashFunction) { + case CryptoAlgorithmIdentifier::SHA_1: + return GNUTLS_MAC_SHA1; + case CryptoAlgorithmIdentifier::SHA_224: + return GNUTLS_MAC_SHA224; + case CryptoAlgorithmIdentifier::SHA_256: + return GNUTLS_MAC_SHA256; + case CryptoAlgorithmIdentifier::SHA_384: + return GNUTLS_MAC_SHA384; + case CryptoAlgorithmIdentifier::SHA_512: + return GNUTLS_MAC_SHA512; + default: + return GNUTLS_MAC_UNKNOWN; + } +} + +static Vector<uint8_t> calculateSignature(gnutls_mac_algorithm_t algorithm, const Vector<uint8_t>& key, const CryptoOperationData& data) +{ + size_t digestLength = gnutls_hmac_get_len(algorithm); + + Vector<uint8_t> result(digestLength); + const void* keyData = key.data() ? key.data() : reinterpret_cast<const uint8_t*>(""); + int ret = gnutls_hmac_fast(algorithm, keyData, key.size(), data.first, data.second, result.data()); + ASSERT(ret == GNUTLS_E_SUCCESS); + UNUSED_PARAM(ret); + + return result; +} + +void CryptoAlgorithmHMAC::platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmHMAC::platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&&, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmHMAC::platformSign(const CryptoAlgorithmHmacParamsDeprecated& parameters, const CryptoKeyHMAC& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&&) +{ + gnutls_mac_algorithm_t algorithm = getGnutlsDigestAlgorithm(parameters.hash); + if (algorithm == GNUTLS_MAC_UNKNOWN) + return Exception { NOT_SUPPORTED_ERR }; + callback(calculateSignature(algorithm, key.key(), data)); + return { }; +} + +ExceptionOr<void> CryptoAlgorithmHMAC::platformVerify(const CryptoAlgorithmHmacParamsDeprecated& parameters, const CryptoKeyHMAC& key, const CryptoOperationData& expectedSignature, const CryptoOperationData& data, BoolCallback&& callback, VoidCallback&&) +{ + gnutls_mac_algorithm_t algorithm = getGnutlsDigestAlgorithm(parameters.hash); + if (algorithm == GNUTLS_MAC_UNKNOWN) + return Exception { NOT_SUPPORTED_ERR }; + + Vector<uint8_t> signature = calculateSignature(algorithm, key.key(), data); + + // Using a constant time comparison to prevent timing attacks. + bool result = signature.size() == expectedSignature.second && !constantTimeMemcmp(signature.data(), expectedSignature.first, signature.size()); + + callback(result); + + return { }; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSAES_PKCS1_v1_5GnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSAES_PKCS1_v1_5GnuTLS.cpp new file mode 100644 index 000000000..dbd9cdbd4 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSAES_PKCS1_v1_5GnuTLS.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSAES_PKCS1_v1_5.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +void CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt(const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt(const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp new file mode 100644 index 000000000..80af7f582 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp @@ -0,0 +1,62 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRsaSsaParamsDeprecated.h" +#include "CryptoKeyRSA.h" +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&&, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify(const CryptoAlgorithmRsaSsaParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, const CryptoOperationData&, BoolCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSA_OAEPGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSA_OAEPGnuTLS.cpp new file mode 100644 index 000000000..be4be3bd8 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRSA_OAEPGnuTLS.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRSA_OAEP.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +void CryptoAlgorithmRSA_OAEP::platformEncrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +void CryptoAlgorithmRSA_OAEP::platformDecrypt(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&) +{ + notImplemented(); +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::platformEncrypt(const CryptoAlgorithmRsaOaepParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +ExceptionOr<void> CryptoAlgorithmRSA_OAEP::platformDecrypt(const CryptoAlgorithmRsaOaepParamsDeprecated&, const CryptoKeyRSA&, const CryptoOperationData&, VectorCallback&&, VoidCallback&&) +{ + notImplemented(); + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoAlgorithmRegistryGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRegistryGnuTLS.cpp new file mode 100644 index 000000000..34cbf9d14 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoAlgorithmRegistryGnuTLS.cpp @@ -0,0 +1,62 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoAlgorithmRegistry.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmAES_CBC.h" +#include "CryptoAlgorithmAES_KW.h" +#include "CryptoAlgorithmHMAC.h" +#include "CryptoAlgorithmRSAES_PKCS1_v1_5.h" +#include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h" +#include "CryptoAlgorithmRSA_OAEP.h" +#include "CryptoAlgorithmSHA1.h" +#include "CryptoAlgorithmSHA224.h" +#include "CryptoAlgorithmSHA256.h" +#include "CryptoAlgorithmSHA384.h" +#include "CryptoAlgorithmSHA512.h" + +namespace WebCore { + +void CryptoAlgorithmRegistry::platformRegisterAlgorithms() +{ + registerAlgorithm<CryptoAlgorithmAES_CBC>(); + registerAlgorithm<CryptoAlgorithmAES_KW>(); + registerAlgorithm<CryptoAlgorithmHMAC>(); + registerAlgorithm<CryptoAlgorithmRSAES_PKCS1_v1_5>(); + registerAlgorithm<CryptoAlgorithmRSASSA_PKCS1_v1_5>(); + registerAlgorithm<CryptoAlgorithmRSA_OAEP>(); + registerAlgorithm<CryptoAlgorithmSHA1>(); + registerAlgorithm<CryptoAlgorithmSHA224>(); + registerAlgorithm<CryptoAlgorithmSHA256>(); + registerAlgorithm<CryptoAlgorithmSHA384>(); + registerAlgorithm<CryptoAlgorithmSHA512>(); +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp b/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp new file mode 100644 index 000000000..0c7737427 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp @@ -0,0 +1,145 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoKeyRSA.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithmRegistry.h" +#include "CryptoKeyDataRSAComponents.h" +#include "CryptoKeyPair.h" +#include "ExceptionCode.h" +#include "NotImplemented.h" + +namespace WebCore { + +struct _PlatformRSAKeyGnuTLS { +}; + +CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsageBitmap usage) + : CryptoKey(identifier, type, extractable, usage) + , m_platformKey(platformKey) + , m_restrictedToSpecificHash(hasHash) + , m_hash(hash) +{ + notImplemented(); +} + +RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsageBitmap usage) +{ + notImplemented(); + UNUSED_PARAM(identifier); + UNUSED_PARAM(hash); + UNUSED_PARAM(hasHash); + UNUSED_PARAM(keyData); + UNUSED_PARAM(extractable); + UNUSED_PARAM(usage); + + return nullptr; +} + +CryptoKeyRSA::~CryptoKeyRSA() +{ + notImplemented(); +} + +bool CryptoKeyRSA::isRestrictedToHash(CryptoAlgorithmIdentifier& identifier) const +{ + if (!m_restrictedToSpecificHash) + return false; + + identifier = m_hash; + return true; +} + +size_t CryptoKeyRSA::keySizeInBits() const +{ + notImplemented(); + return 0; +} + +std::unique_ptr<KeyAlgorithm> CryptoKeyRSA::buildAlgorithm() const +{ + notImplemented(); + Vector<uint8_t> publicExponent; + return std::make_unique<RsaKeyAlgorithm>(emptyString(), 0, WTFMove(publicExponent)); +} + +std::unique_ptr<CryptoKeyData> CryptoKeyRSA::exportData() const +{ + ASSERT(extractable()); + + notImplemented(); + return nullptr; +} + +void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsageBitmap usage, KeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext* context) +{ + notImplemented(); + failureCallback(); + + UNUSED_PARAM(algorithm); + UNUSED_PARAM(hash); + UNUSED_PARAM(hasHash); + UNUSED_PARAM(modulusLength); + UNUSED_PARAM(publicExponent); + UNUSED_PARAM(extractable); + UNUSED_PARAM(usage); + UNUSED_PARAM(callback); + UNUSED_PARAM(context); +} + +RefPtr<CryptoKeyRSA> CryptoKeyRSA::importSpki(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier>, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap) +{ + notImplemented(); + + return nullptr; +} + +ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportSpki() const +{ + notImplemented(); + + return Exception { NOT_SUPPORTED_ERR }; +} + +RefPtr<CryptoKeyRSA> CryptoKeyRSA::importPkcs8(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier>, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap) +{ + notImplemented(); + + return nullptr; +} + +ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportPkcs8() const +{ + notImplemented(); + + return Exception { NOT_SUPPORTED_ERR }; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/gnutls/SerializedCryptoKeyWrapGnuTLS.cpp b/Source/WebCore/crypto/gnutls/SerializedCryptoKeyWrapGnuTLS.cpp new file mode 100644 index 000000000..949989f94 --- /dev/null +++ b/Source/WebCore/crypto/gnutls/SerializedCryptoKeyWrapGnuTLS.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2014 Igalia S.L. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "SerializedCryptoKeyWrap.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "NotImplemented.h" + +namespace WebCore { + +bool getDefaultWebCryptoMasterKey(Vector<uint8_t>& masterKey) +{ + notImplemented(); + UNUSED_PARAM(masterKey); + + return false; +} + +bool wrapSerializedCryptoKey(const Vector<uint8_t>& masterKey, const Vector<uint8_t>& key, Vector<uint8_t>& result) +{ + notImplemented(); + UNUSED_PARAM(masterKey); + UNUSED_PARAM(key); + UNUSED_PARAM(result); + + return false; +} + +bool unwrapSerializedCryptoKey(const Vector<uint8_t>& masterKey, const Vector<uint8_t>& wrappedKey, Vector<uint8_t>& key) +{ + notImplemented(); + UNUSED_PARAM(masterKey); + UNUSED_PARAM(wrappedKey); + UNUSED_PARAM(key); + + return false; +} + +} + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/keys/CryptoKeyAES.cpp b/Source/WebCore/crypto/keys/CryptoKeyAES.cpp index c25bae626..43175641b 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyAES.cpp +++ b/Source/WebCore/crypto/keys/CryptoKeyAES.cpp @@ -28,20 +28,33 @@ #if ENABLE(SUBTLE_CRYPTO) -#include "CryptoAlgorithmDescriptionBuilder.h" #include "CryptoAlgorithmRegistry.h" #include "CryptoKeyDataOctetSequence.h" +#include "JsonWebKey.h" +#include <wtf/text/Base64.h> #include <wtf/text/WTFString.h> namespace WebCore { -CryptoKeyAES::CryptoKeyAES(CryptoAlgorithmIdentifier algorithm, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsage usage) +static inline bool lengthIsValid(size_t length) +{ + return (length == CryptoKeyAES::s_length128) || (length == CryptoKeyAES::s_length192) || (length == CryptoKeyAES::s_length256); +} + +CryptoKeyAES::CryptoKeyAES(CryptoAlgorithmIdentifier algorithm, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsageBitmap usage) : CryptoKey(algorithm, CryptoKeyType::Secret, extractable, usage) , m_key(key) { ASSERT(isValidAESAlgorithm(algorithm)); } +CryptoKeyAES::CryptoKeyAES(CryptoAlgorithmIdentifier algorithm, Vector<uint8_t>&& key, bool extractable, CryptoKeyUsageBitmap usage) + : CryptoKey(algorithm, CryptoKeyType::Secret, extractable, usage) + , m_key(WTFMove(key)) +{ + ASSERT(isValidAESAlgorithm(algorithm)); +} + CryptoKeyAES::~CryptoKeyAES() { } @@ -56,23 +69,59 @@ bool CryptoKeyAES::isValidAESAlgorithm(CryptoAlgorithmIdentifier algorithm) || algorithm == CryptoAlgorithmIdentifier::AES_KW; } -PassRefPtr<CryptoKeyAES> CryptoKeyAES::generate(CryptoAlgorithmIdentifier algorithm, size_t lengthBits, bool extractable, CryptoKeyUsage usages) +RefPtr<CryptoKeyAES> CryptoKeyAES::generate(CryptoAlgorithmIdentifier algorithm, size_t lengthBits, bool extractable, CryptoKeyUsageBitmap usages) { - if (lengthBits % 8) + if (!lengthIsValid(lengthBits)) return nullptr; return adoptRef(new CryptoKeyAES(algorithm, randomData(lengthBits / 8), extractable, usages)); } -void CryptoKeyAES::buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder& builder) const +RefPtr<CryptoKeyAES> CryptoKeyAES::importRaw(CryptoAlgorithmIdentifier algorithm, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) +{ + if (!lengthIsValid(keyData.size() * 8)) + return nullptr; + return adoptRef(new CryptoKeyAES(algorithm, WTFMove(keyData), extractable, usages)); +} + +RefPtr<CryptoKeyAES> CryptoKeyAES::importJwk(CryptoAlgorithmIdentifier algorithm, JsonWebKey&& keyData, bool extractable, CryptoKeyUsageBitmap usages, CheckAlgCallback&& callback) +{ + if (keyData.kty != "oct") + return nullptr; + if (keyData.k.isNull()) + return nullptr; + Vector<uint8_t> octetSequence; + if (!base64URLDecode(keyData.k, octetSequence)) + return nullptr; + if (!callback(octetSequence.size() * 8, keyData.alg)) + return nullptr; + if (usages && !keyData.use.isNull() && keyData.use != "enc") + return nullptr; + if (keyData.key_ops && ((keyData.usages & usages) != usages)) + return nullptr; + if (keyData.ext && !keyData.ext.value() && extractable) + return nullptr; + + return adoptRef(new CryptoKeyAES(algorithm, WTFMove(octetSequence), extractable, usages)); +} + +JsonWebKey CryptoKeyAES::exportJwk() const +{ + JsonWebKey result; + result.kty = "oct"; + result.k = base64URLEncode(m_key); + result.key_ops = usages(); + result.ext = extractable(); + return result; +} + +std::unique_ptr<KeyAlgorithm> CryptoKeyAES::buildAlgorithm() const { - CryptoKey::buildAlgorithmDescription(builder); - builder.add("length", m_key.size() * 8); + return std::make_unique<AesKeyAlgorithm>(CryptoAlgorithmRegistry::singleton().name(algorithmIdentifier()), m_key.size() * 8); } std::unique_ptr<CryptoKeyData> CryptoKeyAES::exportData() const { - ASSERT(extractable()); - return CryptoKeyDataOctetSequence::create(m_key); + return std::make_unique<CryptoKeyDataOctetSequence>(m_key); } } // namespace WebCore diff --git a/Source/WebCore/crypto/keys/CryptoKeyAES.h b/Source/WebCore/crypto/keys/CryptoKeyAES.h index 4e0d5f787..471491d94 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyAES.h +++ b/Source/WebCore/crypto/keys/CryptoKeyAES.h @@ -23,52 +23,73 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyAES_h -#define CryptoKeyAES_h +#pragma once #include "CryptoAlgorithmIdentifier.h" #include "CryptoKey.h" +#include <wtf/Function.h> #include <wtf/Vector.h> #if ENABLE(SUBTLE_CRYPTO) namespace WebCore { +struct JsonWebKey; + +class AesKeyAlgorithm final : public KeyAlgorithm { +public: + AesKeyAlgorithm(const String& name, size_t length) + : KeyAlgorithm(name) + , m_length(length) + { + } + + KeyAlgorithmClass keyAlgorithmClass() const final { return KeyAlgorithmClass::AES; } + + size_t length() const { return m_length; } + +private: + size_t m_length; +}; + class CryptoKeyAES final : public CryptoKey { public: - static PassRefPtr<CryptoKeyAES> create(CryptoAlgorithmIdentifier algorithm, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsage usage) + static const int s_length128 = 128; + static const int s_length192 = 192; + static const int s_length256 = 256; + + static Ref<CryptoKeyAES> create(CryptoAlgorithmIdentifier algorithm, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsageBitmap usage) { - return adoptRef(new CryptoKeyAES(algorithm, key, extractable, usage)); + return adoptRef(*new CryptoKeyAES(algorithm, key, extractable, usage)); } virtual ~CryptoKeyAES(); static bool isValidAESAlgorithm(CryptoAlgorithmIdentifier); - static PassRefPtr<CryptoKeyAES> generate(CryptoAlgorithmIdentifier, size_t lengthBits, bool extractable, CryptoKeyUsage); + static RefPtr<CryptoKeyAES> generate(CryptoAlgorithmIdentifier, size_t lengthBits, bool extractable, CryptoKeyUsageBitmap); + static RefPtr<CryptoKeyAES> importRaw(CryptoAlgorithmIdentifier, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); + using CheckAlgCallback = Function<bool(size_t, const String&)>; + static RefPtr<CryptoKeyAES> importJwk(CryptoAlgorithmIdentifier, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap, CheckAlgCallback&&); - virtual CryptoKeyClass keyClass() const override { return CryptoKeyClass::AES; } + CryptoKeyClass keyClass() const final { return CryptoKeyClass::AES; } const Vector<uint8_t>& key() const { return m_key; } + JsonWebKey exportJwk() const; private: - CryptoKeyAES(CryptoAlgorithmIdentifier, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsage); + CryptoKeyAES(CryptoAlgorithmIdentifier, const Vector<uint8_t>& key, bool extractable, CryptoKeyUsageBitmap); + CryptoKeyAES(CryptoAlgorithmIdentifier, Vector<uint8_t>&& key, bool extractable, CryptoKeyUsageBitmap); - virtual void buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder&) const override; - virtual std::unique_ptr<CryptoKeyData> exportData() const override; + std::unique_ptr<KeyAlgorithm> buildAlgorithm() const final; + std::unique_ptr<CryptoKeyData> exportData() const final; Vector<uint8_t> m_key; }; -inline bool isCryptoKeyAES(const CryptoKey& key) -{ - return key.keyClass() == CryptoKeyClass::AES; -} - -CRYPTO_KEY_TYPE_CASTS(CryptoKeyAES) - } // namespace WebCore -#endif // ENABLE(SUBTLE_CRYPTO) +SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY(CryptoKeyAES, CryptoKeyClass::AES) +SPECIALIZE_TYPE_TRAITS_KEY_ALGORITHM(AesKeyAlgorithm, KeyAlgorithmClass::AES) -#endif // CryptoKeyAES_h +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/keys/CryptoKeyDataOctetSequence.h b/Source/WebCore/crypto/keys/CryptoKeyDataOctetSequence.h index 4f88b7e45..645f8eef3 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyDataOctetSequence.h +++ b/Source/WebCore/crypto/keys/CryptoKeyDataOctetSequence.h @@ -23,8 +23,7 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyDataOctetSequence_h -#define CryptoKeyDataOctetSequence_h +#pragma once #include "CryptoKeyData.h" #include <wtf/Vector.h> @@ -35,28 +34,17 @@ namespace WebCore { class CryptoKeyDataOctetSequence final : public CryptoKeyData { public: - static std::unique_ptr<CryptoKeyDataOctetSequence> create(const Vector<uint8_t>& keyData) - { - return std::unique_ptr<CryptoKeyDataOctetSequence>(new CryptoKeyDataOctetSequence(keyData)); - } + explicit CryptoKeyDataOctetSequence(const Vector<uint8_t>&); virtual ~CryptoKeyDataOctetSequence(); const Vector<uint8_t>& octetSequence() const { return m_keyData; } private: - CryptoKeyDataOctetSequence(const Vector<uint8_t>&); - Vector<uint8_t> m_keyData; }; -inline bool isCryptoKeyDataOctetSequence(const CryptoKeyData& data) -{ - return data.format() == CryptoKeyData::Format::OctetSequence; -} - -CRYPTO_KEY_DATA_CASTS(CryptoKeyDataOctetSequence) - } // namespace WebCore +SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY_DATA(CryptoKeyDataOctetSequence, CryptoKeyData::Format::OctetSequence) + #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyDataOctetSequence_h diff --git a/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.cpp b/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.cpp index e48492618..eed6cd0ff 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.cpp +++ b/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.cpp @@ -38,6 +38,14 @@ CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(const Vector<uint8_t>& mo { } +CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent) + : CryptoKeyData(CryptoKeyData::Format::RSAComponents) + , m_type(Type::Public) + , m_modulus(WTFMove(modulus)) + , m_exponent(WTFMove(exponent)) +{ +} + CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent) : CryptoKeyData(CryptoKeyData::Format::RSAComponents) , m_type(Type::Private) @@ -48,6 +56,16 @@ CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(const Vector<uint8_t>& mo { } +CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent) + : CryptoKeyData(CryptoKeyData::Format::RSAComponents) + , m_type(Type::Private) + , m_modulus(WTFMove(modulus)) + , m_exponent(WTFMove(exponent)) + , m_privateExponent(WTFMove(privateExponent)) + , m_hasAdditionalPrivateKeyParameters(false) +{ +} + CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent, const PrimeInfo& firstPrimeInfo, const PrimeInfo& secondPrimeInfo, const Vector<PrimeInfo>& otherPrimeInfos) : CryptoKeyData(CryptoKeyData::Format::RSAComponents) , m_type(Type::Private) @@ -61,6 +79,19 @@ CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(const Vector<uint8_t>& mo { } +CryptoKeyDataRSAComponents::CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent, PrimeInfo&& firstPrimeInfo, PrimeInfo&& secondPrimeInfo, Vector<PrimeInfo>&& otherPrimeInfos) + : CryptoKeyData(CryptoKeyData::Format::RSAComponents) + , m_type(Type::Private) + , m_modulus(WTFMove(modulus)) + , m_exponent(WTFMove(exponent)) + , m_privateExponent(WTFMove(privateExponent)) + , m_hasAdditionalPrivateKeyParameters(true) + , m_firstPrimeInfo(WTFMove(firstPrimeInfo)) + , m_secondPrimeInfo(WTFMove(secondPrimeInfo)) + , m_otherPrimeInfos(WTFMove(otherPrimeInfos)) +{ +} + CryptoKeyDataRSAComponents::~CryptoKeyDataRSAComponents() { } diff --git a/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.h b/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.h index 113fd5106..294b912d4 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.h +++ b/Source/WebCore/crypto/keys/CryptoKeyDataRSAComponents.h @@ -23,8 +23,7 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyDataRSAComponents_h -#define CryptoKeyDataRSAComponents_h +#pragma once #include "CryptoKeyData.h" #include <wtf/Vector.h> @@ -50,16 +49,28 @@ public: { return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(modulus, exponent)); } + static std::unique_ptr<CryptoKeyDataRSAComponents> createPublic(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent) + { + return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(WTFMove(modulus), WTFMove(exponent))); + } static std::unique_ptr<CryptoKeyDataRSAComponents> createPrivate(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent) { return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(modulus, exponent, privateExponent)); } + static std::unique_ptr<CryptoKeyDataRSAComponents> createPrivate(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent) + { + return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent))); + } static std::unique_ptr<CryptoKeyDataRSAComponents> createPrivateWithAdditionalData(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent, const PrimeInfo& firstPrimeInfo, const PrimeInfo& secondPrimeInfo, const Vector<PrimeInfo>& otherPrimeInfos) { return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(modulus, exponent, privateExponent, firstPrimeInfo, secondPrimeInfo, otherPrimeInfos)); } + static std::unique_ptr<CryptoKeyDataRSAComponents> createPrivateWithAdditionalData(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent, PrimeInfo&& firstPrimeInfo, PrimeInfo&& secondPrimeInfo, Vector<PrimeInfo>&& otherPrimeInfos) + { + return std::unique_ptr<CryptoKeyDataRSAComponents>(new CryptoKeyDataRSAComponents(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent), WTFMove(firstPrimeInfo), WTFMove(secondPrimeInfo), WTFMove(otherPrimeInfos))); + } virtual ~CryptoKeyDataRSAComponents(); @@ -78,8 +89,13 @@ public: private: CryptoKeyDataRSAComponents(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent); + CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent); + CryptoKeyDataRSAComponents(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent); + CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent); + CryptoKeyDataRSAComponents(const Vector<uint8_t>& modulus, const Vector<uint8_t>& exponent, const Vector<uint8_t>& privateExponent, const PrimeInfo& firstPrimeInfo, const PrimeInfo& secondPrimeInfo, const Vector<PrimeInfo>& otherPrimeInfos); + CryptoKeyDataRSAComponents(Vector<uint8_t>&& modulus, Vector<uint8_t>&& exponent, Vector<uint8_t>&& privateExponent, PrimeInfo&& firstPrimeInfo, PrimeInfo&& secondPrimeInfo, Vector<PrimeInfo>&& otherPrimeInfos); Type m_type; @@ -95,14 +111,8 @@ private: Vector<PrimeInfo> m_otherPrimeInfos; // When three or more primes have been used, the number of array elements is be the number of primes used minus two. }; -inline bool isCryptoKeyDataRSAComponents(const CryptoKeyData& data) -{ - return data.format() == CryptoKeyData::Format::RSAComponents; -} - -CRYPTO_KEY_DATA_CASTS(CryptoKeyDataRSAComponents) - } // namespace WebCore +SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY_DATA(CryptoKeyDataRSAComponents, CryptoKeyData::Format::RSAComponents) + #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyDataRSAComponents_h diff --git a/Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp b/Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp index 747e8c200..d57cb6183 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp +++ b/Source/WebCore/crypto/keys/CryptoKeyHMAC.cpp @@ -28,60 +28,111 @@ #if ENABLE(SUBTLE_CRYPTO) -#include "CryptoAlgorithmDescriptionBuilder.h" +#include "CryptoAlgorithmHmacKeyParams.h" #include "CryptoAlgorithmRegistry.h" #include "CryptoKeyDataOctetSequence.h" +#include "JsonWebKey.h" +#include <wtf/text/Base64.h> #include <wtf/text/WTFString.h> namespace WebCore { -CryptoKeyHMAC::CryptoKeyHMAC(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsage usage) +CryptoKeyHMAC::CryptoKeyHMAC(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap usage) : CryptoKey(CryptoAlgorithmIdentifier::HMAC, CryptoKeyType::Secret, extractable, usage) , m_hash(hash) , m_key(key) { } +CryptoKeyHMAC::CryptoKeyHMAC(Vector<uint8_t>&& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap usage) + : CryptoKey(CryptoAlgorithmIdentifier::HMAC, CryptoKeyType::Secret, extractable, usage) + , m_hash(hash) + , m_key(WTFMove(key)) +{ +} + CryptoKeyHMAC::~CryptoKeyHMAC() { } -PassRefPtr<CryptoKeyHMAC> CryptoKeyHMAC::generate(size_t lengthBytes, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsage usages) +RefPtr<CryptoKeyHMAC> CryptoKeyHMAC::generate(size_t lengthBits, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap usages) { - if (!lengthBytes) { + if (!lengthBits) { switch (hash) { case CryptoAlgorithmIdentifier::SHA_1: case CryptoAlgorithmIdentifier::SHA_224: case CryptoAlgorithmIdentifier::SHA_256: - lengthBytes = 64; + lengthBits = 512; break; case CryptoAlgorithmIdentifier::SHA_384: case CryptoAlgorithmIdentifier::SHA_512: - lengthBytes = 128; + lengthBits = 1024; break; default: return nullptr; } } + // CommonHMAC only supports key length that is a multiple of 8. Therefore, here we are a little bit different + // from the spec as of 11 December 2014: https://www.w3.org/TR/WebCryptoAPI/#hmac-operations + if (lengthBits % 8) + return nullptr; + + return adoptRef(new CryptoKeyHMAC(randomData(lengthBits / 8), hash, extractable, usages)); +} - return adoptRef(new CryptoKeyHMAC(randomData(lengthBytes), hash, extractable, usages)); +RefPtr<CryptoKeyHMAC> CryptoKeyHMAC::importRaw(size_t lengthBits, CryptoAlgorithmIdentifier hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages) +{ + size_t length = keyData.size() * 8; + if (!length) + return nullptr; + // CommonHMAC only supports key length that is a multiple of 8. Therefore, here we are a little bit different + // from the spec as of 11 December 2014: https://www.w3.org/TR/WebCryptoAPI/#hmac-operations + if (lengthBits && lengthBits != length) + return nullptr; + + return adoptRef(new CryptoKeyHMAC(WTFMove(keyData), hash, extractable, usages)); } -void CryptoKeyHMAC::buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder& builder) const +RefPtr<CryptoKeyHMAC> CryptoKeyHMAC::importJwk(size_t lengthBits, CryptoAlgorithmIdentifier hash, JsonWebKey&& keyData, bool extractable, CryptoKeyUsageBitmap usages, CheckAlgCallback&& callback) { - CryptoKey::buildAlgorithmDescription(builder); + if (keyData.kty != "oct") + return nullptr; + if (keyData.k.isNull()) + return nullptr; + Vector<uint8_t> octetSequence; + if (!base64URLDecode(keyData.k, octetSequence)) + return nullptr; + if (!callback(hash, keyData.alg)) + return nullptr; + if (usages && !keyData.use.isNull() && keyData.use != "sig") + return nullptr; + if (keyData.usages && ((keyData.usages & usages) != usages)) + return nullptr; + if (keyData.ext && !keyData.ext.value() && extractable) + return nullptr; - auto hashDescriptionBuilder = builder.createEmptyClone(); - hashDescriptionBuilder->add("name", CryptoAlgorithmRegistry::shared().nameForIdentifier(m_hash)); - builder.add("hash", *hashDescriptionBuilder); + return CryptoKeyHMAC::importRaw(lengthBits, hash, WTFMove(octetSequence), extractable, usages); +} - builder.add("length", m_key.size()); +JsonWebKey CryptoKeyHMAC::exportJwk() const +{ + JsonWebKey result; + result.kty = "oct"; + result.k = base64URLEncode(m_key); + result.key_ops = usages(); + result.ext = extractable(); + return result; +} + +std::unique_ptr<KeyAlgorithm> CryptoKeyHMAC::buildAlgorithm() const +{ + return std::make_unique<HmacKeyAlgorithm>(CryptoAlgorithmRegistry::singleton().name(algorithmIdentifier()), + CryptoAlgorithmRegistry::singleton().name(m_hash), m_key.size() * 8); } std::unique_ptr<CryptoKeyData> CryptoKeyHMAC::exportData() const { - ASSERT(extractable()); - return CryptoKeyDataOctetSequence::create(m_key); + return std::make_unique<CryptoKeyDataOctetSequence>(m_key); } } // namespace WebCore diff --git a/Source/WebCore/crypto/keys/CryptoKeyHMAC.h b/Source/WebCore/crypto/keys/CryptoKeyHMAC.h index 6e5b359a3..25c24527c 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyHMAC.h +++ b/Source/WebCore/crypto/keys/CryptoKeyHMAC.h @@ -23,51 +23,72 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyHMAC_h -#define CryptoKeyHMAC_h +#pragma once + +#if ENABLE(SUBTLE_CRYPTO) #include "CryptoKey.h" +#include <wtf/Function.h> #include <wtf/Vector.h> -#if ENABLE(SUBTLE_CRYPTO) - namespace WebCore { +struct JsonWebKey; + +class HmacKeyAlgorithm final : public KeyAlgorithm { +public: + HmacKeyAlgorithm(const String& name, const String& hash, size_t length) + : KeyAlgorithm(name) + , m_hash(hash) + , m_length(length) + { + } + + KeyAlgorithmClass keyAlgorithmClass() const final { return KeyAlgorithmClass::HMAC; } + + const String& hash() const { return m_hash; } + size_t length() const { return m_length; } + +private: + String m_hash; + size_t m_length; +}; + class CryptoKeyHMAC final : public CryptoKey { public: - static PassRefPtr<CryptoKeyHMAC> create(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsage usage) + static Ref<CryptoKeyHMAC> create(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap usage) { - return adoptRef(new CryptoKeyHMAC(key, hash, extractable, usage)); + return adoptRef(*new CryptoKeyHMAC(key, hash, extractable, usage)); } virtual ~CryptoKeyHMAC(); - // If lengthBytes is 0, a recommended length is used, which is the size of the associated hash function's block size. - static PassRefPtr<CryptoKeyHMAC> generate(size_t lengthBytes, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsage); + static RefPtr<CryptoKeyHMAC> generate(size_t lengthBits, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap); + static RefPtr<CryptoKeyHMAC> importRaw(size_t lengthBits, CryptoAlgorithmIdentifier hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap); + using CheckAlgCallback = Function<bool(CryptoAlgorithmIdentifier, const String&)>; + static RefPtr<CryptoKeyHMAC> importJwk(size_t lengthBits, CryptoAlgorithmIdentifier hash, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap, CheckAlgCallback&&); - virtual CryptoKeyClass keyClass() const override { return CryptoKeyClass::HMAC; } + CryptoKeyClass keyClass() const final { return CryptoKeyClass::HMAC; } const Vector<uint8_t>& key() const { return m_key; } + JsonWebKey exportJwk() const; CryptoAlgorithmIdentifier hashAlgorithmIdentifier() const { return m_hash; } private: - CryptoKeyHMAC(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsage); + CryptoKeyHMAC(const Vector<uint8_t>& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap); + CryptoKeyHMAC(Vector<uint8_t>&& key, CryptoAlgorithmIdentifier hash, bool extractable, CryptoKeyUsageBitmap); - virtual void buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder&) const override; - virtual std::unique_ptr<CryptoKeyData> exportData() const override; + std::unique_ptr<KeyAlgorithm> buildAlgorithm() const final; + std::unique_ptr<CryptoKeyData> exportData() const final; CryptoAlgorithmIdentifier m_hash; Vector<uint8_t> m_key; }; -inline bool isCryptoKeyHMAC(const CryptoKey& key) -{ - return key.keyClass() == CryptoKeyClass::HMAC; -} +} // namespace WebCore -CRYPTO_KEY_TYPE_CASTS(CryptoKeyHMAC) +SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY(CryptoKeyHMAC, CryptoKeyClass::HMAC) -} // namespace WebCore +SPECIALIZE_TYPE_TRAITS_KEY_ALGORITHM(HmacKeyAlgorithm, KeyAlgorithmClass::HMAC) #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyHMAC_h diff --git a/Source/WebCore/crypto/keys/CryptoKeyRSA.cpp b/Source/WebCore/crypto/keys/CryptoKeyRSA.cpp new file mode 100644 index 000000000..960be3183 --- /dev/null +++ b/Source/WebCore/crypto/keys/CryptoKeyRSA.cpp @@ -0,0 +1,153 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoKeyRSA.h" + +#include "CryptoKeyDataRSAComponents.h" +#include "JsonWebKey.h" +#include <wtf/text/Base64.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +RefPtr<CryptoKeyRSA> CryptoKeyRSA::importJwk(CryptoAlgorithmIdentifier algorithm, std::optional<CryptoAlgorithmIdentifier> hash, JsonWebKey&& keyData, bool extractable, CryptoKeyUsageBitmap usages) +{ + if (keyData.kty != "RSA") + return nullptr; + if (keyData.usages && ((keyData.usages & usages) != usages)) + return nullptr; + if (keyData.ext && !keyData.ext.value() && extractable) + return nullptr; + + if (keyData.n.isNull() || keyData.e.isNull()) + return nullptr; + Vector<uint8_t> modulus; + if (!WTF::base64URLDecode(keyData.n, modulus)) + return nullptr; + // Per RFC 7518 Section 6.3.1.1: https://tools.ietf.org/html/rfc7518#section-6.3.1.1 + if (!modulus.isEmpty() && !modulus[0]) + modulus.remove(0); + Vector<uint8_t> exponent; + if (!WTF::base64URLDecode(keyData.e, exponent)) + return nullptr; + if (keyData.d.isNull()) { + // import public key + auto publicKeyComponents = CryptoKeyDataRSAComponents::createPublic(WTFMove(modulus), WTFMove(exponent)); + // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt. + return CryptoKeyRSA::create(algorithm, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, *publicKeyComponents, extractable, usages); + } + + // import private key + Vector<uint8_t> privateExponent; + if (!WTF::base64URLDecode(keyData.d, privateExponent)) + return nullptr; + if (keyData.p.isNull() && keyData.q.isNull() && keyData.dp.isNull() && keyData.dp.isNull() && keyData.qi.isNull()) { + auto privateKeyComponents = CryptoKeyDataRSAComponents::createPrivate(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent)); + // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt. + return CryptoKeyRSA::create(algorithm, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, *privateKeyComponents, extractable, usages); + } + + if (keyData.p.isNull() || keyData.q.isNull() || keyData.dp.isNull() || keyData.dq.isNull() || keyData.qi.isNull()) + return nullptr; + CryptoKeyDataRSAComponents::PrimeInfo firstPrimeInfo; + CryptoKeyDataRSAComponents::PrimeInfo secondPrimeInfo; + if (!WTF::base64URLDecode(keyData.p, firstPrimeInfo.primeFactor)) + return nullptr; + if (!WTF::base64URLDecode(keyData.dp, firstPrimeInfo.factorCRTExponent)) + return nullptr; + if (!WTF::base64URLDecode(keyData.q, secondPrimeInfo.primeFactor)) + return nullptr; + if (!WTF::base64URLDecode(keyData.dq, secondPrimeInfo.factorCRTExponent)) + return nullptr; + if (!WTF::base64URLDecode(keyData.qi, secondPrimeInfo.factorCRTCoefficient)) + return nullptr; + if (!keyData.oth) { + auto privateKeyComponents = CryptoKeyDataRSAComponents::createPrivateWithAdditionalData(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent), WTFMove(firstPrimeInfo), WTFMove(secondPrimeInfo), { }); + // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt. + return CryptoKeyRSA::create(algorithm, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, *privateKeyComponents, extractable, usages); + } + + Vector<CryptoKeyDataRSAComponents::PrimeInfo> otherPrimeInfos; + for (auto value : keyData.oth.value()) { + CryptoKeyDataRSAComponents::PrimeInfo info; + if (!WTF::base64URLDecode(value.r, info.primeFactor)) + return nullptr; + if (!WTF::base64URLDecode(value.d, info.factorCRTExponent)) + return nullptr; + if (!WTF::base64URLDecode(value.t, info.factorCRTCoefficient)) + return nullptr; + otherPrimeInfos.append(info); + } + + auto privateKeyComponents = CryptoKeyDataRSAComponents::createPrivateWithAdditionalData(WTFMove(modulus), WTFMove(exponent), WTFMove(privateExponent), WTFMove(firstPrimeInfo), WTFMove(secondPrimeInfo), WTFMove(otherPrimeInfos)); + // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt. + return CryptoKeyRSA::create(algorithm, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, *privateKeyComponents, extractable, usages); +} + +JsonWebKey CryptoKeyRSA::exportJwk() const +{ + JsonWebKey result; + result.kty = "RSA"; + result.key_ops = usages(); + result.ext = extractable(); + + auto keyData = exportData(); + const auto& rsaKeyData = downcast<CryptoKeyDataRSAComponents>(*keyData); + // public key + result.n = base64URLEncode(rsaKeyData.modulus()); + result.e = base64URLEncode(rsaKeyData.exponent()); + if (rsaKeyData.type() == CryptoKeyDataRSAComponents::Type::Public) + return result; + + // private key + result.d = base64URLEncode(rsaKeyData.privateExponent()); + if (!rsaKeyData.hasAdditionalPrivateKeyParameters()) + return result; + + result.p = base64URLEncode(rsaKeyData.firstPrimeInfo().primeFactor); + result.q = base64URLEncode(rsaKeyData.secondPrimeInfo().primeFactor); + result.dp = base64URLEncode(rsaKeyData.firstPrimeInfo().factorCRTExponent); + result.dq = base64URLEncode(rsaKeyData.secondPrimeInfo().factorCRTExponent); + result.qi = base64URLEncode(rsaKeyData.secondPrimeInfo().factorCRTCoefficient); + if (rsaKeyData.otherPrimeInfos().isEmpty()) + return result; + + Vector<RsaOtherPrimesInfo> oth; + for (auto info : rsaKeyData.otherPrimeInfos()) { + RsaOtherPrimesInfo otherInfo; + otherInfo.r = base64URLEncode(info.primeFactor); + otherInfo.d = base64URLEncode(info.factorCRTExponent); + otherInfo.t = base64URLEncode(info.factorCRTCoefficient); + oth.append(WTFMove(otherInfo)); + } + result.oth = WTFMove(oth); + return result; +} + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/keys/CryptoKeyRSA.h b/Source/WebCore/crypto/keys/CryptoKeyRSA.h index b6c1fab2f..0f8ce7c4f 100644 --- a/Source/WebCore/crypto/keys/CryptoKeyRSA.h +++ b/Source/WebCore/crypto/keys/CryptoKeyRSA.h @@ -23,52 +23,102 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef CryptoKeyRSA_h -#define CryptoKeyRSA_h +#pragma once #include "CryptoKey.h" -#include <functional> +#include "ExceptionOr.h" +#include <wtf/Function.h> #if ENABLE(SUBTLE_CRYPTO) -#if PLATFORM(MAC) || PLATFORM(IOS) +#if OS(DARWIN) && !PLATFORM(GTK) typedef struct _CCRSACryptor *CCRSACryptorRef; typedef CCRSACryptorRef PlatformRSAKey; #endif +#if PLATFORM(GTK) +typedef struct _PlatformRSAKeyGnuTLS PlatformRSAKeyGnuTLS; +typedef PlatformRSAKeyGnuTLS *PlatformRSAKey; +#endif + namespace WebCore { class CryptoKeyDataRSAComponents; -class CryptoKeyPair; class PromiseWrapper; +class ScriptExecutionContext; + +struct CryptoKeyPair; +struct JsonWebKey; + +class RsaKeyAlgorithm : public KeyAlgorithm { +public: + RsaKeyAlgorithm(const String& name, size_t modulusLength, Vector<uint8_t>&& publicExponent) + : KeyAlgorithm(name) + , m_modulusLength(modulusLength) + , m_publicExponent(WTFMove(publicExponent)) + { + } + + KeyAlgorithmClass keyAlgorithmClass() const override { return KeyAlgorithmClass::RSA; } + + size_t modulusLength() const { return m_modulusLength; } + const Vector<uint8_t>& publicExponent() const { return m_publicExponent; } + +private: + size_t m_modulusLength; + Vector<uint8_t> m_publicExponent; +}; + +class RsaHashedKeyAlgorithm final : public RsaKeyAlgorithm { +public: + RsaHashedKeyAlgorithm(const String& name, size_t modulusLength, Vector<uint8_t>&& publicExponent, const String& hash) + : RsaKeyAlgorithm(name, modulusLength, WTFMove(publicExponent)) + , m_hash(hash) + { + } + + KeyAlgorithmClass keyAlgorithmClass() const final { return KeyAlgorithmClass::HRSA; } + + const String& hash() const { return m_hash; } + +private: + String m_hash; +}; class CryptoKeyRSA final : public CryptoKey { public: - static PassRefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage) + static Ref<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsageBitmap usage) { - return adoptRef(new CryptoKeyRSA(identifier, type, platformKey, extractable, usage)); + return adoptRef(*new CryptoKeyRSA(identifier, hash, hasHash, type, platformKey, extractable, usage)); } - static PassRefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsage); + static RefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsageBitmap); virtual ~CryptoKeyRSA(); - void restrictToHash(CryptoAlgorithmIdentifier); bool isRestrictedToHash(CryptoAlgorithmIdentifier&) const; size_t keySizeInBits() const; - typedef std::function<void(CryptoKeyPair&)> KeyPairCallback; - typedef std::function<void()> VoidCallback; - static void generatePair(CryptoAlgorithmIdentifier, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage, KeyPairCallback, VoidCallback failureCallback); + using KeyPairCallback = WTF::Function<void(CryptoKeyPair&&)>; + using VoidCallback = WTF::Function<void()>; + static void generatePair(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsageBitmap, KeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext*); + static RefPtr<CryptoKeyRSA> importJwk(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap); + static RefPtr<CryptoKeyRSA> importSpki(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&&, bool extractable, CryptoKeyUsageBitmap); + static RefPtr<CryptoKeyRSA> importPkcs8(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&&, bool extractable, CryptoKeyUsageBitmap); PlatformRSAKey platformKey() const { return m_platformKey; } + JsonWebKey exportJwk() const; + ExceptionOr<Vector<uint8_t>> exportSpki() const; + ExceptionOr<Vector<uint8_t>> exportPkcs8() const; + + CryptoAlgorithmIdentifier hashAlgorithmIdentifier() const { return m_hash; } private: - CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsage); + CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsageBitmap); - virtual CryptoKeyClass keyClass() const override { return CryptoKeyClass::RSA; } + CryptoKeyClass keyClass() const final { return CryptoKeyClass::RSA; } - virtual void buildAlgorithmDescription(CryptoAlgorithmDescriptionBuilder&) const override; - virtual std::unique_ptr<CryptoKeyData> exportData() const override; + std::unique_ptr<KeyAlgorithm> buildAlgorithm() const final; + std::unique_ptr<CryptoKeyData> exportData() const final; PlatformRSAKey m_platformKey; @@ -76,14 +126,12 @@ private: CryptoAlgorithmIdentifier m_hash; }; -inline bool isCryptoKeyRSA(const CryptoKey& key) -{ - return key.keyClass() == CryptoKeyClass::RSA; -} +} // namespace WebCore -CRYPTO_KEY_TYPE_CASTS(CryptoKeyRSA) +SPECIALIZE_TYPE_TRAITS_CRYPTO_KEY(CryptoKeyRSA, CryptoKeyClass::RSA) -} // namespace WebCore +SPECIALIZE_TYPE_TRAITS_KEY_ALGORITHM(RsaKeyAlgorithm, KeyAlgorithmClass::RSA) + +SPECIALIZE_TYPE_TRAITS_KEY_ALGORITHM(RsaHashedKeyAlgorithm, KeyAlgorithmClass::HRSA) #endif // ENABLE(SUBTLE_CRYPTO) -#endif // CryptoKeyRSA_h diff --git a/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.cpp b/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.cpp new file mode 100644 index 000000000..765e1ee75 --- /dev/null +++ b/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.cpp @@ -0,0 +1,83 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#include "CryptoKeySerializationRaw.h" + +#if ENABLE(SUBTLE_CRYPTO) + +#include "CryptoAlgorithm.h" +#include "CryptoAlgorithmParametersDeprecated.h" +#include "CryptoKey.h" +#include "CryptoKeyDataOctetSequence.h" + +namespace WebCore { + +CryptoKeySerializationRaw::CryptoKeySerializationRaw(const CryptoOperationData& data) +{ + m_data.append(data.first, data.second); +} + +CryptoKeySerializationRaw::~CryptoKeySerializationRaw() +{ +} + +std::optional<CryptoAlgorithmPair> CryptoKeySerializationRaw::reconcileAlgorithm(CryptoAlgorithm* algorithm, CryptoAlgorithmParametersDeprecated* parameters) const +{ + return CryptoAlgorithmPair { algorithm, parameters }; +} + +void CryptoKeySerializationRaw::reconcileUsages(CryptoKeyUsageBitmap&) const +{ +} + +void CryptoKeySerializationRaw::reconcileExtractable(bool&) const +{ +} + +std::unique_ptr<CryptoKeyData> CryptoKeySerializationRaw::keyData() const +{ + return std::make_unique<CryptoKeyDataOctetSequence>(m_data); +} + +bool CryptoKeySerializationRaw::serialize(const CryptoKey& key, Vector<uint8_t>& result) +{ + std::unique_ptr<CryptoKeyData> keyData = key.exportData(); + if (!keyData) { + // This generally shouldn't happen as long as all key types implement exportData(), but as underlying libraries return errors, there may be some rare failure conditions. + return false; + } + + if (!is<CryptoKeyDataOctetSequence>(*keyData)) + return false; + + result.appendVector(downcast<CryptoKeyDataOctetSequence>(*keyData).octetSequence()); + return true; +} + + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.h b/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.h new file mode 100644 index 000000000..75dd4e578 --- /dev/null +++ b/Source/WebCore/crypto/keys/CryptoKeySerializationRaw.h @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoKeySerialization.h" +#include <wtf/Vector.h> +#include <wtf/text/WTFString.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoKey; + +class CryptoKeySerializationRaw final : public CryptoKeySerialization { + WTF_MAKE_NONCOPYABLE(CryptoKeySerializationRaw); +public: + static std::unique_ptr<CryptoKeySerializationRaw> create(const CryptoOperationData& data) + { + return std::unique_ptr<CryptoKeySerializationRaw>(new CryptoKeySerializationRaw(data)); + } + + virtual ~CryptoKeySerializationRaw(); + + static bool serialize(const CryptoKey&, Vector<uint8_t>&); + +private: + CryptoKeySerializationRaw(const CryptoOperationData&); + + std::optional<CryptoAlgorithmPair> reconcileAlgorithm(CryptoAlgorithm*, CryptoAlgorithmParametersDeprecated*) const override; + + void reconcileUsages(CryptoKeyUsageBitmap&) const override; + void reconcileExtractable(bool&) const override; + + std::unique_ptr<CryptoKeyData> keyData() const override; + + Vector<uint8_t> m_data; +}; + +} // namespace WebCore + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/AesCbcParams.idl b/Source/WebCore/crypto/parameters/AesCbcParams.idl new file mode 100644 index 000000000..bdd90437e --- /dev/null +++ b/Source/WebCore/crypto/parameters/AesCbcParams.idl @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmAesCbcParams +] dictionary AesCbcParams : CryptoAlgorithmParameters { + // The initialization vector. MUST be 16 bytes. + required BufferSource iv; +}; diff --git a/Source/WebCore/crypto/parameters/AesKeyGenParams.idl b/Source/WebCore/crypto/parameters/AesKeyGenParams.idl new file mode 100644 index 000000000..40c16eab2 --- /dev/null +++ b/Source/WebCore/crypto/parameters/AesKeyGenParams.idl @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmAesKeyGenParams +] dictionary AesKeyGenParams : CryptoAlgorithmParameters { + // The length, in bits, of the key. + [EnforceRange] required unsigned short length; +}; diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParams.h new file mode 100644 index 000000000..e1bcebf1e --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParams.h @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "BufferSource.h" +#include "CryptoAlgorithmParameters.h" +#include <wtf/Vector.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmAesCbcParams final : public CryptoAlgorithmParameters { +public: + BufferSource iv; + + Class parametersClass() const final { return Class::AesCbcParams; } + + const Vector<uint8_t>& ivVector() + { + if (!m_ivVector.isEmpty() || !iv.length()) + return m_ivVector; + + m_ivVector.append(iv.data(), iv.length()); + return m_ivVector; + } + +private: + Vector<uint8_t> m_ivVector; +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(AesCbcParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParamsDeprecated.h new file mode 100644 index 000000000..2f10a7037 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesCbcParamsDeprecated.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParametersDeprecated.h" +#include <array> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmAesCbcParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The initialization vector. MUST be 16 bytes. + std::array<uint8_t, 16> iv; + + Class parametersClass() const override { return Class::AesCbcParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(AesCbcParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParams.h new file mode 100644 index 000000000..807998ddf --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParams.h @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParameters.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmAesKeyGenParams final : public CryptoAlgorithmParameters { +public: + unsigned short length; + + Class parametersClass() const final { return Class::AesKeyGenParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(AesKeyGenParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParamsDeprecated.h new file mode 100644 index 000000000..198a5d9dd --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmAesKeyGenParamsDeprecated.h @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmAesKeyGenParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The length, in bits, of the key. + unsigned length; + + Class parametersClass() const override { return Class::AesKeyGenParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(AesKeyGenParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParams.h new file mode 100644 index 000000000..e4bff6500 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParams.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParameters.h" +#include <runtime/JSCJSValue.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmHmacKeyParams final : public CryptoAlgorithmParameters { +public: + // FIXME: Consider merging hash and hashIdentifier. + JSC::JSValue hash; + CryptoAlgorithmIdentifier hashIdentifier; + std::optional<unsigned long> length; + + Class parametersClass() const final { return Class::HmacKeyParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(HmacKeyParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParamsDeprecated.h new file mode 100644 index 000000000..8c198a567 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacKeyParamsDeprecated.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmHmacKeyParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The inner hash function to use. + CryptoAlgorithmIdentifier hash; + + // The length (in bytes) of the key to generate. If unspecified, the recommended length will be used, + // which is the size of the associated hash function's block size. + bool hasLength { false }; + unsigned length; + + Class parametersClass() const override { return Class::HmacKeyParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(HmacKeyParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacParamsDeprecated.h new file mode 100644 index 000000000..4092179df --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmHmacParamsDeprecated.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmHmacParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The inner hash function to use. + CryptoAlgorithmIdentifier hash; + + Class parametersClass() const override { return Class::HmacParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(HmacParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h new file mode 100644 index 000000000..fa3dca323 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParameters.h" +#include <runtime/JSCJSValue.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaHashedImportParams final : public CryptoAlgorithmParameters { +public: + // FIXME: Consider merging hash and hashIdentifier. + JSC::JSValue hash; + CryptoAlgorithmIdentifier hashIdentifier; + + Class parametersClass() const final { return Class::RsaHashedImportParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(RsaHashedImportParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h new file mode 100644 index 000000000..ebf5fa60f --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmRsaKeyGenParams.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaHashedKeyGenParams final : public CryptoAlgorithmRsaKeyGenParams { +public: + // FIXME: Consider merging hash and hashIdentifier. + JSC::JSValue hash; + CryptoAlgorithmIdentifier hashIdentifier; + + Class parametersClass() const final { return Class::RsaHashedKeyGenParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(RsaHashedKeyGenParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h new file mode 100644 index 000000000..13ec709f9 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParameters.h" +#include <runtime/Uint8Array.h> +#include <wtf/Vector.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaKeyGenParams : public CryptoAlgorithmParameters { +public: + unsigned long modulusLength; + RefPtr<Uint8Array> publicExponent; + + Class parametersClass() const override { return Class::RsaKeyGenParams; } + + const Vector<uint8_t>& publicExponentVector() const + { + if (!m_publicExponentVector.isEmpty() || !publicExponent->byteLength()) + return m_publicExponentVector; + + m_publicExponentVector.append(publicExponent->data(), publicExponent->byteLength()); + return m_publicExponentVector; + } +private: + mutable Vector<uint8_t> m_publicExponentVector; +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(RsaKeyGenParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParamsDeprecated.h new file mode 100644 index 000000000..3f3c77a82 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParamsDeprecated.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmParametersDeprecated.h" +#include <wtf/Vector.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaKeyGenParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The length, in bits, of the RSA modulus. + unsigned modulusLength; + // The RSA public exponent, encoded as BigInteger. + Vector<uint8_t> publicExponent; + // The hash algorith identifier + bool hasHash { false }; + CryptoAlgorithmIdentifier hash; + + Class parametersClass() const override { return Class::RsaKeyGenParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(RsaKeyGenParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h new file mode 100644 index 000000000..3713f87ff --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyParamsWithHashDeprecated.h @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +// This parameters class is currently not specified in WebCrypto. +// It is necessary to support import from JWK, which treats hash function as part of algorithm +// identifier, so we need to remember it to compare with one passed to sign or verify functions. +class CryptoAlgorithmRsaKeyParamsWithHashDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + CryptoAlgorithmRsaKeyParamsWithHashDeprecated() + : hasHash(false) + { + } + + // The hash algorithm to use. + bool hasHash; + CryptoAlgorithmIdentifier hash; + + Class parametersClass() const override { return Class::RsaKeyParamsWithHash; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(RsaKeyParamsWithHash) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParams.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParams.h new file mode 100644 index 000000000..c56e653ab --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParams.h @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "BufferSource.h" +#include "CryptoAlgorithmParameters.h" +#include <wtf/Vector.h> + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaOaepParams final : public CryptoAlgorithmParameters { +public: + // Use labelVector() instead of label. The label will be gone once labelVector() is called. + std::optional<BufferSource::VariantType> label; + + Class parametersClass() const final { return Class::RsaOaepParams; } + + const Vector<uint8_t>& labelVector() + { + if (!m_labelVector.isEmpty() || !label) + return m_labelVector; + + m_labelBuffer = WTFMove(*label); + label = std::nullopt; + if (!m_labelBuffer.length()) + return m_labelVector; + + m_labelVector.append(m_labelBuffer.data(), m_labelBuffer.length()); + return m_labelVector; + } + +private: + Vector<uint8_t> m_labelVector; + BufferSource m_labelBuffer; +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS(RsaOaepParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParamsDeprecated.h new file mode 100644 index 000000000..d35f2bc75 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParamsDeprecated.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaOaepParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The hash function to apply to the message. + CryptoAlgorithmIdentifier hash; + + // The optional label/application data to associate with the message. + // FIXME: Is there a difference between a missing label and an empty one? Perhaps we don't need the hasLabel member. + bool hasLabel { false }; + Vector<uint8_t> label; + + Class parametersClass() const override { return Class::RsaOaepParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(RsaOaepParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaSsaParamsDeprecated.h b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaSsaParamsDeprecated.h new file mode 100644 index 000000000..3ab3cf3f5 --- /dev/null +++ b/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaSsaParamsDeprecated.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2013 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#pragma once + +#include "CryptoAlgorithmIdentifier.h" +#include "CryptoAlgorithmParametersDeprecated.h" + +#if ENABLE(SUBTLE_CRYPTO) + +namespace WebCore { + +class CryptoAlgorithmRsaSsaParamsDeprecated final : public CryptoAlgorithmParametersDeprecated { +public: + // The hash algorithm to use. + CryptoAlgorithmIdentifier hash; + + Class parametersClass() const override { return Class::RsaSsaParams; } +}; + +} // namespace WebCore + +SPECIALIZE_TYPE_TRAITS_CRYPTO_ALGORITHM_PARAMETERS_DEPRECATED(RsaSsaParams) + +#endif // ENABLE(SUBTLE_CRYPTO) diff --git a/Source/WebCore/crypto/parameters/HmacKeyParams.idl b/Source/WebCore/crypto/parameters/HmacKeyParams.idl new file mode 100644 index 000000000..016c64808 --- /dev/null +++ b/Source/WebCore/crypto/parameters/HmacKeyParams.idl @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +// This is a unified dictionary for HmacImportParams and HmacKeyGenParams. +// https://www.w3.org/TR/WebCryptoAPI/#hmac-importparams, and +// https://www.w3.org/TR/WebCryptoAPI/#hmac-keygen-params +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmHmacKeyParams +] dictionary HmacKeyParams : CryptoAlgorithmParameters { + // The inner hash function to use. + required any hash; + // The length (in bits) of the key to generate. If unspecified, the + // recommended length will be used, which is the size of the associated hash function's block + // size. + [EnforceRange] unsigned long length; +}; diff --git a/Source/WebCore/crypto/parameters/RsaHashedImportParams.idl b/Source/WebCore/crypto/parameters/RsaHashedImportParams.idl new file mode 100644 index 000000000..11ffbd7f9 --- /dev/null +++ b/Source/WebCore/crypto/parameters/RsaHashedImportParams.idl @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmRsaHashedImportParams +] dictionary RsaHashedImportParams : CryptoAlgorithmParameters { + // The hash algorithm to use + required any hash; +}; diff --git a/Source/WebCore/crypto/parameters/RsaHashedKeyGenParams.idl b/Source/WebCore/crypto/parameters/RsaHashedKeyGenParams.idl new file mode 100644 index 000000000..146464c27 --- /dev/null +++ b/Source/WebCore/crypto/parameters/RsaHashedKeyGenParams.idl @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmRsaHashedKeyGenParams +] dictionary RsaHashedKeyGenParams : RsaKeyGenParams { + // The hash algorithm to use + required any hash; +}; diff --git a/Source/WebCore/crypto/parameters/RsaKeyGenParams.idl b/Source/WebCore/crypto/parameters/RsaKeyGenParams.idl new file mode 100644 index 000000000..5c9b1d668 --- /dev/null +++ b/Source/WebCore/crypto/parameters/RsaKeyGenParams.idl @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2016 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmRsaKeyGenParams +] dictionary RsaKeyGenParams : CryptoAlgorithmParameters { + // The length, in bits, of the RSA modulus + [EnforceRange] required unsigned long modulusLength; + // The RSA public exponent + required Uint8Array publicExponent; +}; diff --git a/Source/WebCore/crypto/parameters/RsaOaepParams.idl b/Source/WebCore/crypto/parameters/RsaOaepParams.idl new file mode 100644 index 000000000..778ecd9be --- /dev/null +++ b/Source/WebCore/crypto/parameters/RsaOaepParams.idl @@ -0,0 +1,32 @@ +/* +* Copyright (C) 2016 Apple Inc. All rights reserved. +* +* Redistribution and use in source and binary forms, with or without +* modification, are permitted provided that the following conditions +* are met: +* 1. Redistributions of source code must retain the above copyright +* notice, this list of conditions and the following disclaimer. +* 2. Redistributions in binary form must reproduce the above copyright +* notice, this list of conditions and the following disclaimer in the +* documentation and/or other materials provided with the distribution. +* +* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' +* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS +* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +* THE POSSIBILITY OF SUCH DAMAGE. +*/ + +[ + Conditional=SUBTLE_CRYPTO, + ImplementedAs=CryptoAlgorithmRsaOaepParams +] dictionary RsaOaepParams : CryptoAlgorithmParameters { + // The optional label/application data to associate with the message + BufferSource label; +}; |