/* * Copyright (C) 2017 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include "CryptoAlgorithmRSA_PSS.h" #if ENABLE(WEB_CRYPTO) && HAVE(RSA_PSS) #include "CryptoAlgorithmRsaHashedImportParams.h" #include "CryptoAlgorithmRsaHashedKeyGenParams.h" #include "CryptoAlgorithmRsaPssParams.h" #include "CryptoKeyPair.h" #include "CryptoKeyRSA.h" #include #include namespace WebCore { namespace CryptoAlgorithmRSA_PSSInternal { static constexpr auto ALG1 = "PS1"_s; static constexpr auto ALG224 = "PS224"_s; static constexpr auto ALG256 = "PS256"_s; static constexpr auto ALG384 = "PS384"_s; static constexpr auto ALG512 = "PS512"_s; } Ref CryptoAlgorithmRSA_PSS::create() { return adoptRef(*new CryptoAlgorithmRSA_PSS); } CryptoAlgorithmIdentifier CryptoAlgorithmRSA_PSS::identifier() const { return s_identifier; } void CryptoAlgorithmRSA_PSS::sign(const CryptoAlgorithmParameters& parameters, Ref&& key, Vector&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) { if (key->type() != CryptoKeyType::Private) { exceptionCallback(InvalidAccessError); return; } dispatchOperationInWorkQueue(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback), [parameters = crossThreadCopy(downcast(parameters)), key = WTFMove(key), data = WTFMove(data)] { return platformSign(parameters, downcast(key.get()), data); }); } void CryptoAlgorithmRSA_PSS::verify(const CryptoAlgorithmParameters& parameters, Ref&& key, Vector&& signature, Vector&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue) { if (key->type() != CryptoKeyType::Public) { exceptionCallback(InvalidAccessError); return; } dispatchOperationInWorkQueue(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback), [parameters = crossThreadCopy(downcast(parameters)), key = WTFMove(key), signature = WTFMove(signature), data = WTFMove(data)] { return platformVerify(parameters, downcast(key.get()), signature, data); }); } void CryptoAlgorithmRSA_PSS::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context) { const auto& rsaParameters = downcast(parameters); if (usages & (CryptoKeyUsageDecrypt | CryptoKeyUsageEncrypt | CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey)) { exceptionCallback(SyntaxError); return; } auto keyPairCallback = [capturedCallback = WTFMove(callback)](CryptoKeyPair&& pair) { pair.publicKey->setUsagesBitmap(pair.publicKey->usagesBitmap() & CryptoKeyUsageVerify); pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & CryptoKeyUsageSign); capturedCallback(WTFMove(pair)); }; auto failureCallback = [capturedCallback = WTFMove(exceptionCallback)]() { capturedCallback(OperationError); }; CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_PSS, rsaParameters.hashIdentifier, true, rsaParameters.modulusLength, rsaParameters.publicExponentVector(), extractable, usages, WTFMove(keyPairCallback), WTFMove(failureCallback), &context); } void CryptoAlgorithmRSA_PSS::importKey(CryptoKeyFormat format, KeyData&& data, const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback) { using namespace CryptoAlgorithmRSA_PSSInternal; const auto& rsaParameters = downcast(parameters); RefPtr result; switch (format) { case CryptoKeyFormat::Jwk: { JsonWebKey key = WTFMove(std::get(data)); if (usages && ((!key.d.isNull() && (usages ^ CryptoKeyUsageSign)) || (key.d.isNull() && (usages ^ CryptoKeyUsageVerify)))) { exceptionCallback(SyntaxError); return; } if (usages && !key.use.isNull() && key.use != "sig"_s) { exceptionCallback(DataError); return; } bool isMatched = false; switch (rsaParameters.hashIdentifier) { case CryptoAlgorithmIdentifier::SHA_1: isMatched = key.alg.isNull() || key.alg == ALG1; break; case CryptoAlgorithmIdentifier::SHA_224: isMatched = key.alg.isNull() || key.alg == ALG224; break; case CryptoAlgorithmIdentifier::SHA_256: isMatched = key.alg.isNull() || key.alg == ALG256; break; case CryptoAlgorithmIdentifier::SHA_384: isMatched = key.alg.isNull() || key.alg == ALG384; break; case CryptoAlgorithmIdentifier::SHA_512: isMatched = key.alg.isNull() || key.alg == ALG512; break; default: break; } if (!isMatched) { exceptionCallback(DataError); return; } result = CryptoKeyRSA::importJwk(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(key), extractable, usages); break; } case CryptoKeyFormat::Spki: { if (usages && (usages ^ CryptoKeyUsageVerify)) { exceptionCallback(SyntaxError); return; } // FIXME: result = CryptoKeyRSA::importSpki(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(std::get>(data)), extractable, usages); break; } case CryptoKeyFormat::Pkcs8: { if (usages && (usages ^ CryptoKeyUsageSign)) { exceptionCallback(SyntaxError); return; } // FIXME: result = CryptoKeyRSA::importPkcs8(parameters.identifier, rsaParameters.hashIdentifier, WTFMove(std::get>(data)), extractable, usages); break; } default: exceptionCallback(NotSupportedError); return; } if (!result) { exceptionCallback(DataError); return; } callback(*result); } void CryptoAlgorithmRSA_PSS::exportKey(CryptoKeyFormat format, Ref&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback) { using namespace CryptoAlgorithmRSA_PSSInternal; const auto& rsaKey = downcast(key.get()); if (!rsaKey.keySizeInBits()) { exceptionCallback(OperationError); return; } KeyData result; switch (format) { case CryptoKeyFormat::Jwk: { JsonWebKey jwk = rsaKey.exportJwk(); switch (rsaKey.hashAlgorithmIdentifier()) { case CryptoAlgorithmIdentifier::SHA_1: jwk.alg = String(ALG1); break; case CryptoAlgorithmIdentifier::SHA_224: jwk.alg = String(ALG224); break; case CryptoAlgorithmIdentifier::SHA_256: jwk.alg = String(ALG256); break; case CryptoAlgorithmIdentifier::SHA_384: jwk.alg = String(ALG384); break; case CryptoAlgorithmIdentifier::SHA_512: jwk.alg = String(ALG512); break; default: ASSERT_NOT_REACHED(); } result = WTFMove(jwk); break; } case CryptoKeyFormat::Spki: { auto spki = rsaKey.exportSpki(); if (spki.hasException()) { exceptionCallback(spki.releaseException().code()); return; } result = spki.releaseReturnValue(); break; } case CryptoKeyFormat::Pkcs8: { auto pkcs8 = rsaKey.exportPkcs8(); if (pkcs8.hasException()) { exceptionCallback(pkcs8.releaseException().code()); return; } result = pkcs8.releaseReturnValue(); break; } default: exceptionCallback(NotSupportedError); return; } callback(format, WTFMove(result)); } } #endif // ENABLE(WEB_CRYPTO) && HAVE(RSA_PSS)