Changeset 159944 in webkit

Timestamp:

Dec 2, 2013 11:50:51 AM (10 years ago)

Author:

ap@apple.com

Message:

Add support for WebCrypto RSA-OAEP
​https://bugs.webkit.org/show_bug.cgi?id=125084

Reviewed by Sam Weinig.

Source/WebCore:

Tests: crypto/subtle/rsa-oaep-key-manipulation.html

crypto/subtle/rsa-oaep-plaintext-length.html
crypto/subtle/rsa-oaep-wrap-unwrap-aes.html

• WebCore.xcodeproj/project.pbxproj: Added new files.

• bindings/js/JSCryptoAlgorithmDictionary.cpp:

(WebCore::createRsaOaepParams):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForEncrypt):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForDecrypt):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey):
Added RSA-OAEP parameters.

• bindings/js/JSCryptoKeySerializationJWK.cpp:

(WebCore::JSCryptoKeySerializationJWK::reconcileAlgorithm):
(WebCore::JSCryptoKeySerializationJWK::keySizeIsValid):
(WebCore::JSCryptoKeySerializationJWK::addJWKAlgorithmToJSON):
Support RSA-OAEP in JWK. It is more limited than general WebCrypto, as JWK only
allows SHA-1 as hash.

• crypto/CommonCryptoUtilities.cpp: Added. (WebCore::getCommonCryptoDigestAlgorithm):
• crypto/CommonCryptoUtilities.h: Added.

Extracted some shared code and forward declarations for CommonCrypto.

• crypto/CryptoAlgorithmParameters.h: (WebCore::CryptoAlgorithmParameters::Class):
• crypto/parameters/CryptoAlgorithmRsaOaepParams.h: Added.

Added RsaOaepParams.

• crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: Added.
• crypto/algorithms/CryptoAlgorithmRSA_OAEP.h: Added.
• crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp: Added.

• crypto/mac/CryptoAlgorithmHMACMac.cpp:

(WebCore::getCommonCryptoHMACAlgorithm):
(WebCore::CryptoAlgorithmHMAC::platformSign):
(WebCore::CryptoAlgorithmHMAC::platformVerify):

• crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:
• crypto/mac/CryptoKeyMac.cpp:
• crypto/mac/CryptoKeyRSAMac.cpp:

Use CommonCryptoUtilities.

• crypto/mac/CryptoAlgorithmRegistryMac.cpp:

(WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Register RSA-OAEP.

LayoutTests:

• crypto/subtle/rsa-oaep-key-manipulation-expected.txt: Added.
• crypto/subtle/rsa-oaep-key-manipulation.html: Added.
• crypto/subtle/rsa-oaep-plaintext-length-expected.txt: Added.
• crypto/subtle/rsa-oaep-plaintext-length.html: Added.
• crypto/subtle/rsa-oaep-wrap-unwrap-aes-expected.txt: Added.
• crypto/subtle/rsa-oaep-wrap-unwrap-aes.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/crypto/subtle/rsa-oaep-key-manipulation-expected.txt (added)
• LayoutTests/crypto/subtle/rsa-oaep-key-manipulation.html (added)
• LayoutTests/crypto/subtle/rsa-oaep-plaintext-length-expected.txt (added)
• LayoutTests/crypto/subtle/rsa-oaep-plaintext-length.html (added)
• LayoutTests/crypto/subtle/rsa-oaep-wrap-unwrap-aes-expected.txt (added)
• LayoutTests/crypto/subtle/rsa-oaep-wrap-unwrap-aes.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/WebCore.xcodeproj/project.pbxproj (modified) (10 diffs)
• Source/WebCore/bindings/js/JSCryptoAlgorithmDictionary.cpp (modified) (7 diffs)
• Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp (modified) (4 diffs)
• Source/WebCore/crypto/CommonCryptoUtilities.cpp (added)
• Source/WebCore/crypto/CommonCryptoUtilities.h (added)
• Source/WebCore/crypto/CryptoAlgorithmParameters.h (modified) (1 diff)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp (added)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.h (added)
• Source/WebCore/crypto/mac/CryptoAlgorithmHMACMac.cpp (modified) (3 diffs)
• Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp (modified) (2 diffs)
• Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp (added)
• Source/WebCore/crypto/mac/CryptoAlgorithmRegistryMac.cpp (modified) (2 diffs)
• Source/WebCore/crypto/mac/CryptoKeyMac.cpp (modified) (1 diff)
• Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp (modified) (2 diffs)
• Source/WebCore/crypto/parameters/CryptoAlgorithmRsaOaepParams.h (added)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2013-12-02  Alexey Proskuryakov  <ap@apple.com>
+
+        Add support for WebCrypto RSA-OAEP
+        https://bugs.webkit.org/show_bug.cgi?id=125084
+
+        Reviewed by Sam Weinig.
+
+        * crypto/subtle/rsa-oaep-key-manipulation-expected.txt: Added.
+        * crypto/subtle/rsa-oaep-key-manipulation.html: Added.
+        * crypto/subtle/rsa-oaep-plaintext-length-expected.txt: Added.
+        * crypto/subtle/rsa-oaep-plaintext-length.html: Added.
+        * crypto/subtle/rsa-oaep-wrap-unwrap-aes-expected.txt: Added.
+        * crypto/subtle/rsa-oaep-wrap-unwrap-aes.html: Added.
+
 2013-12-01  Filip Pizlo  <fpizlo@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-12-02  Alexey Proskuryakov  <ap@apple.com>
+
+        Add support for WebCrypto RSA-OAEP
+        https://bugs.webkit.org/show_bug.cgi?id=125084
+
+        Reviewed by Sam Weinig.
+
+        Tests: crypto/subtle/rsa-oaep-key-manipulation.html
+               crypto/subtle/rsa-oaep-plaintext-length.html
+               crypto/subtle/rsa-oaep-wrap-unwrap-aes.html
+
+        * WebCore.xcodeproj/project.pbxproj: Added new files.
+
+        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
+        (WebCore::createRsaOaepParams):
+        (WebCore::JSCryptoAlgorithmDictionary::createParametersForEncrypt):
+        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDecrypt):
+        (WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey):
+        Added RSA-OAEP parameters.
+
+        * bindings/js/JSCryptoKeySerializationJWK.cpp:
+        (WebCore::JSCryptoKeySerializationJWK::reconcileAlgorithm):
+        (WebCore::JSCryptoKeySerializationJWK::keySizeIsValid):
+        (WebCore::JSCryptoKeySerializationJWK::addJWKAlgorithmToJSON):
+        Support RSA-OAEP in JWK. It is more limited than general WebCrypto, as JWK only
+        allows SHA-1 as hash.
+
+        * crypto/CommonCryptoUtilities.cpp: Added. (WebCore::getCommonCryptoDigestAlgorithm):
+        * crypto/CommonCryptoUtilities.h: Added.
+        Extracted some shared code and forward declarations for CommonCrypto.
+
+        * crypto/CryptoAlgorithmParameters.h: (WebCore::CryptoAlgorithmParameters::Class):
+        * crypto/parameters/CryptoAlgorithmRsaOaepParams.h: Added.
+        Added RsaOaepParams.
+
+        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: Added.
+        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.h: Added.
+        * crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp: Added.
+
+        * crypto/mac/CryptoAlgorithmHMACMac.cpp:
+        (WebCore::getCommonCryptoHMACAlgorithm):
+        (WebCore::CryptoAlgorithmHMAC::platformSign):
+        (WebCore::CryptoAlgorithmHMAC::platformVerify):
+        * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:
+        * crypto/mac/CryptoKeyMac.cpp:
+        * crypto/mac/CryptoKeyRSAMac.cpp:
+        Use CommonCryptoUtilities.
+
+        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
+        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Register RSA-OAEP.
+
 2013-12-02  Andres Gomez  <agomez@igalia.com>
 

trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

@@ -5729 +5729 @@
                 E1FE13641834351100892F13 /* CryptoDigestMac.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1FE13621834351100892F13 /* CryptoDigestMac.cpp */; };
                 E1FE136718343A1000892F13 /* CryptoDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = E1FE136618343A1000892F13 /* CryptoDigest.h */; };
+                E1FE136A183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1FE1368183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.cpp */; };
+                E1FE136B183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.h in Headers */ = {isa = PBXBuildFile; fileRef = E1FE1369183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.h */; };
+                E1FE136D183FE21D00892F13 /* CryptoAlgorithmRsaOaepParams.h in Headers */ = {isa = PBXBuildFile; fileRef = E1FE136C183FE21D00892F13 /* CryptoAlgorithmRsaOaepParams.h */; };
+                E1FE1370183FECF000892F13 /* CryptoAlgorithmRSA_OAEPMac.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1FE136E183FECF000892F13 /* CryptoAlgorithmRSA_OAEPMac.cpp */; };
+                E1FE137418402A6700892F13 /* CommonCryptoUtilities.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1FE137218402A6700892F13 /* CommonCryptoUtilities.cpp */; };
+                E1FE137518402A6700892F13 /* CommonCryptoUtilities.h in Headers */ = {isa = PBXBuildFile; fileRef = E1FE137318402A6700892F13 /* CommonCryptoUtilities.h */; };
                 E1FF57A30F01255B00891EBB /* ThreadGlobalData.h in Headers */ = {isa = PBXBuildFile; fileRef = E1FF57A20F01255B00891EBB /* ThreadGlobalData.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 E1FF57A60F01256B00891EBB /* ThreadGlobalData.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E1FF57A50F01256B00891EBB /* ThreadGlobalData.cpp */; };
@@ -12849 +12855 @@
                 E1FE13621834351100892F13 /* CryptoDigestMac.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CryptoDigestMac.cpp; path = mac/CryptoDigestMac.cpp; sourceTree = "<group>"; };
                 E1FE136618343A1000892F13 /* CryptoDigest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoDigest.h; sourceTree = "<group>"; };
+                E1FE1368183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CryptoAlgorithmRSA_OAEP.cpp; sourceTree = "<group>"; };
+                E1FE1369183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmRSA_OAEP.h; sourceTree = "<group>"; };
+                E1FE136C183FE21D00892F13 /* CryptoAlgorithmRsaOaepParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = CryptoAlgorithmRsaOaepParams.h; path = parameters/CryptoAlgorithmRsaOaepParams.h; sourceTree = "<group>"; };
+                E1FE136E183FECF000892F13 /* CryptoAlgorithmRSA_OAEPMac.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CryptoAlgorithmRSA_OAEPMac.cpp; path = mac/CryptoAlgorithmRSA_OAEPMac.cpp; sourceTree = "<group>"; };
+                E1FE137218402A6700892F13 /* CommonCryptoUtilities.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CommonCryptoUtilities.cpp; sourceTree = "<group>"; };
+                E1FE137318402A6700892F13 /* CommonCryptoUtilities.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptoUtilities.h; sourceTree = "<group>"; };
                 E1FF57A20F01255B00891EBB /* ThreadGlobalData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ThreadGlobalData.h; sourceTree = "<group>"; };
                 E1FF57A50F01256B00891EBB /* ThreadGlobalData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ThreadGlobalData.cpp; sourceTree = "<group>"; };
@@ -20407 +20419 @@
                         isa = PBXGroup;
                         children = (
+                                E1FE137218402A6700892F13 /* CommonCryptoUtilities.cpp */,
+                                E1FE137318402A6700892F13 /* CommonCryptoUtilities.h */,
                                 E125F843182425C900D84CD9 /* CryptoAlgorithmAES_CBCMac.cpp */,
                                 E125F8371822F1EB00D84CD9 /* CryptoAlgorithmHMACMac.cpp */,
                                 E1BB84AC1822CA7400525043 /* CryptoAlgorithmRegistryMac.cpp */,
                                 E1C266D618317AB4003F8B33 /* CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp */,
+                                E1FE136E183FECF000892F13 /* CryptoAlgorithmRSA_OAEPMac.cpp */,
                                 E19AC3F8182566F700349426 /* CryptoKeyMac.cpp */,
                                 E164FAA418315E1A00DB4E61 /* CryptoKeyRSAMac.cpp */,
@@ -20425 +20440 @@
                                 E125F82F1822F11B00D84CD9 /* CryptoAlgorithmHMAC.cpp */,
                                 E125F8301822F11B00D84CD9 /* CryptoAlgorithmHMAC.h */,
+                                E1FE1368183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.cpp */,
+                                E1FE1369183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.h */,
                                 E1BD3317182D8DDD00C05D9F /* CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp */,
                                 E1BD3318182D8DDD00C05D9F /* CryptoAlgorithmRSASSA_PKCS1_v1_5.h */,
@@ -22438 +22455 @@
                                 93309DDF099E64920056E581 /* DeleteFromTextNodeCommand.h in Headers */,
                                 07C59B6417F4D1C4000FBCBB /* MockMediaStreamCenter.h in Headers */,
+                                E1FE136B183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.h in Headers */,
                                 93309DE1099E64920056E581 /* DeleteSelectionCommand.h in Headers */,
                                 FD1660A513787C6D001FFA7B /* DenormalDisabler.h in Headers */,
@@ -22587 +22605 @@
                                 2ED609BD1145B07100C8684E /* DOMFormData.h in Headers */,
                                 BC1A37B6097C715F0019F3D8 /* DOMHTML.h in Headers */,
+                                E1FE137518402A6700892F13 /* CommonCryptoUtilities.h in Headers */,
                                 85DF81270AA7787200486AD7 /* DOMHTMLAnchorElement.h in Headers */,
                                 B595FF471824CEE300FF51CD /* RenderIterator.h in Headers */,
@@ -23707 +23726 @@
                                 078E092B17D14D1C00420AA1 /* RTCStatsRequestImpl.h in Headers */,
                                 B266CD4E0C3AEC6500EB08D2 /* JSSVGException.h in Headers */,
+                                E1FE136D183FE21D00892F13 /* CryptoAlgorithmRsaOaepParams.h in Headers */,
                                 B2FA3D6B0AB75A6F000E5AC4 /* JSSVGFEBlendElement.h in Headers */,
                                 B2FA3D6D0AB75A6F000E5AC4 /* JSSVGFEColorMatrixElement.h in Headers */,
@@ -26713 +26733 @@
                                 BC6932730D7E293900AE44D1 /* JSDOMWindowBase.cpp in Sources */,
                                 BCD9C2620C17AA67005C90A2 /* JSDOMWindowCustom.cpp in Sources */,
+                                E1FE136A183FE1AB00892F13 /* CryptoAlgorithmRSA_OAEP.cpp in Sources */,
                                 BCBFB53C0DCD29CF0019B3E5 /* JSDOMWindowShell.cpp in Sources */,
                                 FD7868B9136B999200D403DF /* JSDynamicsCompressorNode.cpp in Sources */,
@@ -28160 +28181 @@
                                 2E3BBF071162DA1100B9409A /* UUID.cpp in Sources */,
                                 50D32857163B313F0016111E /* ValidatedCustomFilterOperation.cpp in Sources */,
+                                E1FE137418402A6700892F13 /* CommonCryptoUtilities.cpp in Sources */,
                                 F5A154271279534D00D0B0C0 /* ValidationMessage.cpp in Sources */,
                                 FD3160AE12B026F700C1A359 /* VectorMath.cpp in Sources */,
@@ -28203 +28225 @@
                                 A0EE0DF5144F825500F80B0D /* WebGLDebugRendererInfo.cpp in Sources */,
                                 A0EE0DF7144F825500F80B0D /* WebGLDebugShaders.cpp in Sources */,
+                                E1FE1370183FECF000892F13 /* CryptoAlgorithmRSA_OAEPMac.cpp in Sources */,
                                 6E3FAE8E14733FDB00E42307 /* WebGLDepthTexture.cpp in Sources */,
                                 6EBF0E5412A8929800DB1709 /* WebGLExtension.cpp in Sources */,

trunk/Source/WebCore/bindings/js/JSCryptoAlgorithmDictionary.cpp

@@ -36 +36 @@
 #include "CryptoAlgorithmRsaKeyGenParams.h"
 #include "CryptoAlgorithmRsaKeyParamsWithHash.h"
+#include "CryptoAlgorithmRsaOaepParams.h"
 #include "CryptoAlgorithmRsaSsaParams.h"
 #include "ExceptionCode.h"
@@ -245 +246 @@
 }
 
-static std::unique_ptr<CryptoAlgorithmParameters> createRsaSsaParams(ExecState* exec, JSValue value)
+static std::unique_ptr<CryptoAlgorithmParameters> createRsaOaepParams(ExecState* exec, JSValue value)
 {
     if (!value.isObject()) {
@@ -253 +254 @@
 
     JSDictionary jsDictionary(exec, value.getObject());
-    auto result = std::make_unique<CryptoAlgorithmRsaSsaParams>();
+    auto result = std::make_unique<CryptoAlgorithmRsaOaepParams>();
 
     if (!getHashAlgorithm(jsDictionary, result->hash)) {
@@ -260 +261 @@
     }
 
+    JSValue labelValue = getProperty(exec, value.getObject(), "label");
+    if (exec->hadException())
+        return nullptr;
+
+    result->hasLabel = !labelValue.isUndefinedOrNull();
+    if (!result->hasLabel)
+        return std::move(result);
+
+    CryptoOperationData labelData;
+    if (!cryptoOperationDataFromJSValue(exec, labelValue, labelData)) {
+        ASSERT(exec->hadException());
+        return nullptr;
+    }
+
+    result->label.append(labelData.first, labelData.second);
+
     return std::move(result);
 }
 
+static std::unique_ptr<CryptoAlgorithmParameters> createRsaSsaParams(ExecState* exec, JSValue value)
+{
+    if (!value.isObject()) {
+        throwTypeError(exec);
+        return nullptr;
+    }
+
+    JSDictionary jsDictionary(exec, value.getObject());
+    auto result = std::make_unique<CryptoAlgorithmRsaSsaParams>();
+
+    if (!getHashAlgorithm(jsDictionary, result->hash)) {
+        ASSERT(exec->hadException());
+        return nullptr;
+    }
+
+    return std::move(result);
+}
+
 std::unique_ptr<CryptoAlgorithmParameters> JSCryptoAlgorithmDictionary::createParametersForEncrypt(ExecState* exec, CryptoAlgorithmIdentifier algorithm, JSValue value)
 {
@@ -269 +304 @@
     case CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5:
     case CryptoAlgorithmIdentifier::RSA_PSS:
-    case CryptoAlgorithmIdentifier::RSA_OAEP:
+        setDOMException(exec, NOT_SUPPORTED_ERR);
+        return nullptr;
+    case CryptoAlgorithmIdentifier::RSA_OAEP:
+        return createRsaOaepParams(exec, value);
     case CryptoAlgorithmIdentifier::ECDSA:
     case CryptoAlgorithmIdentifier::ECDH:
@@ -301 +339 @@
     case CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5:
     case CryptoAlgorithmIdentifier::RSA_PSS:
-    case CryptoAlgorithmIdentifier::RSA_OAEP:
+        setDOMException(exec, NOT_SUPPORTED_ERR);
+        return nullptr;
+    case CryptoAlgorithmIdentifier::RSA_OAEP:
+        return createRsaOaepParams(exec, value);
     case CryptoAlgorithmIdentifier::ECDSA:
     case CryptoAlgorithmIdentifier::ECDH:
@@ -529 +570 @@
         return createRsaKeyParamsWithHash(exec, value);
     case CryptoAlgorithmIdentifier::RSA_PSS:
-    case CryptoAlgorithmIdentifier::RSA_OAEP:
-    case CryptoAlgorithmIdentifier::ECDSA:
-    case CryptoAlgorithmIdentifier::ECDH:
-    case CryptoAlgorithmIdentifier::AES_CTR:
-    case CryptoAlgorithmIdentifier::AES_CBC:
-    case CryptoAlgorithmIdentifier::AES_CMAC:
-    case CryptoAlgorithmIdentifier::AES_GCM:
-    case CryptoAlgorithmIdentifier::AES_CFB:
         return std::make_unique<CryptoAlgorithmParameters>();
+    case CryptoAlgorithmIdentifier::RSA_OAEP:
+        return createRsaKeyParamsWithHash(exec, value);
+    case CryptoAlgorithmIdentifier::ECDSA:
+    case CryptoAlgorithmIdentifier::ECDH:
+    case CryptoAlgorithmIdentifier::AES_CTR:
+    case CryptoAlgorithmIdentifier::AES_CBC:
+    case CryptoAlgorithmIdentifier::AES_CMAC:
+    case CryptoAlgorithmIdentifier::AES_GCM:
+    case CryptoAlgorithmIdentifier::AES_CFB:
+        return std::make_unique<CryptoAlgorithmParameters>();
     case CryptoAlgorithmIdentifier::HMAC:
         return createHmacParams(exec, value);

trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp

@@ -191 +191 @@
         algorithm = CryptoAlgorithmRegistry::shared().create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5);
         parameters = createRSAKeyParametersWithHash(CryptoAlgorithmIdentifier::SHA_512);
+    } else if (m_jwkAlgorithmName == "RSA-OAEP") {
+        algorithm = CryptoAlgorithmRegistry::shared().create(CryptoAlgorithmIdentifier::RSA_OAEP);
+        parameters = createRSAKeyParametersWithHash(CryptoAlgorithmIdentifier::SHA_1);
     } else if (m_jwkAlgorithmName == "A128CBC") {
         algorithm = CryptoAlgorithmRegistry::shared().create(CryptoAlgorithmIdentifier::AES_CBC);
@@ -219 +222 @@
     if (algorithm->identifier() == CryptoAlgorithmIdentifier::HMAC)
         return toCryptoAlgorithmHmacParams(*parameters).hash == toCryptoAlgorithmHmacParams(*suggestedParameters).hash;
-    if (algorithm->identifier() == CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5) {
+    if (algorithm->identifier() == CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5
+        || algorithm->identifier() == CryptoAlgorithmIdentifier::RSA_OAEP) {
         CryptoAlgorithmRsaKeyParamsWithHash& rsaKeyParameters = toCryptoAlgorithmRsaKeyParamsWithHash(*parameters);
         CryptoAlgorithmRsaKeyParamsWithHash& suggestedRSAKeyParameters = toCryptoAlgorithmRsaKeyParamsWithHash(*suggestedParameters);
@@ -284 +288 @@
     if (m_jwkAlgorithmName == "RS512")
         return sizeInBits >= 2048;
+    if (m_jwkAlgorithmName == "RSA_OAEP")
+        return sizeInBits >= 2048;
     return true;
 }
@@ -537 +543 @@
             break;
         }
+        break;
+    }
+    case CryptoAlgorithmIdentifier::RSA_OAEP: {
+        const CryptoKeyRSA& rsaKey = toCryptoKeyRSA(key);
+        CryptoAlgorithmIdentifier hash;
+        // WebCrypto RSA-OAEP keys are not tied to any particular hash, unless previously imported from JWK, which only supports SHA-1.
+        if (rsaKey.isRestrictedToHash(hash) && hash != CryptoAlgorithmIdentifier::SHA_1)
+            break;
+        if (rsaKey.keySizeInBits() < 2048)
+            break;
+        jwkAlgorithm = "RSA-OAEP";
         break;
     }

trunk/Source/WebCore/crypto/CryptoAlgorithmParameters.h

@@ -47 +47 @@
         RsaKeyGenParams,
         RsaKeyParamsWithHash,
+        RsaOaepParams,
         RsaSsaParams
     };

trunk/Source/WebCore/crypto/mac/CryptoAlgorithmHMACMac.cpp

@@ -36 +36 @@
 namespace WebCore {
 
-static bool getCommonCryptoAlgorithm(CryptoAlgorithmIdentifier hashFunction, CCHmacAlgorithm& algorithm)
+static bool getCommonCryptoHMACAlgorithm(CryptoAlgorithmIdentifier hashFunction, CCHmacAlgorithm& algorithm)
 {
     switch (hashFunction) {
@@ -92 +92 @@
 {
     CCHmacAlgorithm algorithm;
-    if (!getCommonCryptoAlgorithm(parameters.hash, algorithm)) {
+    if (!getCommonCryptoHMACAlgorithm(parameters.hash, algorithm)) {
         ec = NOT_SUPPORTED_ERR;
         return;
@@ -105 +105 @@
 {
     CCHmacAlgorithm algorithm;
-    if (!getCommonCryptoAlgorithm(parameters.hash, algorithm)) {
+    if (!getCommonCryptoHMACAlgorithm(parameters.hash, algorithm)) {
         ec = NOT_SUPPORTED_ERR;
         return;

trunk/Source/WebCore/crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp

@@ -29 +29 @@
 #if ENABLE(SUBTLE_CRYPTO)
 
+#include "CommonCryptoUtilities.h"
 #include "CryptoAlgorithmRsaSsaParams.h"
 #include "CryptoDigest.h"
@@ -35 +36 @@
 #include <CommonCrypto/CommonCryptor.h>
 
-#if defined(__has_include)
-#if __has_include(<CommonCrypto/CommonRSACryptor.h>)
-#include <CommonCrypto/CommonRSACryptor.h>
-#endif
-#endif
-
-#ifndef _CC_RSACRYPTOR_H_
-enum {
-    ccPKCS1Padding = 1001
-};
-typedef uint32_t CCAsymmetricPadding;
-
-enum {
-    kCCDigestSHA1 = 8,
-    kCCDigestSHA224 = 9,
-    kCCDigestSHA256 = 10,
-    kCCDigestSHA384 = 11,
-    kCCDigestSHA512 = 12,
-};
-typedef uint32_t CCDigestAlgorithm;
-
-enum {
-    kCCNotVerified    = -4306
-};
-#endif
-
-extern "C" CCCryptorStatus CCRSACryptorSign(CCRSACryptorRef privateKey, CCAsymmetricPadding padding, const void *hashToSign, size_t hashSignLen, CCDigestAlgorithm digestType, size_t saltLen, void *signedData, size_t *signedDataLen);
-extern "C" CCCryptorStatus CCRSACryptorVerify(CCRSACryptorRef publicKey, CCAsymmetricPadding padding, const void *hash, size_t hashLen, CCDigestAlgorithm digestType, size_t saltLen, const void *signedData, size_t signedDataLen);
-
 namespace WebCore {
-
-static bool getCommonCryptoDigestAlgorithm(CryptoAlgorithmIdentifier hashFunction, CCDigestAlgorithm& algorithm)
-{
-    switch (hashFunction) {
-    case CryptoAlgorithmIdentifier::SHA_1:
-        algorithm = kCCDigestSHA1;
-        return true;
-    case CryptoAlgorithmIdentifier::SHA_224:
-        algorithm = kCCDigestSHA224;
-        return true;
-    case CryptoAlgorithmIdentifier::SHA_256:
-        algorithm = kCCDigestSHA256;
-        return true;
-    case CryptoAlgorithmIdentifier::SHA_384:
-        algorithm = kCCDigestSHA384;
-        return true;
-    case CryptoAlgorithmIdentifier::SHA_512:
-        algorithm = kCCDigestSHA512;
-        return true;
-    default:
-        return false;
-    }
-}
 
 void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(const CryptoAlgorithmRsaSsaParams& parameters, const CryptoKeyRSA& key, const CryptoOperationData& data, VectorCallback callback, VoidCallback failureCallback, ExceptionCode& ec)

trunk/Source/WebCore/crypto/mac/CryptoAlgorithmRegistryMac.cpp

@@ -32 +32 @@
 #include "CryptoAlgorithmHMAC.h"
 #include "CryptoAlgorithmRSASSA_PKCS1_v1_5.h"
+#include "CryptoAlgorithmRSA_OAEP.h"
 #include "CryptoAlgorithmSHA1.h"
 #include "CryptoAlgorithmSHA224.h"
@@ -45 +46 @@
     registerAlgorithm<CryptoAlgorithmHMAC>();
     registerAlgorithm<CryptoAlgorithmRSASSA_PKCS1_v1_5>();
+    registerAlgorithm<CryptoAlgorithmRSA_OAEP>();
     registerAlgorithm<CryptoAlgorithmSHA1>();
     registerAlgorithm<CryptoAlgorithmSHA224>();

trunk/Source/WebCore/crypto/mac/CryptoKeyMac.cpp

@@ -29 +29 @@
 #if ENABLE(SUBTLE_CRYPTO)
 
-#if defined(__has_include) && (PLATFORM(IOS) || __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090)
-#if __has_include(<CommonCrypto/CommonRandomSPI.h>)
-#include <CommonCrypto/CommonRandomSPI.h>
-#endif
-#endif
-
-typedef struct __CCRandom *CCRandomRef;
-extern const CCRandomRef kCCRandomDefault;
-extern "C" int CCRandomCopyBytes(CCRandomRef rnd, void *bytes, size_t count);
+#include "CommonCryptoUtilities.h"
 
 namespace WebCore {

trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp

@@ -29 +29 @@
 #if ENABLE(SUBTLE_CRYPTO)
 
+#include "CommonCryptoUtilities.h"
 #include "CryptoAlgorithmDescriptionBuilder.h"
 #include "CryptoAlgorithmRegistry.h"
@@ -34 +35 @@
 #include "CryptoKeyPair.h"
 #include <CommonCrypto/CommonCryptor.h>
-
-#if defined(__has_include)
-#if __has_include(<CommonCrypto/CommonRSACryptor.h>)
-#include <CommonCrypto/CommonRSACryptor.h>
-#endif
-#endif
-
-#ifndef _CC_RSACRYPTOR_H_
-enum {
-    ccRSAKeyPublic          = 0,
-    ccRSAKeyPrivate         = 1
-};
-typedef uint32_t CCRSAKeyType;
-#endif
-
-extern "C" CCCryptorStatus CCRSACryptorCreateFromData(CCRSAKeyType keyType, uint8_t *modulus, size_t modulusLength, uint8_t *exponent, size_t exponentLength, uint8_t *p, size_t pLength, uint8_t *q, size_t qLength, CCRSACryptorRef *ref);
-extern "C" CCCryptorStatus CCRSACryptorGeneratePair(size_t keysize, uint32_t e, CCRSACryptorRef *publicKey, CCRSACryptorRef *privateKey);
-extern "C" CCRSACryptorRef CCRSACryptorGetPublicKeyFromPrivateKey(CCRSACryptorRef privkey);
-extern "C" void CCRSACryptorRelease(CCRSACryptorRef key);
-extern "C" CCCryptorStatus CCRSAGetKeyComponents(CCRSACryptorRef rsaKey, uint8_t *modulus, size_t *modulusLength, uint8_t *exponent, size_t *exponentLength, uint8_t *p, size_t *pLength, uint8_t *q, size_t *qLength);
-extern "C" CCRSAKeyType CCRSAGetKeyType(CCRSACryptorRef key);
 
 namespace WebCore {