Changeset 192126 in webkit

Timestamp:

Nov 6, 2015 8:44:02 PM (9 years ago)

Author:

commit-queue@webkit.org

Message:

Source/WebCore:
Allow an optional hash algorithm to be passed to generateKey for RSA keys.
​https://bugs.webkit.org/show_bug.cgi?id=144938

Unreviewed initial submission.

Test: crypto/subtle/rsa-export-generated-keys.html

This changeset allows an optional hash parameter to be passed to the generate
key function for RSA type keys. Previously, there was no way to export generated
keys, as no hash function could be associated with the key (required for JWK).

The current WebCrypto API draft requires the hash function to be specified in the
algorithm object passed to generateKey (​http://www.w3.org/TR/WebCryptoAPI 20.4),
however, they were made optional in this implementation to maintain compatiblity.

Patch by Scott Valentine <​svalentine@ikayzo.com> on 2015-11-06

• bindings/js/JSCryptoAlgorithmDictionary.cpp:

(WebCore::getHashAlgorithm):
(WebCore::createHmacParams):
(WebCore::createHmacKeyParams):
(WebCore::createRsaKeyGenParams):
(WebCore::createRsaOaepParams):
(WebCore::createRsaSsaParams):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey): Deleted.

• bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneDeserializer::readRSAKey):

• crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):

• crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):

• crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:

(WebCore::CryptoAlgorithmRSA_OAEP::generateKey):
(WebCore::CryptoAlgorithmRSA_OAEP::importKey):

• crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:

(WebCore::CryptoKeyRSA::CryptoKeyRSA):
(WebCore::CryptoKeyRSA::create):
(WebCore::CryptoKeyRSA::generatePair):
(WebCore::CryptoKeyRSA::restrictToHash): Deleted.

• crypto/keys/CryptoKeyRSA.h:
• crypto/mac/CryptoKeyRSAMac.cpp:

(WebCore::CryptoKeyRSA::CryptoKeyRSA):
(WebCore::CryptoKeyRSA::create):
(WebCore::CryptoKeyRSA::generatePair):
(WebCore::CryptoKeyRSA::restrictToHash): Deleted.

• crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:

LayoutTests:
Adding new tests for exporting generated RSA keys.
​https://bugs.webkit.org/show_bug.cgi?id=144938

Unreviewed initial submission.

Patch by Scott Valentine <​svalentine@ikayzo.com> on 2015-11-06

• crypto/subtle/rsa-export-generated-keys-expected.txt: Added.
• crypto/subtle/rsa-export-generated-keys.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/crypto/subtle/rsa-export-generated-keys-expected.txt (added)
• LayoutTests/crypto/subtle/rsa-export-generated-keys.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/bindings/js/JSCryptoAlgorithmDictionary.cpp (modified) (10 diffs)
• Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp (modified) (1 diff)
• Source/WebCore/bindings/js/SerializedScriptValue.cpp (modified) (3 diffs)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp (modified) (2 diffs)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp (modified) (2 diffs)
• Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp (modified) (2 diffs)
• Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp (modified) (4 diffs)
• Source/WebCore/crypto/keys/CryptoKeyRSA.h (modified) (2 diffs)
• Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp (modified) (5 diffs)
• Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2015-11-06  Scott Valentine  <svalentine@ikayzo.com>
+
+        Adding new tests for exporting generated RSA keys.
+        https://bugs.webkit.org/show_bug.cgi?id=144938
+
+        Unreviewed initial submission.
+
+        * crypto/subtle/rsa-export-generated-keys-expected.txt: Added.
+        * crypto/subtle/rsa-export-generated-keys.html: Added.
+
 2015-11-06  Wenson Hsieh  <wenson_hsieh@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2015-11-06  Scott Valentine  <svalentine@ikayzo.com>
+
+        Allow an optional hash algorithm to be passed to generateKey for RSA keys.
+        https://bugs.webkit.org/show_bug.cgi?id=144938
+
+        Unreviewed initial submission.
+
+        Test: crypto/subtle/rsa-export-generated-keys.html
+
+        This changeset allows an optional hash parameter to be passed to the generate
+        key function for RSA type keys. Previously, there was no way to export generated
+        keys, as no hash function could be associated with the key (required for JWK).
+
+        The current WebCrypto API draft requires the hash function to be specified in the
+        algorithm object passed to generateKey (http://www.w3.org/TR/WebCryptoAPI 20.4),
+        however, they were made optional in this implementation to maintain compatiblity.
+
+        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
+        (WebCore::getHashAlgorithm):
+        (WebCore::createHmacParams):
+        (WebCore::createHmacKeyParams):
+        (WebCore::createRsaKeyGenParams):
+        (WebCore::createRsaOaepParams):
+        (WebCore::createRsaSsaParams):
+        (WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey): Deleted.
+        * bindings/js/SerializedScriptValue.cpp:
+        (WebCore::CloneDeserializer::readRSAKey):
+        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
+        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey):
+        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
+        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
+        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey):
+        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
+        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
+        (WebCore::CryptoAlgorithmRSA_OAEP::generateKey):
+        (WebCore::CryptoAlgorithmRSA_OAEP::importKey):
+        * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
+        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
+        (WebCore::CryptoKeyRSA::create):
+        (WebCore::CryptoKeyRSA::generatePair):
+        (WebCore::CryptoKeyRSA::restrictToHash): Deleted.
+        * crypto/keys/CryptoKeyRSA.h:
+        * crypto/mac/CryptoKeyRSAMac.cpp:
+        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
+        (WebCore::CryptoKeyRSA::create):
+        (WebCore::CryptoKeyRSA::generatePair):
+        (WebCore::CryptoKeyRSA::restrictToHash): Deleted.
+        * crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
+
 2015-11-06  Wenson Hsieh  <wenson_hsieh@apple.com>
 

trunk/Source/WebCore/bindings/js/JSCryptoAlgorithmDictionary.cpp

@@ -47 +47 @@
 namespace WebCore {
 
+enum class HashRequirement {
+    Optional,
+    Required, 
+};
+
 bool JSCryptoAlgorithmDictionary::getAlgorithmIdentifier(ExecState* exec, JSValue value, CryptoAlgorithmIdentifier& algorithmIdentifier)
 {
@@ -99 +104 @@
 }
 
-static bool getHashAlgorithm(JSDictionary& dictionary, CryptoAlgorithmIdentifier& result)
+static bool getHashAlgorithm(JSDictionary& dictionary, CryptoAlgorithmIdentifier& result, HashRequirement isRequired)
 {
     // FXIME: Teach JSDictionary how to return JSValues, and use that to get hash element value.
@@ -114 +119 @@
 
     if (hash.isUndefinedOrNull()) {
-        setDOMException(exec, NOT_SUPPORTED_ERR);
+        if (isRequired == HashRequirement::Required)
+            setDOMException(exec, NOT_SUPPORTED_ERR);
         return false;
     }
@@ -178 +184 @@
     auto result = std::make_unique<CryptoAlgorithmHmacParams>();
 
-    if (!getHashAlgorithm(jsDictionary, result->hash)) {
+    if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
         ASSERT(exec->hadException());
         return nullptr;
@@ -196 +202 @@
     auto result = std::make_unique<CryptoAlgorithmHmacKeyParams>();
 
-    if (!getHashAlgorithm(jsDictionary, result->hash)) {
+    if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
         ASSERT(exec->hadException());
         return nullptr;
@@ -215 +221 @@
     }
 
+    JSDictionary jsDictionary(exec, value.getObject());
     auto result = std::make_unique<CryptoAlgorithmRsaKeyGenParams>();
 
@@ -237 +244 @@
     result->publicExponent.append(publicExponentArray->data(), publicExponentArray->byteLength());
 
+    result->hasHash = getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Optional); 
+
     return WTF::move(result);
 }
@@ -256 +265 @@
     auto result = std::make_unique<CryptoAlgorithmRsaOaepParams>();
 
-    if (!getHashAlgorithm(jsDictionary, result->hash)) {
+    if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
         ASSERT(exec->hadException());
         return nullptr;
@@ -290 +299 @@
     auto result = std::make_unique<CryptoAlgorithmRsaSsaParams>();
 
-    if (!getHashAlgorithm(jsDictionary, result->hash)) {
+    if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
         ASSERT(exec->hadException());
         return nullptr;
@@ -598 +607 @@
     switch (algorithm) {
     case CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5:
-        return std::make_unique<CryptoAlgorithmParameters>();
-    case CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5:
+    case CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5:
+    case CryptoAlgorithmIdentifier::RSA_PSS:
+    case CryptoAlgorithmIdentifier::RSA_OAEP:
         return createRsaKeyParamsWithHash(exec, value);
-    case CryptoAlgorithmIdentifier::RSA_PSS:
-        return std::make_unique<CryptoAlgorithmParameters>();
-    case CryptoAlgorithmIdentifier::RSA_OAEP:
-        return createRsaKeyParamsWithHash(exec, value);
     case CryptoAlgorithmIdentifier::ECDSA:
     case CryptoAlgorithmIdentifier::ECDH:

trunk/Source/WebCore/bindings/js/JSCryptoKeySerializationJWK.cpp

@@ -194 +194 @@
     } else if (m_jwkAlgorithmName == "RSA1_5") {
         algorithm = algorithmRegisty.create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5);
-        parameters = std::make_unique<CryptoAlgorithmParameters>();
+        parameters = std::make_unique<CryptoAlgorithmRsaKeyParamsWithHash>();
     } else if (m_jwkAlgorithmName == "RSA-OAEP") {
         algorithm = algorithmRegisty.create(CryptoAlgorithmIdentifier::RSA_OAEP);

trunk/Source/WebCore/bindings/js/SerializedScriptValue.cpp

@@ -2024 +2024 @@
         if (type == CryptoKeyAsymmetricTypeSubtag::Public) {
             auto keyData = CryptoKeyDataRSAComponents::createPublic(modulus, exponent);
-            auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
-            if (isRestrictedToHash)
-                key->restrictToHash(hash);
+            auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
             result = WTF::move(key);
             return true;
@@ -2041 +2039 @@
         if (!primeCount) {
             auto keyData = CryptoKeyDataRSAComponents::createPrivate(modulus, exponent, privateExponent);
-            auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
-            if (isRestrictedToHash)
-                key->restrictToHash(hash);
+            auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
             result = WTF::move(key);
             return true;
@@ -2075 +2071 @@
 
         auto keyData = CryptoKeyDataRSAComponents::createPrivateWithAdditionalData(modulus, exponent, privateExponent, firstPrimeInfo, secondPrimeInfo, otherPrimeInfos);
-        auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
-        if (isRestrictedToHash)
-            key->restrictToHash(hash);
+        auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
         result = WTF::move(key);
         return true;

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp

@@ -30 +30 @@
 
 #include "CryptoAlgorithmRsaKeyGenParams.h"
+#include "CryptoAlgorithmRsaKeyParamsWithHash.h"
 #include "CryptoKeyDataRSAComponents.h"
 #include "CryptoKeyRSA.h"
@@ -93 +94 @@
     };
 
-    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
 }
 
-void CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(const CryptoAlgorithmParameters&, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
+void CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(const CryptoAlgorithmParameters& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
 {
+    const CryptoAlgorithmRsaKeyParamsWithHash& rsaParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHash>(parameters);
     const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
 
-    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaComponents, extractable, usage);
+    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaComponents, extractable, usage);
     if (!result) {
         failureCallback();

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp

@@ -102 +102 @@
     };
 
-    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
 }
 
@@ -110 +110 @@
     const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
 
-    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaComponents, extractable, usage);
+    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage);
     if (!result) {
         failureCallback();
         return;
     }
-
-    if (rsaKeyParameters.hasHash)
-        result->restrictToHash(rsaKeyParameters.hash);
 
     callback(*result);

trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp

@@ -102 +102 @@
     };
 
-    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+    CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
 }
 
@@ -110 +110 @@
     const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
 
-    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSA_OAEP, rsaComponents, extractable, usage);
+    RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSA_OAEP, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage);
     if (!result) {
         failureCallback();
         return;
     }
-
-    if (rsaKeyParameters.hasHash)
-        result->restrictToHash(rsaKeyParameters.hash);
 
     callback(*result);

trunk/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp

@@ -40 +40 @@
 };
 
-CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
     : CryptoKey(identifier, type, extractable, usage)
     , m_platformKey(platformKey)
-    , m_restrictedToSpecificHash(false)
+    , m_restrictedToSpecificHash(hasHash)
+    , m_hash(hash)
 {
     notImplemented();
 }
 
-RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
+RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
 {
     notImplemented();
     UNUSED_PARAM(identifier);
+    UNUSED_PARAM(hash);
+    UNUSED_PARAM(hasHash);
     UNUSED_PARAM(keyData);
     UNUSED_PARAM(extractable);
@@ -62 +65 @@
 {
     notImplemented();
-}
-
-void CryptoKeyRSA::restrictToHash(CryptoAlgorithmIdentifier identifier)
-{
-    m_restrictedToSpecificHash = true;
-    m_hash = identifier;
 }
 
@@ -99 +96 @@
 }
 
-void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
+void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
 {
     notImplemented();
@@ -105 +102 @@
 
     UNUSED_PARAM(algorithm);
+    UNUSED_PARAM(hash);
+    UNUSED_PARAM(hasHash);
     UNUSED_PARAM(modulusLength);
     UNUSED_PARAM(publicExponent);

trunk/Source/WebCore/crypto/keys/CryptoKeyRSA.h

@@ -50 +50 @@
 class CryptoKeyRSA final : public CryptoKey {
 public:
-    static Ref<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+    static Ref<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
     {
-        return adoptRef(*new CryptoKeyRSA(identifier, type, platformKey, extractable, usage));
+        return adoptRef(*new CryptoKeyRSA(identifier, hash, hasHash, type, platformKey, extractable, usage));
     }
-    static RefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsage);
+    static RefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsage);
     virtual ~CryptoKeyRSA();
 
-    void restrictToHash(CryptoAlgorithmIdentifier);
     bool isRestrictedToHash(CryptoAlgorithmIdentifier&) const;
 
@@ -64 +63 @@
     typedef std::function<void(CryptoKeyPair&)> KeyPairCallback;
     typedef std::function<void()> VoidCallback;
-    static void generatePair(CryptoAlgorithmIdentifier, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage, KeyPairCallback, VoidCallback failureCallback);
+    static void generatePair(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage, KeyPairCallback, VoidCallback failureCallback);
 
     PlatformRSAKey platformKey() const { return m_platformKey; }
 
 private:
-    CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsage);
+    CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsage);
 
     virtual CryptoKeyClass keyClass() const override { return CryptoKeyClass::RSA; }

trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp

@@ -97 +97 @@
 }
 
-CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
     : CryptoKey(identifier, type, extractable, usage)
     , m_platformKey(platformKey)
-    , m_restrictedToSpecificHash(false)
-{
-}
-
-RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
+    , m_restrictedToSpecificHash(hasHash)
+    , m_hash(hash)
+{
+}
+
+RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
 {
     if (keyData.type() == CryptoKeyDataRSAComponents::Type::Private && !keyData.hasAdditionalPrivateKeyParameters()) {
@@ -130 +131 @@
     }
 
-    return adoptRef(new CryptoKeyRSA(identifier, keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? CryptoKeyType::Public : CryptoKeyType::Private, cryptor, extractable, usage));
+    return adoptRef(new CryptoKeyRSA(identifier, hash, hasHash, keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? CryptoKeyType::Public : CryptoKeyType::Private, cryptor, extractable, usage));
 }
 
@@ -136 +137 @@
 {
     CCRSACryptorRelease(m_platformKey);
-}
-
-void CryptoKeyRSA::restrictToHash(CryptoAlgorithmIdentifier identifier)
-{
-    m_restrictedToSpecificHash = true;
-    m_hash = identifier;
 }
 
@@ -240 +235 @@
 }
 
-void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
+void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
 {
     uint32_t e;
@@ -268 +263 @@
         }
         callOnWebThreadOrDispatchAsyncOnMainThread(^{
-            RefPtr<CryptoKeyRSA> publicKey = CryptoKeyRSA::create(algorithm, CryptoKeyType::Public, ccPublicKey, true, usage);
-            RefPtr<CryptoKeyRSA> privateKey = CryptoKeyRSA::create(algorithm, CryptoKeyType::Private, ccPrivateKey, extractable, usage);
+            RefPtr<CryptoKeyRSA> publicKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Public, ccPublicKey, true, usage);
+            RefPtr<CryptoKeyRSA> privateKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Private, ccPrivateKey, extractable, usage);
             (*localCallback)(CryptoKeyPair::create(publicKey.release(), privateKey.release()));
             delete localCallback;

trunk/Source/WebCore/crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h

@@ -36 +36 @@
 class CryptoAlgorithmRsaKeyGenParams final : public CryptoAlgorithmParameters {
 public:
+    CryptoAlgorithmRsaKeyGenParams()
+        : hasHash(false)
+    {
+    }
     // The length, in bits, of the RSA modulus.
     unsigned modulusLength;
     // The RSA public exponent, encoded as BigInteger.
     Vector<uint8_t> publicExponent;
+    // The hash algorith identifier
+    bool hasHash;
+    CryptoAlgorithmIdentifier hash;
 
     virtual Class parametersClass() const override { return Class::RsaKeyGenParams; }