Changeset 209437 in webkit


Ignore:
Timestamp:
Dec 6, 2016 5:15:20 PM (7 years ago)
Author:
jiewen_tan@apple.com
Message:

[Part 1 of 2] Add support for SPKI format while doing SubtleCrypto.importKey/exportKey
https://bugs.webkit.org/show_bug.cgi?id=129978
<rdar://problem/21799829>

LayoutTests/imported/w3c:

Reviewed by Brent Fulgham.

  • WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt:

Source/WebCore:

This is part 1 of Bug 129978. In this patch, it adds the SPKI format support for
SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5,
RSASSA-PKCS1-v1_5 and RSA-OAEP.

Reviewed by Brent Fulgham.

Tests: crypto/subtle/rsa-import-jwk-key-export-spki-key.html

crypto/subtle/rsa-import-spki-key-export-jwk-key.html
crypto/subtle/rsa-import-spki-key-export-spki-key.html
crypto/subtle/rsa-import-spki-small-key.html
crypto/subtle/rsa-oaep-generate-export-key-spki.html
crypto/subtle/rsa-oaep-import-spki-key.html
crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki.html
crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key.html
crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki.html
crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key.html
crypto/workers/subtle/rsa-export-spki-key.html
crypto/workers/subtle/rsa-import-spki-key.html

  • bindings/js/JSSubtleCryptoCustom.cpp:

(WebCore::toKeyData):

  • crypto/CommonCryptoUtilities.h:
  • crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey):

  • crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey):

  • crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:

(WebCore::CryptoAlgorithmRSA_OAEP::importKey):
(WebCore::CryptoAlgorithmRSA_OAEP::exportKey):

  • crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:

(WebCore::CryptoKeyRSA::importSpki):
(WebCore::CryptoKeyRSA::exportSpki):

  • crypto/keys/CryptoKeyRSA.h:
  • crypto/mac/CryptoKeyRSAMac.cpp:

(WebCore::bytesUsedToEncodedLength):
(WebCore::bytesNeededForEncodedLength):
(WebCore::addEncodedASN1Length):
(WebCore::CryptoKeyRSA::importSpki):
(WebCore::CryptoKeyRSA::exportSpki):

LayoutTests:

Reviewed by Brent Fulgham.

  • crypto/subtle/import-key-malformed-parameters-expected.txt:
  • crypto/subtle/import-key-malformed-parameters.html:
  • crypto/subtle/rsa-export-key-malformed-parameters-expected.txt:
  • crypto/subtle/rsa-export-key-malformed-parameters.html:
  • crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt: Added.
  • crypto/subtle/rsa-import-jwk-key-export-spki-key.html: Added.
  • crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
  • crypto/subtle/rsa-import-key-malformed-parameters.html:
  • crypto/subtle/rsa-import-spki-key-export-jwk-key-expected.txt: Added.
  • crypto/subtle/rsa-import-spki-key-export-jwk-key.html: Added.
  • crypto/subtle/rsa-import-spki-key-export-spki-key-expected.txt: Added.
  • crypto/subtle/rsa-import-spki-key-export-spki-key.html: Added.
  • crypto/subtle/rsa-import-spki-small-key-expected.txt: Added.
  • crypto/subtle/rsa-import-spki-small-key.html: Added.
  • crypto/subtle/rsa-oaep-generate-export-key-spki-expected.txt: Added.
  • crypto/subtle/rsa-oaep-generate-export-key-spki.html: Added.
  • crypto/subtle/rsa-oaep-import-spki-key-expected.txt: Added.
  • crypto/subtle/rsa-oaep-import-spki-key.html: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki-expected.txt: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki.html: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key-expected.txt: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key.html: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki-expected.txt: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki.html: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key-expected.txt: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key.html: Added.
  • crypto/workers/subtle/resources/rsa-export-spki-key.js: Added.
  • crypto/workers/subtle/resources/rsa-import-spki-key.js: Added.
  • crypto/workers/subtle/rsa-export-spki-key-expected.txt: Added.
  • crypto/workers/subtle/rsa-export-spki-key.html: Added.
  • crypto/workers/subtle/rsa-import-spki-key-expected.txt: Added.
  • crypto/workers/subtle/rsa-import-spki-key.html: Added.
Location:
trunk
Files:
25 added
18 edited
1 copied

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r209432 r209437  
     12016-12-05  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 1 of 2] Add support for SPKI format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * crypto/subtle/import-key-malformed-parameters-expected.txt:
     10        * crypto/subtle/import-key-malformed-parameters.html:
     11        * crypto/subtle/rsa-export-key-malformed-parameters-expected.txt:
     12        * crypto/subtle/rsa-export-key-malformed-parameters.html:
     13        * crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt: Added.
     14        * crypto/subtle/rsa-import-jwk-key-export-spki-key.html: Added.
     15        * crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
     16        * crypto/subtle/rsa-import-key-malformed-parameters.html:
     17        * crypto/subtle/rsa-import-spki-key-export-jwk-key-expected.txt: Added.
     18        * crypto/subtle/rsa-import-spki-key-export-jwk-key.html: Added.
     19        * crypto/subtle/rsa-import-spki-key-export-spki-key-expected.txt: Added.
     20        * crypto/subtle/rsa-import-spki-key-export-spki-key.html: Added.
     21        * crypto/subtle/rsa-import-spki-small-key-expected.txt: Added.
     22        * crypto/subtle/rsa-import-spki-small-key.html: Added.
     23        * crypto/subtle/rsa-oaep-generate-export-key-spki-expected.txt: Added.
     24        * crypto/subtle/rsa-oaep-generate-export-key-spki.html: Added.
     25        * crypto/subtle/rsa-oaep-import-spki-key-expected.txt: Added.
     26        * crypto/subtle/rsa-oaep-import-spki-key.html: Added.
     27        * crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki-expected.txt: Added.
     28        * crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki.html: Added.
     29        * crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key-expected.txt: Added.
     30        * crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key.html: Added.
     31        * crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki-expected.txt: Added.
     32        * crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki.html: Added.
     33        * crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key-expected.txt: Added.
     34        * crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key.html: Added.
     35        * crypto/workers/subtle/resources/rsa-export-spki-key.js: Added.
     36        * crypto/workers/subtle/resources/rsa-import-spki-key.js: Added.
     37        * crypto/workers/subtle/rsa-export-spki-key-expected.txt: Added.
     38        * crypto/workers/subtle/rsa-export-spki-key.html: Added.
     39        * crypto/workers/subtle/rsa-import-spki-key-expected.txt: Added.
     40        * crypto/workers/subtle/rsa-import-spki-key.html: Added.
     41
    1422016-12-06  Antoine Quint  <graouts@apple.com>
    243
  • trunk/LayoutTests/crypto/subtle/import-key-malformed-parameters-expected.txt

    r208602 r209437  
    1717PASS crypto.subtle.importKey("foo", rawKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
    1818PASS crypto.subtle.importKey("pkcs8", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"]) rejected promise  with NotSupportedError (DOM Exception 9): The operation is not supported..
    19 PASS crypto.subtle.importKey("spki", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"]) rejected promise  with NotSupportedError (DOM Exception 9): The operation is not supported..
    2019PASS crypto.subtle.importKey("raw", jwkKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
    2120PASS crypto.subtle.importKey("raw", 1, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
  • trunk/LayoutTests/crypto/subtle/import-key-malformed-parameters.html

    r208548 r209437  
    5151// Currently not support formats.
    5252shouldReject('crypto.subtle.importKey("pkcs8", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"])');
    53 shouldReject('crypto.subtle.importKey("spki", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"])');
    5453// Wrong KeyData.
    5554shouldReject('crypto.subtle.importKey("raw", jwkKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
  • trunk/LayoutTests/crypto/subtle/rsa-export-key-malformed-parameters-expected.txt

    r208737 r209437  
    44
    55
    6 PASS crypto.subtle.exportKey("spki", publicKey) rejected promise  with NotSupportedError (DOM Exception 9): The algorithm is not supported.
    76PASS crypto.subtle.exportKey("pkcs8", publicKey) rejected promise  with NotSupportedError (DOM Exception 9): The algorithm is not supported.
    87PASS crypto.subtle.exportKey("raw", publicKey) rejected promise  with NotSupportedError (DOM Exception 9): The algorithm is not supported.
     8PASS crypto.subtle.exportKey("spki", privateKey) rejected promise  with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key.
    99PASS successfullyParsed is true
    1010
  • trunk/LayoutTests/crypto/subtle/rsa-export-key-malformed-parameters.html

    r208737 r209437  
    2525crypto.subtle.generateKey(algorithmKeyGen, extractable, ["decrypt", "encrypt", "wrapKey", "unwrapKey"]).then(function(result) {
    2626    publicKey = result.publicKey;
     27    privateKey = result.privateKey;
    2728
    2829    // Currently not support format.
    29     return shouldReject('crypto.subtle.exportKey("spki", publicKey)');
    30 }).then(function() {
    3130    return shouldReject('crypto.subtle.exportKey("pkcs8", publicKey)');
    3231}).then(function() {
    3332    // Not support format.
    3433    return shouldReject('crypto.subtle.exportKey("raw", publicKey)');
     34}).then(function() {
     35    // Wrong key and format.
     36    return shouldReject('crypto.subtle.exportKey("spki", privateKey)');
    3537}).then(finishJSTest, finishJSTest);
    3638
  • trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters-expected.txt

    r208548 r209437  
    3737PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
    3838PASS crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     39PASS crypto.subtle.importKey("spki", spkiKey, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     40PASS crypto.subtle.importKey("spki", spkiKey, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     41PASS crypto.subtle.importKey("spki", spkiKey, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
    3942PASS successfullyParsed is true
    4043
  • trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters.html

    r208548 r209437  
    2222var dq = "jmE2DiIPdhwDgLXAQpIaBqQ81bO3XfVT_LRULAwwwwlPuQV148H04zlh9TJ6Y2GZHYokV1U0eOBpJxfkb7dLYtpJpuiBjRf4yIUEoGlkkI_QlJnFSFr-YjGRdfNHqWBkxlSMZL770R9mIATndGkH7z5x-r9KwBZFC4FCG2hg_zE";
    2323var qi = "YCX_pLwbMBA1ThVH0WcwmnytqNcrMCEwTm7ByA2eU6nWbQrULvf7m9_kzfLUcjsnpAVlBQG5JMXMy0Sq4ptwbywsa5-G8KAOOOR2L3v4hC-Eys9ftgFM_3i0o40eeQH4b3haPbntrIeMg8IzlOuVYKf9-2QuKDoWeRdd7NsdxTk";
     24var spkiKey = hexStringToUint8Array("30820122300d06092a864886f70d01010105000382010f003082010a0282010100d61051c4920d4c7c04a33beabb2412bedc4173fdbe82c7db80f0052d00abd32e01656d2105abef4fa5417bb868bb77780c08d20cfe9e2d767ee952970941398f8bea59a966772b1d89f19693cfff5faba22ba39ef7982ac46257180d557d3cbf3f7e65dd835d1d351e679a841b904a3cf24a0323aac0bb89705777507c76f57663b6d846e995a63057ceb48053ddf9282a366d6dc6cbdceb2ebcb3b374c7dc49da160cba8a3656211b8597a39ef9b8cc44d0c5735f870679ffcb1cb9321bbfbc307844d3174ef5dc144a951071340f4d156bead21fd3d9bd4641afa5851512264b4eed228b5d6324de428b00cbb89a1a88cb138d59de0b4ad75f2196e0e7ba890203010001");
    2425
    2526// Jwk: Wrong usages
     
    6566shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, qi: qi}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
    6667shouldReject('crypto.subtle.importKey("jwk", {kty: "RSA", n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq}, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     68// Spki: Wrong usages
     69shouldReject('crypto.subtle.importKey("spki", spkiKey, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     70shouldReject('crypto.subtle.importKey("spki", spkiKey, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"])');
     71shouldReject('crypto.subtle.importKey("spki", spkiKey, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"])');
    6772</script>
    6873
  • trunk/LayoutTests/crypto/subtle/rsa-oaep-generate-export-key-spki.html

    r209436 r209437  
    1010
    1111<script>
    12 description("Test exporting a RSA key with malformed parameters");
     12description("Test exporting a RSA-OAEP public key with SPKI format.");
    1313
    1414jsTestIsAsync = true;
     
    2323var extractable = true;
    2424
     25var keyPair;
     26debug("Generating a key pair...");
    2527crypto.subtle.generateKey(algorithmKeyGen, extractable, ["decrypt", "encrypt", "wrapKey", "unwrapKey"]).then(function(result) {
    26     publicKey = result.publicKey;
     28    keyPair = result;
     29    debug("Exporting the public key...");
     30    return crypto.subtle.exportKey("spki", keyPair.publicKey);
     31}).then(function(result) {
     32    publicKey = result;
    2733
    28     // Currently not support format.
    29     return shouldReject('crypto.subtle.exportKey("spki", publicKey)');
    30 }).then(function() {
    31     return shouldReject('crypto.subtle.exportKey("pkcs8", publicKey)');
    32 }).then(function() {
    33     // Not support format.
    34     return shouldReject('crypto.subtle.exportKey("raw", publicKey)');
    35 }).then(finishJSTest, finishJSTest);
     34    shouldBe("publicKey.byteLength", "294");
    3635
     36    finishJSTest();
     37});
    3738</script>
    3839
  • trunk/LayoutTests/imported/w3c/ChangeLog

    r209200 r209437  
     12016-12-05  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 1 of 2] Add support for SPKI format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt:
     10
    1112016-12-01  Jiewen Tan  <jiewen_tan@apple.com>
    212
  • trunk/LayoutTests/imported/w3c/WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt

    r208891 r209437  
    9898FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    9999FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    100 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    101 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    102 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    103 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    104 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    105 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    106 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    107 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    108 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    109 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    110 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    111 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
     100FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     101FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     102FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     103FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     104FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     105FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     106FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     107FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     108FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     109FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     110FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
     111FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
    112112
  • trunk/Source/WebCore/ChangeLog

    r209436 r209437  
     12016-12-05  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 1 of 2] Add support for SPKI format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        This is part 1 of Bug 129978. In this patch, it adds the SPKI format support for
     8        SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5,
     9        RSASSA-PKCS1-v1_5 and RSA-OAEP.
     10
     11        Reviewed by Brent Fulgham.
     12
     13        Tests: crypto/subtle/rsa-import-jwk-key-export-spki-key.html
     14               crypto/subtle/rsa-import-spki-key-export-jwk-key.html
     15               crypto/subtle/rsa-import-spki-key-export-spki-key.html
     16               crypto/subtle/rsa-import-spki-small-key.html
     17               crypto/subtle/rsa-oaep-generate-export-key-spki.html
     18               crypto/subtle/rsa-oaep-import-spki-key.html
     19               crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki.html
     20               crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key.html
     21               crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki.html
     22               crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key.html
     23               crypto/workers/subtle/rsa-export-spki-key.html
     24               crypto/workers/subtle/rsa-import-spki-key.html
     25
     26        * bindings/js/JSSubtleCryptoCustom.cpp:
     27        (WebCore::toKeyData):
     28        * crypto/CommonCryptoUtilities.h:
     29        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
     30        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
     31        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey):
     32        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
     33        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
     34        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey):
     35        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
     36        (WebCore::CryptoAlgorithmRSA_OAEP::importKey):
     37        (WebCore::CryptoAlgorithmRSA_OAEP::exportKey):
     38        * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
     39        (WebCore::CryptoKeyRSA::importSpki):
     40        (WebCore::CryptoKeyRSA::exportSpki):
     41        * crypto/keys/CryptoKeyRSA.h:
     42        * crypto/mac/CryptoKeyRSAMac.cpp:
     43        (WebCore::bytesUsedToEncodedLength):
     44        (WebCore::bytesNeededForEncodedLength):
     45        (WebCore::addEncodedASN1Length):
     46        (WebCore::CryptoKeyRSA::importSpki):
     47        (WebCore::CryptoKeyRSA::exportSpki):
     48
    1492016-12-06  Simon Fraser  <simon.fraser@apple.com>
    250
  • trunk/Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp

    r209390 r209437  
    342342    KeyData result;
    343343    switch (format) {
    344     case SubtleCrypto::KeyFormat::Spki:
    345344    case SubtleCrypto::KeyFormat::Pkcs8:
    346345        setDOMException(&state, NOT_SUPPORTED_ERR);
    347346        return result;
     347    case SubtleCrypto::KeyFormat::Spki:
    348348    case SubtleCrypto::KeyFormat::Raw: {
    349349        BufferSource bufferSource = convert<IDLBufferSource>(state, value);
  • trunk/Source/WebCore/crypto/CommonCryptoUtilities.h

    r208646 r209437  
    8383extern "C" CCRSAKeyType CCRSAGetKeyType(CCRSACryptorRef key);
    8484extern "C" CCCryptorStatus CCCryptorGCM(CCOperation op, CCAlgorithm alg, const void* key, size_t keyLength, const void* iv, size_t ivLen, const void* aData, size_t aDataLen, const void* dataIn, size_t dataInLength, void* dataOut, const void* tag, size_t* tagLength);
     85extern "C" CCCryptorStatus CCRSACryptorImport(const void *keyPackage, size_t keyPackageLen, CCRSACryptorRef *key);
     86extern "C" CCCryptorStatus CCRSACryptorExport(CCRSACryptorRef key, void *out, size_t *outLen);
    8587
    8688namespace WebCore {
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp

    r209390 r209437  
    121121        break;
    122122    }
     123    case SubtleCrypto::KeyFormat::Spki: {
     124        if (usages ^ CryptoKeyUsageEncrypt) {
     125            exceptionCallback(SYNTAX_ERR);
     126            return;
     127        }
     128        result = CryptoKeyRSA::importSpki(parameters->identifier, std::nullopt, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     129        break;
     130    }
    123131    default:
    124132        exceptionCallback(NOT_SUPPORTED_ERR);
     
    150158        break;
    151159    }
     160    case SubtleCrypto::KeyFormat::Spki: {
     161        auto spki = rsaKey.exportSpki();
     162        if (spki.hasException()) {
     163            exceptionCallback(spki.releaseException().code());
     164            return;
     165        }
     166        result = spki.releaseReturnValue();
     167        break;
     168    }
    152169    default:
    153170        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp

    r209390 r209437  
    154154        break;
    155155    }
     156    case SubtleCrypto::KeyFormat::Spki: {
     157        if (usages ^ CryptoKeyUsageVerify) {
     158            exceptionCallback(SYNTAX_ERR);
     159            return;
     160        }
     161        // FIXME: <webkit.org/b/165436>
     162        result = CryptoKeyRSA::importSpki(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     163        break;
     164    }
    156165    default:
    157166        exceptionCallback(NOT_SUPPORTED_ERR);
     
    201210        break;
    202211    }
     212    case SubtleCrypto::KeyFormat::Spki: {
     213        auto spki = rsaKey.exportSpki();
     214        if (spki.hasException()) {
     215            exceptionCallback(spki.releaseException().code());
     216            return;
     217        }
     218        result = spki.releaseReturnValue();
     219        break;
     220    }
    203221    default:
    204222        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp

    r209390 r209437  
    167167        break;
    168168    }
     169    case SubtleCrypto::KeyFormat::Spki: {
     170        if ((usages ^ CryptoKeyUsageEncrypt) && (usages ^ CryptoKeyUsageWrapKey) && (usages ^ (CryptoKeyUsageEncrypt | CryptoKeyUsageWrapKey))) {
     171            exceptionCallback(SYNTAX_ERR);
     172            return;
     173        }
     174        // FIXME: <webkit.org/b/165436>
     175        result = CryptoKeyRSA::importSpki(rsaParameters.identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     176        break;
     177    }
    169178    default:
    170179        exceptionCallback(NOT_SUPPORTED_ERR);
     
    214223        break;
    215224    }
     225    case SubtleCrypto::KeyFormat::Spki: {
     226        // FIXME: <webkit.org/b/165437>
     227        auto spki = rsaKey.exportSpki();
     228        if (spki.hasException()) {
     229            exceptionCallback(spki.releaseException().code());
     230            return;
     231        }
     232        result = spki.releaseReturnValue();
     233        break;
     234    }
    216235    default:
    217236        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp

    r208891 r209437  
    3232#include "CryptoKeyDataRSAComponents.h"
    3333#include "CryptoKeyPair.h"
     34#include "ExceptionCode.h"
    3435#include "NotImplemented.h"
    3536
     
    112113}
    113114
     115RefPtr<CryptoKeyRSA> CryptoKeyRSA::importSpki(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier>, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap)
     116{
     117    notImplemented();
     118
     119    return nullptr;
     120}
     121
     122ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportSpki() const
     123{
     124    notImplemented();
     125
     126    return Exception { NOT_SUPPORTED_ERR };
     127}
     128
    114129} // namespace WebCore
    115130
  • trunk/Source/WebCore/crypto/keys/CryptoKeyRSA.h

    r209390 r209437  
    2727
    2828#include "CryptoKey.h"
     29#include "ExceptionOr.h"
    2930#include <wtf/Function.h>
    3031
     
    102103    static void generatePair(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsageBitmap, KeyPairCallback&&, VoidCallback&& failureCallback, ScriptExecutionContext*);
    103104    static RefPtr<CryptoKeyRSA> importJwk(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap);
     105    static RefPtr<CryptoKeyRSA> importSpki(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&&, bool extractable, CryptoKeyUsageBitmap);
    104106
    105107    PlatformRSAKey platformKey() const { return m_platformKey; }
    106108    JsonWebKey exportJwk() const;
     109    ExceptionOr<Vector<uint8_t>> exportSpki() const;
    107110
    108111    CryptoAlgorithmIdentifier hashAlgorithmIdentifier() const { return m_hash; }
  • trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp

    r209390 r209437  
    3333#include "CryptoKeyDataRSAComponents.h"
    3434#include "CryptoKeyPair.h"
     35#include "ExceptionCode.h"
    3536#include "ScriptExecutionContext.h"
    3637#include <wtf/MainThread.h>
    3738
    3839namespace WebCore {
     40
     41// OID rsaEncryption: 1.2.840.113549.1.1.1. Per https://tools.ietf.org/html/rfc3279#section-2.3.1
     42static unsigned char RSAOIDHeader[] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00};
     43// Per X.690 08/2015: https://www.itu.int/rec/T-REC-X.680-X.693/en
     44static unsigned char SequenceMark = 0x30;
     45static unsigned char BitStringMark = 0x03;
     46static unsigned char InitialOctet = 0x00;
    3947
    4048// FIXME: We should get rid of magic number 16384. It assumes that the length of provided key will not exceed 16KB.
     
    236244}
    237245
     246static size_t bytesUsedToEncodedLength(uint8_t octet)
     247{
     248    if (octet < 128)
     249        return 1;
     250    return octet - 127;
     251}
     252
     253static size_t bytesNeededForEncodedLength(size_t length)
     254{
     255    if (!length)
     256        return 0;
     257    size_t result = 1;
     258    while (result < sizeof(length) && length >= (1 << (result * 8)))
     259        result += 1;
     260    return result;
     261}
     262
     263static void addEncodedASN1Length(Vector<uint8_t>& in, size_t length)
     264{
     265    if (length < 128) {
     266        in.append(length);
     267        return;
     268    }
     269
     270    size_t extraBytes = bytesNeededForEncodedLength(length);
     271    in.append(128 + extraBytes);
     272
     273    size_t lastPosition = in.size() + extraBytes - 1;
     274    in.grow(in.size() + extraBytes);
     275    for (size_t i = 0; i < extraBytes; i++) {
     276        in[lastPosition - i] = length & 0xff;
     277        length = length >> 8;
     278    }
     279}
     280
    238281// FIXME: We should use WorkQueue here instead of dispatch_async once WebKitSubtleCrypto is deprecated.
    239282// https://bugs.webkit.org/show_bug.cgi?id=164943
     
    281324}
    282325
     326RefPtr<CryptoKeyRSA> CryptoKeyRSA::importSpki(CryptoAlgorithmIdentifier identifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages)
     327{
     328    // The current SecLibrary cannot import a SPKI format binary. Hence, we need to strip out the SPKI header.
     329    // This hack can be removed when <rdar://problem/29523286> is resolved.
     330    // The header format we assume is: SequenceMark(1) + Length(?) + rsaEncryption(15) + BitStringMark(1) + Length(?) + InitialOctet(1).
     331    // The header format could be varied. However since we don't have a full-fledged ASN.1 encoder/decoder, we want to restrict it to
     332    // the most common one for now.
     333    // Per https://tools.ietf.org/html/rfc5280#section-4.1. subjectPublicKeyInfo.
     334    size_t headerSize = 1;
     335    if (keyData.size() < headerSize)
     336        return nullptr;
     337    headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(RSAOIDHeader) + sizeof(BitStringMark);
     338    if (keyData.size() < headerSize)
     339        return nullptr;
     340    headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(InitialOctet);
     341
     342    CCRSACryptorRef ccPublicKey;
     343    if (CCRSACryptorImport(keyData.data() + headerSize, keyData.size() - headerSize, &ccPublicKey))
     344        return nullptr;
     345
     346    // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt.
     347    return adoptRef(new CryptoKeyRSA(identifier, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, CryptoKeyType::Public, ccPublicKey, extractable, usages));
     348}
     349
     350ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportSpki() const
     351{
     352    if (type() != CryptoKeyType::Public)
     353        return Exception { INVALID_ACCESS_ERR };
     354
     355    // The current SecLibrary cannot output a valid SPKI format binary. Hence, we need the following hack.
     356    // This hack can be removed when <rdar://problem/29523286> is resolved.
     357    // Estimated size in produced bytes format. Per https://tools.ietf.org/html/rfc3279#section-2.3.1. RSAPublicKey.
     358    // O(size) = Sequence(1) + Length(3) + Integer(1) + Length(3) + Modulus + Integer(1) + Length(3) + Exponent
     359    Vector<uint8_t> keyBytes(keySizeInBits() / 4);
     360    size_t keySize = keyBytes.size();
     361    if (CCRSACryptorExport(platformKey(), keyBytes.data(), &keySize))
     362        return Exception { OperationError };
     363    keyBytes.shrink(keySize);
     364
     365    // RSAOIDHeader + BitStringMark + Length + keySize + InitialOctet
     366    size_t totalSize = sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize + 1) + keySize + 3;
     367
     368    // Per https://tools.ietf.org/html/rfc5280#section-4.1. subjectPublicKeyInfo.
     369    Vector<uint8_t> result;
     370    result.append(SequenceMark);
     371    addEncodedASN1Length(result, totalSize);
     372    result.append(RSAOIDHeader, sizeof(RSAOIDHeader));
     373    result.append(BitStringMark);
     374    addEncodedASN1Length(result, keySize + 1);
     375    result.append(InitialOctet);
     376    result.append(keyBytes.data(), keyBytes.size());
     377
     378    return WTFMove(result);
     379}
     380
    283381} // namespace WebCore
    284382
Note: See TracChangeset for help on using the changeset viewer.