Changeset 209633 in webkit


Ignore:
Timestamp:
Dec 9, 2016 3:05:29 PM (7 years ago)
Author:
jiewen_tan@apple.com
Message:

[Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
https://bugs.webkit.org/show_bug.cgi?id=129978
<rdar://problem/21799829>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

  • WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt:

Source/WebCore:

This is part 2 of Bug 129978. In this patch, it adds the PKCS8 format support for
SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5,
RSASSA-PKCS1-v1_5 and RSA-OAEP.

Tests: crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html

crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html
crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html
crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html
crypto/subtle/rsa-oaep-import-pkcs8-key.html
crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html
crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html
crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html
crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html
crypto/workers/subtle/rsa-export-pkcs8-key.html
crypto/workers/subtle/rsa-import-pkcs8-key.html

  • bindings/js/JSSubtleCryptoCustom.cpp:

(WebCore::toKeyData):

  • crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey):

  • crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:

(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey):

  • crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:

(WebCore::CryptoAlgorithmRSA_OAEP::importKey):
(WebCore::CryptoAlgorithmRSA_OAEP::exportKey):

  • crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:

(WebCore::CryptoKeyRSA::importPkcs8):
(WebCore::CryptoKeyRSA::exportPkcs8):

  • crypto/keys/CryptoKeyRSA.h:
  • crypto/mac/CryptoKeyRSAMac.cpp:

(WebCore::CryptoKeyRSA::importSpki):
(WebCore::CryptoKeyRSA::importPkcs8):
(WebCore::CryptoKeyRSA::exportPkcs8):

LayoutTests:

  • crypto/subtle/import-key-malformed-parameters-expected.txt:
  • crypto/subtle/import-key-malformed-parameters.html:
  • crypto/subtle/rsa-export-key-malformed-parameters-expected.txt:
  • crypto/subtle/rsa-export-key-malformed-parameters.html:
  • crypto/subtle/rsa-import-jwk-key-export-pkcs8-key-expected.txt: Added.
  • crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html: Added.
  • crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt:
  • crypto/subtle/rsa-import-jwk-key-export-spki-key.html:
  • crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
  • crypto/subtle/rsa-import-key-malformed-parameters.html:
  • crypto/subtle/rsa-import-pkcs8-key-export-jwk-key-expected.txt: Added.
  • crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html: Added.
  • crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key-expected.txt: Added.
  • crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html: Added.
  • crypto/subtle/rsa-oaep-generate-export-key-pkcs8-expected.txt: Added.
  • crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html: Added.
  • crypto/subtle/rsa-oaep-import-pkcs8-key-expected.txt: Added.
  • crypto/subtle/rsa-oaep-import-pkcs8-key.html: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
  • crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
  • crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html: Added.
  • crypto/workers/subtle/resources/rsa-export-pkcs8-key.js: Added.
  • crypto/workers/subtle/resources/rsa-import-pkcs8-key.js: Added.
  • crypto/workers/subtle/rsa-export-pkcs8-key-expected.txt: Added.
  • crypto/workers/subtle/rsa-export-pkcs8-key.html: Added.
  • crypto/workers/subtle/rsa-import-pkcs8-key-expected.txt: Added.
  • crypto/workers/subtle/rsa-import-pkcs8-key.html: Added.
Location:
trunk
Files:
21 added
19 edited
3 copied

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r209629 r209633  
     12016-12-06  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * crypto/subtle/import-key-malformed-parameters-expected.txt:
     10        * crypto/subtle/import-key-malformed-parameters.html:
     11        * crypto/subtle/rsa-export-key-malformed-parameters-expected.txt:
     12        * crypto/subtle/rsa-export-key-malformed-parameters.html:
     13        * crypto/subtle/rsa-import-jwk-key-export-pkcs8-key-expected.txt: Added.
     14        * crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html: Added.
     15        * crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt:
     16        * crypto/subtle/rsa-import-jwk-key-export-spki-key.html:
     17        * crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
     18        * crypto/subtle/rsa-import-key-malformed-parameters.html:
     19        * crypto/subtle/rsa-import-pkcs8-key-export-jwk-key-expected.txt: Added.
     20        * crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html: Added.
     21        * crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key-expected.txt: Added.
     22        * crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html: Added.
     23        * crypto/subtle/rsa-oaep-generate-export-key-pkcs8-expected.txt: Added.
     24        * crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html: Added.
     25        * crypto/subtle/rsa-oaep-import-pkcs8-key-expected.txt: Added.
     26        * crypto/subtle/rsa-oaep-import-pkcs8-key.html: Added.
     27        * crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
     28        * crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
     29        * crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
     30        * crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html: Added.
     31        * crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
     32        * crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
     33        * crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
     34        * crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html: Added.
     35        * crypto/workers/subtle/resources/rsa-export-pkcs8-key.js: Added.
     36        * crypto/workers/subtle/resources/rsa-import-pkcs8-key.js: Added.
     37        * crypto/workers/subtle/rsa-export-pkcs8-key-expected.txt: Added.
     38        * crypto/workers/subtle/rsa-export-pkcs8-key.html: Added.
     39        * crypto/workers/subtle/rsa-import-pkcs8-key-expected.txt: Added.
     40        * crypto/workers/subtle/rsa-import-pkcs8-key.html: Added.
     41
    1422016-12-09  Joseph Pecoraro  <pecoraro@apple.com>
    243
  • trunk/LayoutTests/crypto/subtle/import-key-malformed-parameters-expected.txt

    r209437 r209633  
    1616PASS crypto.subtle.importKey({ }, rawKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
    1717PASS crypto.subtle.importKey("foo", rawKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
    18 PASS crypto.subtle.importKey("pkcs8", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"]) rejected promise  with NotSupportedError (DOM Exception 9): The operation is not supported..
    1918PASS crypto.subtle.importKey("raw", jwkKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
    2019PASS crypto.subtle.importKey("raw", 1, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"]) rejected promise  with TypeError: Type error.
  • trunk/LayoutTests/crypto/subtle/import-key-malformed-parameters.html

    r209437 r209633  
    4949shouldReject('crypto.subtle.importKey({ }, rawKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
    5050shouldReject('crypto.subtle.importKey("foo", rawKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
    51 // Currently not support formats.
    52 shouldReject('crypto.subtle.importKey("pkcs8", rawKey, "rsaes-pkcs1-v1_5", extractable, ["encrypt", "decrypt"])');
    5351// Wrong KeyData.
    5452shouldReject('crypto.subtle.importKey("raw", jwkKey, "aes-cbc", extractable, ["encrypt", "decrypt", "wrapKey", "unwrapKey"])');
  • trunk/LayoutTests/crypto/subtle/rsa-export-key-malformed-parameters-expected.txt

    r209437 r209633  
    44
    55
    6 PASS crypto.subtle.exportKey("pkcs8", publicKey) rejected promise  with NotSupportedError (DOM Exception 9): The algorithm is not supported.
     6PASS crypto.subtle.exportKey("pkcs8", publicKey) rejected promise  with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key.
    77PASS crypto.subtle.exportKey("raw", publicKey) rejected promise  with NotSupportedError (DOM Exception 9): The algorithm is not supported.
    88PASS crypto.subtle.exportKey("spki", privateKey) rejected promise  with InvalidAccessError (DOM Exception 15): The requested operation is not valid for the provided key.
  • trunk/LayoutTests/crypto/subtle/rsa-export-key-malformed-parameters.html

    r209437 r209633  
    2727    privateKey = result.privateKey;
    2828
    29     // Currently not support format.
     29    // Wrong key and format.
    3030    return shouldReject('crypto.subtle.exportKey("pkcs8", publicKey)');
    3131}).then(function() {
  • trunk/LayoutTests/crypto/subtle/rsa-import-jwk-key-export-pkcs8-key-expected.txt

    r209632 r209633  
    1 Test importing a JWK RSA-OAEP public key with SHA-1 and then export it in SPKI format
     1Test importing a JWK RSA-OAEP public key with SHA-1 and then export it in PKCS8 format
    22
    33On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
     
    66Importing a key...
    77Exporting a key...
    8 PASS exportedSpkiKey.byteLength is 294
     8PASS bytesToHexString(pkcs8Key) is expectedPkcs8Key
    99PASS successfullyParsed is true
    1010
  • trunk/LayoutTests/crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt

    r209437 r209633  
    66Importing a key...
    77Exporting a key...
    8 PASS exportedSpkiKey.byteLength is 294
     8PASS bytesToHexString(spkiKey) is expectedSpkiKey
    99PASS successfullyParsed is true
    1010
  • trunk/LayoutTests/crypto/subtle/rsa-import-jwk-key-export-spki-key.html

    r209437 r209633  
    2222    e: "AQAB"
    2323};
     24var expectedSpkiKey = "30820122300d06092a864886f70d01010105000382010f003082010a0282010100a79e5797e0f2a8a2f4e9313c182b9777f7beaee4ea541d7d8831fa0f04c89274f23347e5f0463aaacc8e04d4f18e92c3b0e95d109f106e51bbf1663bc584d9b4d9fe7e29b3e5e1bcd1bc1267a1543b5d33de291e2b33cf0bb2b8000d7deab328884bb61b89927ea7a0e73cfafe2a877fcbbf99dfe7f3293f88f69727d4554fe5b8cc4410e964a5b0eb586bb6e5492025ab42580c972235e134446a9453e5237315162049d3d8e0c7191cd27ca1e073c3b77c6b78769566d28a75c88b41712018fb4fdfd69fd8ad50e8f1bb32ab6ba87720c662172e420609d0d8cc813feb6fcad43e94776d48ad77e21925dfcd3bd8bf366bdb9d07e097a91f9f17bfda43384f0203010001";
    2425var extractable = true;
    2526
     
    2930    return crypto.subtle.exportKey("spki", cryptoKey);
    3031}).then(function(result) {
    31     exportedSpkiKey = result;
     32    spkiKey = result;
    3233
    33     shouldBe("exportedSpkiKey.byteLength", "294");
     34    shouldBe("bytesToHexString(spkiKey)", "expectedSpkiKey");
    3435
    3536    finishJSTest();
  • trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters-expected.txt

    r209437 r209633  
    4040PASS crypto.subtle.importKey("spki", spkiKey, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
    4141PASS crypto.subtle.importKey("spki", spkiKey, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     42PASS crypto.subtle.importKey("pkcs8", pkcs8Key, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     43PASS crypto.subtle.importKey("pkcs8", pkcs8Key, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     44PASS crypto.subtle.importKey("pkcs8", pkcs8Key, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"]) rejected promise  with SyntaxError (DOM Exception 12): A required parameter was missing or out-of-range.
     45PASS crypto.subtle.importKey("spki", malformedKey0, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     46PASS crypto.subtle.importKey("spki", malformedKey1, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     47PASS crypto.subtle.importKey("spki", malformedKey2, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     48PASS crypto.subtle.importKey("spki", malformedKey4, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     49PASS crypto.subtle.importKey("spki", malformedKey6, "RSAES-PKCS1-v1_5", extractable, ["encrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     50PASS crypto.subtle.importKey("pkcs8", malformedKey0, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     51PASS crypto.subtle.importKey("pkcs8", malformedKey1, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     52PASS crypto.subtle.importKey("pkcs8", malformedKey3, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     53PASS crypto.subtle.importKey("pkcs8", malformedKey5, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
     54PASS crypto.subtle.importKey("pkcs8", malformedKey7, "RSAES-PKCS1-v1_5", extractable, ["decrypt"]) rejected promise  with DataError (DOM Exception 30): Data provided to an operation does not meet requirements.
    4255PASS successfullyParsed is true
    4356
  • trunk/LayoutTests/crypto/subtle/rsa-import-key-malformed-parameters.html

    r209437 r209633  
    2323var qi = "YCX_pLwbMBA1ThVH0WcwmnytqNcrMCEwTm7ByA2eU6nWbQrULvf7m9_kzfLUcjsnpAVlBQG5JMXMy0Sq4ptwbywsa5-G8KAOOOR2L3v4hC-Eys9ftgFM_3i0o40eeQH4b3haPbntrIeMg8IzlOuVYKf9-2QuKDoWeRdd7NsdxTk";
    2424var spkiKey = hexStringToUint8Array("30820122300d06092a864886f70d01010105000382010f003082010a0282010100d61051c4920d4c7c04a33beabb2412bedc4173fdbe82c7db80f0052d00abd32e01656d2105abef4fa5417bb868bb77780c08d20cfe9e2d767ee952970941398f8bea59a966772b1d89f19693cfff5faba22ba39ef7982ac46257180d557d3cbf3f7e65dd835d1d351e679a841b904a3cf24a0323aac0bb89705777507c76f57663b6d846e995a63057ceb48053ddf9282a366d6dc6cbdceb2ebcb3b374c7dc49da160cba8a3656211b8597a39ef9b8cc44d0c5735f870679ffcb1cb9321bbfbc307844d3174ef5dc144a951071340f4d156bead21fd3d9bd4641afa5851512264b4eed228b5d6324de428b00cbb89a1a88cb138d59de0b4ad75f2196e0e7ba890203010001");
     25var pkcs8Key = hexStringToUint8Array("308204bd020100300d06092a864886f70d0101010500048204a7308204a30201000282010100ca6ee8ec62b6a02e187b70c19ca15a13c386a470ee8816c7340a270f96f905511f93362f8f7aae3e60394dac34cb29ea5f540d6ef80b1df7155b66a2d6d6e44092bcbafbf69b061b3f4d927060c81d0fa07d22f481ff503c0581ffa444f57345204ddf0a93a225979c61aeb9686557f7632002e165430452868d010d505e3ccfed7315432a298a9b6d1a6ede98ee746c2c8bd22f5495cee563e2db24f1e33d91ced83af1baac754dba4ddba430f6cf3d4ac7edb0bf69891140854e8700056a7ef6d06ed5a605a05e74ecb3b246ce9cb310b39b00c707af3a637862e3d2914013de212ff09a36db84d99b8d610d0cfd36a4411dbf1b62e06ebff1bee50f040ca502030100010282010024706483309db925b3087d5a8cac4abfa60195963289d2b7d6f940e0c08760daa279685695583b074560eb47655570dd1c7dcfd13adb1d70bdaa6f463eaffdf455b59d5eff9c16344f67d2456256834cadd1f8b9d4b0b5aba83e275b55826d567323315401113dfd158c4bdc5a1b6c033f17a30d19a23fa3ef4e70730a157c928b1c7840a34401d19daab52cfa9b424cc8e1084254ca597304be22547b7221e875bf1fdca2386ba1e855d5e0bcaba03376bfd73de8513c07ab0e67cb3554dc8c8f7a67d231f99a2b653ad471ee2f8bd3b8fad51b02f807d131b6b71ab17e45a5faf161ce3b919d96b5e78e9e4e1202d6398a954def4c1980da1fcc30d56167e102818100ee24b92668d38465fdd9a2262e64be56846be561e4cfbcedc82496a3190b549636923d61c3e5a2d40cc6d2c46a3e89ac23eb44ac40c777147e3e49a80bd382bae06e284f1cc553f89d78f0c7bf20fd3a33ee598ce2caf61e3f5457cd228ff03fe009f10952206bf248e161d17950c6655af75b097bbda1b909038d4d752cd11d02818100d99cb65195a399f9a3aca1ef1593592992e7d91cc028b713ec5b661b9976fcffdb086f523f042699cb910321fe7b67a27dd4a72822e6fbb98d005280721efc32d889d431d2737c92a4f34d4885c7a9c6244e081a1264a283d07744b752a68ebb6fbff3492a039e3e3a0cc5b94537582a7d11cc6b8678e4c338671f96be029b2902818100a1a2a7509ca1c4217db4f3cbba7d827b32921134ea9add7efef36692f8f2a9ccf2e93b645a1448fa6859a2c0d1e3f489b42f8182f0ccf1d425039df6c360224139074bb0b6b47094343ddc1f97688ab7b07bbca8555eb0c242f5ba4a6f8506ea33e44b87aa087b7c0d5f7c8733325216853192c6d30818f68059bad4b20d633902818034b3bf7402c99c80d922f614f124be735320d3742315b94119fd08bda66d2ad8cc333ec2ac8054d8ea74344e0753dbc57eb401c7b6ac3a4ab5db5e1fbd83c3908ce0d4833c74bbb6c83c247b6beaef330d97d85e7815e7460536dd6d8896cdfa9715e5d5d2570dfc041313cfcaf39c66ade3a19e68f2de7469349071f192b00102818060a8271f45161d8ecf62c3ac5f0fa8539b6d86a35123aafcc37541e2d5e5b62715777db0ef75f3cdf67506b8fcad6baed862eaf88fa1f280f42736b69a41ea7a3fea31ce62aa0563c85df1d9b02b83839c4ab9453e420c5c401cce979f6fb7b6ac12baf1e9140546eed24e92e383b8f2d37b3e4410844d235c7175112e751ee0");
     26var malformedKey0 = new Uint8Array(); // empty.
     27var malformedKey1 = hexStringToUint8Array("30"); // only 1 byte.
     28var malformedKey2 = hexStringToUint8Array("30820122300d06092a864886f70d010101050003"); // truncated Spki key
     29var malformedKey3 = hexStringToUint8Array("308204bd020100300d06092a864886f70d010101050004"); // truncated Pkcs8 key
     30var malformedKey4 = hexStringToUint8Array("30820122300d06092a864886f70d01010105000382"); // truncated Spki key
     31var malformedKey5 = hexStringToUint8Array("308204bd020100300d06092a864886f70d01010105000482"); // truncated Pkcs8 key
     32var malformedKey6 = hexStringToUint8Array("30820122300d06092a864886f70d01010105000382010f"); // truncated Spki key
     33var malformedKey7 = hexStringToUint8Array("308204bd020100300d06092a864886f70d0101010500048204a7"); // truncated Pkcs8 key
    2534
    2635// Jwk: Wrong usages
     
    7079shouldReject('crypto.subtle.importKey("spki", spkiKey, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["sign"])');
    7180shouldReject('crypto.subtle.importKey("spki", spkiKey, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["decrypt", "unwrapKey"])');
     81// Pkcs8: Wrong usages
     82shouldReject('crypto.subtle.importKey("pkcs8", pkcs8Key, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     83shouldReject('crypto.subtle.importKey("pkcs8", pkcs8Key, {name: "RSASSA-PKCS1-v1_5", hash: "sha-1"}, extractable, ["verify"])');
     84shouldReject('crypto.subtle.importKey("pkcs8", pkcs8Key, {name: "RSA-OAEP", hash: "sha-1"}, extractable, ["encrypt", "wrapKey"])');
     85// Malformed Key for Spki and Pkcs8
     86shouldReject('crypto.subtle.importKey("spki", malformedKey0, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     87shouldReject('crypto.subtle.importKey("spki", malformedKey1, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     88shouldReject('crypto.subtle.importKey("spki", malformedKey2, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     89shouldReject('crypto.subtle.importKey("spki", malformedKey4, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     90shouldReject('crypto.subtle.importKey("spki", malformedKey6, "RSAES-PKCS1-v1_5", extractable, ["encrypt"])');
     91shouldReject('crypto.subtle.importKey("pkcs8", malformedKey0, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     92shouldReject('crypto.subtle.importKey("pkcs8", malformedKey1, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     93shouldReject('crypto.subtle.importKey("pkcs8", malformedKey3, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     94shouldReject('crypto.subtle.importKey("pkcs8", malformedKey5, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
     95shouldReject('crypto.subtle.importKey("pkcs8", malformedKey7, "RSAES-PKCS1-v1_5", extractable, ["decrypt"])');
    7296</script>
    7397
  • trunk/LayoutTests/crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key-expected.txt

    r209632 r209633  
    1 Test importing a JWK RSA-OAEP public key with SHA-1 and then export it in SPKI format
     1Test importing a PKCS8 RSA-OAEP key and then export it in PKCS8 format
    22
    33On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
     
    55
    66Importing a key...
    7 Exporting a key...
    8 PASS exportedSpkiKey.byteLength is 294
     7PASS bytesToHexString(privateKey) is pkcs8KeyHex
    98PASS successfullyParsed is true
    109
  • trunk/LayoutTests/crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html

    r209632 r209633  
    1010
    1111<script>
    12 description("Test exporting a RSA key with malformed parameters");
     12description("Test exporting a RSA-OAEP private key with PKCS8 format.");
    1313
    1414jsTestIsAsync = true;
     
    1919    modulusLength: 2048,
    2020    publicExponent: new Uint8Array([0x01, 0x00, 0x01]),  // Equivalent to 65537
    21     hash: "sha-1"
     21    hash: "sha-1",
    2222};
    2323var extractable = true;
    2424
     25var keyPair;
     26debug("Generating a key pair...");
    2527crypto.subtle.generateKey(algorithmKeyGen, extractable, ["decrypt", "encrypt", "wrapKey", "unwrapKey"]).then(function(result) {
    26     publicKey = result.publicKey;
    27     privateKey = result.privateKey;
     28    keyPair = result;
     29    debug("Exporting the private key...");
     30    return crypto.subtle.exportKey("pkcs8", keyPair.privateKey);
     31}).then(function(result) {
     32    privateKey = result;
    2833
    29     // Currently not support format.
    30     return shouldReject('crypto.subtle.exportKey("pkcs8", publicKey)');
    31 }).then(function() {
    32     // Not support format.
    33     return shouldReject('crypto.subtle.exportKey("raw", publicKey)');
    34 }).then(function() {
    35     // Wrong key and format.
    36     return shouldReject('crypto.subtle.exportKey("spki", privateKey)');
    37 }).then(finishJSTest, finishJSTest);
     34    shouldBeType("privateKey", "ArrayBuffer");
    3835
     36    finishJSTest();
     37});
    3938</script>
    4039
  • trunk/LayoutTests/imported/w3c/ChangeLog

    r209598 r209633  
     12016-12-06  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt:
     10
    1112016-12-08  Jiewen Tan  <jiewen_tan@apple.com>
    212
  • trunk/LayoutTests/imported/w3c/WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt

    r209437 r209633  
    22
    33
    4 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    5 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    6 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    7 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    8 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    9 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    10 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    11 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    12 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    13 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    14 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    15 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label decryption assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    16 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    17 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    18 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    19 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    20 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    21 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    22 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    23 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    24 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    25 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    26 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    27 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label decryption with altered ciphertext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    28 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    29 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    30 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    31 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    32 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    33 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    34 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    35 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    36 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    37 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    38 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    39 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label using publicKey to decrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    40 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    41 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    42 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    43 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    44 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    45 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    46 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    47 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    48 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    49 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    50 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    51 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label no decrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    52 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    53 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    54 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    55 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    56 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    57 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    58 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    59 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    60 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    61 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    62 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    63 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label with altered plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    64 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    65 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    66 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    67 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    68 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    69 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    70 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    71 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    72 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    73 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    74 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    75 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    76 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    77 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    78 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    79 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    80 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    81 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    82 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    83 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    84 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    85 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    86 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    87 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label too long plaintext assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    88 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    89 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    90 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and no label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    91 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and no label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and no label. Message: ''The operation is not supported.'' Reached unreachable code
    92 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and empty label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    93 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and empty label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    94 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and empty label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    95 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and empty label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and empty label. Message: ''The operation is not supported.'' Reached unreachable code
    96 FAIL importVectorKeys step: RSA-OAEP with SHA-1 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    97 FAIL importVectorKeys step: RSA-OAEP with SHA-256 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    98 FAIL importVectorKeys step: RSA-OAEP with SHA-384 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-384 and a label. Message: ''The operation is not supported.'' Reached unreachable code
    99 FAIL importVectorKeys step: RSA-OAEP with SHA-512 and a label using privateKey to encrypt assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-512 and a label. Message: ''The operation is not supported.'' Reached unreachable code
     4PASS RSA-OAEP with SHA-1 and no label decryption
     5PASS RSA-OAEP with SHA-256 and no label decryption
     6PASS RSA-OAEP with SHA-384 and no label decryption
     7PASS RSA-OAEP with SHA-512 and no label decryption
     8PASS RSA-OAEP with SHA-1 and empty label decryption
     9PASS RSA-OAEP with SHA-256 and empty label decryption
     10PASS RSA-OAEP with SHA-384 and empty label decryption
     11PASS RSA-OAEP with SHA-512 and empty label decryption
     12PASS RSA-OAEP with SHA-1 and a label decryption
     13PASS RSA-OAEP with SHA-256 and a label decryption
     14PASS RSA-OAEP with SHA-384 and a label decryption
     15PASS RSA-OAEP with SHA-512 and a label decryption
     16PASS RSA-OAEP with SHA-1 and no label decryption with altered ciphertext
     17PASS RSA-OAEP with SHA-256 and no label decryption with altered ciphertext
     18PASS RSA-OAEP with SHA-384 and no label decryption with altered ciphertext
     19PASS RSA-OAEP with SHA-512 and no label decryption with altered ciphertext
     20PASS RSA-OAEP with SHA-1 and empty label decryption with altered ciphertext
     21PASS RSA-OAEP with SHA-256 and empty label decryption with altered ciphertext
     22PASS RSA-OAEP with SHA-384 and empty label decryption with altered ciphertext
     23PASS RSA-OAEP with SHA-512 and empty label decryption with altered ciphertext
     24PASS RSA-OAEP with SHA-1 and a label decryption with altered ciphertext
     25PASS RSA-OAEP with SHA-256 and a label decryption with altered ciphertext
     26PASS RSA-OAEP with SHA-384 and a label decryption with altered ciphertext
     27PASS RSA-OAEP with SHA-512 and a label decryption with altered ciphertext
     28PASS RSA-OAEP with SHA-1 and no label using publicKey to decrypt
     29PASS RSA-OAEP with SHA-256 and no label using publicKey to decrypt
     30PASS RSA-OAEP with SHA-384 and no label using publicKey to decrypt
     31PASS RSA-OAEP with SHA-512 and no label using publicKey to decrypt
     32PASS RSA-OAEP with SHA-1 and empty label using publicKey to decrypt
     33PASS RSA-OAEP with SHA-256 and empty label using publicKey to decrypt
     34PASS RSA-OAEP with SHA-384 and empty label using publicKey to decrypt
     35PASS RSA-OAEP with SHA-512 and empty label using publicKey to decrypt
     36PASS RSA-OAEP with SHA-1 and a label using publicKey to decrypt
     37PASS RSA-OAEP with SHA-256 and a label using publicKey to decrypt
     38PASS RSA-OAEP with SHA-384 and a label using publicKey to decrypt
     39PASS RSA-OAEP with SHA-512 and a label using publicKey to decrypt
     40PASS RSA-OAEP with SHA-1 and no label no decrypt usage
     41PASS RSA-OAEP with SHA-256 and no label no decrypt usage
     42PASS RSA-OAEP with SHA-384 and no label no decrypt usage
     43PASS RSA-OAEP with SHA-512 and no label no decrypt usage
     44PASS RSA-OAEP with SHA-1 and empty label no decrypt usage
     45PASS RSA-OAEP with SHA-256 and empty label no decrypt usage
     46PASS RSA-OAEP with SHA-384 and empty label no decrypt usage
     47PASS RSA-OAEP with SHA-512 and empty label no decrypt usage
     48PASS RSA-OAEP with SHA-1 and a label no decrypt usage
     49PASS RSA-OAEP with SHA-256 and a label no decrypt usage
     50PASS RSA-OAEP with SHA-384 and a label no decrypt usage
     51PASS RSA-OAEP with SHA-512 and a label no decrypt usage
     52PASS RSA-OAEP with SHA-1 and no label with altered plaintext
     53PASS RSA-OAEP with SHA-256 and no label with altered plaintext
     54PASS RSA-OAEP with SHA-384 and no label with altered plaintext
     55PASS RSA-OAEP with SHA-512 and no label with altered plaintext
     56PASS RSA-OAEP with SHA-1 and empty label with altered plaintext
     57PASS RSA-OAEP with SHA-256 and empty label with altered plaintext
     58PASS RSA-OAEP with SHA-384 and empty label with altered plaintext
     59PASS RSA-OAEP with SHA-512 and empty label with altered plaintext
     60PASS RSA-OAEP with SHA-1 and a label with altered plaintext
     61PASS RSA-OAEP with SHA-256 and a label with altered plaintext
     62PASS RSA-OAEP with SHA-384 and a label with altered plaintext
     63PASS RSA-OAEP with SHA-512 and a label with altered plaintext
     64PASS RSA-OAEP with SHA-1 and no label
     65PASS RSA-OAEP with SHA-256 and no label
     66PASS RSA-OAEP with SHA-384 and no label
     67PASS RSA-OAEP with SHA-512 and no label
     68PASS RSA-OAEP with SHA-1 and empty label
     69PASS RSA-OAEP with SHA-256 and empty label
     70PASS RSA-OAEP with SHA-384 and empty label
     71PASS RSA-OAEP with SHA-512 and empty label
     72PASS RSA-OAEP with SHA-1 and a label
     73PASS RSA-OAEP with SHA-256 and a label
     74PASS RSA-OAEP with SHA-384 and a label
     75PASS RSA-OAEP with SHA-512 and a label
     76PASS RSA-OAEP with SHA-1 and no label too long plaintext
     77PASS RSA-OAEP with SHA-256 and no label too long plaintext
     78PASS RSA-OAEP with SHA-384 and no label too long plaintext
     79PASS RSA-OAEP with SHA-512 and no label too long plaintext
     80PASS RSA-OAEP with SHA-1 and empty label too long plaintext
     81PASS RSA-OAEP with SHA-256 and empty label too long plaintext
     82PASS RSA-OAEP with SHA-384 and empty label too long plaintext
     83PASS RSA-OAEP with SHA-512 and empty label too long plaintext
     84PASS RSA-OAEP with SHA-1 and a label too long plaintext
     85PASS RSA-OAEP with SHA-256 and a label too long plaintext
     86PASS RSA-OAEP with SHA-384 and a label too long plaintext
     87PASS RSA-OAEP with SHA-512 and a label too long plaintext
     88PASS RSA-OAEP with SHA-1 and no label using privateKey to encrypt
     89PASS RSA-OAEP with SHA-256 and no label using privateKey to encrypt
     90PASS RSA-OAEP with SHA-384 and no label using privateKey to encrypt
     91PASS RSA-OAEP with SHA-512 and no label using privateKey to encrypt
     92PASS RSA-OAEP with SHA-1 and empty label using privateKey to encrypt
     93PASS RSA-OAEP with SHA-256 and empty label using privateKey to encrypt
     94PASS RSA-OAEP with SHA-384 and empty label using privateKey to encrypt
     95PASS RSA-OAEP with SHA-512 and empty label using privateKey to encrypt
     96PASS RSA-OAEP with SHA-1 and a label using privateKey to encrypt
     97PASS RSA-OAEP with SHA-256 and a label using privateKey to encrypt
     98PASS RSA-OAEP with SHA-384 and a label using privateKey to encrypt
     99PASS RSA-OAEP with SHA-512 and a label using privateKey to encrypt
    100100FAIL importVectorKeys step: RSA-OAEP with SHA-1 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-1 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
    101101FAIL importVectorKeys step: RSA-OAEP with SHA-256 and no label no encrypt usage assert_unreached: importVectorKeys failed for RSA-OAEP with SHA-256 and no label. Message: ''A required parameter was missing or out-of-range'' Reached unreachable code
  • trunk/Source/WebCore/ChangeLog

    r209632 r209633  
     12016-12-06  Jiewen Tan  <jiewen_tan@apple.com>
     2
     3        [Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
     4        https://bugs.webkit.org/show_bug.cgi?id=129978
     5        <rdar://problem/21799829>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        This is part 2 of Bug 129978. In this patch, it adds the PKCS8 format support for
     10        SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5,
     11        RSASSA-PKCS1-v1_5 and RSA-OAEP.
     12
     13        Tests: crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html
     14               crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html
     15               crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html
     16               crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html
     17               crypto/subtle/rsa-oaep-import-pkcs8-key.html
     18               crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html
     19               crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html
     20               crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html
     21               crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html
     22               crypto/workers/subtle/rsa-export-pkcs8-key.html
     23               crypto/workers/subtle/rsa-import-pkcs8-key.html
     24
     25        * bindings/js/JSSubtleCryptoCustom.cpp:
     26        (WebCore::toKeyData):
     27        * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
     28        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
     29        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey):
     30        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
     31        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
     32        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey):
     33        * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
     34        (WebCore::CryptoAlgorithmRSA_OAEP::importKey):
     35        (WebCore::CryptoAlgorithmRSA_OAEP::exportKey):
     36        * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
     37        (WebCore::CryptoKeyRSA::importPkcs8):
     38        (WebCore::CryptoKeyRSA::exportPkcs8):
     39        * crypto/keys/CryptoKeyRSA.h:
     40        * crypto/mac/CryptoKeyRSAMac.cpp:
     41        (WebCore::CryptoKeyRSA::importSpki):
     42        (WebCore::CryptoKeyRSA::importPkcs8):
     43        (WebCore::CryptoKeyRSA::exportPkcs8):
     44
    1452016-12-09  Geoffrey Garen  <ggaren@apple.com>
    246
  • trunk/Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp

    r209437 r209633  
    342342    KeyData result;
    343343    switch (format) {
     344    case SubtleCrypto::KeyFormat::Spki:
    344345    case SubtleCrypto::KeyFormat::Pkcs8:
    345         setDOMException(&state, NOT_SUPPORTED_ERR);
    346         return result;
    347     case SubtleCrypto::KeyFormat::Spki:
    348346    case SubtleCrypto::KeyFormat::Raw: {
    349347        BufferSource bufferSource = convert<IDLBufferSource>(state, value);
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp

    r209437 r209633  
    129129        break;
    130130    }
     131    case SubtleCrypto::KeyFormat::Pkcs8: {
     132        if (usages ^ CryptoKeyUsageDecrypt) {
     133            exceptionCallback(SYNTAX_ERR);
     134            return;
     135        }
     136        result = CryptoKeyRSA::importPkcs8(parameters->identifier, std::nullopt, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     137        break;
     138    }
    131139    default:
    132140        exceptionCallback(NOT_SUPPORTED_ERR);
     
    167175        break;
    168176    }
     177    case SubtleCrypto::KeyFormat::Pkcs8: {
     178        auto pkcs8 = rsaKey.exportPkcs8();
     179        if (pkcs8.hasException()) {
     180            exceptionCallback(pkcs8.releaseException().code());
     181            return;
     182        }
     183        result = pkcs8.releaseReturnValue();
     184        break;
     185    }
    169186    default:
    170187        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp

    r209437 r209633  
    163163        break;
    164164    }
     165    case SubtleCrypto::KeyFormat::Pkcs8: {
     166        if (usages ^ CryptoKeyUsageSign) {
     167            exceptionCallback(SYNTAX_ERR);
     168            return;
     169        }
     170        // FIXME: <webkit.org/b/165436>
     171        result = CryptoKeyRSA::importPkcs8(parameters->identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     172        break;
     173    }
    165174    default:
    166175        exceptionCallback(NOT_SUPPORTED_ERR);
     
    219228        break;
    220229    }
     230    case SubtleCrypto::KeyFormat::Pkcs8: {
     231        auto pkcs8 = rsaKey.exportPkcs8();
     232        if (pkcs8.hasException()) {
     233            exceptionCallback(pkcs8.releaseException().code());
     234            return;
     235        }
     236        result = pkcs8.releaseReturnValue();
     237        break;
     238    }
    221239    default:
    222240        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp

    r209437 r209633  
    176176        break;
    177177    }
     178    case SubtleCrypto::KeyFormat::Pkcs8: {
     179        if ((usages ^ CryptoKeyUsageDecrypt) && (usages ^ CryptoKeyUsageUnwrapKey) && (usages ^ (CryptoKeyUsageDecrypt | CryptoKeyUsageUnwrapKey))) {
     180            exceptionCallback(SYNTAX_ERR);
     181            return;
     182        }
     183        // FIXME: <webkit.org/b/165436>
     184        result = CryptoKeyRSA::importPkcs8(parameters->identifier, rsaParameters.hashIdentifier, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
     185        break;
     186    }
    178187    default:
    179188        exceptionCallback(NOT_SUPPORTED_ERR);
     
    233242        break;
    234243    }
     244    case SubtleCrypto::KeyFormat::Pkcs8: {
     245        // FIXME: <webkit.org/b/165437>
     246        auto pkcs8 = rsaKey.exportPkcs8();
     247        if (pkcs8.hasException()) {
     248            exceptionCallback(pkcs8.releaseException().code());
     249            return;
     250        }
     251        result = pkcs8.releaseReturnValue();
     252        break;
     253    }
    235254    default:
    236255        exceptionCallback(NOT_SUPPORTED_ERR);
  • trunk/Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp

    r209437 r209633  
    127127}
    128128
     129RefPtr<CryptoKeyRSA> CryptoKeyRSA::importPkcs8(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier>, Vector<uint8_t>&&, bool, CryptoKeyUsageBitmap)
     130{
     131    notImplemented();
     132
     133    return nullptr;
     134}
     135
     136ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportPkcs8() const
     137{
     138    notImplemented();
     139
     140    return Exception { NOT_SUPPORTED_ERR };
     141}
     142
    129143} // namespace WebCore
    130144
  • trunk/Source/WebCore/crypto/keys/CryptoKeyRSA.h

    r209437 r209633  
    104104    static RefPtr<CryptoKeyRSA> importJwk(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, JsonWebKey&&, bool extractable, CryptoKeyUsageBitmap);
    105105    static RefPtr<CryptoKeyRSA> importSpki(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&&, bool extractable, CryptoKeyUsageBitmap);
     106    static RefPtr<CryptoKeyRSA> importPkcs8(CryptoAlgorithmIdentifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&&, bool extractable, CryptoKeyUsageBitmap);
    106107
    107108    PlatformRSAKey platformKey() const { return m_platformKey; }
    108109    JsonWebKey exportJwk() const;
    109110    ExceptionOr<Vector<uint8_t>> exportSpki() const;
     111    ExceptionOr<Vector<uint8_t>> exportPkcs8() const;
    110112
    111113    CryptoAlgorithmIdentifier hashAlgorithmIdentifier() const { return m_hash; }
  • trunk/Source/WebCore/crypto/mac/CryptoKeyRSAMac.cpp

    r209437 r209633  
    4141// OID rsaEncryption: 1.2.840.113549.1.1.1. Per https://tools.ietf.org/html/rfc3279#section-2.3.1
    4242static unsigned char RSAOIDHeader[] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00};
     43// Version 0. Per https://tools.ietf.org/html/rfc5208#section-5
     44static unsigned char Version[] = {0x02, 0x01, 0x00};
     45
    4346// Per X.690 08/2015: https://www.itu.int/rec/T-REC-X.680-X.693/en
     47static unsigned char BitStringMark = 0x03;
     48static unsigned char OctetStringMark = 0x04;
    4449static unsigned char SequenceMark = 0x30;
    45 static unsigned char BitStringMark = 0x03;
     50
    4651static unsigned char InitialOctet = 0x00;
    4752
     
    333338    // Per https://tools.ietf.org/html/rfc5280#section-4.1. subjectPublicKeyInfo.
    334339    size_t headerSize = 1;
    335     if (keyData.size() < headerSize)
     340    if (keyData.size() < headerSize + 1)
    336341        return nullptr;
    337342    headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(RSAOIDHeader) + sizeof(BitStringMark);
    338     if (keyData.size() < headerSize)
     343    if (keyData.size() < headerSize + 1)
    339344        return nullptr;
    340345    headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(InitialOctet);
     
    379384}
    380385
     386RefPtr<CryptoKeyRSA> CryptoKeyRSA::importPkcs8(CryptoAlgorithmIdentifier identifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages)
     387{
     388    // The current SecLibrary cannot import a PKCS8 format binary. Hence, we need to strip out the PKCS8 header.
     389    // This hack can be removed when <rdar://problem/29523286> is resolved.
     390    // The header format we assume is: SequenceMark(1) + Length(?) + Version(3) + rsaEncryption(15) + OctetStringMark(1) + Length(?).
     391    // The header format could be varied. However since we don't have a full-fledged ASN.1 encoder/decoder, we want to restrict it to
     392    // the most common one for now.
     393    // Per https://tools.ietf.org/html/rfc5208#section-5. PrivateKeyInfo.
     394    // We also assume there is no optional parameters.
     395    size_t headerSize = 1;
     396    if (keyData.size() < headerSize + 1)
     397        return nullptr;
     398    headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(Version) + sizeof(RSAOIDHeader) + sizeof(OctetStringMark);
     399    if (keyData.size() < headerSize + 1)
     400        return nullptr;
     401    headerSize += bytesUsedToEncodedLength(keyData[headerSize]);
     402
     403    CCRSACryptorRef ccPrivateKey;
     404    if (CCRSACryptorImport(keyData.data() + headerSize, keyData.size() - headerSize, &ccPrivateKey))
     405        return nullptr;
     406
     407    // Notice: CryptoAlgorithmIdentifier::SHA_1 is just a placeholder. It should not have any effect if hash is std::nullopt.
     408    return adoptRef(new CryptoKeyRSA(identifier, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, CryptoKeyType::Private, ccPrivateKey, extractable, usages));
     409}
     410
     411ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportPkcs8() const
     412{
     413    if (type() != CryptoKeyType::Private)
     414        return Exception { INVALID_ACCESS_ERR };
     415
     416    // The current SecLibrary cannot output a valid PKCS8 format binary. Hence, we need the following hack.
     417    // This hack can be removed when <rdar://problem/29523286> is resolved.
     418    // Estimated size in produced bytes format. Per https://tools.ietf.org/html/rfc3447#appendix-A.1.2. RSAPrivateKey.
     419    // O(size) = Sequence(1) + Length(3) + Integer(1) + Length(3) + Modulus + Integer(1) + Length(3) + publicExponent + Integer(1) + Length(3) +
     420    // privateExponent + Integer(1) + Length(3) + prime1 + Integer(1) + Length(3) + prime2 + Integer(1) + Length(3) + exponent1 + Integer(1) +
     421    // Length(3) + exponent2 + Integer(1) + Length(3) + coefficient.
     422    Vector<uint8_t> keyBytes(keySizeInBits());
     423    size_t keySize = keyBytes.size();
     424    if (CCRSACryptorExport(platformKey(), keyBytes.data(), &keySize))
     425        return Exception { OperationError };
     426    keyBytes.shrink(keySize);
     427
     428    // Version + RSAOIDHeader + OctetStringMark + Length + keySize
     429    size_t totalSize = sizeof(Version) + sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize) + keySize + 2;
     430
     431    // Per https://tools.ietf.org/html/rfc5208#section-5. PrivateKeyInfo.
     432    Vector<uint8_t> result;
     433    result.append(SequenceMark);
     434    addEncodedASN1Length(result, totalSize);
     435    result.append(Version, sizeof(Version));
     436    result.append(RSAOIDHeader, sizeof(RSAOIDHeader));
     437    result.append(OctetStringMark);
     438    addEncodedASN1Length(result, keySize);
     439    result.append(keyBytes.data(), keyBytes.size());
     440
     441    return WTFMove(result);
     442}
     443
    381444} // namespace WebCore
    382445
Note: See TracChangeset for help on using the changeset viewer.