1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <openssl/evp.h>
6
7 #include "base/stl_util.h"
8 #include "content/child/webcrypto/crypto_data.h"
9 #include "content/child/webcrypto/openssl/key_openssl.h"
10 #include "content/child/webcrypto/openssl/rsa_key_openssl.h"
11 #include "content/child/webcrypto/openssl/util_openssl.h"
12 #include "content/child/webcrypto/status.h"
13 #include "crypto/openssl_util.h"
14 #include "crypto/scoped_openssl_types.h"
15 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
16 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
17
18 namespace content {
19
20 namespace webcrypto {
21
22 namespace {
23
24 typedef int (*InitFunc)(EVP_PKEY_CTX* ctx);
25 typedef int (*EncryptDecryptFunc)(EVP_PKEY_CTX* ctx,
26 unsigned char* out,
27 size_t* outlen,
28 const unsigned char* in,
29 size_t inlen);
30
31 // Helper for doing either RSA-OAEP encryption or decryption.
32 //
33 // To encrypt call with:
34 // init_func=EVP_PKEY_encrypt_init, encrypt_decrypt_func=EVP_PKEY_encrypt
35 //
36 // To decrypt call with:
37 // init_func=EVP_PKEY_decrypt_init, encrypt_decrypt_func=EVP_PKEY_decrypt
CommonEncryptDecrypt(InitFunc init_func,EncryptDecryptFunc encrypt_decrypt_func,const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer)38 Status CommonEncryptDecrypt(InitFunc init_func,
39 EncryptDecryptFunc encrypt_decrypt_func,
40 const blink::WebCryptoAlgorithm& algorithm,
41 const blink::WebCryptoKey& key,
42 const CryptoData& data,
43 std::vector<uint8_t>* buffer) {
44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
45
46 EVP_PKEY* pkey = AsymKeyOpenSsl::Cast(key)->key();
47 const EVP_MD* digest =
48 GetDigest(key.algorithm().rsaHashedParams()->hash().id());
49 if (!digest)
50 return Status::ErrorUnsupported();
51
52 crypto::ScopedEVP_PKEY_CTX ctx(EVP_PKEY_CTX_new(pkey, NULL));
53
54 if (!init_func(ctx.get()) ||
55 1 != EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_PKCS1_OAEP_PADDING) ||
56 1 != EVP_PKEY_CTX_set_rsa_oaep_md(ctx.get(), digest) ||
57 1 != EVP_PKEY_CTX_set_rsa_mgf1_md(ctx.get(), digest)) {
58 return Status::OperationError();
59 }
60
61 const blink::WebVector<uint8_t>& label =
62 algorithm.rsaOaepParams()->optionalLabel();
63
64 if (label.size()) {
65 // Make a copy of the label, since the ctx takes ownership of it when
66 // calling set0_rsa_oaep_label().
67 crypto::ScopedOpenSSLBytes label_copy;
68 label_copy.reset(static_cast<uint8_t*>(OPENSSL_malloc(label.size())));
69 memcpy(label_copy.get(), label.data(), label.size());
70
71 if (1 != EVP_PKEY_CTX_set0_rsa_oaep_label(
72 ctx.get(), label_copy.release(), label.size())) {
73 return Status::OperationError();
74 }
75 }
76
77 // Determine the maximum length of the output.
78 size_t outlen = 0;
79 if (!encrypt_decrypt_func(
80 ctx.get(), NULL, &outlen, data.bytes(), data.byte_length())) {
81 return Status::OperationError();
82 }
83 buffer->resize(outlen);
84
85 // Do the actual encryption/decryption.
86 if (!encrypt_decrypt_func(ctx.get(),
87 vector_as_array(buffer),
88 &outlen,
89 data.bytes(),
90 data.byte_length())) {
91 return Status::OperationError();
92 }
93 buffer->resize(outlen);
94
95 return Status::Success();
96 }
97
98 class RsaOaepImplementation : public RsaHashedAlgorithm {
99 public:
RsaOaepImplementation()100 RsaOaepImplementation()
101 : RsaHashedAlgorithm(
102 blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageWrapKey,
103 blink::WebCryptoKeyUsageDecrypt |
104 blink::WebCryptoKeyUsageUnwrapKey) {}
105
GetJwkAlgorithm(const blink::WebCryptoAlgorithmId hash) const106 virtual const char* GetJwkAlgorithm(
107 const blink::WebCryptoAlgorithmId hash) const OVERRIDE {
108 switch (hash) {
109 case blink::WebCryptoAlgorithmIdSha1:
110 return "RSA-OAEP";
111 case blink::WebCryptoAlgorithmIdSha256:
112 return "RSA-OAEP-256";
113 case blink::WebCryptoAlgorithmIdSha384:
114 return "RSA-OAEP-384";
115 case blink::WebCryptoAlgorithmIdSha512:
116 return "RSA-OAEP-512";
117 default:
118 return NULL;
119 }
120 }
121
Encrypt(const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer) const122 virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
123 const blink::WebCryptoKey& key,
124 const CryptoData& data,
125 std::vector<uint8_t>* buffer) const OVERRIDE {
126 if (key.type() != blink::WebCryptoKeyTypePublic)
127 return Status::ErrorUnexpectedKeyType();
128
129 return CommonEncryptDecrypt(
130 EVP_PKEY_encrypt_init, EVP_PKEY_encrypt, algorithm, key, data, buffer);
131 }
132
Decrypt(const blink::WebCryptoAlgorithm & algorithm,const blink::WebCryptoKey & key,const CryptoData & data,std::vector<uint8_t> * buffer) const133 virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
134 const blink::WebCryptoKey& key,
135 const CryptoData& data,
136 std::vector<uint8_t>* buffer) const OVERRIDE {
137 if (key.type() != blink::WebCryptoKeyTypePrivate)
138 return Status::ErrorUnexpectedKeyType();
139
140 return CommonEncryptDecrypt(
141 EVP_PKEY_decrypt_init, EVP_PKEY_decrypt, algorithm, key, data, buffer);
142 }
143 };
144
145 } // namespace
146
CreatePlatformRsaOaepImplementation()147 AlgorithmImplementation* CreatePlatformRsaOaepImplementation() {
148 return new RsaOaepImplementation;
149 }
150
151 } // namespace webcrypto
152
153 } // namespace content
154