1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include <cryptohi.h>
6
7#include "content/child/webcrypto/crypto_data.h"
8#include "content/child/webcrypto/nss/key_nss.h"
9#include "content/child/webcrypto/nss/rsa_key_nss.h"
10#include "content/child/webcrypto/nss/util_nss.h"
11#include "content/child/webcrypto/status.h"
12#include "crypto/scoped_nss_types.h"
13#include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
14
15namespace content {
16
17namespace webcrypto {
18
19namespace {
20
21class RsaSsaImplementation : public RsaHashedAlgorithm {
22 public:
23  RsaSsaImplementation()
24      : RsaHashedAlgorithm(CKF_SIGN | CKF_VERIFY,
25                           blink::WebCryptoKeyUsageVerify,
26                           blink::WebCryptoKeyUsageSign) {}
27
28  virtual const char* GetJwkAlgorithm(
29      const blink::WebCryptoAlgorithmId hash) const OVERRIDE {
30    switch (hash) {
31      case blink::WebCryptoAlgorithmIdSha1:
32        return "RS1";
33      case blink::WebCryptoAlgorithmIdSha256:
34        return "RS256";
35      case blink::WebCryptoAlgorithmIdSha384:
36        return "RS384";
37      case blink::WebCryptoAlgorithmIdSha512:
38        return "RS512";
39      default:
40        return NULL;
41    }
42  }
43
44  virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm,
45                      const blink::WebCryptoKey& key,
46                      const CryptoData& data,
47                      std::vector<uint8_t>* buffer) const OVERRIDE {
48    if (key.type() != blink::WebCryptoKeyTypePrivate)
49      return Status::ErrorUnexpectedKeyType();
50
51    SECKEYPrivateKey* private_key = PrivateKeyNss::Cast(key)->key();
52
53    const blink::WebCryptoAlgorithm& hash =
54        key.algorithm().rsaHashedParams()->hash();
55
56    // Pick the NSS signing algorithm by combining RSA-SSA (RSA PKCS1) and the
57    // inner hash of the input Web Crypto algorithm.
58    SECOidTag sign_alg_tag;
59    switch (hash.id()) {
60      case blink::WebCryptoAlgorithmIdSha1:
61        sign_alg_tag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
62        break;
63      case blink::WebCryptoAlgorithmIdSha256:
64        sign_alg_tag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
65        break;
66      case blink::WebCryptoAlgorithmIdSha384:
67        sign_alg_tag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
68        break;
69      case blink::WebCryptoAlgorithmIdSha512:
70        sign_alg_tag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
71        break;
72      default:
73        return Status::ErrorUnsupported();
74    }
75
76    crypto::ScopedSECItem signature_item(SECITEM_AllocItem(NULL, NULL, 0));
77    if (SEC_SignData(signature_item.get(),
78                     data.bytes(),
79                     data.byte_length(),
80                     private_key,
81                     sign_alg_tag) != SECSuccess) {
82      return Status::OperationError();
83    }
84
85    buffer->assign(signature_item->data,
86                   signature_item->data + signature_item->len);
87    return Status::Success();
88  }
89
90  virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm,
91                        const blink::WebCryptoKey& key,
92                        const CryptoData& signature,
93                        const CryptoData& data,
94                        bool* signature_match) const OVERRIDE {
95    if (key.type() != blink::WebCryptoKeyTypePublic)
96      return Status::ErrorUnexpectedKeyType();
97
98    SECKEYPublicKey* public_key = PublicKeyNss::Cast(key)->key();
99
100    const blink::WebCryptoAlgorithm& hash =
101        key.algorithm().rsaHashedParams()->hash();
102
103    const SECItem signature_item = MakeSECItemForBuffer(signature);
104
105    SECOidTag hash_alg_tag;
106    switch (hash.id()) {
107      case blink::WebCryptoAlgorithmIdSha1:
108        hash_alg_tag = SEC_OID_SHA1;
109        break;
110      case blink::WebCryptoAlgorithmIdSha256:
111        hash_alg_tag = SEC_OID_SHA256;
112        break;
113      case blink::WebCryptoAlgorithmIdSha384:
114        hash_alg_tag = SEC_OID_SHA384;
115        break;
116      case blink::WebCryptoAlgorithmIdSha512:
117        hash_alg_tag = SEC_OID_SHA512;
118        break;
119      default:
120        return Status::ErrorUnsupported();
121    }
122
123    *signature_match =
124        SECSuccess == VFY_VerifyDataDirect(data.bytes(),
125                                           data.byte_length(),
126                                           public_key,
127                                           &signature_item,
128                                           SEC_OID_PKCS1_RSA_ENCRYPTION,
129                                           hash_alg_tag,
130                                           NULL,
131                                           NULL);
132    return Status::Success();
133  }
134};
135
136}  // namespace
137
138AlgorithmImplementation* CreatePlatformRsaSsaImplementation() {
139  return new RsaSsaImplementation;
140}
141
142}  // namespace webcrypto
143
144}  // namespace content
145