[GCrypt] Implement CryptoKeyEC SPKI imports
authorzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 21 Jun 2017 06:52:29 +0000 (06:52 +0000)
committerzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 21 Jun 2017 06:52:29 +0000 (06:52 +0000)
commitc2e9d6369c37200f0487b1e670614f31fec6452c
tree08a7714ddbce3862d07ee5ffa2d00ec0cce022e9
parent5d0d47538f27906778c69b716f7acfb3aa173e35
[GCrypt] Implement CryptoKeyEC SPKI imports
https://bugs.webkit.org/show_bug.cgi?id=172927

Reviewed by Jiewen Tan, Michael Catanzaro and Carlos Garcia Campos.

.:

* Source/cmake/FindLibtasn1.cmake: Added.
* Source/cmake/OptionsGTK.cmake: Require libtasn1 when SUBTLE_CRYPTO is enabled.
* Source/cmake/OptionsWPE.cmake: Ditto.

Source/WebCore:

No new tests -- affected tests are now passing and are unskipped.

Implement libgcrypt-based support for SPKI imports of EC keys.

Using libtasn1 through the utility functions and wrappers, the given key data
is decoded against the SubjectPublicKeyInfo ASN.1 definition. The algorithm
member is then properly validated, making sure that the key algorithm idenfitier
is supported and that the algorithm parameters specify the correct EC curve.

The public key bit string is then retrieved and validated, ensuring it represents
an uncompressed EC point that is of valid size for the specified EC curve. The
point is then tested through an EC context to make sure it's positioned on the
specified EC curve.

Finally, the curve name and uncompressed point data are embedded into a
`public-key` s-expression that will be used through the libgcrypt API. This is
then used, along with other information, to create a valid CryptoKeyEC object.

* PlatformGTK.cmake: Use LIBTASN1_INCLUDE_DIRECTORIES and LIBTASN1_LIBRARIES.
* PlatformWPE.cmake: Ditto.
* crypto/gcrypt/CryptoKeyECGCrypt.cpp:
(WebCore::supportedAlgorithmIdentifier):
(WebCore::curveForIdentifier):
(WebCore::CryptoKeyEC::platformImportSpki):

Source/WebCore/PAL:

Add a file that provides utility functions for operating with libtasn1 APIs.

The precomputed ASN.1 declarations, generated from the WebCrypto.asn file with
the asn1Parser tool, are used to enable construction of ASN.1 structures that
are then used to decode the SPKI or PKCS#8 data through the decodeStructure()
function. Raw data of each element in that structure can be retrieved throug the
elementData() function.

The Structure class is added as a wrapper for asn1_node objects that are used
as decoding targets, simplifying lifetime management of these objects.

* pal/PlatformGTK.cmake:
* pal/PlatformWPE.cmake:
* pal/crypto/tasn1/Utilities.cpp: Added.
(PAL::TASN1::asn1Definitions):
(PAL::TASN1::decodeStructure):
(PAL::TASN1::elementData):
* pal/crypto/tasn1/Utilities.h: Added.
(PAL::TASN1::Structure::~Structure):
(PAL::TASN1::Structure::operator&):
(PAL::TASN1::Structure::operator asn1_node):
* pal/crypto/tasn1/WebCrypto.asn: Added.

LayoutTests:

* platform/gtk/TestExpectations:
Unskip or enable the EC-based SPKI import tests that are now passing.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@218626 268f45cc-cd09-0410-ab3c-d52691b4dbfc
16 files changed:
ChangeLog
LayoutTests/ChangeLog
LayoutTests/platform/gtk/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/PAL/ChangeLog
Source/WebCore/PAL/pal/PlatformGTK.cmake
Source/WebCore/PAL/pal/PlatformWPE.cmake
Source/WebCore/PAL/pal/crypto/tasn1/Utilities.cpp [new file with mode: 0644]
Source/WebCore/PAL/pal/crypto/tasn1/Utilities.h [new file with mode: 0644]
Source/WebCore/PAL/pal/crypto/tasn1/WebCrypto.asn [new file with mode: 0644]
Source/WebCore/PlatformGTK.cmake
Source/WebCore/PlatformWPE.cmake
Source/WebCore/crypto/gcrypt/CryptoKeyECGCrypt.cpp
Source/cmake/FindLibtasn1.cmake [new file with mode: 0644]
Source/cmake/OptionsGTK.cmake
Source/cmake/OptionsWPE.cmake