Allow an optional hash algorithm to be passed to generateKey for RSA keys.
https://bugs.webkit.org/show_bug.cgi?id=144938
Unreviewed initial submission.
Test: crypto/subtle/rsa-export-generated-keys.html
This changeset allows an optional hash parameter to be passed to the generate
key function for RSA type keys. Previously, there was no way to export generated
keys, as no hash function could be associated with the key (required for JWK).
The current WebCrypto API draft requires the hash function to be specified in the
algorithm object passed to generateKey (http://www.w3.org/TR/WebCryptoAPI 20.4),
however, they were made optional in this implementation to maintain compatiblity.
Patch by Scott Valentine <svalentine@ikayzo.com> on 2015-11-06
* bindings/js/JSCryptoAlgorithmDictionary.cpp:
(WebCore::getHashAlgorithm):
(WebCore::createHmacParams):
(WebCore::createHmacKeyParams):
(WebCore::createRsaKeyGenParams):
(WebCore::createRsaOaepParams):
(WebCore::createRsaSsaParams):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey): Deleted.
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::readRSAKey):
* crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
* crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
* crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
(WebCore::CryptoAlgorithmRSA_OAEP::generateKey):
(WebCore::CryptoAlgorithmRSA_OAEP::importKey):
* crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
(WebCore::CryptoKeyRSA::CryptoKeyRSA):
(WebCore::CryptoKeyRSA::create):
(WebCore::CryptoKeyRSA::generatePair):
(WebCore::CryptoKeyRSA::restrictToHash): Deleted.
* crypto/keys/CryptoKeyRSA.h:
* crypto/mac/CryptoKeyRSAMac.cpp:
(WebCore::CryptoKeyRSA::CryptoKeyRSA):
(WebCore::CryptoKeyRSA::create):
(WebCore::CryptoKeyRSA::generatePair):
(WebCore::CryptoKeyRSA::restrictToHash): Deleted.
* crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
LayoutTests:
Adding new tests for exporting generated RSA keys.
https://bugs.webkit.org/show_bug.cgi?id=144938
Unreviewed initial submission.
Patch by Scott Valentine <svalentine@ikayzo.com> on 2015-11-06
* crypto/subtle/rsa-export-generated-keys-expected.txt: Added.
* crypto/subtle/rsa-export-generated-keys.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@192126
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2015-11-06 Scott Valentine <svalentine@ikayzo.com>
+
+ Adding new tests for exporting generated RSA keys.
+ https://bugs.webkit.org/show_bug.cgi?id=144938
+
+ Unreviewed initial submission.
+
+ * crypto/subtle/rsa-export-generated-keys-expected.txt: Added.
+ * crypto/subtle/rsa-export-generated-keys.html: Added.
+
2015-11-06 Wenson Hsieh <wenson_hsieh@apple.com>
Scrolling iframe inside scrollable div does not work with trackpad
--- /dev/null
+Test exporting a generated RSA keypair with hash.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+
+Generating RSA-PKCS1-v1.5 keyPair...
+PASS crypto.subtle.exportKey(null, key) threw exception TypeError: Unknown key format.
+PASS crypto.subtle.exportKey(undefined, key) threw exception TypeError: Unknown key format.
+PASS crypto.subtle.exportKey({}, key) threw exception TypeError: Unknown key format.
+PASS crypto.subtle.exportKey("", key) threw exception TypeError: Unknown key format.
+PASS crypto.subtle.exportKey("foobar", key) threw exception TypeError: Unknown key format.
+PASS key.publicKey.algorithm.hash.name is defined.
+PASS key.privateKey.algorithm.hash.name is defined.
+
+Exporting public key as JWK...
+PASS exportedJWK.kty is 'RSA'
+PASS exportedJWK.alg is 'RS256'
+PASS exportedJWK.ext is true
+PASS exportedJWK.use is undefined
+PASS exportedJWK.key_ops is ['sign', 'verify']
+
+Exporting private key as JWK...
+PASS exportedJWK.kty is 'RSA'
+PASS exportedJWK.alg is 'RS256'
+PASS exportedJWK.ext is true
+PASS exportedJWK.use is undefined
+PASS exportedJWK.key_ops is ['sign', 'verify']
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
--- /dev/null
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../../resources/js-test-pre.js"></script>
+<script src="resources/common.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+
+<script>
+description("Test exporting a generated RSA keypair with hash.");
+
+jsTestIsAsync = true;
+
+var extractable = true;
+
+var algorithm = {
+ name: "RSASSA-PKCS1-v1_5",
+ modulusLength: "4096",
+ publicExponent: new Uint8Array([1, 0, 1]), // 2^16 + 1 (65537)
+ hash: { name: "SHA-256" }
+};
+
+debug("\nGenerating RSA-PKCS1-v1.5 keyPair...");
+crypto.subtle.generateKey(algorithm, extractable, ['sign', 'verify'])
+.then(function(result) {
+ key = result;
+
+ shouldThrow('crypto.subtle.exportKey(null, key)');
+ shouldThrow('crypto.subtle.exportKey(undefined, key)');
+ shouldThrow('crypto.subtle.exportKey({}, key)');
+ shouldThrow('crypto.subtle.exportKey("", key)');
+ shouldThrow('crypto.subtle.exportKey("foobar", key)');
+ shouldBeDefined('key.publicKey.algorithm.hash.name');
+ shouldBeDefined('key.privateKey.algorithm.hash.name');
+
+ debug("\nExporting public key as JWK...");
+ return crypto.subtle.exportKey("jwk", key.publicKey);
+}).then(function(result) {
+ exportedJWK = JSON.parse(bytesToASCIIString(result));
+
+ shouldBe("exportedJWK.kty", "'RSA'");
+ shouldBe("exportedJWK.alg", "'RS256'");
+ shouldBe("exportedJWK.ext", "true");
+ shouldBe("exportedJWK.use", "undefined");
+ shouldBe("exportedJWK.key_ops", "['sign', 'verify']");
+
+ debug("\nExporting private key as JWK...");
+ return crypto.subtle.exportKey("jwk", key.privateKey);
+}).then(function(result) {
+ exportedJWK = JSON.parse(bytesToASCIIString(result));
+
+ shouldBe("exportedJWK.kty", "'RSA'");
+ shouldBe("exportedJWK.alg", "'RS256'");
+ shouldBe("exportedJWK.ext", "true");
+ shouldBe("exportedJWK.use", "undefined");
+ shouldBe("exportedJWK.key_ops", "['sign', 'verify']");
+
+ finishJSTest();
+});
+</script>
+
+<script src="../../resources/js-test-post.js"></script>
+</body>
+</html>
+2015-11-06 Scott Valentine <svalentine@ikayzo.com>
+
+ Allow an optional hash algorithm to be passed to generateKey for RSA keys.
+ https://bugs.webkit.org/show_bug.cgi?id=144938
+
+ Unreviewed initial submission.
+
+ Test: crypto/subtle/rsa-export-generated-keys.html
+
+ This changeset allows an optional hash parameter to be passed to the generate
+ key function for RSA type keys. Previously, there was no way to export generated
+ keys, as no hash function could be associated with the key (required for JWK).
+
+ The current WebCrypto API draft requires the hash function to be specified in the
+ algorithm object passed to generateKey (http://www.w3.org/TR/WebCryptoAPI 20.4),
+ however, they were made optional in this implementation to maintain compatiblity.
+
+ * bindings/js/JSCryptoAlgorithmDictionary.cpp:
+ (WebCore::getHashAlgorithm):
+ (WebCore::createHmacParams):
+ (WebCore::createHmacKeyParams):
+ (WebCore::createRsaKeyGenParams):
+ (WebCore::createRsaOaepParams):
+ (WebCore::createRsaSsaParams):
+ (WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey): Deleted.
+ * bindings/js/SerializedScriptValue.cpp:
+ (WebCore::CloneDeserializer::readRSAKey):
+ * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
+ (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey):
+ (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
+ * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
+ (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey):
+ (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
+ * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
+ (WebCore::CryptoAlgorithmRSA_OAEP::generateKey):
+ (WebCore::CryptoAlgorithmRSA_OAEP::importKey):
+ * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
+ (WebCore::CryptoKeyRSA::CryptoKeyRSA):
+ (WebCore::CryptoKeyRSA::create):
+ (WebCore::CryptoKeyRSA::generatePair):
+ (WebCore::CryptoKeyRSA::restrictToHash): Deleted.
+ * crypto/keys/CryptoKeyRSA.h:
+ * crypto/mac/CryptoKeyRSAMac.cpp:
+ (WebCore::CryptoKeyRSA::CryptoKeyRSA):
+ (WebCore::CryptoKeyRSA::create):
+ (WebCore::CryptoKeyRSA::generatePair):
+ (WebCore::CryptoKeyRSA::restrictToHash): Deleted.
+ * crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
+
2015-11-06 Wenson Hsieh <wenson_hsieh@apple.com>
Scrolling iframe inside scrollable div does not work with trackpad
namespace WebCore {
+enum class HashRequirement {
+ Optional,
+ Required,
+};
+
bool JSCryptoAlgorithmDictionary::getAlgorithmIdentifier(ExecState* exec, JSValue value, CryptoAlgorithmIdentifier& algorithmIdentifier)
{
// typedef (Algorithm or DOMString) AlgorithmIdentifier;
return jsUndefined();
}
-static bool getHashAlgorithm(JSDictionary& dictionary, CryptoAlgorithmIdentifier& result)
+static bool getHashAlgorithm(JSDictionary& dictionary, CryptoAlgorithmIdentifier& result, HashRequirement isRequired)
{
// FXIME: Teach JSDictionary how to return JSValues, and use that to get hash element value.
return false;
if (hash.isUndefinedOrNull()) {
- setDOMException(exec, NOT_SUPPORTED_ERR);
+ if (isRequired == HashRequirement::Required)
+ setDOMException(exec, NOT_SUPPORTED_ERR);
return false;
}
JSDictionary jsDictionary(exec, value.getObject());
auto result = std::make_unique<CryptoAlgorithmHmacParams>();
- if (!getHashAlgorithm(jsDictionary, result->hash)) {
+ if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
ASSERT(exec->hadException());
return nullptr;
}
JSDictionary jsDictionary(exec, value.getObject());
auto result = std::make_unique<CryptoAlgorithmHmacKeyParams>();
- if (!getHashAlgorithm(jsDictionary, result->hash)) {
+ if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
ASSERT(exec->hadException());
return nullptr;
}
return nullptr;
}
+ JSDictionary jsDictionary(exec, value.getObject());
auto result = std::make_unique<CryptoAlgorithmRsaKeyGenParams>();
JSValue modulusLengthValue = getProperty(exec, value.getObject(), "modulusLength");
}
result->publicExponent.append(publicExponentArray->data(), publicExponentArray->byteLength());
+ result->hasHash = getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Optional);
+
return WTF::move(result);
}
JSDictionary jsDictionary(exec, value.getObject());
auto result = std::make_unique<CryptoAlgorithmRsaOaepParams>();
- if (!getHashAlgorithm(jsDictionary, result->hash)) {
+ if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
ASSERT(exec->hadException());
return nullptr;
}
JSDictionary jsDictionary(exec, value.getObject());
auto result = std::make_unique<CryptoAlgorithmRsaSsaParams>();
- if (!getHashAlgorithm(jsDictionary, result->hash)) {
+ if (!getHashAlgorithm(jsDictionary, result->hash, HashRequirement::Required)) {
ASSERT(exec->hadException());
return nullptr;
}
{
switch (algorithm) {
case CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5:
- return std::make_unique<CryptoAlgorithmParameters>();
case CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5:
- return createRsaKeyParamsWithHash(exec, value);
case CryptoAlgorithmIdentifier::RSA_PSS:
- return std::make_unique<CryptoAlgorithmParameters>();
case CryptoAlgorithmIdentifier::RSA_OAEP:
return createRsaKeyParamsWithHash(exec, value);
case CryptoAlgorithmIdentifier::ECDSA:
parameters = createRSAKeyParametersWithHash(CryptoAlgorithmIdentifier::SHA_512);
} else if (m_jwkAlgorithmName == "RSA1_5") {
algorithm = algorithmRegisty.create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5);
- parameters = std::make_unique<CryptoAlgorithmParameters>();
+ parameters = std::make_unique<CryptoAlgorithmRsaKeyParamsWithHash>();
} else if (m_jwkAlgorithmName == "RSA-OAEP") {
algorithm = algorithmRegisty.create(CryptoAlgorithmIdentifier::RSA_OAEP);
parameters = createRSAKeyParametersWithHash(CryptoAlgorithmIdentifier::SHA_1);
if (type == CryptoKeyAsymmetricTypeSubtag::Public) {
auto keyData = CryptoKeyDataRSAComponents::createPublic(modulus, exponent);
- auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
- if (isRestrictedToHash)
- key->restrictToHash(hash);
+ auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
result = WTF::move(key);
return true;
}
if (!primeCount) {
auto keyData = CryptoKeyDataRSAComponents::createPrivate(modulus, exponent, privateExponent);
- auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
- if (isRestrictedToHash)
- key->restrictToHash(hash);
+ auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
result = WTF::move(key);
return true;
}
}
auto keyData = CryptoKeyDataRSAComponents::createPrivateWithAdditionalData(modulus, exponent, privateExponent, firstPrimeInfo, secondPrimeInfo, otherPrimeInfos);
- auto key = CryptoKeyRSA::create(algorithm, *keyData, extractable, usages);
- if (isRestrictedToHash)
- key->restrictToHash(hash);
+ auto key = CryptoKeyRSA::create(algorithm, hash, isRestrictedToHash, *keyData, extractable, usages);
result = WTF::move(key);
return true;
}
#if ENABLE(SUBTLE_CRYPTO)
#include "CryptoAlgorithmRsaKeyGenParams.h"
+#include "CryptoAlgorithmRsaKeyParamsWithHash.h"
#include "CryptoKeyDataRSAComponents.h"
#include "CryptoKeyRSA.h"
#include "ExceptionCode.h"
callback(nullptr, &pair);
};
- CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+ CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
}
-void CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(const CryptoAlgorithmParameters&, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
+void CryptoAlgorithmRSAES_PKCS1_v1_5::importKey(const CryptoAlgorithmParameters& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
{
+ const CryptoAlgorithmRsaKeyParamsWithHash& rsaParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHash>(parameters);
const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
- RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaComponents, extractable, usage);
+ RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSAES_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaComponents, extractable, usage);
if (!result) {
failureCallback();
return;
callback(nullptr, &pair);
};
- CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+ CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
}
void CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey(const CryptoAlgorithmParameters& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
const CryptoAlgorithmRsaKeyParamsWithHash& rsaKeyParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHash>(parameters);
const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
- RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaComponents, extractable, usage);
+ RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSASSA_PKCS1_v1_5, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage);
if (!result) {
failureCallback();
return;
}
- if (rsaKeyParameters.hasHash)
- result->restrictToHash(rsaKeyParameters.hash);
-
callback(*result);
}
callback(nullptr, &pair);
};
- CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
+ CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier::RSA_OAEP, rsaParameters.hash, rsaParameters.hasHash, rsaParameters.modulusLength, rsaParameters.publicExponent, extractable, usages, WTF::move(keyPairCallback), WTF::move(failureCallback));
}
void CryptoAlgorithmRSA_OAEP::importKey(const CryptoAlgorithmParameters& parameters, const CryptoKeyData& keyData, bool extractable, CryptoKeyUsage usage, KeyCallback&& callback, VoidCallback&& failureCallback, ExceptionCode&)
const CryptoAlgorithmRsaKeyParamsWithHash& rsaKeyParameters = downcast<CryptoAlgorithmRsaKeyParamsWithHash>(parameters);
const CryptoKeyDataRSAComponents& rsaComponents = downcast<CryptoKeyDataRSAComponents>(keyData);
- RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSA_OAEP, rsaComponents, extractable, usage);
+ RefPtr<CryptoKeyRSA> result = CryptoKeyRSA::create(CryptoAlgorithmIdentifier::RSA_OAEP, rsaKeyParameters.hash, rsaKeyParameters.hasHash, rsaComponents, extractable, usage);
if (!result) {
failureCallback();
return;
}
- if (rsaKeyParameters.hasHash)
- result->restrictToHash(rsaKeyParameters.hash);
-
callback(*result);
}
struct _PlatformRSAKeyGnuTLS {
};
-CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
: CryptoKey(identifier, type, extractable, usage)
, m_platformKey(platformKey)
- , m_restrictedToSpecificHash(false)
+ , m_restrictedToSpecificHash(hasHash)
+ , m_hash(hash)
{
notImplemented();
}
-RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
+RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
{
notImplemented();
UNUSED_PARAM(identifier);
+ UNUSED_PARAM(hash);
+ UNUSED_PARAM(hasHash);
UNUSED_PARAM(keyData);
UNUSED_PARAM(extractable);
UNUSED_PARAM(usage);
notImplemented();
}
-void CryptoKeyRSA::restrictToHash(CryptoAlgorithmIdentifier identifier)
-{
- m_restrictedToSpecificHash = true;
- m_hash = identifier;
-}
-
bool CryptoKeyRSA::isRestrictedToHash(CryptoAlgorithmIdentifier& identifier) const
{
if (!m_restrictedToSpecificHash)
return nullptr;
}
-void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
+void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
{
notImplemented();
failureCallback();
UNUSED_PARAM(algorithm);
+ UNUSED_PARAM(hash);
+ UNUSED_PARAM(hasHash);
UNUSED_PARAM(modulusLength);
UNUSED_PARAM(publicExponent);
UNUSED_PARAM(extractable);
class CryptoKeyRSA final : public CryptoKey {
public:
- static Ref<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+ static Ref<CryptoKeyRSA> create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
{
- return adoptRef(*new CryptoKeyRSA(identifier, type, platformKey, extractable, usage));
+ return adoptRef(*new CryptoKeyRSA(identifier, hash, hasHash, type, platformKey, extractable, usage));
}
- static RefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsage);
+ static RefPtr<CryptoKeyRSA> create(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents&, bool extractable, CryptoKeyUsage);
virtual ~CryptoKeyRSA();
- void restrictToHash(CryptoAlgorithmIdentifier);
bool isRestrictedToHash(CryptoAlgorithmIdentifier&) const;
size_t keySizeInBits() const;
typedef std::function<void(CryptoKeyPair&)> KeyPairCallback;
typedef std::function<void()> VoidCallback;
- static void generatePair(CryptoAlgorithmIdentifier, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage, KeyPairCallback, VoidCallback failureCallback);
+ static void generatePair(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage, KeyPairCallback, VoidCallback failureCallback);
PlatformRSAKey platformKey() const { return m_platformKey; }
private:
- CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsage);
+ CryptoKeyRSA(CryptoAlgorithmIdentifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType, PlatformRSAKey, bool extractable, CryptoKeyUsage);
virtual CryptoKeyClass keyClass() const override { return CryptoKeyClass::RSA; }
return status;
}
-CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
+CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsage usage)
: CryptoKey(identifier, type, extractable, usage)
, m_platformKey(platformKey)
- , m_restrictedToSpecificHash(false)
+ , m_restrictedToSpecificHash(hasHash)
+ , m_hash(hash)
{
}
-RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
+RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsage usage)
{
if (keyData.type() == CryptoKeyDataRSAComponents::Type::Private && !keyData.hasAdditionalPrivateKeyParameters()) {
// <rdar://problem/15452324> tracks adding support.
return nullptr;
}
- return adoptRef(new CryptoKeyRSA(identifier, keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? CryptoKeyType::Public : CryptoKeyType::Private, cryptor, extractable, usage));
+ return adoptRef(new CryptoKeyRSA(identifier, hash, hasHash, keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? CryptoKeyType::Public : CryptoKeyType::Private, cryptor, extractable, usage));
}
CryptoKeyRSA::~CryptoKeyRSA()
CCRSACryptorRelease(m_platformKey);
}
-void CryptoKeyRSA::restrictToHash(CryptoAlgorithmIdentifier identifier)
-{
- m_restrictedToSpecificHash = true;
- m_hash = identifier;
-}
-
bool CryptoKeyRSA::isRestrictedToHash(CryptoAlgorithmIdentifier& identifier) const
{
if (!m_restrictedToSpecificHash)
return true;
}
-void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
+void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsage usage, KeyPairCallback callback, VoidCallback failureCallback)
{
uint32_t e;
if (!bigIntegerToUInt32(publicExponent, e)) {
return;
}
callOnWebThreadOrDispatchAsyncOnMainThread(^{
- RefPtr<CryptoKeyRSA> publicKey = CryptoKeyRSA::create(algorithm, CryptoKeyType::Public, ccPublicKey, true, usage);
- RefPtr<CryptoKeyRSA> privateKey = CryptoKeyRSA::create(algorithm, CryptoKeyType::Private, ccPrivateKey, extractable, usage);
+ RefPtr<CryptoKeyRSA> publicKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Public, ccPublicKey, true, usage);
+ RefPtr<CryptoKeyRSA> privateKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Private, ccPrivateKey, extractable, usage);
(*localCallback)(CryptoKeyPair::create(publicKey.release(), privateKey.release()));
delete localCallback;
delete localFailureCallback;
class CryptoAlgorithmRsaKeyGenParams final : public CryptoAlgorithmParameters {
public:
+ CryptoAlgorithmRsaKeyGenParams()
+ : hasHash(false)
+ {
+ }
// The length, in bits, of the RSA modulus.
unsigned modulusLength;
// The RSA public exponent, encoded as BigInteger.
Vector<uint8_t> publicExponent;
+ // The hash algorith identifier
+ bool hasHash;
+ CryptoAlgorithmIdentifier hash;
virtual Class parametersClass() const override { return Class::RsaKeyGenParams; }
};
git://git.webkit.org / WebKit-https.git / commitdiff