CryptoKeyRSAMac.cpp [plain text]
#include "config.h"
#include "CryptoKeyRSA.h"
#if ENABLE(SUBTLE_CRYPTO)
#include "CommonCryptoDERUtilities.h"
#include "CommonCryptoUtilities.h"
#include "CryptoAlgorithmRegistry.h"
#include "CryptoKeyDataRSAComponents.h"
#include "CryptoKeyPair.h"
#include "ExceptionCode.h"
#include "ScriptExecutionContext.h"
#include <wtf/MainThread.h>
namespace WebCore {
static const unsigned char RSAOIDHeader[] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00};
static CCCryptorStatus getPublicKeyComponents(CCRSACryptorRef rsaKey, Vector<uint8_t>& modulus, Vector<uint8_t>& publicExponent)
{
ASSERT(CCRSAGetKeyType(rsaKey) == ccRSAKeyPublic || CCRSAGetKeyType(rsaKey) == ccRSAKeyPrivate);
bool keyIsPublic = CCRSAGetKeyType(rsaKey) == ccRSAKeyPublic;
CCRSACryptorRef publicKey = keyIsPublic ? rsaKey : CCRSACryptorGetPublicKeyFromPrivateKey(rsaKey);
modulus.resize(16384);
size_t modulusLength = modulus.size();
publicExponent.resize(16384);
size_t exponentLength = publicExponent.size();
CCCryptorStatus status = CCRSAGetKeyComponents(publicKey, modulus.data(), &modulusLength, publicExponent.data(), &exponentLength, 0, 0, 0, 0);
if (!keyIsPublic) {
CCRSACryptorRelease(publicKey);
}
if (status)
return status;
modulus.shrink(modulusLength);
publicExponent.shrink(exponentLength);
return status;
}
static CCCryptorStatus getPrivateKeyComponents(CCRSACryptorRef rsaKey, Vector<uint8_t>& privateExponent, CryptoKeyDataRSAComponents::PrimeInfo& firstPrimeInfo, CryptoKeyDataRSAComponents::PrimeInfo& secondPrimeInfo)
{
ASSERT(CCRSAGetKeyType(rsaKey) == ccRSAKeyPrivate);
Vector<uint8_t> unusedModulus(16384);
size_t modulusLength = unusedModulus.size();
privateExponent.resize(16384);
size_t exponentLength = privateExponent.size();
firstPrimeInfo.primeFactor.resize(16384);
size_t pLength = firstPrimeInfo.primeFactor.size();
secondPrimeInfo.primeFactor.resize(16384);
size_t qLength = secondPrimeInfo.primeFactor.size();
CCCryptorStatus status = CCRSAGetKeyComponents(rsaKey, unusedModulus.data(), &modulusLength, privateExponent.data(), &exponentLength, firstPrimeInfo.primeFactor.data(), &pLength, secondPrimeInfo.primeFactor.data(), &qLength);
if (status)
return status;
privateExponent.shrink(exponentLength);
firstPrimeInfo.primeFactor.shrink(pLength);
secondPrimeInfo.primeFactor.shrink(qLength);
CCBigNum d(privateExponent.data(), privateExponent.size());
CCBigNum p(firstPrimeInfo.primeFactor.data(), firstPrimeInfo.primeFactor.size());
CCBigNum q(secondPrimeInfo.primeFactor.data(), secondPrimeInfo.primeFactor.size());
CCBigNum dp = d % (p - 1);
CCBigNum dq = d % (q - 1);
CCBigNum qi = q.inverse(p);
firstPrimeInfo.factorCRTExponent = dp.data();
secondPrimeInfo.factorCRTExponent = dq.data();
secondPrimeInfo.factorCRTCoefficient = qi.data();
return status;
}
CryptoKeyRSA::CryptoKeyRSA(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, CryptoKeyType type, PlatformRSAKey platformKey, bool extractable, CryptoKeyUsageBitmap usage)
: CryptoKey(identifier, type, extractable, usage)
, m_platformKey(platformKey)
, m_restrictedToSpecificHash(hasHash)
, m_hash(hash)
{
}
RefPtr<CryptoKeyRSA> CryptoKeyRSA::create(CryptoAlgorithmIdentifier identifier, CryptoAlgorithmIdentifier hash, bool hasHash, const CryptoKeyDataRSAComponents& keyData, bool extractable, CryptoKeyUsageBitmap usage)
{
if (keyData.type() == CryptoKeyDataRSAComponents::Type::Private && !keyData.hasAdditionalPrivateKeyParameters()) {
WTFLogAlways("Private keys without additional data are not supported");
return nullptr;
}
if (keyData.otherPrimeInfos().size()) {
WTFLogAlways("Keys with more than two primes are not supported");
return nullptr;
}
if (keyData.type() == CryptoKeyDataRSAComponents::Type::Private && keyData.firstPrimeInfo().primeFactor.isEmpty())
return nullptr;
CCRSACryptorRef cryptor;
CCCryptorStatus status = CCRSACryptorCreateFromData(
keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? ccRSAKeyPublic : ccRSAKeyPrivate,
(uint8_t*)keyData.modulus().data(), keyData.modulus().size(),
(uint8_t*)keyData.exponent().data(), keyData.exponent().size(),
(uint8_t*)keyData.firstPrimeInfo().primeFactor.data(), keyData.firstPrimeInfo().primeFactor.size(),
(uint8_t*)keyData.secondPrimeInfo().primeFactor.data(), keyData.secondPrimeInfo().primeFactor.size(),
&cryptor);
if (status) {
LOG_ERROR("Couldn't create RSA key from data, error %d", status);
return nullptr;
}
return adoptRef(new CryptoKeyRSA(identifier, hash, hasHash, keyData.type() == CryptoKeyDataRSAComponents::Type::Public ? CryptoKeyType::Public : CryptoKeyType::Private, cryptor, extractable, usage));
}
CryptoKeyRSA::~CryptoKeyRSA()
{
CCRSACryptorRelease(m_platformKey);
}
bool CryptoKeyRSA::isRestrictedToHash(CryptoAlgorithmIdentifier& identifier) const
{
if (!m_restrictedToSpecificHash)
return false;
identifier = m_hash;
return true;
}
size_t CryptoKeyRSA::keySizeInBits() const
{
Vector<uint8_t> modulus;
Vector<uint8_t> publicExponent;
CCCryptorStatus status = getPublicKeyComponents(m_platformKey, modulus, publicExponent);
if (status) {
WTFLogAlways("Couldn't get RSA key components, status %d", status);
return 0;
}
return modulus.size() * 8;
}
std::unique_ptr<KeyAlgorithm> CryptoKeyRSA::buildAlgorithm() const
{
String name = CryptoAlgorithmRegistry::singleton().name(algorithmIdentifier());
Vector<uint8_t> modulus;
Vector<uint8_t> publicExponent;
CCCryptorStatus status = getPublicKeyComponents(m_platformKey, modulus, publicExponent);
if (status) {
WTFLogAlways("Couldn't get RSA key components, status %d", status);
publicExponent.clear();
return std::make_unique<RsaKeyAlgorithm>(name, 0, WTFMove(publicExponent));
}
size_t modulusLength = modulus.size() * 8;
if (m_restrictedToSpecificHash)
return std::make_unique<RsaHashedKeyAlgorithm>(name, modulusLength, WTFMove(publicExponent), CryptoAlgorithmRegistry::singleton().name(m_hash));
return std::make_unique<RsaKeyAlgorithm>(name, modulusLength, WTFMove(publicExponent));
}
std::unique_ptr<CryptoKeyData> CryptoKeyRSA::exportData() const
{
switch (CCRSAGetKeyType(m_platformKey)) {
case ccRSAKeyPublic: {
Vector<uint8_t> modulus;
Vector<uint8_t> publicExponent;
CCCryptorStatus status = getPublicKeyComponents(m_platformKey, modulus, publicExponent);
if (status) {
WTFLogAlways("Couldn't get RSA key components, status %d", status);
return nullptr;
}
return CryptoKeyDataRSAComponents::createPublic(modulus, publicExponent);
}
case ccRSAKeyPrivate: {
Vector<uint8_t> modulus;
Vector<uint8_t> publicExponent;
CCCryptorStatus status = getPublicKeyComponents(m_platformKey, modulus, publicExponent);
if (status) {
WTFLogAlways("Couldn't get RSA key components, status %d", status);
return nullptr;
}
Vector<uint8_t> privateExponent;
CryptoKeyDataRSAComponents::PrimeInfo firstPrimeInfo;
CryptoKeyDataRSAComponents::PrimeInfo secondPrimeInfo;
Vector<CryptoKeyDataRSAComponents::PrimeInfo> otherPrimeInfos; status = getPrivateKeyComponents(m_platformKey, privateExponent, firstPrimeInfo, secondPrimeInfo);
if (status) {
WTFLogAlways("Couldn't get RSA key components, status %d", status);
return nullptr;
}
return CryptoKeyDataRSAComponents::createPrivateWithAdditionalData(modulus, publicExponent, privateExponent, firstPrimeInfo, secondPrimeInfo, otherPrimeInfos);
}
default:
return nullptr;
}
}
static bool bigIntegerToUInt32(const Vector<uint8_t>& bigInteger, uint32_t& result)
{
result = 0;
for (size_t i = 0; i + 4 < bigInteger.size(); ++i) {
if (bigInteger[i])
return false; }
for (size_t i = bigInteger.size() > 4 ? bigInteger.size() - 4 : 0; i < bigInteger.size(); ++i) {
result <<= 8;
result += bigInteger[i];
}
return true;
}
void CryptoKeyRSA::generatePair(CryptoAlgorithmIdentifier algorithm, CryptoAlgorithmIdentifier hash, bool hasHash, unsigned modulusLength, const Vector<uint8_t>& publicExponent, bool extractable, CryptoKeyUsageBitmap usage, KeyPairCallback&& callback, VoidCallback&& failureCallback, ScriptExecutionContext* context)
{
uint32_t e;
if (!bigIntegerToUInt32(publicExponent, e)) {
WTFLogAlways("Public exponent is too big, not supported");
failureCallback();
return;
}
KeyPairCallback* localCallback = new KeyPairCallback(WTFMove(callback));
VoidCallback* localFailureCallback = new VoidCallback(WTFMove(failureCallback));
context->ref();
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
ASSERT(context);
CCRSACryptorRef ccPublicKey;
CCRSACryptorRef ccPrivateKey;
CCCryptorStatus status = CCRSACryptorGeneratePair(modulusLength, e, &ccPublicKey, &ccPrivateKey);
if (status) {
WTFLogAlways("Could not generate a key pair, status %d", status);
context->postTask([localCallback, localFailureCallback](ScriptExecutionContext& context) {
(*localFailureCallback)();
delete localCallback;
delete localFailureCallback;
context.deref();
});
return;
}
context->postTask([algorithm, hash, hasHash, extractable, usage, localCallback, localFailureCallback, ccPublicKey, ccPrivateKey](ScriptExecutionContext& context) {
auto publicKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Public, ccPublicKey, true, usage);
auto privateKey = CryptoKeyRSA::create(algorithm, hash, hasHash, CryptoKeyType::Private, ccPrivateKey, extractable, usage);
(*localCallback)(CryptoKeyPair { WTFMove(publicKey), WTFMove(privateKey) });
delete localCallback;
delete localFailureCallback;
context.deref();
});
});
}
RefPtr<CryptoKeyRSA> CryptoKeyRSA::importSpki(CryptoAlgorithmIdentifier identifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages)
{
size_t headerSize = 1;
if (keyData.size() < headerSize + 1)
return nullptr;
headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(RSAOIDHeader) + sizeof(BitStringMark);
if (keyData.size() < headerSize + 1)
return nullptr;
headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(InitialOctet);
CCRSACryptorRef ccPublicKey;
if (CCRSACryptorImport(keyData.data() + headerSize, keyData.size() - headerSize, &ccPublicKey))
return nullptr;
return adoptRef(new CryptoKeyRSA(identifier, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, CryptoKeyType::Public, ccPublicKey, extractable, usages));
}
ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportSpki() const
{
if (type() != CryptoKeyType::Public)
return Exception { INVALID_ACCESS_ERR };
Vector<uint8_t> keyBytes(keySizeInBits() / 4);
size_t keySize = keyBytes.size();
if (CCRSACryptorExport(platformKey(), keyBytes.data(), &keySize))
return Exception { OperationError };
keyBytes.shrink(keySize);
size_t totalSize = sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize + 1) + keySize + 2;
Vector<uint8_t> result;
result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1);
result.append(SequenceMark);
addEncodedASN1Length(result, totalSize);
result.append(RSAOIDHeader, sizeof(RSAOIDHeader));
result.append(BitStringMark);
addEncodedASN1Length(result, keySize + 1);
result.append(InitialOctet);
result.append(keyBytes.data(), keyBytes.size());
return WTFMove(result);
}
RefPtr<CryptoKeyRSA> CryptoKeyRSA::importPkcs8(CryptoAlgorithmIdentifier identifier, std::optional<CryptoAlgorithmIdentifier> hash, Vector<uint8_t>&& keyData, bool extractable, CryptoKeyUsageBitmap usages)
{
size_t headerSize = 1;
if (keyData.size() < headerSize + 1)
return nullptr;
headerSize += bytesUsedToEncodedLength(keyData[headerSize]) + sizeof(Version) + sizeof(RSAOIDHeader) + sizeof(OctetStringMark);
if (keyData.size() < headerSize + 1)
return nullptr;
headerSize += bytesUsedToEncodedLength(keyData[headerSize]);
CCRSACryptorRef ccPrivateKey;
if (CCRSACryptorImport(keyData.data() + headerSize, keyData.size() - headerSize, &ccPrivateKey))
return nullptr;
return adoptRef(new CryptoKeyRSA(identifier, hash.value_or(CryptoAlgorithmIdentifier::SHA_1), !!hash, CryptoKeyType::Private, ccPrivateKey, extractable, usages));
}
ExceptionOr<Vector<uint8_t>> CryptoKeyRSA::exportPkcs8() const
{
if (type() != CryptoKeyType::Private)
return Exception { INVALID_ACCESS_ERR };
Vector<uint8_t> keyBytes(keySizeInBits());
size_t keySize = keyBytes.size();
if (CCRSACryptorExport(platformKey(), keyBytes.data(), &keySize))
return Exception { OperationError };
keyBytes.shrink(keySize);
size_t totalSize = sizeof(Version) + sizeof(RSAOIDHeader) + bytesNeededForEncodedLength(keySize) + keySize + 1;
Vector<uint8_t> result;
result.reserveCapacity(totalSize + bytesNeededForEncodedLength(totalSize) + 1);
result.append(SequenceMark);
addEncodedASN1Length(result, totalSize);
result.append(Version, sizeof(Version));
result.append(RSAOIDHeader, sizeof(RSAOIDHeader));
result.append(OctetStringMark);
addEncodedASN1Length(result, keySize);
result.append(keyBytes.data(), keyBytes.size());
return WTFMove(result);
}
}
#endif // ENABLE(SUBTLE_CRYPTO)