nsresult CryptoKey::PrivateKeyToJwk(SECKEYPrivateKey* aPrivKey, JsonWebKey& aRetVal, const nsNSSShutDownPreventionLock& /*proofOfLock*/) { switch (aPrivKey->keyType) { case rsaKey: { aRetVal.mN.Construct(); aRetVal.mE.Construct(); aRetVal.mD.Construct(); aRetVal.mP.Construct(); aRetVal.mQ.Construct(); aRetVal.mDp.Construct(); aRetVal.mDq.Construct(); aRetVal.mQi.Construct(); if (!ReadAndEncodeAttribute(aPrivKey, CKA_MODULUS, aRetVal.mN) || !ReadAndEncodeAttribute(aPrivKey, CKA_PUBLIC_EXPONENT, aRetVal.mE) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIVATE_EXPONENT, aRetVal.mD) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIME_1, aRetVal.mP) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIME_2, aRetVal.mQ) || !ReadAndEncodeAttribute(aPrivKey, CKA_EXPONENT_1, aRetVal.mDp) || !ReadAndEncodeAttribute(aPrivKey, CKA_EXPONENT_2, aRetVal.mDq) || !ReadAndEncodeAttribute(aPrivKey, CKA_COEFFICIENT, aRetVal.mQi)) { return NS_ERROR_DOM_OPERATION_ERR; } aRetVal.mKty.Construct(NS_LITERAL_STRING(JWK_TYPE_RSA)); return NS_OK; } case ecKey: // TODO: Bug 1034855 default: return NS_ERROR_DOM_NOT_SUPPORTED_ERR; } }
nsresult CryptoKey::PrivateKeyToJwk(SECKEYPrivateKey* aPrivKey, JsonWebKey& aRetVal, const nsNSSShutDownPreventionLock& /*proofOfLock*/) { switch (aPrivKey->keyType) { case rsaKey: { aRetVal.mN.Construct(); aRetVal.mE.Construct(); aRetVal.mD.Construct(); aRetVal.mP.Construct(); aRetVal.mQ.Construct(); aRetVal.mDp.Construct(); aRetVal.mDq.Construct(); aRetVal.mQi.Construct(); if (!ReadAndEncodeAttribute(aPrivKey, CKA_MODULUS, aRetVal.mN) || !ReadAndEncodeAttribute(aPrivKey, CKA_PUBLIC_EXPONENT, aRetVal.mE) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIVATE_EXPONENT, aRetVal.mD) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIME_1, aRetVal.mP) || !ReadAndEncodeAttribute(aPrivKey, CKA_PRIME_2, aRetVal.mQ) || !ReadAndEncodeAttribute(aPrivKey, CKA_EXPONENT_1, aRetVal.mDp) || !ReadAndEncodeAttribute(aPrivKey, CKA_EXPONENT_2, aRetVal.mDq) || !ReadAndEncodeAttribute(aPrivKey, CKA_COEFFICIENT, aRetVal.mQi)) { return NS_ERROR_DOM_OPERATION_ERR; } aRetVal.mKty = NS_LITERAL_STRING(JWK_TYPE_RSA); return NS_OK; } case ecKey: { // Read EC params. ScopedSECItem params(::SECITEM_AllocItem(nullptr, nullptr, 0)); SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, aPrivKey, CKA_EC_PARAMS, params); if (rv != SECSuccess) { return NS_ERROR_DOM_OPERATION_ERR; } // Read public point Q. ScopedSECItem ecPoint(::SECITEM_AllocItem(nullptr, nullptr, 0)); rv = PK11_ReadRawAttribute(PK11_TypePrivKey, aPrivKey, CKA_EC_POINT, ecPoint); if (rv != SECSuccess) { return NS_ERROR_DOM_OPERATION_ERR; } if (!ECKeyToJwk(PK11_TypePrivKey, aPrivKey, params, ecPoint, aRetVal)) { return NS_ERROR_DOM_OPERATION_ERR; } aRetVal.mD.Construct(); // Read private value. if (!ReadAndEncodeAttribute(aPrivKey, CKA_VALUE, aRetVal.mD)) { return NS_ERROR_DOM_OPERATION_ERR; } return NS_OK; } default: return NS_ERROR_DOM_NOT_SUPPORTED_ERR; } }