SECKEYPublicKey* CryptoKey::PublicKeyFromJwk(const JsonWebKey& aJwk, const nsNSSShutDownPreventionLock& /*proofOfLock*/) { if (!aJwk.mKty.WasPassed() || !aJwk.mKty.Value().EqualsLiteral(JWK_TYPE_RSA)) { return nullptr; } // Verify that all of the required parameters are present CryptoBuffer n, e; if (!aJwk.mN.WasPassed() || NS_FAILED(n.FromJwkBase64(aJwk.mN.Value())) || !aJwk.mE.WasPassed() || NS_FAILED(e.FromJwkBase64(aJwk.mE.Value()))) { return nullptr; } // Transcode to a DER RSAPublicKey structure struct RSAPublicKeyData { SECItem n; SECItem e; }; const RSAPublicKeyData input = { { siUnsignedInteger, n.Elements(), (unsigned int) n.Length() }, { siUnsignedInteger, e.Elements(), (unsigned int) e.Length() } }; const SEC_ASN1Template rsaPublicKeyTemplate[] = { {SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(RSAPublicKeyData)}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, n),}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, e),}, {0,} }; ScopedSECItem pkDer(SEC_ASN1EncodeItem(nullptr, nullptr, &input, rsaPublicKeyTemplate)); if (!pkDer.get()) { return nullptr; } return SECKEY_ImportDERPublicKey(pkDer.get(), CKK_RSA); }
SECKEYPublicKey* CryptoKey::PublicKeyFromJwk(const JsonWebKey& aJwk, const nsNSSShutDownPreventionLock& /*proofOfLock*/) { if (aJwk.mKty.EqualsLiteral(JWK_TYPE_RSA)) { // Verify that all of the required parameters are present CryptoBuffer n, e; if (!aJwk.mN.WasPassed() || NS_FAILED(n.FromJwkBase64(aJwk.mN.Value())) || !aJwk.mE.WasPassed() || NS_FAILED(e.FromJwkBase64(aJwk.mE.Value()))) { return nullptr; } // Transcode to a DER RSAPublicKey structure struct RSAPublicKeyData { SECItem n; SECItem e; }; const RSAPublicKeyData input = { { siUnsignedInteger, n.Elements(), (unsigned int) n.Length() }, { siUnsignedInteger, e.Elements(), (unsigned int) e.Length() } }; const SEC_ASN1Template rsaPublicKeyTemplate[] = { {SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(RSAPublicKeyData)}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, n),}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, e),}, {0,} }; ScopedSECItem pkDer(SEC_ASN1EncodeItem(nullptr, nullptr, &input, rsaPublicKeyTemplate)); if (!pkDer.get()) { return nullptr; } return SECKEY_ImportDERPublicKey(pkDer.get(), CKK_RSA); } if (aJwk.mKty.EqualsLiteral(JWK_TYPE_EC)) { // Verify that all of the required parameters are present CryptoBuffer x, y; if (!aJwk.mCrv.WasPassed() || !aJwk.mX.WasPassed() || NS_FAILED(x.FromJwkBase64(aJwk.mX.Value())) || !aJwk.mY.WasPassed() || NS_FAILED(y.FromJwkBase64(aJwk.mY.Value()))) { return nullptr; } ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE)); if (!arena) { return nullptr; } SECKEYPublicKey* key = PORT_ArenaZNew(arena, SECKEYPublicKey); if (!key) { return nullptr; } key->keyType = ecKey; key->pkcs11Slot = nullptr; key->pkcs11ID = CK_INVALID_HANDLE; nsString namedCurve; if (!NormalizeToken(aJwk.mCrv.Value(), namedCurve)) { return nullptr; } // Create parameters. SECItem* params = CreateECParamsForCurve(namedCurve, arena.get()); if (!params) { return nullptr; } key->u.ec.DEREncodedParams = *params; // Create point. SECItem* point = CreateECPointForCoordinates(x, y, arena.get()); if (!point) { return nullptr; } key->u.ec.publicValue = *point; if (!PublicKeyValid(key)) { return nullptr; } return SECKEY_CopyPublicKey(key); } return nullptr; }
inPubKey.m_modulus.data = (unsigned char *) PORT_Alloc(modlen + 10); memcpy(inPubKey.m_modulus.data, temp, modlen); inPubKey.m_modulus.len = modlen; inPubKey.m_modulus.type = siUnsignedInteger; g_free(temp); temp = hexstring_to_binary(exponent_str); inPubKey.m_exponent.data = (unsigned char *) PORT_Alloc(explen + 10); memcpy(inPubKey.m_exponent.data, temp, explen); inPubKey.m_exponent.len = explen; inPubKey.m_exponent.type = siUnsignedInteger; g_free(temp); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); SEC_ASN1EncodeItem(arena, &derPubKey, &inPubKey, MyRSAPublicKeyTemplate); pubKey = SECKEY_ImportDERPublicKey(&derPubKey, CKK_RSA); PORT_FreeArena(arena, PR_FALSE); encrypted = g_new0(guchar, modlen); temp = pkcs1pad2(password, modlen); /* encrypt password, result will be in encrypted */ rv = PK11_PubEncryptRaw(pubKey, encrypted, temp, modlen, 0); g_free(temp); if (rv != SECSuccess) { purple_debug_error("steam", "password encrypt failed\n"); if (pubKey) SECKEY_DestroyPublicKey(pubKey); g_free(encrypted); return NULL;
UniqueSECKEYPublicKey CryptoKey::PublicKeyFromJwk(const JsonWebKey& aJwk, const nsNSSShutDownPreventionLock& /*proofOfLock*/) { if (aJwk.mKty.EqualsLiteral(JWK_TYPE_RSA)) { // Verify that all of the required parameters are present CryptoBuffer n, e; if (!aJwk.mN.WasPassed() || NS_FAILED(n.FromJwkBase64(aJwk.mN.Value())) || !aJwk.mE.WasPassed() || NS_FAILED(e.FromJwkBase64(aJwk.mE.Value()))) { return nullptr; } // Transcode to a DER RSAPublicKey structure struct RSAPublicKeyData { SECItem n; SECItem e; }; const RSAPublicKeyData input = { { siUnsignedInteger, n.Elements(), (unsigned int) n.Length() }, { siUnsignedInteger, e.Elements(), (unsigned int) e.Length() } }; const SEC_ASN1Template rsaPublicKeyTemplate[] = { {SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(RSAPublicKeyData)}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, n),}, {SEC_ASN1_INTEGER, offsetof(RSAPublicKeyData, e),}, {0,} }; UniqueSECItem pkDer(SEC_ASN1EncodeItem(nullptr, nullptr, &input, rsaPublicKeyTemplate)); if (!pkDer.get()) { return nullptr; } return UniqueSECKEYPublicKey(SECKEY_ImportDERPublicKey(pkDer.get(), CKK_RSA)); } if (aJwk.mKty.EqualsLiteral(JWK_TYPE_EC)) { // Verify that all of the required parameters are present CryptoBuffer x, y; if (!aJwk.mCrv.WasPassed() || !aJwk.mX.WasPassed() || NS_FAILED(x.FromJwkBase64(aJwk.mX.Value())) || !aJwk.mY.WasPassed() || NS_FAILED(y.FromJwkBase64(aJwk.mY.Value()))) { return nullptr; } UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE)); if (!arena) { return nullptr; } // Create point. SECItem* point = CreateECPointForCoordinates(x, y, arena.get()); if (!point) { return nullptr; } nsString namedCurve; if (!NormalizeToken(aJwk.mCrv.Value(), namedCurve)) { return nullptr; } return CreateECPublicKey(point, namedCurve); } return nullptr; }