void CryptoAlgorithmRSASSA_PKCS1_v1_5::verify(const CryptoAlgorithmParameters& parameters, const CryptoKey& key, const CryptoOperationData& signature, const CryptoOperationData& data, std::unique_ptr<PromiseWrapper> promise, ExceptionCode& ec) { const CryptoAlgorithmRsaSsaParams& rsaSSAParameters = toCryptoAlgorithmRsaSsaParams(parameters); if (!isCryptoKeyRSA(key)) { ec = NOT_SUPPORTED_ERR; return; } const CryptoKeyRSA& rsaKey = toCryptoKeyRSA(key); CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(rsaSSAParameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(rsaSSAParameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); CCCryptorStatus status = CCRSACryptorVerify(rsaKey.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.first, signature.second); if (!status) promise->fulfill(true); else if (status == kCCNotVerified || kCCDecodeError) // <rdar://problem/15464982> CCRSACryptorVerify returns kCCDecodeError instead of kCCNotVerified sometimes promise->fulfill(false); else promise->reject(nullptr); }
void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign(const CryptoAlgorithmRsaSsaParams& parameters, const CryptoKeyRSA& key, const CryptoOperationData& data, VectorCallback callback, VoidCallback failureCallback, ExceptionCode& ec) { CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(parameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(parameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); Vector<uint8_t> signature(512); size_t signatureSize = signature.size(); CCCryptorStatus status = CCRSACryptorSign(key.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.data(), &signatureSize); if (status) { failureCallback(); return; } signature.resize(signatureSize); callback(signature); }
void CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify(const CryptoAlgorithmRsaSsaParams& parameters, const CryptoKeyRSA& key, const CryptoOperationData& signature, const CryptoOperationData& data, BoolCallback callback, VoidCallback failureCallback, ExceptionCode& ec) { CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(parameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(parameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); CCCryptorStatus status = CCRSACryptorVerify(key.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.first, signature.second); if (!status) callback(true); else if (status == kCCNotVerified || kCCDecodeError) // <rdar://problem/15464982> CCRSACryptorVerify returns kCCDecodeError instead of kCCNotVerified sometimes callback(false); else failureCallback(); }
// FIXME: We should change data to Vector<uint8_t> type once WebKitSubtleCrypto is deprecated. // https://bugs.webkit.org/show_bug.cgi?id=164939 static ExceptionOr<Vector<uint8_t>> encryptRSA_OAEP(CryptoAlgorithmIdentifier hash, const Vector<uint8_t>& label, const PlatformRSAKey key, size_t keyLength, const uint8_t* data, size_t dataLength) { CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(hash, digestAlgorithm)) return Exception { OperationError }; Vector<uint8_t> cipherText(keyLength / 8); // Per Step 3.c of https://tools.ietf.org/html/rfc3447#section-7.1.1 size_t cipherTextLength = cipherText.size(); if (CCRSACryptorEncrypt(key, ccOAEPPadding, data, dataLength, cipherText.data(), &cipherTextLength, label.data(), label.size(), digestAlgorithm)) return Exception { OperationError }; return WTFMove(cipherText); }
void CryptoAlgorithmRSA_OAEP::platformDecrypt(const CryptoAlgorithmRsaOaepParams& parameters, const CryptoKeyRSA& key, const CryptoOperationData& data, VectorCallback&& callback, VoidCallback&& failureCallback, ExceptionCode& ec) { CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(parameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } Vector<uint8_t> plainText(1024); size_t plainTextLength = plainText.size(); CCCryptorStatus status = CCRSACryptorDecrypt(key.platformKey(), ccOAEPPadding, data.first, data.second, plainText.data(), &plainTextLength, parameters.label.data(), parameters.label.size(), digestAlgorithm); if (status) { failureCallback(); return; } plainText.resize(plainTextLength); callback(plainText); }
void CryptoAlgorithmRSASSA_PKCS1_v1_5::sign(const CryptoAlgorithmParameters& parameters, const CryptoKey& key, const CryptoOperationData& data, std::unique_ptr<PromiseWrapper> promise, ExceptionCode& ec) { const CryptoAlgorithmRsaSsaParams& rsaSSAParameters = toCryptoAlgorithmRsaSsaParams(parameters); if (!isCryptoKeyRSA(key)) { ec = NOT_SUPPORTED_ERR; return; } const CryptoKeyRSA& rsaKey = toCryptoKeyRSA(key); CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(rsaSSAParameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(rsaSSAParameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); Vector<uint8_t> signature(512); size_t signatureSize = signature.size(); CCCryptorStatus status = CCRSACryptorSign(rsaKey.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.data(), &signatureSize); if (status) { promise->reject(nullptr); return; } signature.resize(signatureSize); promise->fulfill(signature); }