Source/WebCore/crypto/algorithms/CryptoAlgorithmECDH.cpp - WebKit - Git at Google

 /*
  * Copyright (C) 2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
  * THE POSSIBILITY OF SUCH DAMAGE.
  */

 #include "config.h"
 #include "CryptoAlgorithmECDH.h"

 #if ENABLE(WEB_CRYPTO)

 #include "CryptoAlgorithmEcKeyParams.h"
 #include "CryptoAlgorithmEcdhKeyDeriveParams.h"
 #include "CryptoKeyEC.h"
 #include "ScriptExecutionContext.h"

 namespace WebCore {

 Ref<CryptoAlgorithm> CryptoAlgorithmECDH::create()
 {
     return adoptRef(*new CryptoAlgorithmECDH);
 }

 CryptoAlgorithmIdentifier CryptoAlgorithmECDH::identifier() const
 {
     return s_identifier;
 }

 void CryptoAlgorithmECDH::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&)
 {
     const auto& ecParameters = downcast<CryptoAlgorithmEcKeyParams>(parameters);

     if (usages & (CryptoKeyUsageEncrypt | CryptoKeyUsageDecrypt | CryptoKeyUsageSign | CryptoKeyUsageVerify | CryptoKeyUsageWrapKey | CryptoKeyUsageUnwrapKey)) {
         exceptionCallback(SyntaxError);
         return;
     }

     auto result = CryptoKeyEC::generatePair(CryptoAlgorithmIdentifier::ECDH, ecParameters.namedCurve, extractable, usages);
     if (result.hasException()) {
         exceptionCallback(result.releaseException().code());
         return;
     }

     auto pair = result.releaseReturnValue();
     pair.publicKey->setUsagesBitmap(0);
     pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & (CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits));
     callback(WTFMove(pair));
 }

 void CryptoAlgorithmECDH::deriveBits(const CryptoAlgorithmParameters& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
 {
     // We only accept length that is a multiple of 8.
     if (length % 8) {
         exceptionCallback(OperationError);
         return;
     }

     auto& ecParameters = downcast<CryptoAlgorithmEcdhKeyDeriveParams>(parameters);

     if (baseKey->type() != CryptoKey::Type::Private) {
         exceptionCallback(InvalidAccessError);
         return;
     }
     ASSERT(ecParameters.publicKey);
     if (ecParameters.publicKey->type() != CryptoKey::Type::Public) {
         exceptionCallback(InvalidAccessError);
         return;
     }
     if (baseKey->algorithmIdentifier() != ecParameters.publicKey->algorithmIdentifier()) {
         exceptionCallback(InvalidAccessError);
         return;
     }
     auto& ecBaseKey = downcast<CryptoKeyEC>(baseKey.get());
     auto& ecPublicKey = downcast<CryptoKeyEC>(*(ecParameters.publicKey.get()));
     if (ecBaseKey.namedCurve() != ecPublicKey.namedCurve()) {
         exceptionCallback(InvalidAccessError);
         return;
     }

     auto unifiedCallback = [callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](Optional<Vector<uint8_t>>&& derivedKey, size_t length) mutable {
         if (!derivedKey) {
             exceptionCallback(OperationError);
             return;
         }
         if (!length) {
             callback(WTFMove(*derivedKey));
             return;
         }
         if (length / 8 > (*derivedKey).size()) {
             exceptionCallback(OperationError);
             return;
         }
         (*derivedKey).shrink(length / 8);
         callback(WTFMove(*derivedKey));
     };

     // This is a special case that can't use dispatchOperation() because it bundles
     // the result validation and callback dispatch into unifiedCallback.
     workQueue.dispatch(
         [baseKey = WTFMove(baseKey), publicKey = ecParameters.publicKey, length, unifiedCallback = WTFMove(unifiedCallback), contextIdentifier = context.contextIdentifier()]() mutable {
             auto derivedKey = platformDeriveBits(downcast<CryptoKeyEC>(baseKey.get()), downcast<CryptoKeyEC>(*publicKey));
             ScriptExecutionContext::postTaskTo(contextIdentifier, [derivedKey = WTFMove(derivedKey), length, unifiedCallback = WTFMove(unifiedCallback)](auto&) mutable {
                 unifiedCallback(WTFMove(derivedKey), length);
             });
         });
 }

 void CryptoAlgorithmECDH::importKey(CryptoKeyFormat format, KeyData&& data, const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback)
 {
     const auto& ecParameters = downcast<CryptoAlgorithmEcKeyParams>(parameters);

     RefPtr<CryptoKeyEC> result;
     switch (format) {
     case CryptoKeyFormat::Jwk: {
         JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data));

         bool isUsagesAllowed = false;
         if (!key.d.isNull()) {
             isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageDeriveKey);
             isUsagesAllowed = isUsagesAllowed || !(usages ^ CryptoKeyUsageDeriveBits);
             isUsagesAllowed = isUsagesAllowed || !(usages ^ (CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits));
         }
         isUsagesAllowed = isUsagesAllowed || !usages;
         if (!isUsagesAllowed) {
             exceptionCallback(SyntaxError);
             return;
         }

         if (usages && !key.use.isNull() && key.use != "enc") {
             exceptionCallback(DataError);
             return;
         }

         result = CryptoKeyEC::importJwk(ecParameters.identifier, ecParameters.namedCurve, WTFMove(key), extractable, usages);
         break;
     }
     case CryptoKeyFormat::Raw:
         if (usages) {
             exceptionCallback(SyntaxError);
             return;
         }
         result = CryptoKeyEC::importRaw(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
         break;
     case CryptoKeyFormat::Spki:
         if (usages) {
             exceptionCallback(SyntaxError);
             return;
         }
         result = CryptoKeyEC::importSpki(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
         break;
     case CryptoKeyFormat::Pkcs8:
         if (usages && (usages ^ CryptoKeyUsageDeriveKey) && (usages ^ CryptoKeyUsageDeriveBits) && (usages ^ (CryptoKeyUsageDeriveKey | CryptoKeyUsageDeriveBits))) {
             exceptionCallback(SyntaxError);
             return;
         }
         result = CryptoKeyEC::importPkcs8(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
         break;
     }
     if (!result) {
         exceptionCallback(DataError);
         return;
     }

     callback(*result);
 }

 void CryptoAlgorithmECDH::exportKey(CryptoKeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback)
 {
     const auto& ecKey = downcast<CryptoKeyEC>(key.get());

     if (!ecKey.keySizeInBits()) {
         exceptionCallback(OperationError);
         return;
     }

     KeyData result;
     switch (format) {
     case CryptoKeyFormat::Jwk: {
         auto jwk = ecKey.exportJwk();
         if (jwk.hasException()) {
             exceptionCallback(jwk.releaseException().code());
             return;
         }
         result = jwk.releaseReturnValue();
         break;
     }
     case CryptoKeyFormat::Raw: {
         auto raw = ecKey.exportRaw();
         if (raw.hasException()) {
             exceptionCallback(raw.releaseException().code());
             return;
         }
         result = raw.releaseReturnValue();
         break;
     }
     case CryptoKeyFormat::Spki: {
         auto spki = ecKey.exportSpki();
         if (spki.hasException()) {
             exceptionCallback(spki.releaseException().code());
             return;
         }
         result = spki.releaseReturnValue();
         break;
     }
     case CryptoKeyFormat::Pkcs8: {
         auto pkcs8 = ecKey.exportPkcs8();
         if (pkcs8.hasException()) {
             exceptionCallback(pkcs8.releaseException().code());
             return;
         }
         result = pkcs8.releaseReturnValue();
         break;
     }
     }

     callback(format, WTFMove(result));
 }

 } // namespace WebCore

 #endif // ENABLE(WEB_CRYPTO)
	/*
	* Copyright (C) 2017 Apple Inc. All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in the
	* documentation and/or other materials provided with the distribution.
	*
	* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
	* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
	* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
	* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
	* THE POSSIBILITY OF SUCH DAMAGE.
	*/

	#include "config.h"
	#include "CryptoAlgorithmECDH.h"

	#if ENABLE(WEB_CRYPTO)

	#include "CryptoAlgorithmEcKeyParams.h"
	#include "CryptoAlgorithmEcdhKeyDeriveParams.h"
	#include "CryptoKeyEC.h"
	#include "ScriptExecutionContext.h"

	namespace WebCore {

	Ref<CryptoAlgorithm> CryptoAlgorithmECDH::create()
	{
	return adoptRef(*new CryptoAlgorithmECDH);
	}

	CryptoAlgorithmIdentifier CryptoAlgorithmECDH::identifier() const
	{
	return s_identifier;
	}

	void CryptoAlgorithmECDH::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&)
	{
	const auto& ecParameters = downcast<CryptoAlgorithmEcKeyParams>(parameters);

	if (usages & (CryptoKeyUsageEncrypt \| CryptoKeyUsageDecrypt \| CryptoKeyUsageSign \| CryptoKeyUsageVerify \| CryptoKeyUsageWrapKey \| CryptoKeyUsageUnwrapKey)) {
	exceptionCallback(SyntaxError);
	return;
	}

	auto result = CryptoKeyEC::generatePair(CryptoAlgorithmIdentifier::ECDH, ecParameters.namedCurve, extractable, usages);
	if (result.hasException()) {
	exceptionCallback(result.releaseException().code());
	return;
	}

	auto pair = result.releaseReturnValue();
	pair.publicKey->setUsagesBitmap(0);
	pair.privateKey->setUsagesBitmap(pair.privateKey->usagesBitmap() & (CryptoKeyUsageDeriveKey \| CryptoKeyUsageDeriveBits));
	callback(WTFMove(pair));
	}

	void CryptoAlgorithmECDH::deriveBits(const CryptoAlgorithmParameters& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
	{
	// We only accept length that is a multiple of 8.
	if (length % 8) {
	exceptionCallback(OperationError);
	return;
	}

	auto& ecParameters = downcast<CryptoAlgorithmEcdhKeyDeriveParams>(parameters);

	if (baseKey->type() != CryptoKey::Type::Private) {
	exceptionCallback(InvalidAccessError);
	return;
	}
	ASSERT(ecParameters.publicKey);
	if (ecParameters.publicKey->type() != CryptoKey::Type::Public) {
	exceptionCallback(InvalidAccessError);
	return;
	}
	if (baseKey->algorithmIdentifier() != ecParameters.publicKey->algorithmIdentifier()) {
	exceptionCallback(InvalidAccessError);
	return;
	}
	auto& ecBaseKey = downcast<CryptoKeyEC>(baseKey.get());
	auto& ecPublicKey = downcast<CryptoKeyEC>(*(ecParameters.publicKey.get()));
	if (ecBaseKey.namedCurve() != ecPublicKey.namedCurve()) {
	exceptionCallback(InvalidAccessError);
	return;
	}

	auto unifiedCallback = [callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](Optional<Vector<uint8_t>>&& derivedKey, size_t length) mutable {
	if (!derivedKey) {
	exceptionCallback(OperationError);
	return;
	}
	if (!length) {
	callback(WTFMove(*derivedKey));
	return;
	}
	if (length / 8 > (*derivedKey).size()) {
	exceptionCallback(OperationError);
	return;
	}
	(*derivedKey).shrink(length / 8);
	callback(WTFMove(*derivedKey));
	};

	// This is a special case that can't use dispatchOperation() because it bundles
	// the result validation and callback dispatch into unifiedCallback.
	workQueue.dispatch(
	[baseKey = WTFMove(baseKey), publicKey = ecParameters.publicKey, length, unifiedCallback = WTFMove(unifiedCallback), contextIdentifier = context.contextIdentifier()]() mutable {
	auto derivedKey = platformDeriveBits(downcast<CryptoKeyEC>(baseKey.get()), downcast<CryptoKeyEC>(*publicKey));
	ScriptExecutionContext::postTaskTo(contextIdentifier, [derivedKey = WTFMove(derivedKey), length, unifiedCallback = WTFMove(unifiedCallback)](auto&) mutable {
	unifiedCallback(WTFMove(derivedKey), length);
	});
	});
	}

	void CryptoAlgorithmECDH::importKey(CryptoKeyFormat format, KeyData&& data, const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback)
	{
	const auto& ecParameters = downcast<CryptoAlgorithmEcKeyParams>(parameters);

	RefPtr<CryptoKeyEC> result;
	switch (format) {
	case CryptoKeyFormat::Jwk: {
	JsonWebKey key = WTFMove(WTF::get<JsonWebKey>(data));

	bool isUsagesAllowed = false;
	if (!key.d.isNull()) {
	isUsagesAllowed = isUsagesAllowed \|\| !(usages ^ CryptoKeyUsageDeriveKey);
	isUsagesAllowed = isUsagesAllowed \|\| !(usages ^ CryptoKeyUsageDeriveBits);
	isUsagesAllowed = isUsagesAllowed \|\| !(usages ^ (CryptoKeyUsageDeriveKey \| CryptoKeyUsageDeriveBits));
	}
	isUsagesAllowed = isUsagesAllowed \|\| !usages;
	if (!isUsagesAllowed) {
	exceptionCallback(SyntaxError);
	return;
	}

	if (usages && !key.use.isNull() && key.use != "enc") {
	exceptionCallback(DataError);
	return;
	}

	result = CryptoKeyEC::importJwk(ecParameters.identifier, ecParameters.namedCurve, WTFMove(key), extractable, usages);
	break;
	}
	case CryptoKeyFormat::Raw:
	if (usages) {
	exceptionCallback(SyntaxError);
	return;
	}
	result = CryptoKeyEC::importRaw(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
	break;
	case CryptoKeyFormat::Spki:
	if (usages) {
	exceptionCallback(SyntaxError);
	return;
	}
	result = CryptoKeyEC::importSpki(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
	break;
	case CryptoKeyFormat::Pkcs8:
	if (usages && (usages ^ CryptoKeyUsageDeriveKey) && (usages ^ CryptoKeyUsageDeriveBits) && (usages ^ (CryptoKeyUsageDeriveKey \| CryptoKeyUsageDeriveBits))) {
	exceptionCallback(SyntaxError);
	return;
	}
	result = CryptoKeyEC::importPkcs8(ecParameters.identifier, ecParameters.namedCurve, WTFMove(WTF::get<Vector<uint8_t>>(data)), extractable, usages);
	break;
	}
	if (!result) {
	exceptionCallback(DataError);
	return;
	}

	callback(*result);
	}

	void CryptoAlgorithmECDH::exportKey(CryptoKeyFormat format, Ref<CryptoKey>&& key, KeyDataCallback&& callback, ExceptionCallback&& exceptionCallback)
	{
	const auto& ecKey = downcast<CryptoKeyEC>(key.get());

	if (!ecKey.keySizeInBits()) {
	exceptionCallback(OperationError);
	return;
	}

	KeyData result;
	switch (format) {
	case CryptoKeyFormat::Jwk: {
	auto jwk = ecKey.exportJwk();
	if (jwk.hasException()) {
	exceptionCallback(jwk.releaseException().code());
	return;
	}
	result = jwk.releaseReturnValue();
	break;
	}
	case CryptoKeyFormat::Raw: {
	auto raw = ecKey.exportRaw();
	if (raw.hasException()) {
	exceptionCallback(raw.releaseException().code());
	return;
	}
	result = raw.releaseReturnValue();
	break;
	}
	case CryptoKeyFormat::Spki: {
	auto spki = ecKey.exportSpki();
	if (spki.hasException()) {
	exceptionCallback(spki.releaseException().code());
	return;
	}
	result = spki.releaseReturnValue();
	break;
	}
	case CryptoKeyFormat::Pkcs8: {
	auto pkcs8 = ecKey.exportPkcs8();
	if (pkcs8.hasException()) {
	exceptionCallback(pkcs8.releaseException().code());
	return;
	}
	result = pkcs8.releaseReturnValue();
	break;
	}
	}

	callback(format, WTFMove(result));
	}

	} // namespace WebCore

	#endif // ENABLE(WEB_CRYPTO)