1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/device_bound_sessions/jwk_utils.h"
#include "base/base64url.h"
#include "third_party/boringssl/src/include/openssl/bn.h"
#include "third_party/boringssl/src/include/openssl/bytestring.h"
#include "third_party/boringssl/src/include/openssl/ec.h"
#include "third_party/boringssl/src/include/openssl/evp.h"
#include "third_party/boringssl/src/include/openssl/rsa.h"
namespace net::device_bound_sessions {
namespace {
// The format of JSON Web Key (JWK) is specified in the section 4 of RFC 7517:
// https://www.ietf.org/rfc/rfc7517.html#section-4
//
// The parameters of a particular key type are specified by the JWA spec:
// https://www.ietf.org/rfc/rfc7518.html#section-6
constexpr char kKeyTypeParam[] = "kty";
constexpr char kEcKeyType[] = "EC";
constexpr char kEcCurve[] = "crv";
constexpr char kEcCurveP256[] = "P-256";
constexpr char kEcCoordinateX[] = "x";
constexpr char kEcCoordinateY[] = "y";
constexpr char kRsaKeyType[] = "RSA";
constexpr char kRsaModulus[] = "n";
constexpr char kRsaExponent[] = "e";
std::string Base64UrlEncode(base::span<const uint8_t> input) {
std::string output;
base::Base64UrlEncode(input, base::Base64UrlEncodePolicy::OMIT_PADDING,
&output);
return output;
}
bssl::UniquePtr<EVP_PKEY> ParsePublicKey(base::span<const uint8_t> pkey_spki) {
CBS cbs;
CBS_init(&cbs, pkey_spki.data(), pkey_spki.size());
bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_public_key(&cbs));
if (CBS_len(&cbs) != 0) {
return nullptr;
}
return pkey;
}
base::Value::Dict ConvertES256PkeySpkiToJwk(
base::span<const uint8_t> pkey_spki) {
bssl::UniquePtr<EVP_PKEY> pkey = ParsePublicKey(pkey_spki);
if (!pkey || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) {
return base::Value::Dict();
}
EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey.get());
if (!ec_key) {
return base::Value::Dict();
}
const EC_GROUP* group = EC_KEY_get0_group(ec_key);
const EC_POINT* point = EC_KEY_get0_public_key(ec_key);
if (!group || !point) {
return base::Value::Dict();
}
bssl::UniquePtr<BIGNUM> x(BN_new());
bssl::UniquePtr<BIGNUM> y(BN_new());
if (!x || !y) {
return base::Value::Dict();
}
if (!EC_POINT_get_affine_coordinates_GFp(group, point, x.get(), y.get(),
nullptr)) {
return base::Value::Dict();
}
std::vector<uint8_t> x_bytes(32);
std::vector<uint8_t> y_bytes(32);
if (!BN_bn2bin_padded(x_bytes.data(), x_bytes.size(), x.get()) ||
!BN_bn2bin_padded(y_bytes.data(), y_bytes.size(), y.get())) {
return base::Value::Dict();
}
return base::Value::Dict()
.Set(kKeyTypeParam, kEcKeyType)
.Set(kEcCurve, kEcCurveP256)
.Set(kEcCoordinateX, Base64UrlEncode(x_bytes))
.Set(kEcCoordinateY, Base64UrlEncode(y_bytes));
}
base::Value::Dict ConvertRS256PkeySpkiToJwk(
base::span<const uint8_t> pkey_spki) {
bssl::UniquePtr<EVP_PKEY> pkey = ParsePublicKey(pkey_spki);
if (!pkey || EVP_PKEY_id(pkey.get()) != EVP_PKEY_RSA) {
return base::Value::Dict();
}
RSA* rsa_key = EVP_PKEY_get0_RSA(pkey.get());
if (!rsa_key) {
return base::Value::Dict();
}
const BIGNUM* n = RSA_get0_n(rsa_key);
const BIGNUM* e = RSA_get0_e(rsa_key);
if (!n || !e) {
return base::Value::Dict();
}
std::vector<uint8_t> n_bytes(BN_num_bytes(n));
std::vector<uint8_t> e_bytes(BN_num_bytes(e));
BN_bn2bin(n, n_bytes.data());
BN_bn2bin(e, e_bytes.data());
return base::Value::Dict()
.Set(kKeyTypeParam, kRsaKeyType)
.Set(kRsaModulus, Base64UrlEncode(n_bytes))
.Set(kRsaExponent, Base64UrlEncode(e_bytes));
}
} // namespace
base::Value::Dict ConvertPkeySpkiToJwk(
crypto::SignatureVerifier::SignatureAlgorithm algorithm,
base::span<const uint8_t> pkey_spki) {
// TODO(crbug.com/360756896): Support more algorithms.
switch (algorithm) {
case crypto::SignatureVerifier::SignatureAlgorithm::RSA_PKCS1_SHA256:
return ConvertRS256PkeySpkiToJwk(pkey_spki);
case crypto::SignatureVerifier::SignatureAlgorithm::ECDSA_SHA256:
return ConvertES256PkeySpkiToJwk(pkey_spki);
default:
return base::Value::Dict();
}
}
} // namespace net::device_bound_sessions
|
