LibTLS+LibWeb+LibCrypto: Move Certificate to LibCrypto

By moving `Certificate` to `LibCrypto` it is possible to reuse a bunch
of code from in `LibCrypto` itself. It also moves some constants
and pieces of code to a more appropriate place than `LibTLS`.

This also makes future work on WebCryptoAPI easier.

Libraries/LibCrypto/CMakeLists.txt

@@ -17,6 +17,7 @@ set(SOURCES
     BigInt/Algorithms/SimpleOperations.cpp
     BigInt/SignedBigInteger.cpp
     BigInt/UnsignedBigInteger.cpp
+    Certificate/Certificate.cpp
     Checksum/Adler32.cpp
     Checksum/cksum.cpp
     Checksum/CRC32.cpp

Libraries/LibCrypto/Certificate/Certificate.cpp

@@ -17,7 +17,7 @@ namespace {
 static String s_error_string;
 }
 
-namespace TLS {
+namespace Crypto::Certificate {
 
 #define ERROR_WITH_SCOPE(error)                                                  \
     do {                                                                         \

Libraries/LibCrypto/Certificate/Certificate.h

@@ -15,9 +15,8 @@
 #include <LibCrypto/ASN1/DER.h>
 #include <LibCrypto/BigInt/UnsignedBigInteger.h>
 #include <LibCrypto/PK/RSA.h>
-#include <LibTLS/Extensions.h>
 
-namespace TLS {
+namespace Crypto::Certificate {
 
 constexpr static Array<int, 7>
     rsa_encryption_oid { 1, 2, 840, 113549, 1, 1, 1 },
@@ -301,5 +300,3 @@ private:
 };
 
 }
-
-using TLS::Certificate;

Libraries/LibTLS/CMakeLists.txt

@@ -1,7 +1,6 @@
 add_cxx_compile_options(-Wvla)
 
 set(SOURCES
-    Certificate.cpp
     Handshake.cpp
     HandshakeCertificate.cpp
     HandshakeClient.cpp

Libraries/LibTLS/TLSv12.cpp

@@ -14,11 +14,11 @@
 #include <LibCore/Timer.h>
 #include <LibCrypto/ASN1/ASN1.h>
 #include <LibCrypto/ASN1/PEM.h>
+#include <LibCrypto/Certificate/Certificate.h>
 #include <LibCrypto/Curves/Ed25519.h>
 #include <LibCrypto/Curves/SECPxxxr1.h>
 #include <LibCrypto/PK/Code/EMSA_PKCS1_V1_5.h>
 #include <LibFileSystem/FileSystem.h>
-#include <LibTLS/Certificate.h>
 #include <LibTLS/TLSv12.h>
 #include <errno.h>
 
@@ -316,25 +316,25 @@ bool Context::verify_certificate_pair(Certificate const& subject, Certificate co
 
     bool is_rsa = true;
 
-    if (identifier == rsa_encryption_oid) {
+    if (identifier == Crypto::Certificate::rsa_encryption_oid) {
         kind = Crypto::Hash::HashKind::None;
-    } else if (identifier == rsa_md5_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::rsa_md5_encryption_oid) {
         kind = Crypto::Hash::HashKind::MD5;
-    } else if (identifier == rsa_sha1_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::rsa_sha1_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA1;
-    } else if (identifier == rsa_sha256_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::rsa_sha256_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA256;
-    } else if (identifier == rsa_sha384_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::rsa_sha384_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA384;
-    } else if (identifier == rsa_sha512_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::rsa_sha512_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA512;
-    } else if (identifier == ecdsa_with_sha256_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::ecdsa_with_sha256_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA256;
         is_rsa = false;
-    } else if (identifier == ecdsa_with_sha384_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::ecdsa_with_sha384_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA384;
         is_rsa = false;
-    } else if (identifier == ecdsa_with_sha512_encryption_oid) {
+    } else if (identifier == Crypto::Certificate::ecdsa_with_sha512_encryption_oid) {
         kind = Crypto::Hash::HashKind::SHA512;
         is_rsa = false;
     }
@@ -597,9 +597,9 @@ ErrorOr<Vector<Certificate>> DefaultRootCACertificates::parse_pem_root_certifica
 
 ErrorOr<SupportedGroup> oid_to_curve(Vector<int> curve)
 {
-    if (curve == curve_ansip384r1)
+    if (curve == Crypto::Certificate::curve_ansip384r1)
         return SupportedGroup::SECP384R1;
-    if (curve == curve_prime256)
+    if (curve == Crypto::Certificate::curve_prime256)
         return SupportedGroup::SECP256R1;
 
     return AK::Error::from_string_literal("Unknown curve oid");

Libraries/LibTLS/TLSv12.h

@@ -6,7 +6,6 @@
 
 #pragma once
 
-#include "Certificate.h"
 #include <AK/IPv4Address.h>
 #include <AK/Queue.h>
 #include <AK/WeakPtr.h>
@@ -15,6 +14,7 @@
 #include <LibCore/Timer.h>
 #include <LibCrypto/Authentication/HMAC.h>
 #include <LibCrypto/BigInt/UnsignedBigInteger.h>
+#include <LibCrypto/Certificate/Certificate.h>
 #include <LibCrypto/Cipher/AES.h>
 #include <LibCrypto/Curves/EllipticCurve.h>
 #include <LibCrypto/Hash/HashManager.h>
@@ -24,6 +24,8 @@
 
 namespace TLS {
 
+using Crypto::Certificate::Certificate;
+
 inline void print_buffer(ReadonlyBytes buffer)
 {
     dbgln("{:hex-dump}", buffer);

Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp

@@ -12,6 +12,7 @@
 #include <LibCrypto/ASN1/ASN1.h>
 #include <LibCrypto/ASN1/DER.h>
 #include <LibCrypto/Authentication/HMAC.h>
+#include <LibCrypto/Certificate/Certificate.h>
 #include <LibCrypto/Cipher/AES.h>
 #include <LibCrypto/Curves/Ed25519.h>
 #include <LibCrypto/Curves/SECPxxxr1.h>
@@ -28,7 +29,6 @@
 #include <LibJS/Runtime/ArrayBuffer.h>
 #include <LibJS/Runtime/DataView.h>
 #include <LibJS/Runtime/TypedArray.h>
-#include <LibTLS/Certificate.h>
 #include <LibWeb/Crypto/CryptoAlgorithms.h>
 #include <LibWeb/Crypto/KeyAlgorithms.h>
 #include <LibWeb/Crypto/SubtleCrypto.h>
@@ -173,13 +173,13 @@ static WebIDL::ExceptionOr<Structure> parse_an_ASN1_structure(JS::Realm& realm,
     // 4. Parse data according to the Distinguished Encoding Rules of [X690], using structure as the ASN.1 structure to be decoded.
     ::Crypto::ASN1::Decoder decoder(data);
     Structure structure;
-    if constexpr (IsSame<Structure, TLS::SubjectPublicKey>) {
-        auto maybe_subject_public_key = TLS::parse_subject_public_key_info(decoder);
+    if constexpr (IsSame<Structure, ::Crypto::Certificate::SubjectPublicKey>) {
+        auto maybe_subject_public_key = ::Crypto::Certificate::parse_subject_public_key_info(decoder);
         if (maybe_subject_public_key.is_error())
             return WebIDL::DataError::create(realm, MUST(String::formatted("Error parsing subjectPublicKeyInfo: {}", maybe_subject_public_key.release_error())));
         structure = maybe_subject_public_key.release_value();
-    } else if constexpr (IsSame<Structure, TLS::PrivateKey>) {
-        auto maybe_private_key = TLS::parse_private_key_info(decoder);
+    } else if constexpr (IsSame<Structure, ::Crypto::Certificate::PrivateKey>) {
+        auto maybe_private_key = ::Crypto::Certificate::parse_private_key_info(decoder);
         if (maybe_private_key.is_error())
             return WebIDL::DataError::create(realm, MUST(String::formatted("Error parsing privateKeyInfo: {}", maybe_private_key.release_error())));
         structure = maybe_private_key.release_value();
@@ -201,21 +201,21 @@ static WebIDL::ExceptionOr<Structure> parse_an_ASN1_structure(JS::Realm& realm,
 }
 
 // https://w3c.github.io/webcrypto/#concept-parse-a-spki
-static WebIDL::ExceptionOr<TLS::SubjectPublicKey> parse_a_subject_public_key_info(JS::Realm& realm, ReadonlyBytes bytes)
+static WebIDL::ExceptionOr<::Crypto::Certificate::SubjectPublicKey> parse_a_subject_public_key_info(JS::Realm& realm, ReadonlyBytes bytes)
 {
     // When this specification says to parse a subjectPublicKeyInfo, the user agent must parse an ASN.1 structure,
     // with data set to the sequence of bytes to be parsed, structure as the ASN.1 structure of subjectPublicKeyInfo,
     // as specified in [RFC5280], and exactData set to true.
-    return parse_an_ASN1_structure<TLS::SubjectPublicKey>(realm, bytes, true);
+    return parse_an_ASN1_structure<::Crypto::Certificate::SubjectPublicKey>(realm, bytes, true);
 }
 
 // https://w3c.github.io/webcrypto/#concept-parse-a-privateKeyInfo
-static WebIDL::ExceptionOr<TLS::PrivateKey> parse_a_private_key_info(JS::Realm& realm, ReadonlyBytes bytes)
+static WebIDL::ExceptionOr<::Crypto::Certificate::PrivateKey> parse_a_private_key_info(JS::Realm& realm, ReadonlyBytes bytes)
 {
     // When this specification says to parse a PrivateKeyInfo, the user agent must parse an ASN.1 structure
     // with data set to the sequence of bytes to be parsed, structure as the ASN.1 structure of PrivateKeyInfo,
     // as specified in [RFC5208], and exactData set to true.
-    return parse_an_ASN1_structure<TLS::PrivateKey>(realm, bytes, true);
+    return parse_an_ASN1_structure<::Crypto::Certificate::PrivateKey>(realm, bytes, true);
 }
 
 static WebIDL::ExceptionOr<::Crypto::PK::RSAPrivateKey<>> parse_jwk_rsa_private_key(JS::Realm& realm, Bindings::JsonWebKey const& jwk)
@@ -852,7 +852,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> RSAOAEP::import_key(Web::Crypto::Algorit
 
         // 4. If the algorithm object identifier field of the algorithm AlgorithmIdentifier field of spki
         //    is not equal to the rsaEncryption object identifier defined in [RFC3447], then throw a DataError.
-        if (spki.algorithm.identifier != TLS::rsa_encryption_oid)
+        if (spki.algorithm.identifier != ::Crypto::Certificate::rsa_encryption_oid)
             return WebIDL::DataError::create(m_realm, "Algorithm object identifier is not the rsaEncryption object identifier"_string);
 
         // 5. Let publicKey be the result of performing the parse an ASN.1 structure algorithm,
@@ -889,7 +889,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> RSAOAEP::import_key(Web::Crypto::Algorit
 
         // 4. If the algorithm object identifier field of the privateKeyAlgorithm PrivateKeyAlgorithm field of privateKeyInfo
         //    is not equal to the rsaEncryption object identifier defined in [RFC3447], then throw a DataError.
-        if (private_key_info.algorithm.identifier != TLS::rsa_encryption_oid)
+        if (private_key_info.algorithm.identifier != ::Crypto::Certificate::rsa_encryption_oid)
             return WebIDL::DataError::create(m_realm, "Algorithm object identifier is not the rsaEncryption object identifier"_string);
 
         // 5. Let rsaPrivateKey be the result of performing the parse an ASN.1 structure algorithm,
@@ -2720,7 +2720,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> ED25519::import_key(
 
         // 4. If the algorithm object identifier field of the algorithm AlgorithmIdentifier field of spki
         //    is not equal to the id-Ed25519 object identifier defined in [RFC8410], then throw a DataError.
-        if (spki.algorithm.identifier != TLS::ed25519_oid)
+        if (spki.algorithm.identifier != ::Crypto::Certificate::ed25519_oid)
             return WebIDL::DataError::create(m_realm, "Invalid algorithm identifier"_string);
 
         // 5. If the parameters field of the algorithm AlgorithmIdentifier field of spki is present, then throw a DataError.
@@ -2762,7 +2762,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> ED25519::import_key(
 
         // 4. If the algorithm object identifier field of the privateKeyAlgorithm PrivateKeyAlgorithm field
         //    of privateKeyInfo is not equal to the id-Ed25519 object identifier defined in [RFC8410], then throw a DataError.
-        if (private_key_info.algorithm.identifier != TLS::ed25519_oid)
+        if (private_key_info.algorithm.identifier != ::Crypto::Certificate::ed25519_oid)
             return WebIDL::DataError::create(m_realm, "Invalid algorithm identifier"_string);
 
         // 5. If the parameters field of the privateKeyAlgorithm PrivateKeyAlgorithmIdentifier field of privateKeyInfo is present,
@@ -2970,7 +2970,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ED25519::export_key(Bindings::KeyFormat
         //    * Set the algorithm field to an AlgorithmIdentifier ASN.1 type with the following properties:
         //      * Set the algorithm object identifier to the id-Ed25519 OID defined in [RFC8410].
         //    * Set the subjectPublicKey field to keyData.
-        auto ed25519_oid = TLS::ed25519_oid;
+        auto ed25519_oid = ::Crypto::Certificate::ed25519_oid;
         auto data = TRY_OR_THROW_OOM(vm, ::Crypto::PK::wrap_in_subject_public_key_info(key_data, ed25519_oid));
 
         // 3. Let result be a new ArrayBuffer associated with the relevant global object of this [HTML], and containing data.
@@ -2989,7 +2989,7 @@ WebIDL::ExceptionOr<GC::Ref<JS::Object>> ED25519::export_key(Bindings::KeyFormat
         //      * Set the algorithm object identifier to the id-Ed25519 OID defined in [RFC8410].
         //    * Set the privateKey field to the result of DER-encoding a CurvePrivateKey ASN.1 type, as defined in Section 7 of [RFC8410], that represents the Ed25519 private key represented by the [[handle]] internal slot of key
 
-        auto ed25519_oid = TLS::ed25519_oid;
+        auto ed25519_oid = ::Crypto::Certificate::ed25519_oid;
         auto data = TRY_OR_THROW_OOM(vm, ::Crypto::PK::wrap_in_private_key_info(key_data, ed25519_oid));
 
         // 3. Let result be a new ArrayBuffer associated with the relevant global object of this [HTML], and containing data.
@@ -3413,7 +3413,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> X25519::import_key([[maybe_unused]] Web:
 
         // 4. If the algorithm object identifier field of the algorithm AlgorithmIdentifier field of spki
         //    is not equal to the id-X25519 object identifier defined in [RFC8410], then throw a DataError.
-        if (spki.algorithm.identifier != TLS::x25519_oid)
+        if (spki.algorithm.identifier != ::Crypto::Certificate::x25519_oid)
             return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
 
         // 5. If the parameters field of the algorithm AlgorithmIdentifier field of spki is present, then throw a DataError.
@@ -3454,7 +3454,7 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> X25519::import_key([[maybe_unused]] Web:
 
         // 4. If the algorithm object identifier field of the privateKeyAlgorithm PrivateKeyAlgorithm field of privateKeyInfo
         //    is not equal to the id-X25519 object identifier defined in [RFC8410], then throw a DataError.
-        if (private_key_info.algorithm.identifier != TLS::x25519_oid)
+        if (private_key_info.algorithm.identifier != ::Crypto::Certificate::x25519_oid)
             return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
 
         // 5. If the parameters field of the privateKeyAlgorithm PrivateKeyAlgorithmIdentifier field of privateKeyInfo is present, then throw a DataError.

Meta/Lagom/Fuzzers/FuzzASN1.cpp

@@ -4,14 +4,14 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
-#include <LibTLS/Certificate.h>
+#include <LibCrypto/Certificate/Certificate.h>
 #include <stddef.h>
 #include <stdint.h>
 
 extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
 {
     AK::set_debug_enabled(false);
-    (void)TLS::Certificate::parse_certificate({ data, size });
+    (void)Crypto::Certificate::Certificate::parse_certificate({ data, size });
 
     return 0;
 }

Services/RequestServer/main.cpp

@@ -15,7 +15,6 @@
 #include <LibFileSystem/FileSystem.h>
 #include <LibIPC/SingleServer.h>
 #include <LibMain/Main.h>
-#include <LibTLS/Certificate.h>
 #include <LibTLS/TLSv12.h>
 #include <RequestServer/ConnectionFromClient.h>
 

Tests/LibTLS/TestTLSCertificateParser.cpp

@@ -5,13 +5,13 @@
  */
 
 #include <AK/Base64.h>
-#include <LibTLS/Certificate.h>
+#include <LibCrypto/Certificate/Certificate.h>
 #include <LibTest/TestCase.h>
 
 TEST_CASE(certificate_with_malformed_tbscertificate_should_fail_gracefully)
 {
     Array<u8, 4> invalid_certificate_data { 0xB0, 0x02, 0x70, 0x00 };
-    auto parse_result = TLS::Certificate::parse_certificate(invalid_certificate_data);
+    auto parse_result = Crypto::Certificate::Certificate::parse_certificate(invalid_certificate_data);
     EXPECT(parse_result.is_error());
 }
 
@@ -31,9 +31,9 @@ TEST_CASE(test_private_key_info_decode)
     auto decoded_keyder = TRY_OR_FAIL(decode_base64(keyder));
 
     Crypto::ASN1::Decoder decoder(decoded_keyder);
-    auto private_key_info = TRY_OR_FAIL(TLS::parse_private_key_info(decoder));
+    auto private_key_info = TRY_OR_FAIL(Crypto::Certificate::parse_private_key_info(decoder));
 
-    EXPECT_EQ(private_key_info.algorithm.identifier, TLS::rsa_encryption_oid);
+    EXPECT_EQ(private_key_info.algorithm.identifier, Crypto::Certificate::rsa_encryption_oid);
     auto& key = private_key_info.rsa;
 
     EXPECT_EQ(key.length() * 8, 512u);

Tests/LibTLS/TestTLSHandshake.cpp

@@ -23,7 +23,7 @@ static ByteBuffer operator""_b(char const* string, size_t length)
     return ByteBuffer::copy(string, length).release_value();
 }
 
-ErrorOr<Vector<Certificate>> load_certificates();
+ErrorOr<Vector<Crypto::Certificate::Certificate>> load_certificates();
 ByteString locate_ca_certs_file();
 
 ByteString locate_ca_certs_file()
@@ -38,7 +38,7 @@ ByteString locate_ca_certs_file()
     return "";
 }
 
-ErrorOr<Vector<Certificate>> load_certificates()
+ErrorOr<Vector<Crypto::Certificate::Certificate>> load_certificates()
 {
     auto cacert_file = TRY(Core::File::open(locate_ca_certs_file(), Core::File::OpenMode::Read));
     auto data = TRY(cacert_file->read_until_eof());

UI/Android/src/main/cpp/RequestServerService.cpp

@@ -14,7 +14,7 @@
 #include <LibCore/System.h>
 #include <LibFileSystem/FileSystem.h>
 #include <LibIPC/SingleServer.h>
-#include <LibTLS/Certificate.h>
+#include <LibTLS/TLSv12.h>
 #include <RequestServer/ConnectionFromClient.h>
 #include <RequestServer/HttpProtocol.h>
 #include <RequestServer/HttpsProtocol.h>