[webcrypto] Add symmetric key export for NSS and OpenSSL.

content/renderer/webcrypto/webcrypto_impl_nss.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/renderer/webcrypto/webcrypto_impl.h"
 
 #include <cryptohi.h>
 #include <pk11pub.h>
 #include <sechash.h>
 
@@ skipping 307 matching lines @@
                                  NULL));
   if (!pk11_sym_key.get()) {
     return false;
   }
 
   *key = blink::WebCryptoKey::create(new SymKeyHandle(pk11_sym_key.Pass()),
                                       type, extractable, algorithm, usage_mask);
   return true;
 }
 
+bool ExportKeyInternalRaw(
+    const blink::WebCryptoKey& key,
+    blink::WebArrayBuffer* buffer) {
+
+  DCHECK(key.handle());
+  DCHECK(buffer);
+
+  if (key.type() != blink::WebCryptoKeyTypeSecret || !key.extractable())
+    return false;
+
+  SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle());
+
+  if (PK11_ExtractKeyValue(sym_key->key()) != SECSuccess)
+    return false;
+
+  const SECItem* key_data = PK11_GetKeyData(sym_key->key());
+  if (!key_data)
+    return false;
+  DCHECK(key_data->data);

[eroman, 2013/12/05 02:53:58]

If it is possible to have empty keys, then is this DCHECK valid? (i.e. data
could be NULL if length is 0).

[padolph, 2013/12/05 03:34:16]

Removed.

+
+  *buffer = webcrypto::CreateArrayBuffer(key_data->data, key_data->len);
+
+  return true;
+}
+
 typedef scoped_ptr<CERTSubjectPublicKeyInfo,
                    crypto::NSSDestroyer<CERTSubjectPublicKeyInfo,
                                         SECKEY_DestroySubjectPublicKeyInfo> >
     ScopedCERTSubjectPublicKeyInfo;
 
 // Validates an NSS KeyType against a WebCrypto algorithm. Some NSS KeyTypes
 // contain enough information to fabricate a Web Crypto algorithm, which is
 // returned if the input algorithm isNull(). This function indicates failure by
 // returning a Null algorithm.
 blink::WebCryptoAlgorithm ResolveNssKeyTypeWithInputAlgorithm(
@@ skipping 79 matching lines @@
       reinterpret_cast<PublicKeyHandle*>(key.handle());
 
   const crypto::ScopedSECItem spki_der(
       SECKEY_EncodeDERSubjectPublicKeyInfo(pub_key->key()));
   if (!spki_der)
     return false;
 
   DCHECK(spki_der->data);
   DCHECK(spki_der->len);
 
-  *buffer = blink::WebArrayBuffer::create(spki_der->len, 1);
-  memcpy(buffer->data(), spki_der->data, spki_der->len);
+  *buffer = webcrypto::CreateArrayBuffer(spki_der->data, spki_der->len);
 
   return true;
 }
 
 bool ImportKeyInternalPkcs8(
     const unsigned char* key_data,
     unsigned key_data_size,
     const blink::WebCryptoAlgorithm& algorithm_or_null,
     bool extractable,
     blink::WebCryptoKeyUsageMask usage_mask,
@@ skipping 381 matching lines @@
       return false;
   }
 }
 
 bool WebCryptoImpl::ExportKeyInternal(
     blink::WebCryptoKeyFormat format,
     const blink::WebCryptoKey& key,
     blink::WebArrayBuffer* buffer) {
   switch (format) {
     case blink::WebCryptoKeyFormatRaw:
-      // TODO(padolph): Implement raw export
-      return false;
+      return ExportKeyInternalRaw(key, buffer);
     case blink::WebCryptoKeyFormatSpki:
       return ExportKeyInternalSpki(key, buffer);
     case blink::WebCryptoKeyFormatPkcs8:
       // TODO(padolph): Implement pkcs8 export
       return false;
     default:
       return false;
   }
 }
 
@@ skipping 146 matching lines @@
 
   *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()),
                                      blink::WebCryptoKeyTypePublic,
                                      extractable,
                                      algorithm,
                                      usage_mask);
   return true;
 }
 
 }  // namespace content