| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CONTENT_CHILD_WEBCRYPTO_STATUS_H_ | |
| 6 #define CONTENT_CHILD_WEBCRYPTO_STATUS_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include "content/common/content_export.h" | |
| 10 #include "third_party/WebKit/public/platform/WebCrypto.h" | |
| 11 | |
| 12 namespace content { | |
| 13 | |
| 14 namespace webcrypto { | |
| 15 | |
| 16 // Status indicates whether an operation completed successfully, or with an | |
| 17 // error. The error is used for verification in unit-tests, as well as for | |
| 18 // display to the user. | |
| 19 // | |
| 20 // As such, it is important that errors DO NOT reveal any sensitive material | |
| 21 // (like key bytes). | |
| 22 class CONTENT_EXPORT Status { | |
| 23 public: | |
| 24 Status() : type_(TYPE_ERROR) {} | |
| 25 | |
| 26 // Returns true if the Status represents an error (any one of them). | |
| 27 bool IsError() const; | |
| 28 | |
| 29 // Returns true if the Status represent success. | |
| 30 bool IsSuccess() const; | |
| 31 | |
| 32 // Returns a UTF-8 error message (non-localized) describing the error. | |
| 33 const std::string& error_details() const { return error_details_; } | |
| 34 | |
| 35 blink::WebCryptoErrorType error_type() const { return error_type_; } | |
| 36 | |
| 37 // Constructs a status representing success. | |
| 38 static Status Success(); | |
| 39 | |
| 40 // Constructs a status representing a generic operation error. It contains no | |
| 41 // extra details. | |
| 42 static Status OperationError(); | |
| 43 | |
| 44 // Constructs a status representing a generic data error. It contains no | |
| 45 // extra details. | |
| 46 static Status DataError(); | |
| 47 | |
| 48 // ------------------------------------ | |
| 49 // Errors when importing a JWK formatted key | |
| 50 // ------------------------------------ | |
| 51 | |
| 52 // The key bytes could not parsed as JSON dictionary. This either | |
| 53 // means there was a parsing error, or the JSON object was not | |
| 54 // convertable to a dictionary. | |
| 55 static Status ErrorJwkNotDictionary(); | |
| 56 | |
| 57 // The required JWK member |member_name| was missing. | |
| 58 static Status ErrorJwkMemberMissing(const std::string& member_name); | |
| 59 | |
| 60 // The JWK member |member_name| was not of type |expected_type|. | |
| 61 static Status ErrorJwkMemberWrongType(const std::string& member_name, | |
| 62 const std::string& expected_type); | |
| 63 | |
| 64 // The JWK member |member_name| was a string, however could not be | |
| 65 // successfully base64 decoded. | |
| 66 static Status ErrorJwkBase64Decode(const std::string& member_name); | |
| 67 | |
| 68 // The "ext" parameter was specified but was | |
| 69 // incompatible with the value requested by the Web Crypto call. | |
| 70 static Status ErrorJwkExtInconsistent(); | |
| 71 | |
| 72 // The "alg" parameter is incompatible with the (optional) Algorithm | |
| 73 // specified by the Web Crypto import operation. | |
| 74 static Status ErrorJwkAlgorithmInconsistent(); | |
| 75 | |
| 76 // The "use" parameter was specified, however it couldn't be converted to an | |
| 77 // equivalent Web Crypto usage. | |
| 78 static Status ErrorJwkUnrecognizedUse(); | |
| 79 | |
| 80 // The "key_ops" parameter was specified, however one of the values in the | |
| 81 // array couldn't be converted to an equivalent Web Crypto usage. | |
| 82 static Status ErrorJwkUnrecognizedKeyop(); | |
| 83 | |
| 84 // The "use" parameter was specified, however it is incompatible with that | |
| 85 // specified by the Web Crypto import operation. | |
| 86 static Status ErrorJwkUseInconsistent(); | |
| 87 | |
| 88 // The "key_ops" parameter was specified, however it is incompatible with that | |
| 89 // specified by the Web Crypto import operation. | |
| 90 static Status ErrorJwkKeyopsInconsistent(); | |
| 91 | |
| 92 // Both the "key_ops" and the "use" parameters were specified, however they | |
| 93 // are incompatible with each other. | |
| 94 static Status ErrorJwkUseAndKeyopsInconsistent(); | |
| 95 | |
| 96 // The "kty" parameter was given and was a string, however it was not the | |
| 97 // expected value. | |
| 98 static Status ErrorJwkUnexpectedKty(const std::string& expected); | |
| 99 | |
| 100 // The amount of key data provided was incompatible with the selected | |
| 101 // algorithm. For instance if the algorith name was A128CBC then EXACTLY | |
| 102 // 128-bits of key data must have been provided. If 192-bits of key data were | |
| 103 // given that is an error. | |
| 104 static Status ErrorJwkIncorrectKeyLength(); | |
| 105 | |
| 106 // The JWK member |member_name| is supposed to represent a big-endian unsigned | |
| 107 // integer, however was the empty string. | |
| 108 static Status ErrorJwkEmptyBigInteger(const std::string& member_name); | |
| 109 | |
| 110 // The big-endian unsigned integer |member_name| contained leading zeros. This | |
| 111 // violates the JWA requirement that such octet strings be minimal. | |
| 112 static Status ErrorJwkBigIntegerHasLeadingZero( | |
| 113 const std::string& member_name); | |
| 114 | |
| 115 // The key_ops lists a usage more than once. | |
| 116 static Status ErrorJwkDuplicateKeyOps(); | |
| 117 | |
| 118 // ------------------------------------ | |
| 119 // Other errors | |
| 120 // ------------------------------------ | |
| 121 | |
| 122 // Tried importing a key using an unsupported format for the key type (for | |
| 123 // instance importing an HMAC key using format=spki). | |
| 124 static Status ErrorUnsupportedImportKeyFormat(); | |
| 125 | |
| 126 // Tried exporting a key using an unsupported format for the key type (for | |
| 127 // instance exporting an HMAC key using format=spki). | |
| 128 static Status ErrorUnsupportedExportKeyFormat(); | |
| 129 | |
| 130 // The key data buffer provided for importKey() is an incorrect length for | |
| 131 // AES. | |
| 132 static Status ErrorImportAesKeyLength(); | |
| 133 | |
| 134 // The length specified when deriving an AES key was not 128 or 256 bits. | |
| 135 static Status ErrorGetAesKeyLength(); | |
| 136 | |
| 137 // Attempted to generate an AES key with an invalid length. | |
| 138 static Status ErrorGenerateAesKeyLength(); | |
| 139 | |
| 140 // 192-bit AES keys are valid, however unsupported. | |
| 141 static Status ErrorAes192BitUnsupported(); | |
| 142 | |
| 143 // The wrong key was used for the operation. For instance, a public key was | |
| 144 // used to verify a RsaSsaPkcs1v1_5 signature, or tried exporting a private | |
| 145 // key using spki format. | |
| 146 static Status ErrorUnexpectedKeyType(); | |
| 147 | |
| 148 // When doing an AES-CBC encryption/decryption, the "iv" parameter was not 16 | |
| 149 // bytes. | |
| 150 static Status ErrorIncorrectSizeAesCbcIv(); | |
| 151 | |
| 152 // When doing AES-CTR encryption/decryption, the "counter" parameter was not | |
| 153 // 16 bytes. | |
| 154 static Status ErrorIncorrectSizeAesCtrCounter(); | |
| 155 | |
| 156 // When doing AES-CTR encryption/decryption, the "length" parameter for the | |
| 157 // counter was out of range. | |
| 158 static Status ErrorInvalidAesCtrCounterLength(); | |
| 159 | |
| 160 // The input to encrypt/decrypt was too large. Based on the counter size, it | |
| 161 // would cause the counter to wraparound and repeat earlier values. | |
| 162 static Status ErrorAesCtrInputTooLongCounterRepeated(); | |
| 163 | |
| 164 // The data provided to an encrypt/decrypt/sign/verify operation was too | |
| 165 // large. This can either represent an internal limitation (for instance | |
| 166 // representing buffer lengths as uints). | |
| 167 static Status ErrorDataTooLarge(); | |
| 168 | |
| 169 // The data provided to an encrypt/decrypt/sign/verify operation was too | |
| 170 // small. This usually represents an algorithm restriction (for instance | |
| 171 // AES-KW requires a minimum of 24 bytes input data). | |
| 172 static Status ErrorDataTooSmall(); | |
| 173 | |
| 174 // Something was unsupported or unimplemented. This can mean the algorithm in | |
| 175 // question was unsupported, some parameter combination was unsupported, or | |
| 176 // something has not yet been implemented. | |
| 177 static Status ErrorUnsupported(); | |
| 178 static Status ErrorUnsupported(const std::string& message); | |
| 179 | |
| 180 // Something unexpected happened in the code, which implies there is a | |
| 181 // source-level bug. These should not happen, but safer to fail than simply | |
| 182 // DCHECK. | |
| 183 static Status ErrorUnexpected(); | |
| 184 | |
| 185 // The authentication tag length specified for AES-GCM encrypt/decrypt was | |
| 186 // not 32, 64, 96, 104, 112, 120, or 128. | |
| 187 static Status ErrorInvalidAesGcmTagLength(); | |
| 188 | |
| 189 // The input data given to an AES-KW encrypt/decrypt operation was not a | |
| 190 // multiple of 8 bytes, as required by RFC 3394. | |
| 191 static Status ErrorInvalidAesKwDataLength(); | |
| 192 | |
| 193 // The "publicExponent" used to generate a key was invalid or unsupported. | |
| 194 // Only values of 3 and 65537 are allowed. | |
| 195 static Status ErrorGenerateKeyPublicExponent(); | |
| 196 | |
| 197 // The modulus bytes were empty when importing an RSA public key. | |
| 198 static Status ErrorImportRsaEmptyModulus(); | |
| 199 | |
| 200 // The modulus length was unsupported when generating an RSA key pair. | |
| 201 static Status ErrorGenerateRsaUnsupportedModulus(); | |
| 202 | |
| 203 // The exponent bytes were empty when importing an RSA public key. | |
| 204 static Status ErrorImportRsaEmptyExponent(); | |
| 205 | |
| 206 // An unextractable key was used by an operation which exports the key data. | |
| 207 static Status ErrorKeyNotExtractable(); | |
| 208 | |
| 209 // Attempted to generate an HMAC key using a key length of 0. | |
| 210 static Status ErrorGenerateHmacKeyLengthZero(); | |
| 211 | |
| 212 // Attempted to import an HMAC key containing no data. | |
| 213 static Status ErrorHmacImportEmptyKey(); | |
| 214 | |
| 215 // Attempted to derive an HMAC key with zero length. | |
| 216 static Status ErrorGetHmacKeyLengthZero(); | |
| 217 | |
| 218 // Attempted to import an HMAC key using a bad optional length. | |
| 219 static Status ErrorHmacImportBadLength(); | |
| 220 | |
| 221 // Attempted to create a key (either by importKey(), generateKey(), or | |
| 222 // unwrapKey()) however the key usages were not applicable for the key type | |
| 223 // and algorithm. | |
| 224 static Status ErrorCreateKeyBadUsages(); | |
| 225 | |
| 226 // No usages were specified when generating/importing a secret or private key. | |
| 227 static Status ErrorCreateKeyEmptyUsages(); | |
| 228 | |
| 229 // An EC key imported using SPKI/PKCS8 format had the wrong curve specified in | |
| 230 // the key. | |
| 231 static Status ErrorImportedEcKeyIncorrectCurve(); | |
| 232 | |
| 233 // The "crv" member for a JWK did not match the expectations from importKey() | |
| 234 static Status ErrorJwkIncorrectCrv(); | |
| 235 | |
| 236 // The EC key failed validation (coordinates don't lie on curve, out of range, | |
| 237 // etc.) | |
| 238 static Status ErrorEcKeyInvalid(); | |
| 239 | |
| 240 // The octet string |member_name| was expected to be |expected_length| bytes | |
| 241 // long, but was instead |actual_length| bytes long. | |
| 242 static Status JwkOctetStringWrongLength(const std::string& member_name, | |
| 243 size_t expected_length, | |
| 244 size_t actual_length); | |
| 245 | |
| 246 // The public key given for ECDH key derivation was not an EC public key. | |
| 247 static Status ErrorEcdhPublicKeyWrongType(); | |
| 248 | |
| 249 // The public key's algorithm was not ECDH. | |
| 250 static Status ErrorEcdhPublicKeyWrongAlgorithm(); | |
| 251 | |
| 252 // The public and private keys given to ECDH key derivation were not for the | |
| 253 // same named curve. | |
| 254 static Status ErrorEcdhCurveMismatch(); | |
| 255 | |
| 256 // The requested bit length for ECDH key derivation was too large. | |
| 257 static Status ErrorEcdhLengthTooBig(unsigned int max_length_bits); | |
| 258 | |
| 259 // The requested length for HKDF was too large. | |
| 260 static Status ErrorHkdfLengthTooLong(); | |
| 261 | |
| 262 // No length parameter was provided for HKDF's Derive Bits operation. | |
| 263 static Status ErrorHkdfDeriveBitsLengthNotSpecified(); | |
| 264 | |
| 265 // The requested bit length for PBKDF2 key derivation was invalid. | |
| 266 static Status ErrorPbkdf2InvalidLength(); | |
| 267 | |
| 268 // No length parameter was provided for PBKDF2's Derive Bits operation. | |
| 269 static Status ErrorPbkdf2DeriveBitsLengthNotSpecified(); | |
| 270 | |
| 271 private: | |
| 272 enum Type { TYPE_ERROR, TYPE_SUCCESS }; | |
| 273 | |
| 274 // Constructs an error with the specified error type and message. | |
| 275 Status(blink::WebCryptoErrorType error_type, | |
| 276 const std::string& error_details_utf8); | |
| 277 | |
| 278 // Constructs a success or error without any details. | |
| 279 explicit Status(Type type); | |
| 280 | |
| 281 Type type_; | |
| 282 blink::WebCryptoErrorType error_type_; | |
| 283 std::string error_details_; | |
| 284 }; | |
| 285 | |
| 286 } // namespace webcrypto | |
| 287 | |
| 288 } // namespace content | |
| 289 | |
| 290 #endif // CONTENT_CHILD_WEBCRYPTO_STATUS_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1077273002:
html_viewer: Move webcrypto to a place where html_viewer can use it. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master