| Index: content/child/webcrypto/openssl/ecdh_openssl.cc
|
| diff --git a/content/child/webcrypto/openssl/ecdh_openssl.cc b/content/child/webcrypto/openssl/ecdh_openssl.cc
|
| deleted file mode 100644
|
| index e4fa01b07c75dbc39586dfe6deca2f90f605d559..0000000000000000000000000000000000000000
|
| --- a/content/child/webcrypto/openssl/ecdh_openssl.cc
|
| +++ /dev/null
|
| @@ -1,137 +0,0 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include <openssl/ec.h>
|
| -#include <openssl/ecdh.h>
|
| -#include <openssl/evp.h>
|
| -
|
| -#include "base/logging.h"
|
| -#include "base/stl_util.h"
|
| -#include "content/child/webcrypto/algorithm_implementation.h"
|
| -#include "content/child/webcrypto/crypto_data.h"
|
| -#include "content/child/webcrypto/generate_key_result.h"
|
| -#include "content/child/webcrypto/openssl/ec_algorithm_openssl.h"
|
| -#include "content/child/webcrypto/openssl/key_openssl.h"
|
| -#include "content/child/webcrypto/openssl/util_openssl.h"
|
| -#include "content/child/webcrypto/status.h"
|
| -#include "content/child/webcrypto/webcrypto_util.h"
|
| -#include "crypto/openssl_util.h"
|
| -#include "crypto/scoped_openssl_types.h"
|
| -#include "crypto/secure_util.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKey.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
|
| -
|
| -namespace content {
|
| -
|
| -namespace webcrypto {
|
| -
|
| -namespace {
|
| -
|
| -// TODO(eroman): Support the "raw" format for ECDH key import + export, as
|
| -// specified by WebCrypto spec.
|
| -
|
| -// TODO(eroman): Allow id-ecDH in SPKI and PKCS#8 import
|
| -// (http://crbug.com/389400)
|
| -
|
| -class EcdhImplementation : public EcAlgorithm {
|
| - public:
|
| - EcdhImplementation()
|
| - : EcAlgorithm(0,
|
| - blink::WebCryptoKeyUsageDeriveKey |
|
| - blink::WebCryptoKeyUsageDeriveBits) {}
|
| -
|
| - const char* GetJwkAlgorithm(
|
| - const blink::WebCryptoNamedCurve curve) const override {
|
| - // JWK import for ECDH does not enforce any required value for "alg".
|
| - return "";
|
| - }
|
| -
|
| - Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& base_key,
|
| - bool has_optional_length_bits,
|
| - unsigned int optional_length_bits,
|
| - std::vector<uint8_t>* derived_bytes) const override {
|
| - if (base_key.type() != blink::WebCryptoKeyTypePrivate)
|
| - return Status::ErrorUnexpectedKeyType();
|
| -
|
| - // Verify the "publicKey" parameter. The only guarantee from Blink is that
|
| - // it is a valid WebCryptoKey, but it could be any type.
|
| - const blink::WebCryptoKey& public_key =
|
| - algorithm.ecdhKeyDeriveParams()->publicKey();
|
| -
|
| - if (public_key.type() != blink::WebCryptoKeyTypePublic)
|
| - return Status::ErrorEcdhPublicKeyWrongType();
|
| -
|
| - // Make sure it is an EC key.
|
| - if (!public_key.algorithm().ecParams())
|
| - return Status::ErrorEcdhPublicKeyWrongType();
|
| -
|
| - // TODO(eroman): This is not described by the spec:
|
| - // https://www.w3.org/Bugs/Public/show_bug.cgi?id=27404
|
| - if (public_key.algorithm().id() != blink::WebCryptoAlgorithmIdEcdh)
|
| - return Status::ErrorEcdhPublicKeyWrongAlgorithm();
|
| -
|
| - // The public and private keys come from different key pairs, however their
|
| - // curves must match.
|
| - if (public_key.algorithm().ecParams()->namedCurve() !=
|
| - base_key.algorithm().ecParams()->namedCurve()) {
|
| - return Status::ErrorEcdhCurveMismatch();
|
| - }
|
| -
|
| - crypto::ScopedEC_KEY public_key_ec(
|
| - EVP_PKEY_get1_EC_KEY(AsymKeyOpenSsl::Cast(public_key)->key()));
|
| -
|
| - const EC_POINT* public_key_point =
|
| - EC_KEY_get0_public_key(public_key_ec.get());
|
| -
|
| - crypto::ScopedEC_KEY private_key_ec(
|
| - EVP_PKEY_get1_EC_KEY(AsymKeyOpenSsl::Cast(base_key)->key()));
|
| -
|
| - // The size of the shared secret is the field size in bytes (rounded up).
|
| - // Note that, if rounding was required, the most significant bits of the
|
| - // secret are zero. So for P-521, the maximum length is 528 bits, not 521.
|
| - int field_size_bytes = NumBitsToBytes(
|
| - EC_GROUP_get_degree(EC_KEY_get0_group(private_key_ec.get())));
|
| -
|
| - // If a desired key length was not specified, default to the field size
|
| - // (rounded up to nearest byte).
|
| - unsigned int length_bits =
|
| - has_optional_length_bits ? optional_length_bits : field_size_bytes * 8;
|
| -
|
| - // Short-circuit when deriving an empty key.
|
| - // TODO(eroman): ECDH_compute_key() is not happy when given a NULL output.
|
| - // http://crbug.com/464194.
|
| - if (length_bits == 0) {
|
| - derived_bytes->clear();
|
| - return Status::Success();
|
| - }
|
| -
|
| - if (length_bits > static_cast<unsigned int>(field_size_bytes * 8))
|
| - return Status::ErrorEcdhLengthTooBig(field_size_bytes * 8);
|
| -
|
| - // Resize to target length in bytes (BoringSSL can operate on a shorter
|
| - // buffer than field_size_bytes).
|
| - derived_bytes->resize(NumBitsToBytes(length_bits));
|
| -
|
| - int result =
|
| - ECDH_compute_key(vector_as_array(derived_bytes), derived_bytes->size(),
|
| - public_key_point, private_key_ec.get(), 0);
|
| - if (result < 0 || static_cast<size_t>(result) != derived_bytes->size())
|
| - return Status::OperationError();
|
| -
|
| - TruncateToBitLength(length_bits, derived_bytes);
|
| - return Status::Success();
|
| - }
|
| -};
|
| -
|
| -} // namespace
|
| -
|
| -AlgorithmImplementation* CreatePlatformEcdhImplementation() {
|
| - return new EcdhImplementation;
|
| -}
|
| -
|
| -} // namespace webcrypto
|
| -
|
| -} // namespace content
|
|
|
Chromium Code Reviews
Issue 1077273002:
html_viewer: Move webcrypto to a place where html_viewer can use it. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master