OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <sechash.h> | 9 #include <sechash.h> |
10 | 10 |
(...skipping 242 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
253 bool extractable, | 253 bool extractable, |
254 blink::WebCryptoKeyUsageMask usage_mask, | 254 blink::WebCryptoKeyUsageMask usage_mask, |
255 blink::WebCryptoKey* key) { | 255 blink::WebCryptoKey* key) { |
256 | 256 |
257 DCHECK(!algorithm.isNull()); | 257 DCHECK(!algorithm.isNull()); |
258 | 258 |
259 blink::WebCryptoKeyType type; | 259 blink::WebCryptoKeyType type; |
260 switch (algorithm.id()) { | 260 switch (algorithm.id()) { |
261 case blink::WebCryptoAlgorithmIdHmac: | 261 case blink::WebCryptoAlgorithmIdHmac: |
262 case blink::WebCryptoAlgorithmIdAesCbc: | 262 case blink::WebCryptoAlgorithmIdAesCbc: |
263 case blink::WebCryptoAlgorithmIdAesKw: | |
263 type = blink::WebCryptoKeyTypeSecret; | 264 type = blink::WebCryptoKeyTypeSecret; |
264 break; | 265 break; |
265 // TODO(bryaneyler): Support more key types. | 266 // TODO(bryaneyler): Support more key types. |
266 default: | 267 default: |
267 return false; | 268 return false; |
268 } | 269 } |
269 | 270 |
270 // TODO(bryaneyler): Need to split handling for symmetric and asymmetric keys. | |
271 // Currently only supporting symmetric. | |
272 CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; | 271 CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM; |
273 // Flags are verified at the Blink layer; here the flags are set to all | 272 // Flags are verified at the Blink layer; here the flags are set to all |
274 // possible operations for this key type. | 273 // possible operations for this key type. |
275 CK_FLAGS flags = 0; | 274 CK_FLAGS flags = 0; |
276 | 275 |
277 switch (algorithm.id()) { | 276 switch (algorithm.id()) { |
278 case blink::WebCryptoAlgorithmIdHmac: { | 277 case blink::WebCryptoAlgorithmIdHmac: { |
279 const blink::WebCryptoHmacParams* params = algorithm.hmacParams(); | 278 const blink::WebCryptoHmacParams* params = algorithm.hmacParams(); |
280 if (!params) { | 279 if (!params) { |
281 return false; | 280 return false; |
282 } | 281 } |
283 | 282 |
284 mechanism = WebCryptoAlgorithmToHMACMechanism(params->hash()); | 283 mechanism = WebCryptoAlgorithmToHMACMechanism(params->hash()); |
285 if (mechanism == CKM_INVALID_MECHANISM) { | 284 if (mechanism == CKM_INVALID_MECHANISM) { |
286 return false; | 285 return false; |
287 } | 286 } |
288 | 287 |
289 flags |= CKF_SIGN | CKF_VERIFY; | 288 flags |= CKF_SIGN | CKF_VERIFY; |
290 | 289 |
291 break; | 290 break; |
292 } | 291 } |
293 case blink::WebCryptoAlgorithmIdAesCbc: { | 292 case blink::WebCryptoAlgorithmIdAesCbc: { |
294 mechanism = CKM_AES_CBC; | 293 mechanism = CKM_AES_CBC; |
295 flags |= CKF_ENCRYPT | CKF_DECRYPT; | 294 flags |= CKF_ENCRYPT | CKF_DECRYPT; |
296 break; | 295 break; |
297 } | 296 } |
297 case blink::WebCryptoAlgorithmIdAesKw: { | |
298 mechanism = CKM_NSS_AES_KEY_WRAP; | |
eroman
2013/12/18 02:10:30
I believe this will need to specify the padding ve
padolph
2013/12/18 03:21:41
In an earlier email thread "AES Key Wrap as a new
| |
299 flags |= CKF_WRAP | CKF_WRAP; | |
300 break; | |
301 } | |
298 default: | 302 default: |
299 return false; | 303 return false; |
300 } | 304 } |
301 | 305 |
302 DCHECK_NE(CKM_INVALID_MECHANISM, mechanism); | 306 DCHECK_NE(CKM_INVALID_MECHANISM, mechanism); |
303 DCHECK_NE(0ul, flags); | 307 DCHECK_NE(0ul, flags); |
304 | 308 |
305 SECItem key_item = { | 309 SECItem key_item = { |
306 siBuffer, | 310 siBuffer, |
307 const_cast<unsigned char*>(key_data), | 311 const_cast<unsigned char*>(key_data), |
(...skipping 699 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1007 | 1011 |
1008 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), | 1012 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), |
1009 blink::WebCryptoKeyTypePublic, | 1013 blink::WebCryptoKeyTypePublic, |
1010 extractable, | 1014 extractable, |
1011 algorithm, | 1015 algorithm, |
1012 usage_mask); | 1016 usage_mask); |
1013 return true; | 1017 return true; |
1014 } | 1018 } |
1015 | 1019 |
1016 } // namespace content | 1020 } // namespace content |
OLD | NEW |