content/renderer/webcrypto/shared_crypto.cc - Issue 118623002: [webcrypto] Add raw symmetric key AES-KW wrap/unwrap for NSS.

Side by Side Diff: content/renderer/webcrypto/shared_crypto.cc

Issue 118623002: [webcrypto] Add raw symmetric key AES-KW wrap/unwrap for NSS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: rebase and refactor Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« content/renderer/webcrypto/platform_crypto_nss.cc ('K') | « content/renderer/webcrypto/shared_crypto.h ('k') | content/renderer/webcrypto/shared_crypto_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/renderer/webcrypto/shared_crypto.h"	5 #include "content/renderer/webcrypto/shared_crypto.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "content/renderer/webcrypto/crypto_data.h"	8 #include "content/renderer/webcrypto/crypto_data.h"

9 #include "content/renderer/webcrypto/platform_crypto.h"	9 #include "content/renderer/webcrypto/platform_crypto.h"

10 #include "content/renderer/webcrypto/webcrypto_util.h"	10 #include "content/renderer/webcrypto/webcrypto_util.h"

(...skipping 489 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
500 case blink::WebCryptoAlgorithmIdHmac:	500 case blink::WebCryptoAlgorithmIdHmac:

501 return VerifyHmac(algorithm, key, signature, data, signature_match);	501 return VerifyHmac(algorithm, key, signature, data, signature_match);

502 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:	502 case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:

503 return VerifyRsaSsaPkcs1v1_5(	503 return VerifyRsaSsaPkcs1v1_5(

504 algorithm, key, signature, data, signature_match);	504 algorithm, key, signature, data, signature_match);

505 default:	505 default:

506 return Status::ErrorUnsupported();	506 return Status::ErrorUnsupported();

507 }	507 }

508 }	508 }

509	509

	510 Status WrapKey(blink::WebCryptoKeyFormat format,

	511 const blink::WebCryptoKey& wrapping_key,

	512 const blink::WebCryptoKey& key_to_wrap,

	513 const blink::WebCryptoAlgorithm& wrapping_algorithm,

	514 blink::WebArrayBuffer* buffer) {

	515 if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageUnwrapKey))

	516 return Status::ErrorUnexpected();

	517 if (wrapping_algorithm.id() != wrapping_key.algorithm().id())

	518 return Status::ErrorUnexpected();

	519

	520 // TODO (padolph): Handle formats other than raw

	521 if (format != blink::WebCryptoKeyFormatRaw)

	522 return Status::ErrorUnsupported();

	523 // TODO (padolph): Handle key-to-wrap types other than secret/symmetric

	524 if (key_to_wrap.type() != blink::WebCryptoKeyTypeSecret)

	525 return Status::ErrorUnsupported();

	526

	527 platform::SymKey* platform_wrapping_key;

	528 Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);

	529 if (status.IsError())

	530 return status;

	531 platform::SymKey* platform_key;

	532 status = ToPlatformSymKey(key_to_wrap, &platform_key);

	533 if (status.IsError())

	534 return status;

	535

	536 // TODO(padolph): Handle other wrapping algorithms

	537 switch (wrapping_algorithm.id()) {

	538 case blink::WebCryptoAlgorithmIdAesKw:

	539 return platform::WrapSymKeyAesKw(

	540 platform_wrapping_key, platform_key, buffer);

	541 default:

	542 return Status::ErrorUnsupported();

	543 }

	544 }

	545

	546 Status Unwrapkey(blink::WebCryptoKeyFormat format,
	eroman 2014/03/01 01:13:54 nit: Can you capitalize Key nit: Can you capitalize Key padolph 2014/03/01 01:55:01 Done. Show quoted text On 2014/03/01 01:13:54, eroman wrote: > nit: Can you capitalize Key Done.
	547 const CryptoData& wrapped_key_data,

	548 const blink::WebCryptoKey& wrapping_key,

	549 const blink::WebCryptoAlgorithm& wrapping_algorithm,

	550 const blink::WebCryptoAlgorithm& algorithm_or_null,

	551 bool extractable,

	552 blink::WebCryptoKeyUsageMask usage_mask,

	553 blink::WebCryptoKey* key) {

	554 if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageUnwrapKey))

	555 return Status::ErrorUnexpected();

	556 if (wrapping_algorithm.id() != wrapping_key.algorithm().id())

	557 return Status::ErrorUnexpected();

	558

	559 // TODO (padolph): Handle formats other than raw
	eroman 2014/03/01 01:13:54 nit: remove space after TODO nit: remove space after TODO padolph 2014/03/01 01:55:01 Done. Show quoted text On 2014/03/01 01:13:54, eroman wrote: > nit: remove space after TODO Done.
	560 if (format != blink::WebCryptoKeyFormatRaw)

	561 return Status::ErrorUnsupported();

	562

	563 // Must provide an algorithm when unwrapping a raw key

	564 if (format == blink::WebCryptoKeyFormatRaw && algorithm_or_null.isNull())

	565 return Status::ErrorMissingAlgorithmUnwrapRawKey();

	566

	567 platform::SymKey* platform_wrapping_key;

	568 Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);

	569 if (status.IsError())

	570 return status;

	571

	572 // TODO(padolph): Handle other wrapping algorithms

	573 switch (wrapping_algorithm.id()) {

	574 case blink::WebCryptoAlgorithmIdAesKw:

	575 return platform::UnwrapSymKeyAesKw(wrapped_key_data,

	576 platform_wrapping_key,

	577 algorithm_or_null,

	578 extractable,

	579 usage_mask,

	580 key);

	581 default:

	582 return Status::ErrorUnsupported();

	583 }

	584 }

	585

510 } // namespace webcrypto	586 } // namespace webcrypto

511	587

512 } // namespace content	588 } // namespace content

OLD	NEW