[webcrypto] Add raw symmetric key AES-KW wrap/unwrap for NSS.

content/renderer/webcrypto/webcrypto_util.h

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_
 #define CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_
 
 #include <string>
 #include <vector>
 #include "base/basictypes.h"
@@ skipping 117 matching lines @@
   // bytes.
   static Status ErrorIncorrectSizeAesCbcIv();
 
   // The data provided to an encrypt/decrypt/sign/verify operation was too
   // large. This can either represent an internal limitation (for instance
   // representing buffer lengths as uints), or an algorithm restriction (for
   // instance RSAES can operation on messages relative to the length of the
   // key's modulus).
   static Status ErrorDataTooLarge();
 
+  // The data provided to an encrypt/decrypt/sign/verify operation was too
+  // small. This usually represents an algorithm restriction (for instance
+  // AES-KW requires a minimum of 24 bytes input data).
+  static Status ErrorDataTooSmall();
+
   // Something was unsupported or unimplemented. This can mean the algorithm in
   // question was unsupported, some parameter combination was unsupported, or
   // something has not yet been implemented.
   static Status ErrorUnsupported();
 
   // Something unexpected happened in the code, which implies there is a
   // source-level bug. These should not happen, but safer to fail than simply
   // DCHECK.
   static Status ErrorUnexpected();
 
   // The authentication tag length specified for AES-GCM encrypt/decrypt was
   // not 32, 64, 96, 104, 112, 120, or 128.
   static Status ErrorInvalidAesGcmTagLength();
 
+  // The input data given to an AES-KW encrypt/decrypt operation was not a
+  // multiple of 8 bytes, as required by RFC 3394.
+  static Status ErrorInvalidAesKwDataLength();
+
   // The "publicExponent" used to generate a key was invalid: either no bytes
   // were specified, or the number was too large to fit into an "unsigned long"
   // (implemention limitation), or the exponent was zero.
   static Status ErrorGenerateKeyPublicExponent();
 
   // The algorithm was null when importing a raw-formatted key. In this case it
   // is required.
   static Status ErrorMissingAlgorithmImportRawKey();
 
+  // The algorithm was null when unwrapping a raw-formatted key. In this case it
+  // is required.
+  static Status ErrorMissingAlgorithmUnwrapRawKey();
+
   // The modulus bytes were empty when importing an RSA public key.
   static Status ErrorImportRsaEmptyModulus();
 
   // The the modulus length was zero bits when generating an RSA public key.
   static Status ErrorGenerateRsaZeroModulus();
 
   // The exponent bytes were empty when importing an RSA public key.
   static Status ErrorImportRsaEmptyExponent();
 
   // An unextractable key was used by an operation which exports the key data.
@@ skipping 69 matching lines @@
 
 bool CreateSecretKeyAlgorithm(const blink::WebCryptoAlgorithm& algorithm,
                               unsigned keylen_bytes,
                               blink::WebCryptoKeyAlgorithm* key_algorithm);
 
 }  // namespace webcrypto
 
 }  // namespace content
 
 #endif  // CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_