Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/webcrypto/webcrypto_impl_nss.cc

Issue 119413002: [webcrypto] Add key generation for AES-GCM and AES-KW for NSS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/renderer/webcrypto/webcrypto_impl_unittest.cc » ('j') | content/renderer/webcrypto/webcrypto_util.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/webcrypto/webcrypto_impl.h" 5 #include "content/renderer/webcrypto/webcrypto_impl.h"
6 6
7 #include <cryptohi.h> 7 #include <cryptohi.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 #include <sechash.h> 9 #include <sechash.h>
10 10
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after
187 return CKM_SHA256_HMAC; 187 return CKM_SHA256_HMAC;
188 default: 188 default:
189 return CKM_INVALID_MECHANISM; 189 return CKM_INVALID_MECHANISM;
190 } 190 }
191 } 191 }
192 192
193 CK_MECHANISM_TYPE WebCryptoAlgorithmToGenMechanism( 193 CK_MECHANISM_TYPE WebCryptoAlgorithmToGenMechanism(
194 const blink::WebCryptoAlgorithm& algorithm) { 194 const blink::WebCryptoAlgorithm& algorithm) {
195 switch (algorithm.id()) { 195 switch (algorithm.id()) {
196 case blink::WebCryptoAlgorithmIdAesCbc: 196 case blink::WebCryptoAlgorithmIdAesCbc:
197 case blink::WebCryptoAlgorithmIdAesGcm:
198 case blink::WebCryptoAlgorithmIdAesKw:
197 return CKM_AES_KEY_GEN; 199 return CKM_AES_KEY_GEN;
198 case blink::WebCryptoAlgorithmIdHmac: 200 case blink::WebCryptoAlgorithmIdHmac:
199 return HmacAlgorithmToGenMechanism(algorithm); 201 return HmacAlgorithmToGenMechanism(algorithm);
200 default: 202 default:
201 return CKM_INVALID_MECHANISM; 203 return CKM_INVALID_MECHANISM;
202 } 204 }
203 } 205 }
204 206
205 // TODO(eroman): This is duplicated in OpenSSL version. 207 // TODO(eroman): This is duplicated in OpenSSL version.
206 unsigned int WebCryptoHmacAlgorithmToBlockSizeBits( 208 unsigned int WebCryptoHmacAlgorithmToBlockSizeBits(
(...skipping 455 matching lines...) Expand 10 before | Expand all | Expand 10 after
662 664
663 CK_MECHANISM_TYPE mech = WebCryptoAlgorithmToGenMechanism(algorithm); 665 CK_MECHANISM_TYPE mech = WebCryptoAlgorithmToGenMechanism(algorithm);
664 unsigned int keylen_bytes = 0; 666 unsigned int keylen_bytes = 0;
665 blink::WebCryptoKeyType key_type = blink::WebCryptoKeyTypeSecret; 667 blink::WebCryptoKeyType key_type = blink::WebCryptoKeyTypeSecret;
666 668
667 if (mech == CKM_INVALID_MECHANISM) { 669 if (mech == CKM_INVALID_MECHANISM) {
668 return false; 670 return false;
669 } 671 }
670 672
671 switch (algorithm.id()) { 673 switch (algorithm.id()) {
672 case blink::WebCryptoAlgorithmIdAesCbc: { 674 case blink::WebCryptoAlgorithmIdAesCbc:
675 case blink::WebCryptoAlgorithmIdAesGcm:
676 case blink::WebCryptoAlgorithmIdAesKw: {
673 const blink::WebCryptoAesKeyGenParams* params = 677 const blink::WebCryptoAesKeyGenParams* params =
674 algorithm.aesKeyGenParams(); 678 algorithm.aesKeyGenParams();
675 DCHECK(params); 679 DCHECK(params);
680 // Ensure the key length is a multiple of 8 bits. Let NSS verify further
681 // algorithm-specific length restrictions.
676 if (params->lengthBits() % 8) 682 if (params->lengthBits() % 8)
677 return false; 683 return false;
678 keylen_bytes = params->lengthBits() / 8; 684 keylen_bytes = params->lengthBits() / 8;
679 key_type = blink::WebCryptoKeyTypeSecret; 685 key_type = blink::WebCryptoKeyTypeSecret;
680 break; 686 break;
681 } 687 }
682 case blink::WebCryptoAlgorithmIdHmac: { 688 case blink::WebCryptoAlgorithmIdHmac: {
683 const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams(); 689 const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams();
684 DCHECK(params); 690 DCHECK(params);
685 if (params->hasLengthBytes()) { 691 if (params->hasLengthBytes()) {
(...skipping 325 matching lines...) Expand 10 before | Expand all | Expand 10 after
1011 1017
1012 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), 1018 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()),
1013 blink::WebCryptoKeyTypePublic, 1019 blink::WebCryptoKeyTypePublic,
1014 extractable, 1020 extractable,
1015 algorithm, 1021 algorithm,
1016 usage_mask); 1022 usage_mask);
1017 return true; 1023 return true;
1018 } 1024 }
1019 1025
1020 } // namespace content 1026 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/renderer/webcrypto/webcrypto_impl_unittest.cc » ('j') | content/renderer/webcrypto/webcrypto_util.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698