OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <sechash.h> | 9 #include <sechash.h> |
10 | 10 |
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
178 } | 178 } |
179 | 179 |
180 webcrypto::ShrinkBuffer(buffer, final_output_chunk_len + output_len); | 180 webcrypto::ShrinkBuffer(buffer, final_output_chunk_len + output_len); |
181 return true; | 181 return true; |
182 } | 182 } |
183 | 183 |
184 CK_MECHANISM_TYPE WebCryptoAlgorithmToGenMechanism( | 184 CK_MECHANISM_TYPE WebCryptoAlgorithmToGenMechanism( |
185 const blink::WebCryptoAlgorithm& algorithm) { | 185 const blink::WebCryptoAlgorithm& algorithm) { |
186 switch (algorithm.id()) { | 186 switch (algorithm.id()) { |
187 case blink::WebCryptoAlgorithmIdAesCbc: | 187 case blink::WebCryptoAlgorithmIdAesCbc: |
| 188 case blink::WebCryptoAlgorithmIdAesGcm: |
| 189 case blink::WebCryptoAlgorithmIdAesKw: |
188 return CKM_AES_KEY_GEN; | 190 return CKM_AES_KEY_GEN; |
189 case blink::WebCryptoAlgorithmIdHmac: | 191 case blink::WebCryptoAlgorithmIdHmac: |
190 return WebCryptoHashToHMACMechanism(algorithm.hmacKeyParams()->hash()); | 192 return WebCryptoHashToHMACMechanism(algorithm.hmacKeyParams()->hash()); |
191 default: | 193 default: |
192 return CKM_INVALID_MECHANISM; | 194 return CKM_INVALID_MECHANISM; |
193 } | 195 } |
194 } | 196 } |
195 | 197 |
196 // Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros, | 198 // Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros, |
197 // to unsigned long. | 199 // to unsigned long. |
(...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
637 | 639 |
638 CK_MECHANISM_TYPE mech = WebCryptoAlgorithmToGenMechanism(algorithm); | 640 CK_MECHANISM_TYPE mech = WebCryptoAlgorithmToGenMechanism(algorithm); |
639 unsigned int keylen_bytes = 0; | 641 unsigned int keylen_bytes = 0; |
640 blink::WebCryptoKeyType key_type = blink::WebCryptoKeyTypeSecret; | 642 blink::WebCryptoKeyType key_type = blink::WebCryptoKeyTypeSecret; |
641 | 643 |
642 if (mech == CKM_INVALID_MECHANISM) { | 644 if (mech == CKM_INVALID_MECHANISM) { |
643 return false; | 645 return false; |
644 } | 646 } |
645 | 647 |
646 switch (algorithm.id()) { | 648 switch (algorithm.id()) { |
647 case blink::WebCryptoAlgorithmIdAesCbc: { | 649 case blink::WebCryptoAlgorithmIdAesCbc: |
| 650 case blink::WebCryptoAlgorithmIdAesGcm: |
| 651 case blink::WebCryptoAlgorithmIdAesKw: { |
648 const blink::WebCryptoAesKeyGenParams* params = | 652 const blink::WebCryptoAesKeyGenParams* params = |
649 algorithm.aesKeyGenParams(); | 653 algorithm.aesKeyGenParams(); |
650 DCHECK(params); | 654 DCHECK(params); |
| 655 // Ensure the key length is a multiple of 8 bits. Let NSS verify further |
| 656 // algorithm-specific length restrictions. |
651 if (params->lengthBits() % 8) | 657 if (params->lengthBits() % 8) |
652 return false; | 658 return false; |
653 keylen_bytes = params->lengthBits() / 8; | 659 keylen_bytes = params->lengthBits() / 8; |
654 key_type = blink::WebCryptoKeyTypeSecret; | 660 key_type = blink::WebCryptoKeyTypeSecret; |
655 break; | 661 break; |
656 } | 662 } |
657 case blink::WebCryptoAlgorithmIdHmac: { | 663 case blink::WebCryptoAlgorithmIdHmac: { |
658 const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams(); | 664 const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams(); |
659 DCHECK(params); | 665 DCHECK(params); |
660 if (params->hasLengthBytes()) { | 666 if (params->hasLengthBytes()) { |
(...skipping 325 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
986 | 992 |
987 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), | 993 *key = blink::WebCryptoKey::create(new PublicKeyHandle(pubkey.Pass()), |
988 blink::WebCryptoKeyTypePublic, | 994 blink::WebCryptoKeyTypePublic, |
989 extractable, | 995 extractable, |
990 algorithm, | 996 algorithm, |
991 usage_mask); | 997 usage_mask); |
992 return true; | 998 return true; |
993 } | 999 } |
994 | 1000 |
995 } // namespace content | 1001 } // namespace content |
OLD | NEW |