| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "components/webcrypto/openssl/aes_algorithm_openssl.h" | |
| 6 | |
| 7 #include "base/logging.h" | |
| 8 #include "components/webcrypto/crypto_data.h" | |
| 9 #include "components/webcrypto/jwk.h" | |
| 10 #include "components/webcrypto/openssl/key_openssl.h" | |
| 11 #include "components/webcrypto/openssl/util_openssl.h" | |
| 12 #include "components/webcrypto/status.h" | |
| 13 #include "components/webcrypto/webcrypto_util.h" | |
| 14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | |
| 15 | |
| 16 namespace webcrypto { | |
| 17 | |
| 18 namespace { | |
| 19 | |
| 20 // Creates an AES algorithm name for the given key size (in bytes). For | |
| 21 // instance "A128CBC" is the result of suffix="CBC", keylen_bytes=16. | |
| 22 std::string MakeJwkAesAlgorithmName(const std::string& suffix, | |
| 23 size_t keylen_bytes) { | |
| 24 if (keylen_bytes == 16) | |
| 25 return std::string("A128") + suffix; | |
| 26 if (keylen_bytes == 24) | |
| 27 return std::string("A192") + suffix; | |
| 28 if (keylen_bytes == 32) | |
| 29 return std::string("A256") + suffix; | |
| 30 return std::string(); | |
| 31 } | |
| 32 | |
| 33 } // namespace | |
| 34 | |
| 35 AesAlgorithm::AesAlgorithm(blink::WebCryptoKeyUsageMask all_key_usages, | |
| 36 const std::string& jwk_suffix) | |
| 37 : all_key_usages_(all_key_usages), jwk_suffix_(jwk_suffix) { | |
| 38 } | |
| 39 | |
| 40 AesAlgorithm::AesAlgorithm(const std::string& jwk_suffix) | |
| 41 : all_key_usages_(blink::WebCryptoKeyUsageEncrypt | | |
| 42 blink::WebCryptoKeyUsageDecrypt | | |
| 43 blink::WebCryptoKeyUsageWrapKey | | |
| 44 blink::WebCryptoKeyUsageUnwrapKey), | |
| 45 jwk_suffix_(jwk_suffix) { | |
| 46 } | |
| 47 | |
| 48 Status AesAlgorithm::GenerateKey(const blink::WebCryptoAlgorithm& algorithm, | |
| 49 bool extractable, | |
| 50 blink::WebCryptoKeyUsageMask usages, | |
| 51 GenerateKeyResult* result) const { | |
| 52 Status status = CheckKeyCreationUsages(all_key_usages_, usages, false); | |
| 53 if (status.IsError()) | |
| 54 return status; | |
| 55 | |
| 56 unsigned int keylen_bits; | |
| 57 status = GetAesKeyGenLengthInBits(algorithm.aesKeyGenParams(), &keylen_bits); | |
| 58 if (status.IsError()) | |
| 59 return status; | |
| 60 | |
| 61 return GenerateWebCryptoSecretKey( | |
| 62 blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits), | |
| 63 extractable, usages, keylen_bits, result); | |
| 64 } | |
| 65 | |
| 66 Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey( | |
| 67 blink::WebCryptoKeyFormat format, | |
| 68 blink::WebCryptoKeyUsageMask usages) const { | |
| 69 switch (format) { | |
| 70 case blink::WebCryptoKeyFormatRaw: | |
| 71 case blink::WebCryptoKeyFormatJwk: | |
| 72 return CheckKeyCreationUsages(all_key_usages_, usages, false); | |
| 73 default: | |
| 74 return Status::ErrorUnsupportedImportKeyFormat(); | |
| 75 } | |
| 76 } | |
| 77 | |
| 78 Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data, | |
| 79 const blink::WebCryptoAlgorithm& algorithm, | |
| 80 bool extractable, | |
| 81 blink::WebCryptoKeyUsageMask usages, | |
| 82 blink::WebCryptoKey* key) const { | |
| 83 const unsigned int keylen_bytes = key_data.byte_length(); | |
| 84 Status status = VerifyAesKeyLengthForImport(keylen_bytes); | |
| 85 if (status.IsError()) | |
| 86 return status; | |
| 87 | |
| 88 // No possibility of overflow. | |
| 89 unsigned int keylen_bits = keylen_bytes * 8; | |
| 90 | |
| 91 return CreateWebCryptoSecretKey( | |
| 92 key_data, | |
| 93 blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits), | |
| 94 extractable, usages, key); | |
| 95 } | |
| 96 | |
| 97 Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data, | |
| 98 const blink::WebCryptoAlgorithm& algorithm, | |
| 99 bool extractable, | |
| 100 blink::WebCryptoKeyUsageMask usages, | |
| 101 blink::WebCryptoKey* key) const { | |
| 102 std::vector<uint8_t> raw_data; | |
| 103 JwkReader jwk; | |
| 104 Status status = ReadSecretKeyNoExpectedAlg(key_data, extractable, usages, | |
| 105 &raw_data, &jwk); | |
| 106 if (status.IsError()) | |
| 107 return status; | |
| 108 | |
| 109 bool has_jwk_alg; | |
| 110 std::string jwk_alg; | |
| 111 status = jwk.GetAlg(&jwk_alg, &has_jwk_alg); | |
| 112 if (status.IsError()) | |
| 113 return status; | |
| 114 | |
| 115 if (has_jwk_alg) { | |
| 116 std::string expected_algorithm_name = | |
| 117 MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size()); | |
| 118 | |
| 119 if (jwk_alg != expected_algorithm_name) { | |
| 120 // Give a different error message if the key length was wrong. | |
| 121 if (jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 16) || | |
| 122 jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 24) || | |
| 123 jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 32)) { | |
| 124 return Status::ErrorJwkIncorrectKeyLength(); | |
| 125 } | |
| 126 return Status::ErrorJwkAlgorithmInconsistent(); | |
| 127 } | |
| 128 } | |
| 129 | |
| 130 return ImportKeyRaw(CryptoData(raw_data), algorithm, extractable, usages, | |
| 131 key); | |
| 132 } | |
| 133 | |
| 134 Status AesAlgorithm::ExportKeyRaw(const blink::WebCryptoKey& key, | |
| 135 std::vector<uint8_t>* buffer) const { | |
| 136 *buffer = SymKeyOpenSsl::Cast(key)->raw_key_data(); | |
| 137 return Status::Success(); | |
| 138 } | |
| 139 | |
| 140 Status AesAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key, | |
| 141 std::vector<uint8_t>* buffer) const { | |
| 142 const std::vector<uint8_t>& raw_data = | |
| 143 SymKeyOpenSsl::Cast(key)->raw_key_data(); | |
| 144 | |
| 145 WriteSecretKeyJwk(CryptoData(raw_data), | |
| 146 MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size()), | |
| 147 key.extractable(), key.usages(), buffer); | |
| 148 | |
| 149 return Status::Success(); | |
| 150 } | |
| 151 | |
| 152 Status AesAlgorithm::SerializeKeyForClone( | |
| 153 const blink::WebCryptoKey& key, | |
| 154 blink::WebVector<uint8_t>* key_data) const { | |
| 155 key_data->assign(SymKeyOpenSsl::Cast(key)->serialized_key_data()); | |
| 156 return Status::Success(); | |
| 157 } | |
| 158 | |
| 159 Status AesAlgorithm::DeserializeKeyForClone( | |
| 160 const blink::WebCryptoKeyAlgorithm& algorithm, | |
| 161 blink::WebCryptoKeyType type, | |
| 162 bool extractable, | |
| 163 blink::WebCryptoKeyUsageMask usages, | |
| 164 const CryptoData& key_data, | |
| 165 blink::WebCryptoKey* key) const { | |
| 166 return ImportKeyRaw(key_data, CreateAlgorithm(algorithm.id()), extractable, | |
| 167 usages, key); | |
| 168 } | |
| 169 | |
| 170 Status AesAlgorithm::GetKeyLength( | |
| 171 const blink::WebCryptoAlgorithm& key_length_algorithm, | |
| 172 bool* has_length_bits, | |
| 173 unsigned int* length_bits) const { | |
| 174 return GetAesKeyLength(key_length_algorithm, has_length_bits, length_bits); | |
| 175 } | |
| 176 | |
| 177 } // namespace webcrypto | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1304063015:
[refactor] Rename the webcrypto/openssl and webcrypto/test directories. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@jwk_refactor