[refactor] More post-NSS WebCrypto cleanups (utility functions).

components/webcrypto/algorithms/secret_key_util.cc

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/webcrypto/algorithms/secret_key_util.h"
+
+#include <openssl/rand.h>
+
+#include "components/webcrypto/crypto_data.h"
+#include "components/webcrypto/generate_key_result.h"
+#include "components/webcrypto/jwk.h"
+#include "components/webcrypto/key.h"
+#include "components/webcrypto/status.h"
+#include "components/webcrypto/webcrypto_util.h"
+#include "crypto/openssl_util.h"
+
+namespace webcrypto {
+
+Status GenerateWebCryptoSecretKey(const blink::WebCryptoKeyAlgorithm& algorithm,
+                                  bool extractable,
+                                  blink::WebCryptoKeyUsageMask usages,
+                                  unsigned int keylen_bits,
+                                  GenerateKeyResult* result) {
+  crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
+
+  unsigned int keylen_bytes = NumBitsToBytes(keylen_bits);
+  std::vector<unsigned char> random_bytes(keylen_bytes, 0);
+
+  if (keylen_bytes > 0) {

[davidben, 2015/09/18 22:16:00]

Optional: RAND_bytes does reasonable things if you pass in 0, so you might not
need this check.

[eroman, 2015/09/18 23:13:23]

This check predated the use of vector_as_array(), so it was guarding calling
&rand_bytes[0] on an empty vector.

I have left it as > 0 check, since I don't think there is an advantage in
calling RAND_bytes() in the empty case.

+    if (!(RAND_bytes(&random_bytes[0], keylen_bytes)))

[davidben, 2015/09/18 22:15:59]

&random_bytes[0] -> vector_as_array?

[davidben, 2015/09/18 22:15:59]

Style: unnecessary parens around RAND_byte?

[eroman, 2015/09/18 23:13:23]

Done.

[eroman, 2015/09/18 23:13:23]

Done.

+      return Status::OperationError();
+    TruncateToBitLength(keylen_bits, &random_bytes);
+  }
+
+  result->AssignSecretKey(blink::WebCryptoKey::create(
+      CreateSymmetricKeyHandle(CryptoData(random_bytes)),
+      blink::WebCryptoKeyTypeSecret, extractable, algorithm, usages));
+
+  return Status::Success();
+}
+
+Status CreateWebCryptoSecretKey(const CryptoData& key_data,
+                                const blink::WebCryptoKeyAlgorithm& algorithm,
+                                bool extractable,
+                                blink::WebCryptoKeyUsageMask usages,
+                                blink::WebCryptoKey* key) {
+  *key = blink::WebCryptoKey::create(CreateSymmetricKeyHandle(key_data),
+                                     blink::WebCryptoKeyTypeSecret, extractable,
+                                     algorithm, usages);
+  return Status::Success();
+}
+
+void WriteSecretKeyJwk(const CryptoData& raw_key_data,
+                       const std::string& algorithm,
+                       bool extractable,
+                       blink::WebCryptoKeyUsageMask usages,
+                       std::vector<uint8_t>* jwk_key_data) {
+  JwkWriter writer(algorithm, extractable, usages, "oct");
+  writer.SetBytes("k", raw_key_data);
+  writer.ToJson(jwk_key_data);
+}
+
+Status ReadSecretKeyNoExpectedAlgJwk(
+    const CryptoData& key_data,
+    bool expected_extractable,
+    blink::WebCryptoKeyUsageMask expected_usages,
+    std::vector<uint8_t>* raw_key_data,
+    JwkReader* jwk) {
+  Status status = jwk->Init(key_data, expected_extractable, expected_usages,
+                            "oct", std::string());
+  if (status.IsError())
+    return status;
+
+  std::string jwk_k_value;
+  status = jwk->GetBytes("k", &jwk_k_value);
+  if (status.IsError())
+    return status;
+  raw_key_data->assign(jwk_k_value.begin(), jwk_k_value.end());
+
+  return Status::Success();
+}
+
+}  // namespace webcrypto