[refactor] More post-NSS WebCrypto cleanups (utility functions).

components/webcrypto/algorithms/aes.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/webcrypto/algorithms/aes.h"
 
 #include "base/logging.h"
-#include "components/webcrypto/algorithms/util_openssl.h"
+#include "components/webcrypto/algorithms/secret_key_util.h"
 #include "components/webcrypto/crypto_data.h"
 #include "components/webcrypto/jwk.h"
 #include "components/webcrypto/key.h"
 #include "components/webcrypto/status.h"
 #include "components/webcrypto/webcrypto_util.h"
+#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
 
 namespace webcrypto {
 
 namespace {
 
 // Creates an AES algorithm name for the given key size (in bytes). For
 // instance "A128CBC" is the result of suffix="CBC", keylen_bytes=16.
 std::string MakeJwkAesAlgorithmName(const std::string& suffix,
                                     size_t keylen_bytes) {
@@ skipping 22 matching lines @@
 }
 
 Status AesAlgorithm::GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
                                  bool extractable,
                                  blink::WebCryptoKeyUsageMask usages,
                                  GenerateKeyResult* result) const {
   Status status = CheckKeyCreationUsages(all_key_usages_, usages, false);
   if (status.IsError())
     return status;
 
-  unsigned int keylen_bits;
-  status = GetAesKeyGenLengthInBits(algorithm.aesKeyGenParams(), &keylen_bits);
-  if (status.IsError())
-    return status;
+  unsigned int keylen_bits = algorithm.aesKeyGenParams()->lengthBits();
+
+  // BoringSSL does not support 192-bit AES.
+  if (keylen_bits == 192)
+    return Status::ErrorAes192BitUnsupported();
+
+  if (keylen_bits != 128 && keylen_bits != 256)
+    return Status::ErrorGenerateAesKeyLength();
 
   return GenerateWebCryptoSecretKey(
       blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
       extractable, usages, keylen_bits, result);
 }
 
 Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey(
     blink::WebCryptoKeyFormat format,
     blink::WebCryptoKeyUsageMask usages) const {
   switch (format) {
     case blink::WebCryptoKeyFormatRaw:
     case blink::WebCryptoKeyFormatJwk:
       return CheckKeyCreationUsages(all_key_usages_, usages, false);
     default:
       return Status::ErrorUnsupportedImportKeyFormat();
   }
 }
 
 Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data,
                                   const blink::WebCryptoAlgorithm& algorithm,
                                   bool extractable,
                                   blink::WebCryptoKeyUsageMask usages,
                                   blink::WebCryptoKey* key) const {
   const unsigned int keylen_bytes = key_data.byte_length();
-  Status status = VerifyAesKeyLengthForImport(keylen_bytes);
-  if (status.IsError())
-    return status;
+
+  // BoringSSL does not support 192-bit AES.
+  if (keylen_bytes == 24)
+    return Status::ErrorAes192BitUnsupported();
+
+  if (keylen_bytes != 16 && keylen_bytes != 32)
+    return Status::ErrorImportAesKeyLength();
 
   // No possibility of overflow.
   unsigned int keylen_bits = keylen_bytes * 8;
 
   return CreateWebCryptoSecretKey(
       key_data,
       blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
       extractable, usages, key);
 }
 
 Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data,
                                   const blink::WebCryptoAlgorithm& algorithm,
                                   bool extractable,
                                   blink::WebCryptoKeyUsageMask usages,
                                   blink::WebCryptoKey* key) const {
   std::vector<uint8_t> raw_data;
   JwkReader jwk;
-  Status status = ReadSecretKeyNoExpectedAlg(key_data, extractable, usages,
-                                             &raw_data, &jwk);
+  Status status = ReadSecretKeyNoExpectedAlgJwk(key_data, extractable, usages,
+                                                &raw_data, &jwk);
   if (status.IsError())
     return status;
 
   bool has_jwk_alg;
   std::string jwk_alg;
   status = jwk.GetAlg(&jwk_alg, &has_jwk_alg);
   if (status.IsError())
     return status;
 
   if (has_jwk_alg) {
@@ skipping 40 matching lines @@
     const CryptoData& key_data,
     blink::WebCryptoKey* key) const {
   return ImportKeyRaw(key_data, CreateAlgorithm(algorithm.id()), extractable,
                       usages, key);
 }
 
 Status AesAlgorithm::GetKeyLength(
     const blink::WebCryptoAlgorithm& key_length_algorithm,
     bool* has_length_bits,
     unsigned int* length_bits) const {
-  return GetAesKeyLength(key_length_algorithm, has_length_bits, length_bits);
+  *has_length_bits = true;
+  *length_bits = key_length_algorithm.aesDerivedKeyParams()->lengthBits();
+
+  if (*length_bits == 128 || *length_bits == 256)
+    return Status::Success();
+
+  // BoringSSL does not support 192-bit AES.
+  if (*length_bits == 192)
+    return Status::ErrorAes192BitUnsupported();
+
+  return Status::ErrorGetAesKeyLength();
 }
 
 }  // namespace webcrypto