Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(809)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp

Issue 1418113002: RTCPeerConnection.generateCertificate taking AlgorithmIdentifier and using WebCrypto (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed comments Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.h ('k') | third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.idl » ('j') | third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp
diff --git a/third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp b/third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp
index 5dcf61e6ea105d298fd09c0997c1561b7d54c7fb..077059d926c840d2320f9456c2dcc42c8feefeef 100644
--- a/third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp
+++ b/third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.cpp
@@ -44,6 +44,7 @@
#include "core/html/VoidCallback.h"
#include "core/loader/FrameLoader.h"
#include "core/loader/FrameLoaderClient.h"
+#include "modules/crypto/CryptoResultImpl.h"
#include "modules/mediastream/MediaConstraintsImpl.h"
#include "modules/mediastream/MediaStreamEvent.h"
#include "modules/mediastream/RTCDTMFSender.h"
@@ -60,6 +61,7 @@
#include "platform/mediastream/RTCConfiguration.h"
#include "platform/mediastream/RTCOfferOptions.h"
#include "public/platform/Platform.h"
+#include "public/platform/WebCryptoAlgorithmParams.h"
#include "public/platform/WebMediaStream.h"
#include "public/platform/WebRTCCertificate.h"
#include "public/platform/WebRTCCertificateGenerator.h"
@@ -473,48 +475,57 @@ void RTCPeerConnection::updateIce(const Dictionary& rtcConfiguration, const Dict
exceptionState.throwDOMException(SyntaxError, "Could not update the ICE Agent with the given configuration.");
}
-ScriptPromise RTCPeerConnection::generateCertificate(ScriptState* scriptState, const Dictionary& keygenAlgorithm, ExceptionState& exceptionState)
+ScriptPromise RTCPeerConnection::generateCertificate(ScriptState* scriptState, const AlgorithmIdentifier& keygenAlgorithm, ExceptionState& exceptionState)
{
- // Validate and interpret input |keygenAlgorithm|.
- // TODO(hbos): Use WebCrypto normalization process to validate and interpret |keygenAlgorithm|.
- // This may create a dependency between the Blink and WebCrypto modules? crbug.com/544917
+ // Normalize |keygenAlgorithm| with WebCrypto, making sure it is a recognized AlgorithmIdentifier.
+ WebCryptoAlgorithm cryptoAlgorithm;
+ AlgorithmError error;
+ if (!normalizeAlgorithm(keygenAlgorithm, WebCryptoOperationGenerateKey, cryptoAlgorithm, &error)) {
+ // Reject generateCertificate with the same error as was produced by WebCrypto.
+ // |result| is garbage collected, no need to delete.
+ CryptoResultImpl* result = CryptoResultImpl::create(scriptState);
+ ScriptPromise promise = result->promise();
+ result->completeWithError(error.errorType, error.errorDetails);
+ return promise;
+ }
+
+ // Convert from WebCrypto representation to recognized WebRTCKeyParams. WebRTC supports a small subset of what are valid AlgorithmIdentifiers.
+ const char* unsupportedParamsString = "The 1st argument provided is an AlgorithmIdentifier with a supported algorithm name, but the parameters are not supported.";
Nullable<WebRTCKeyParams> keyParams;
- String name;
- if (DictionaryHelper::get(keygenAlgorithm, "name", name)) {
- if (name == "RSASSA-PKCS1-v1_5") {
- // RSA - Supported |keygenAlgorithm|:
- // { name: "RSASSA-PKCS1-v1_5", modulusLength: <int>, publicExponent: 65537 }
- int modulusLength = -1;
- int publicExponent = -1;
- if (DictionaryHelper::get(keygenAlgorithm, "modulusLength", modulusLength)
- && modulusLength >= 0
- && DictionaryHelper::get(keygenAlgorithm, "publicExponent", publicExponent)
- && publicExponent >= 0) {
- keyParams.set(blink::WebRTCKeyParams::createRSA(modulusLength, publicExponent));
- }
- } else if (name == "ECDSA") {
- // ECDSA - Supported |keygenAlgorithm|:
- // { name: "ECDSA", namedCurve: "P-256" }
- String namedCurve;
- DictionaryHelper::get(keygenAlgorithm, "namedCurve", namedCurve);
- if (namedCurve == "P-256") {
- keyParams.set(blink::WebRTCKeyParams::createECDSA(WebRTCECCurveNistP256));
- }
+ switch (cryptoAlgorithm.id()) {
+ case WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
+ // name: "RSASSA-PKCS1-v1_5"
+ unsigned publicExponent;
+ // "publicExponent" must fit in an unsigned int. The only recognized "hash" is "SHA-256".
+ if (cryptoAlgorithm.rsaHashedKeyGenParams()->publicExponentToUint32(&publicExponent)
+ && cryptoAlgorithm.rsaHashedKeyGenParams()->hash().id() == WebCryptoAlgorithmIdSha256) {
+ unsigned modulusLength = cryptoAlgorithm.rsaHashedKeyGenParams()->modulusLengthBits();
+ keyParams.set(blink::WebRTCKeyParams::createRSA(modulusLength, publicExponent));
+ } else {
+ return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(NotSupportedError, unsupportedParamsString));
}
+ break;
+ case WebCryptoAlgorithmIdEcdsa:
+ // name: "ECDSA"
+ // The only recognized "namedCurve" is "P-256".
+ if (cryptoAlgorithm.ecKeyGenParams()->namedCurve() == WebCryptoNamedCurveP256) {
+ keyParams.set(blink::WebRTCKeyParams::createECDSA(blink::WebRTCECCurveNistP256));
+ } else {
+ return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(NotSupportedError, unsupportedParamsString));
+ }
+ break;
+ default:
+ return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(NotSupportedError, "The 1st argument provided is an AlgorithmIdentifier, but the algorithm is not supported."));
+ break;
}
- if (keyParams.isNull()) {
- // Invalid argument.
- return ScriptPromise::rejectWithDOMException(
- scriptState, DOMException::create(InvalidAccessError, ExceptionMessages::argumentNullOrIncorrectType(1, "AlgorithmIdentifier")));
- }
+ ASSERT(!keyParams.isNull());
OwnPtr<WebRTCCertificateGenerator> certificateGenerator = adoptPtr(
Platform::current()->createRTCCertificateGenerator());
- // Check validity of |keyParams|.
+ // |keyParams| was successfully constructed, but does the certificate generator support these parameters?
if (!certificateGenerator->isValidKeyParams(keyParams.get())) {
- return ScriptPromise::rejectWithDOMException(
- scriptState, DOMException::create(NotSupportedError, "The 1st argument provided is an AlgorithmIdentifier, but it has unsupported parameter values."));
+ return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(NotSupportedError, unsupportedParamsString));
}
ScriptPromiseResolver* resolver = ScriptPromiseResolver::create(scriptState);
« no previous file with comments | « third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.h ('k') | third_party/WebKit/Source/modules/mediastream/RTCPeerConnection.idl » ('j') | third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698