OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 5 #ifndef CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
6 #define CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 6 #define CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
7 | 7 |
8 #include <map> | |
9 #include <string> | 8 #include <string> |
10 #include <vector> | 9 #include <vector> |
11 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
12 #include "content/common/content_export.h" | 11 #include "content/common/content_export.h" |
13 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 12 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
14 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | |
15 | 15 |
16 namespace content { | 16 namespace content { |
17 | 17 |
18 namespace webcrypto { | 18 namespace webcrypto { |
19 | 19 |
20 // TODO(eroman): Move Status class to a separate file | |
21 | |
20 // Status indicates whether an operation completed successfully, or with an | 22 // Status indicates whether an operation completed successfully, or with an |
21 // error. The error is used for verification in unit-tests, as well as for | 23 // error. The error is used for verification in unit-tests, as well as for |
22 // display to the user. | 24 // display to the user. |
23 // | 25 // |
24 // As such, it is important that errors DO NOT reveal any sensitive material | 26 // As such, it is important that errors DO NOT reveal any sensitive material |
25 // (like key bytes). | 27 // (like key bytes). |
26 // | 28 // |
27 // Care must be taken with what errors are reported back to blink when doing | 29 // Care must be taken with what errors are reported back to blink when doing |
28 // compound operations like unwrapping a JWK key. In this case, errors | 30 // compound operations like unwrapping a JWK key. In this case, errors |
29 // generated by the JWK import are not appropriate to report since the wrapped | 31 // generated by the JWK import are not appropriate to report since the wrapped |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
114 // No key data was provided when importing an spki, pkcs8, or jwk formatted | 116 // No key data was provided when importing an spki, pkcs8, or jwk formatted |
115 // key. This does not apply to raw format, since it is possible to have empty | 117 // key. This does not apply to raw format, since it is possible to have empty |
116 // key data there. | 118 // key data there. |
117 static Status ErrorImportEmptyKeyData(); | 119 static Status ErrorImportEmptyKeyData(); |
118 | 120 |
119 // The wrong key was used for the operation. For instance, a public key was | 121 // The wrong key was used for the operation. For instance, a public key was |
120 // used to verify a RsaSsaPkcs1v1_5 signature, or tried exporting a private | 122 // used to verify a RsaSsaPkcs1v1_5 signature, or tried exporting a private |
121 // key using spki format. | 123 // key using spki format. |
122 static Status ErrorUnexpectedKeyType(); | 124 static Status ErrorUnexpectedKeyType(); |
123 | 125 |
126 static Status ErrorKeyAlgorithmMismatch(); | |
Ryan Sleevi
2014/02/07 01:19:21
Why are you introducing this in this change?
eroman
2014/02/07 21:15:57
Will change to ErrorUnexpected for now()
| |
127 | |
124 // When doing an AES-CBC encryption/decryption, the "iv" parameter was not 16 | 128 // When doing an AES-CBC encryption/decryption, the "iv" parameter was not 16 |
125 // bytes. | 129 // bytes. |
126 static Status ErrorIncorrectSizeAesCbcIv(); | 130 static Status ErrorIncorrectSizeAesCbcIv(); |
127 | 131 |
128 // The data provided to an encrypt/decrypt/sign/verify operation was too | 132 // The data provided to an encrypt/decrypt/sign/verify operation was too |
129 // large. This can either represent an internal limitation (for instance | 133 // large. This can either represent an internal limitation (for instance |
130 // representing buffer lengths as uints), or an algorithm restriction (for | 134 // representing buffer lengths as uints), or an algorithm restriction (for |
131 // instance RSAES can operation on messages relative to the length of the | 135 // instance RSAES can operation on messages relative to the length of the |
132 // key's modulus). | 136 // key's modulus). |
133 static Status ErrorDataTooLarge(); | 137 static Status ErrorDataTooLarge(); |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
192 | 196 |
193 // Shrinks a WebArrayBuffer to a new size. | 197 // Shrinks a WebArrayBuffer to a new size. |
194 // TODO(eroman): This works by re-allocating a new buffer. It would be better if | 198 // TODO(eroman): This works by re-allocating a new buffer. It would be better if |
195 // the WebArrayBuffer could just be truncated instead. | 199 // the WebArrayBuffer could just be truncated instead. |
196 void ShrinkBuffer(blink::WebArrayBuffer* buffer, unsigned int new_size); | 200 void ShrinkBuffer(blink::WebArrayBuffer* buffer, unsigned int new_size); |
197 | 201 |
198 // Creates a WebArrayBuffer from a uint8 byte array | 202 // Creates a WebArrayBuffer from a uint8 byte array |
199 blink::WebArrayBuffer CreateArrayBuffer(const uint8* data, | 203 blink::WebArrayBuffer CreateArrayBuffer(const uint8* data, |
200 unsigned int data_size); | 204 unsigned int data_size); |
201 | 205 |
206 // TODO(eroman): Move this to JWK file. | |
202 // This function decodes unpadded 'base64url' encoded data, as described in | 207 // This function decodes unpadded 'base64url' encoded data, as described in |
203 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5. | 208 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5. |
204 // In Web Crypto, this type of encoding is only used inside JWK. | 209 // In Web Crypto, this type of encoding is only used inside JWK. |
205 bool Base64DecodeUrlSafe(const std::string& input, std::string* output); | 210 bool Base64DecodeUrlSafe(const std::string& input, std::string* output); |
206 | 211 |
207 CONTENT_EXPORT bool IsHashAlgorithm(blink::WebCryptoAlgorithmId alg_id); | 212 CONTENT_EXPORT bool IsHashAlgorithm(blink::WebCryptoAlgorithmId alg_id); |
208 | 213 |
209 // Returns the "hash" param for an algorithm if it exists, otherwise returns | 214 // Returns the "hash" param for an algorithm if it exists, otherwise returns |
210 // a null algorithm. | 215 // a null algorithm. |
211 blink::WebCryptoAlgorithm GetInnerHashAlgorithm( | 216 blink::WebCryptoAlgorithm GetInnerHashAlgorithm( |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
251 | 256 |
252 // Creates and AES-GCM algorithm. | 257 // Creates and AES-GCM algorithm. |
253 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( | 258 blink::WebCryptoAlgorithm CreateAesGcmAlgorithm( |
254 const std::vector<uint8>& iv, | 259 const std::vector<uint8>& iv, |
255 const std::vector<uint8>& additional_data, | 260 const std::vector<uint8>& additional_data, |
256 uint8 tag_length_bytes); | 261 uint8 tag_length_bytes); |
257 | 262 |
258 // Returns the internal block size for SHA-* | 263 // Returns the internal block size for SHA-* |
259 unsigned int ShaBlockSizeBytes(blink::WebCryptoAlgorithmId hash_id); | 264 unsigned int ShaBlockSizeBytes(blink::WebCryptoAlgorithmId hash_id); |
260 | 265 |
266 bool IsAlgorithmAsymmetric(const blink::WebCryptoAlgorithm& algorithm); | |
Ryan Sleevi
2014/02/07 01:19:21
Ditto
eroman
2014/02/07 21:15:57
Was moving it out of webcrypto_impl.cc.
Will leave
| |
267 | |
261 } // namespace webcrypto | 268 } // namespace webcrypto |
262 | 269 |
263 } // namespace content | 270 } // namespace content |
264 | 271 |
265 #endif // CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 272 #endif // CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
OLD | NEW |