| Index: content/renderer/webcrypto/jwk.cc
|
| diff --git a/content/renderer/webcrypto/webcrypto_impl.cc b/content/renderer/webcrypto/jwk.cc
|
| similarity index 72%
|
| copy from content/renderer/webcrypto/webcrypto_impl.cc
|
| copy to content/renderer/webcrypto/jwk.cc
|
| index 88af92ad2777b0172d465b530e0da3de9e93c41e..9fc47ab364612c5e308af55ab55eaaa477e252fa 100644
|
| --- a/content/renderer/webcrypto/webcrypto_impl.cc
|
| +++ b/content/renderer/webcrypto/jwk.cc
|
| @@ -2,8 +2,6 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "content/renderer/webcrypto/webcrypto_impl.h"
|
| -
|
| #include <algorithm>
|
| #include <functional>
|
| #include <map>
|
| @@ -13,34 +11,17 @@
|
| #include "base/memory/scoped_ptr.h"
|
| #include "base/strings/string_piece.h"
|
| #include "base/values.h"
|
| +#include "content/renderer/webcrypto/crypto_data.h"
|
| +#include "content/renderer/webcrypto/platform_crypto.h"
|
| +#include "content/renderer/webcrypto/shared_crypto.h"
|
| #include "content/renderer/webcrypto/webcrypto_util.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKey.h"
|
| -#include "third_party/WebKit/public/platform/WebString.h"
|
|
|
| namespace content {
|
|
|
| -using webcrypto::Status;
|
| +namespace webcrypto {
|
|
|
| namespace {
|
|
|
| -void CompleteWithError(const Status& status, blink::WebCryptoResult* result) {
|
| - DCHECK(status.IsError());
|
| - if (status.HasErrorDetails())
|
| - result->completeWithError(blink::WebString::fromUTF8(status.ToString()));
|
| - else
|
| - result->completeWithError();
|
| -}
|
| -
|
| -bool IsAlgorithmAsymmetric(const blink::WebCryptoAlgorithm& algorithm) {
|
| - // TODO(padolph): include all other asymmetric algorithms once they are
|
| - // defined, e.g. EC and DH.
|
| - return (algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 ||
|
| - algorithm.id() == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 ||
|
| - algorithm.id() == blink::WebCryptoAlgorithmIdRsaOaep);
|
| -}
|
| -
|
| typedef blink::WebCryptoAlgorithm (*AlgorithmCreationFunc)();
|
|
|
| class JwkAlgorithmInfo {
|
| @@ -94,28 +75,28 @@ class JwkAlgorithmRegistry {
|
| // says HMAC with SHA-2 should have a key size at least as large as the
|
| // hash output.
|
| alg_to_info_["HS256"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId,
|
| + &BindAlgorithmId<CreateHmacAlgorithmByHashId,
|
| blink::WebCryptoAlgorithmIdSha256>);
|
| alg_to_info_["HS384"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId,
|
| + &BindAlgorithmId<CreateHmacAlgorithmByHashId,
|
| blink::WebCryptoAlgorithmIdSha384>);
|
| alg_to_info_["HS512"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId,
|
| + &BindAlgorithmId<CreateHmacAlgorithmByHashId,
|
| blink::WebCryptoAlgorithmIdSha512>);
|
| alg_to_info_["RS256"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm,
|
| + &BindAlgorithmId<CreateRsaSsaAlgorithm,
|
| blink::WebCryptoAlgorithmIdSha256>);
|
| alg_to_info_["RS384"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm,
|
| + &BindAlgorithmId<CreateRsaSsaAlgorithm,
|
| blink::WebCryptoAlgorithmIdSha384>);
|
| alg_to_info_["RS512"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm,
|
| + &BindAlgorithmId<CreateRsaSsaAlgorithm,
|
| blink::WebCryptoAlgorithmIdSha512>);
|
| alg_to_info_["RSA1_5"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5>);
|
| alg_to_info_["RSA-OAEP"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateRsaOaepAlgorithm,
|
| + &BindAlgorithmId<CreateRsaOaepAlgorithm,
|
| blink::WebCryptoAlgorithmIdSha1>);
|
| // TODO(padolph): The Web Crypto spec does not enumerate AES-KW 128 yet
|
| alg_to_info_["A128KW"] =
|
| @@ -124,19 +105,19 @@ class JwkAlgorithmRegistry {
|
| alg_to_info_["A256KW"] =
|
| JwkAlgorithmInfo(&blink::WebCryptoAlgorithm::createNull, 256);
|
| alg_to_info_["A128GCM"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdAesGcm>, 128);
|
| alg_to_info_["A256GCM"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdAesGcm>, 256);
|
| alg_to_info_["A128CBC"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdAesCbc>, 128);
|
| alg_to_info_["A192CBC"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdAesCbc>, 192);
|
| alg_to_info_["A256CBC"] = JwkAlgorithmInfo(
|
| - &BindAlgorithmId<webcrypto::CreateAlgorithm,
|
| + &BindAlgorithmId<CreateAlgorithm,
|
| blink::WebCryptoAlgorithmIdAesCbc>, 256);
|
| }
|
|
|
| @@ -175,8 +156,8 @@ bool WebCryptoAlgorithmsConsistent(const blink::WebCryptoAlgorithm& alg1,
|
| case blink::WebCryptoAlgorithmIdRsaOaep:
|
| case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
|
| if (WebCryptoAlgorithmsConsistent(
|
| - webcrypto::GetInnerHashAlgorithm(alg1),
|
| - webcrypto::GetInnerHashAlgorithm(alg2))) {
|
| + GetInnerHashAlgorithm(alg1),
|
| + GetInnerHashAlgorithm(alg2))) {
|
| return true;
|
| }
|
| break;
|
| @@ -242,7 +223,7 @@ Status GetJwkBytes(base::DictionaryValue* dict,
|
| if (status.IsError())
|
| return status;
|
|
|
| - if (!webcrypto::Base64DecodeUrlSafe(base64_string, result))
|
| + if (!Base64DecodeUrlSafe(base64_string, result))
|
| return Status::ErrorJwkBase64Decode(path);
|
|
|
| return Status::Success();
|
| @@ -270,183 +251,8 @@ Status GetOptionalJwkBool(base::DictionaryValue* dict,
|
|
|
| } // namespace
|
|
|
| -WebCryptoImpl::WebCryptoImpl() {
|
| - Init();
|
| -}
|
| -
|
| -void WebCryptoImpl::encrypt(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - blink::WebArrayBuffer buffer;
|
| - Status status = EncryptInternal(algorithm, key, data, data_size, &buffer);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBuffer(buffer);
|
| -}
|
| -
|
| -void WebCryptoImpl::decrypt(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - blink::WebArrayBuffer buffer;
|
| - Status status = DecryptInternal(algorithm, key, data, data_size, &buffer);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBuffer(buffer);
|
| -}
|
| -
|
| -void WebCryptoImpl::digest(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - blink::WebArrayBuffer buffer;
|
| - Status status = DigestInternal(algorithm, data, data_size, &buffer);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBuffer(buffer);
|
| -}
|
| -
|
| -void WebCryptoImpl::generateKey(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - if (IsAlgorithmAsymmetric(algorithm)) {
|
| - blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| - blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull();
|
| - Status status = GenerateKeyPairInternal(
|
| - algorithm, extractable, usage_mask, &public_key, &private_key);
|
| - if (status.IsError()) {
|
| - CompleteWithError(status, &result);
|
| - } else {
|
| - DCHECK(public_key.handle());
|
| - DCHECK(private_key.handle());
|
| - DCHECK_EQ(algorithm.id(), public_key.algorithm().id());
|
| - DCHECK_EQ(algorithm.id(), private_key.algorithm().id());
|
| - DCHECK_EQ(true, public_key.extractable());
|
| - DCHECK_EQ(extractable, private_key.extractable());
|
| - DCHECK_EQ(usage_mask, public_key.usages());
|
| - DCHECK_EQ(usage_mask, private_key.usages());
|
| - result.completeWithKeyPair(public_key, private_key);
|
| - }
|
| - } else {
|
| - blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - Status status = GenerateSecretKeyInternal(
|
| - algorithm, extractable, usage_mask, &key);
|
| - if (status.IsError()) {
|
| - CompleteWithError(status, &result);
|
| - } else {
|
| - DCHECK(key.handle());
|
| - DCHECK_EQ(algorithm.id(), key.algorithm().id());
|
| - DCHECK_EQ(extractable, key.extractable());
|
| - DCHECK_EQ(usage_mask, key.usages());
|
| - result.completeWithKey(key);
|
| - }
|
| - }
|
| -}
|
| -
|
| -void WebCryptoImpl::importKey(
|
| - blink::WebCryptoKeyFormat format,
|
| - const unsigned char* key_data,
|
| - unsigned int key_data_size,
|
| - const blink::WebCryptoAlgorithm& algorithm_or_null,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoResult result) {
|
| - blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| - Status status = Status::Error();
|
| - if (format == blink::WebCryptoKeyFormatJwk) {
|
| - status = ImportKeyJwk(key_data,
|
| - key_data_size,
|
| - algorithm_or_null,
|
| - extractable,
|
| - usage_mask,
|
| - &key);
|
| - } else {
|
| - status = ImportKeyInternal(format,
|
| - key_data,
|
| - key_data_size,
|
| - algorithm_or_null,
|
| - extractable,
|
| - usage_mask,
|
| - &key);
|
| - }
|
| - if (status.IsError()) {
|
| - CompleteWithError(status, &result);
|
| - } else {
|
| - DCHECK(key.handle());
|
| - DCHECK(!key.algorithm().isNull());
|
| - DCHECK_EQ(extractable, key.extractable());
|
| - result.completeWithKey(key);
|
| - }
|
| -}
|
| -
|
| -void WebCryptoImpl::exportKey(
|
| - blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key,
|
| - blink::WebCryptoResult result) {
|
| - blink::WebArrayBuffer buffer;
|
| - Status status = ExportKeyInternal(format, key, &buffer);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBuffer(buffer);
|
| -}
|
| -
|
| -void WebCryptoImpl::sign(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - blink::WebArrayBuffer buffer;
|
| - Status status = SignInternal(algorithm, key, data, data_size, &buffer);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBuffer(buffer);
|
| -}
|
| -
|
| -void WebCryptoImpl::verifySignature(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* signature,
|
| - unsigned int signature_size,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebCryptoResult result) {
|
| - DCHECK(!algorithm.isNull());
|
| - bool signature_match = false;
|
| - Status status = VerifySignatureInternal(algorithm,
|
| - key,
|
| - signature,
|
| - signature_size,
|
| - data,
|
| - data_size,
|
| - &signature_match);
|
| - if (status.IsError())
|
| - CompleteWithError(status, &result);
|
| - else
|
| - result.completeWithBoolean(signature_match);
|
| -}
|
| -
|
| -Status WebCryptoImpl::ImportKeyJwk(
|
| - const unsigned char* key_data,
|
| - unsigned int key_data_size,
|
| +Status ImportKeyJwk(
|
| + const CryptoData& key_data,
|
| const blink::WebCryptoAlgorithm& algorithm_or_null,
|
| bool extractable,
|
| blink::WebCryptoKeyUsageMask usage_mask,
|
| @@ -587,13 +393,13 @@ Status WebCryptoImpl::ImportKeyJwk(
|
| // is used as the final usage_mask.
|
| //
|
|
|
| - if (!key_data_size)
|
| + if (!key_data.byte_length())
|
| return Status::ErrorImportEmptyKeyData();
|
| DCHECK(key);
|
|
|
| // Parse the incoming JWK JSON.
|
| - base::StringPiece json_string(reinterpret_cast<const char*>(key_data),
|
| - key_data_size);
|
| + base::StringPiece json_string(reinterpret_cast<const char*>(key_data.bytes()),
|
| + key_data.byte_length());
|
| scoped_ptr<base::Value> value(base::JSONReader::Read(json_string));
|
| // Note, bare pointer dict_value is ok since it points into scoped value.
|
| base::DictionaryValue* dict_value = NULL;
|
| @@ -715,13 +521,12 @@ Status WebCryptoImpl::ImportKeyJwk(
|
| return Status::ErrorJwkIncorrectKeyLength();
|
| }
|
|
|
| - return ImportKeyInternal(blink::WebCryptoKeyFormatRaw,
|
| - reinterpret_cast<const uint8*>(jwk_k_value.data()),
|
| - jwk_k_value.size(),
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| + return ImportKey(blink::WebCryptoKeyFormatRaw,
|
| + CryptoData(jwk_k_value),
|
| + algorithm,
|
| + extractable,
|
| + usage_mask,
|
| + key);
|
| } else if (jwk_kty_value == "RSA") {
|
|
|
| // An RSA public key must have an "n" (modulus) and an "e" (exponent) entry
|
| @@ -745,15 +550,12 @@ Status WebCryptoImpl::ImportKeyJwk(
|
| if (status.IsError())
|
| return status;
|
|
|
| - return ImportRsaPublicKeyInternal(
|
| - reinterpret_cast<const uint8*>(jwk_n_value.data()),
|
| - jwk_n_value.size(),
|
| - reinterpret_cast<const uint8*>(jwk_e_value.data()),
|
| - jwk_e_value.size(),
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| + return platform::ImportRsaPublicKey(algorithm,
|
| + extractable,
|
| + usage_mask,
|
| + CryptoData(jwk_n_value),
|
| + CryptoData(jwk_e_value),
|
| + key);
|
|
|
| } else {
|
| return Status::ErrorJwkUnrecognizedKty();
|
| @@ -762,4 +564,6 @@ Status WebCryptoImpl::ImportKeyJwk(
|
| return Status::Success();
|
| }
|
|
|
| +} // namespace webcrypto
|
| +
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 155623005:
Refactor to share more code between OpenSSL and NSS implementations. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src