Index: content/renderer/webcrypto/jwk.cc |
diff --git a/content/renderer/webcrypto/webcrypto_impl.cc b/content/renderer/webcrypto/jwk.cc |
similarity index 72% |
copy from content/renderer/webcrypto/webcrypto_impl.cc |
copy to content/renderer/webcrypto/jwk.cc |
index 304a55babc88ea6e0a939990537a6ccbaf131cf2..a747de41b1ce594b24914016095519c29ade2b16 100644 |
--- a/content/renderer/webcrypto/webcrypto_impl.cc |
+++ b/content/renderer/webcrypto/jwk.cc |
@@ -2,8 +2,6 @@ |
// Use of this source code is governed by a BSD-style license that can be |
// found in the LICENSE file. |
-#include "content/renderer/webcrypto/webcrypto_impl.h" |
- |
#include <algorithm> |
#include <functional> |
#include <map> |
@@ -13,33 +11,17 @@ |
#include "base/memory/scoped_ptr.h" |
#include "base/strings/string_piece.h" |
#include "base/values.h" |
+#include "content/renderer/webcrypto/crypto_data.h" |
+#include "content/renderer/webcrypto/platform_crypto.h" |
+#include "content/renderer/webcrypto/platform_crypto.h" |
#include "content/renderer/webcrypto/webcrypto_util.h" |
-#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
-#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
-#include "third_party/WebKit/public/platform/WebCryptoKey.h" |
-#include "third_party/WebKit/public/platform/WebString.h" |
namespace content { |
-using webcrypto::Status; |
+namespace webcrypto { |
namespace { |
-void CompleteWithError(const Status& status, blink::WebCryptoResult* result) { |
- DCHECK(status.IsError()); |
- if (status.HasErrorDetails()) |
- result->completeWithError(blink::WebString::fromUTF8(status.ToString())); |
- else |
- result->completeWithError(); |
-} |
- |
-bool IsAlgorithmAsymmetric(const blink::WebCryptoAlgorithm& algorithm) { |
- // TODO(padolph): include all other asymmetric algorithms once they are |
- // defined, e.g. EC and DH. |
- return (algorithm.id() == blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5 || |
- algorithm.id() == blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 || |
- algorithm.id() == blink::WebCryptoAlgorithmIdRsaOaep); |
-} |
typedef blink::WebCryptoAlgorithm (*AlgorithmCreationFunc)(); |
@@ -94,28 +76,28 @@ class JwkAlgorithmRegistry { |
// says HMAC with SHA-2 should have a key size at least as large as the |
// hash output. |
alg_to_info_["HS256"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId, |
+ &BindAlgorithmId<CreateHmacAlgorithmByHashId, |
blink::WebCryptoAlgorithmIdSha256>); |
alg_to_info_["HS384"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId, |
+ &BindAlgorithmId<CreateHmacAlgorithmByHashId, |
blink::WebCryptoAlgorithmIdSha384>); |
alg_to_info_["HS512"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateHmacAlgorithmByHashId, |
+ &BindAlgorithmId<CreateHmacAlgorithmByHashId, |
blink::WebCryptoAlgorithmIdSha512>); |
alg_to_info_["RS256"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm, |
+ &BindAlgorithmId<CreateRsaSsaAlgorithm, |
blink::WebCryptoAlgorithmIdSha256>); |
alg_to_info_["RS384"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm, |
+ &BindAlgorithmId<CreateRsaSsaAlgorithm, |
blink::WebCryptoAlgorithmIdSha384>); |
alg_to_info_["RS512"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateRsaSsaAlgorithm, |
+ &BindAlgorithmId<CreateRsaSsaAlgorithm, |
blink::WebCryptoAlgorithmIdSha512>); |
alg_to_info_["RSA1_5"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5>); |
alg_to_info_["RSA-OAEP"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateRsaOaepAlgorithm, |
+ &BindAlgorithmId<CreateRsaOaepAlgorithm, |
blink::WebCryptoAlgorithmIdSha1>); |
// TODO(padolph): The Web Crypto spec does not enumerate AES-KW 128 yet |
alg_to_info_["A128KW"] = |
@@ -124,19 +106,19 @@ class JwkAlgorithmRegistry { |
alg_to_info_["A256KW"] = |
JwkAlgorithmInfo(&blink::WebCryptoAlgorithm::createNull, 256); |
alg_to_info_["A128GCM"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdAesGcm>, 128); |
alg_to_info_["A256GCM"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdAesGcm>, 256); |
alg_to_info_["A128CBC"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdAesCbc>, 128); |
alg_to_info_["A192CBC"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdAesCbc>, 192); |
alg_to_info_["A256CBC"] = JwkAlgorithmInfo( |
- &BindAlgorithmId<webcrypto::CreateAlgorithm, |
+ &BindAlgorithmId<CreateAlgorithm, |
blink::WebCryptoAlgorithmIdAesCbc>, 256); |
} |
@@ -175,8 +157,8 @@ bool WebCryptoAlgorithmsConsistent(const blink::WebCryptoAlgorithm& alg1, |
case blink::WebCryptoAlgorithmIdRsaOaep: |
case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5: |
if (WebCryptoAlgorithmsConsistent( |
- webcrypto::GetInnerHashAlgorithm(alg1), |
- webcrypto::GetInnerHashAlgorithm(alg2))) { |
+ GetInnerHashAlgorithm(alg1), |
+ GetInnerHashAlgorithm(alg2))) { |
return true; |
} |
break; |
@@ -242,7 +224,7 @@ Status GetJwkBytes(base::DictionaryValue* dict, |
if (status.IsError()) |
return status; |
- if (!webcrypto::Base64DecodeUrlSafe(base64_string, result)) |
+ if (!Base64DecodeUrlSafe(base64_string, result)) |
return Status::ErrorJwkBase64Decode(path); |
return Status::Success(); |
@@ -270,183 +252,8 @@ Status GetOptionalJwkBool(base::DictionaryValue* dict, |
} // namespace |
-WebCryptoImpl::WebCryptoImpl() { |
- Init(); |
-} |
- |
-void WebCryptoImpl::encrypt( |
- const blink::WebCryptoAlgorithm& algorithm, |
- const blink::WebCryptoKey& key, |
- const unsigned char* data, |
- unsigned int data_size, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- blink::WebArrayBuffer buffer; |
- Status status = EncryptInternal(algorithm, key, data, data_size, &buffer); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBuffer(buffer); |
-} |
- |
-void WebCryptoImpl::decrypt( |
- const blink::WebCryptoAlgorithm& algorithm, |
- const blink::WebCryptoKey& key, |
- const unsigned char* data, |
- unsigned int data_size, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- blink::WebArrayBuffer buffer; |
- Status status = DecryptInternal(algorithm, key, data, data_size, &buffer); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBuffer(buffer); |
-} |
- |
-void WebCryptoImpl::digest( |
- const blink::WebCryptoAlgorithm& algorithm, |
- const unsigned char* data, |
- unsigned int data_size, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- blink::WebArrayBuffer buffer; |
- Status status = DigestInternal(algorithm, data, data_size, &buffer); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBuffer(buffer); |
-} |
- |
-void WebCryptoImpl::generateKey( |
- const blink::WebCryptoAlgorithm& algorithm, |
- bool extractable, |
- blink::WebCryptoKeyUsageMask usage_mask, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- if (IsAlgorithmAsymmetric(algorithm)) { |
- blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull(); |
- blink::WebCryptoKey private_key = blink::WebCryptoKey::createNull(); |
- Status status = GenerateKeyPairInternal( |
- algorithm, extractable, usage_mask, &public_key, &private_key); |
- if (status.IsError()) { |
- CompleteWithError(status, &result); |
- } else { |
- DCHECK(public_key.handle()); |
- DCHECK(private_key.handle()); |
- DCHECK_EQ(algorithm.id(), public_key.algorithm().id()); |
- DCHECK_EQ(algorithm.id(), private_key.algorithm().id()); |
- DCHECK_EQ(true, public_key.extractable()); |
- DCHECK_EQ(extractable, private_key.extractable()); |
- DCHECK_EQ(usage_mask, public_key.usages()); |
- DCHECK_EQ(usage_mask, private_key.usages()); |
- result.completeWithKeyPair(public_key, private_key); |
- } |
- } else { |
- blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- Status status = GenerateSecretKeyInternal( |
- algorithm, extractable, usage_mask, &key); |
- if (status.IsError()) { |
- CompleteWithError(status, &result); |
- } else { |
- DCHECK(key.handle()); |
- DCHECK_EQ(algorithm.id(), key.algorithm().id()); |
- DCHECK_EQ(extractable, key.extractable()); |
- DCHECK_EQ(usage_mask, key.usages()); |
- result.completeWithKey(key); |
- } |
- } |
-} |
- |
-void WebCryptoImpl::importKey( |
- blink::WebCryptoKeyFormat format, |
- const unsigned char* key_data, |
- unsigned int key_data_size, |
- const blink::WebCryptoAlgorithm& algorithm_or_null, |
- bool extractable, |
- blink::WebCryptoKeyUsageMask usage_mask, |
- blink::WebCryptoResult result) { |
- blink::WebCryptoKey key = blink::WebCryptoKey::createNull(); |
- Status status = Status::Error(); |
- if (format == blink::WebCryptoKeyFormatJwk) { |
- status = ImportKeyJwk(key_data, |
- key_data_size, |
- algorithm_or_null, |
- extractable, |
- usage_mask, |
- &key); |
- } else { |
- status = ImportKeyInternal(format, |
- key_data, |
- key_data_size, |
- algorithm_or_null, |
- extractable, |
- usage_mask, |
- &key); |
- } |
- if (status.IsError()) { |
- CompleteWithError(status, &result); |
- } else { |
- DCHECK(key.handle()); |
- DCHECK(!key.algorithm().isNull()); |
- DCHECK_EQ(extractable, key.extractable()); |
- result.completeWithKey(key); |
- } |
-} |
- |
-void WebCryptoImpl::exportKey( |
- blink::WebCryptoKeyFormat format, |
- const blink::WebCryptoKey& key, |
- blink::WebCryptoResult result) { |
- blink::WebArrayBuffer buffer; |
- Status status = ExportKeyInternal(format, key, &buffer); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBuffer(buffer); |
-} |
- |
-void WebCryptoImpl::sign( |
- const blink::WebCryptoAlgorithm& algorithm, |
- const blink::WebCryptoKey& key, |
- const unsigned char* data, |
- unsigned int data_size, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- blink::WebArrayBuffer buffer; |
- Status status = SignInternal(algorithm, key, data, data_size, &buffer); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBuffer(buffer); |
-} |
- |
-void WebCryptoImpl::verifySignature( |
- const blink::WebCryptoAlgorithm& algorithm, |
- const blink::WebCryptoKey& key, |
- const unsigned char* signature, |
- unsigned int signature_size, |
- const unsigned char* data, |
- unsigned int data_size, |
- blink::WebCryptoResult result) { |
- DCHECK(!algorithm.isNull()); |
- bool signature_match = false; |
- Status status = VerifySignatureInternal(algorithm, |
- key, |
- signature, |
- signature_size, |
- data, |
- data_size, |
- &signature_match); |
- if (status.IsError()) |
- CompleteWithError(status, &result); |
- else |
- result.completeWithBoolean(signature_match); |
-} |
- |
-Status WebCryptoImpl::ImportKeyJwk( |
- const unsigned char* key_data, |
- unsigned int key_data_size, |
+Status PlatformCrypto::ImportKeyJwk( |
+ const CryptoData& key_data, |
const blink::WebCryptoAlgorithm& algorithm_or_null, |
bool extractable, |
blink::WebCryptoKeyUsageMask usage_mask, |
@@ -587,13 +394,13 @@ Status WebCryptoImpl::ImportKeyJwk( |
// is used as the final usage_mask. |
// |
- if (!key_data_size) |
+ if (!key_data.byte_length()) |
return Status::ErrorImportEmptyKeyData(); |
DCHECK(key); |
// Parse the incoming JWK JSON. |
- base::StringPiece json_string(reinterpret_cast<const char*>(key_data), |
- key_data_size); |
+ base::StringPiece json_string(reinterpret_cast<const char*>(key_data.bytes()), |
+ key_data.byte_length()); |
scoped_ptr<base::Value> value(base::JSONReader::Read(json_string)); |
// Note, bare pointer dict_value is ok since it points into scoped value. |
base::DictionaryValue* dict_value = NULL; |
@@ -715,13 +522,12 @@ Status WebCryptoImpl::ImportKeyJwk( |
return Status::ErrorJwkIncorrectKeyLength(); |
} |
- return ImportKeyInternal(blink::WebCryptoKeyFormatRaw, |
- reinterpret_cast<const uint8*>(jwk_k_value.data()), |
- jwk_k_value.size(), |
- algorithm, |
- extractable, |
- usage_mask, |
- key); |
+ return ImportKey(blink::WebCryptoKeyFormatRaw, |
+ jwk_k_value, |
+ algorithm, |
+ extractable, |
+ usage_mask, |
+ key); |
} else if (jwk_kty_value == "RSA") { |
// An RSA public key must have an "n" (modulus) and an "e" (exponent) entry |
@@ -745,15 +551,12 @@ Status WebCryptoImpl::ImportKeyJwk( |
if (status.IsError()) |
return status; |
- return ImportRsaPublicKeyInternal( |
- reinterpret_cast<const uint8*>(jwk_n_value.data()), |
- jwk_n_value.size(), |
- reinterpret_cast<const uint8*>(jwk_e_value.data()), |
- jwk_e_value.size(), |
- algorithm, |
- extractable, |
- usage_mask, |
- key); |
+ return PlatformImportRsaPublicKey(jwk_n_value, |
+ jwk_e_value, |
+ algorithm, |
+ extractable, |
+ usage_mask, |
+ key); |
} else { |
return Status::ErrorJwkUnrecognizedKty(); |
@@ -762,4 +565,6 @@ Status WebCryptoImpl::ImportKeyJwk( |
return Status::Success(); |
} |
+} // namespace webcrypto |
+ |
} // namespace content |