| Index: content/renderer/webcrypto/platform_crypto_openssl.cc
|
| diff --git a/content/renderer/webcrypto/webcrypto_impl_openssl.cc b/content/renderer/webcrypto/platform_crypto_openssl.cc
|
| similarity index 45%
|
| rename from content/renderer/webcrypto/webcrypto_impl_openssl.cc
|
| rename to content/renderer/webcrypto/platform_crypto_openssl.cc
|
| index ee27ad7060c6433f50d3ab774caf1574b2df54fb..57e93a835d60f3bad6000ebad6d55c63537bd91f 100644
|
| --- a/content/renderer/webcrypto/webcrypto_impl_openssl.cc
|
| +++ b/content/renderer/webcrypto/platform_crypto_openssl.cc
|
| @@ -2,7 +2,7 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "content/renderer/webcrypto/webcrypto_impl.h"
|
| +#include "content/renderer/webcrypto/platform_crypto.h"
|
|
|
| #include <vector>
|
| #include <openssl/aes.h>
|
| @@ -12,32 +12,55 @@
|
| #include <openssl/sha.h>
|
|
|
| #include "base/logging.h"
|
| +#include "content/renderer/webcrypto/crypto_data.h"
|
| #include "content/renderer/webcrypto/webcrypto_util.h"
|
| #include "crypto/openssl_util.h"
|
| -#include "crypto/secure_util.h"
|
| #include "third_party/WebKit/public/platform/WebArrayBuffer.h"
|
| #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
|
| #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
|
|
|
| namespace content {
|
|
|
| -using webcrypto::Status;
|
| +namespace webcrypto {
|
|
|
| -namespace {
|
| +namespace platform {
|
| +
|
| +class Key : public blink::WebCryptoKeyHandle {
|
| + public:
|
| + virtual SymKey* AsSymKey() { return NULL; }
|
| + virtual PublicKey* AsPublicKey() { return NULL; }
|
| + virtual PrivateKey* AsPrivateKey() { return NULL; }
|
| +};
|
|
|
| -class SymKeyHandle : public blink::WebCryptoKeyHandle {
|
| +class SymKey : public Key {
|
| public:
|
| - SymKeyHandle(const unsigned char* key_data, unsigned int key_data_size)
|
| - : key_(key_data, key_data + key_data_size) {}
|
| + explicit SymKey(const CryptoData& key_data)
|
| + : key_(key_data.bytes(), key_data.bytes() + key_data.byte_length()) {}
|
| +
|
| + virtual SymKey* AsSymKey() OVERRIDE { return this; }
|
|
|
| const std::vector<unsigned char>& key() const { return key_; }
|
|
|
| private:
|
| const std::vector<unsigned char> key_;
|
|
|
| - DISALLOW_COPY_AND_ASSIGN(SymKeyHandle);
|
| + DISALLOW_COPY_AND_ASSIGN(SymKey);
|
| };
|
|
|
| +SymKey* ToSymKey(const blink::WebCryptoKey& key) {
|
| + return static_cast<Key*>(key.handle())->AsSymKey();
|
| +}
|
| +
|
| +PublicKey* ToPublicKey(const blink::WebCryptoKey& key) {
|
| + return static_cast<Key*>(key.handle())->AsPublicKey();
|
| +}
|
| +
|
| +PrivateKey* ToPrivateKey(const blink::WebCryptoKey& key) {
|
| + return static_cast<Key*>(key.handle())->AsPrivateKey();
|
| +}
|
| +
|
| +namespace {
|
| +
|
| const EVP_CIPHER* GetAESCipherByKeyLength(unsigned int key_length_bytes) {
|
| // OpenSSL supports AES CBC ciphers for only 3 key lengths: 128, 192, 256 bits
|
| switch (key_length_bytes) {
|
| @@ -59,16 +82,11 @@ enum CipherOperation {
|
| };
|
|
|
| Status AesCbcEncryptDecrypt(CipherOperation cipher_operation,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| + SymKey* key,
|
| + const CryptoData& iv,
|
| + const CryptoData& data,
|
| blink::WebArrayBuffer* buffer) {
|
| - DCHECK_EQ(blink::WebCryptoAlgorithmIdAesCbc, algorithm.id());
|
| - DCHECK_EQ(algorithm.id(), key.algorithm().id());
|
| - DCHECK_EQ(blink::WebCryptoKeyTypeSecret, key.type());
|
| -
|
| - if (data_size >= INT_MAX - AES_BLOCK_SIZE) {
|
| + if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) {
|
| // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right
|
| // now it doesn't make much difference since the one-shot API would end up
|
| // blowing out the memory and crashing anyway.
|
| @@ -82,21 +100,14 @@ Status AesCbcEncryptDecrypt(CipherOperation cipher_operation,
|
| if (!context.get())
|
| return Status::Error();
|
|
|
| - SymKeyHandle* const sym_key = reinterpret_cast<SymKeyHandle*>(key.handle());
|
| -
|
| - const EVP_CIPHER* const cipher =
|
| - GetAESCipherByKeyLength(sym_key->key().size());
|
| + const EVP_CIPHER* const cipher = GetAESCipherByKeyLength(key->key().size());
|
| DCHECK(cipher);
|
|
|
| - const blink::WebCryptoAesCbcParams* const params = algorithm.aesCbcParams();
|
| - if (params->iv().size() != AES_BLOCK_SIZE)
|
| - return Status::ErrorIncorrectSizeAesCbcIv();
|
| -
|
| if (!EVP_CipherInit_ex(context.get(),
|
| cipher,
|
| NULL,
|
| - &sym_key->key()[0],
|
| - params->iv().data(),
|
| + &key->key()[0],
|
| + iv.bytes(),
|
| cipher_operation)) {
|
| return Status::Error();
|
| }
|
| @@ -104,11 +115,11 @@ Status AesCbcEncryptDecrypt(CipherOperation cipher_operation,
|
| // According to the openssl docs, the amount of data written may be as large
|
| // as (data_size + cipher_block_size - 1), constrained to a multiple of
|
| // cipher_block_size.
|
| - unsigned int output_max_len = data_size + AES_BLOCK_SIZE - 1;
|
| + unsigned int output_max_len = data.byte_length() + AES_BLOCK_SIZE - 1;
|
| const unsigned remainder = output_max_len % AES_BLOCK_SIZE;
|
| if (remainder != 0)
|
| output_max_len += AES_BLOCK_SIZE - remainder;
|
| - DCHECK_GT(output_max_len, data_size);
|
| + DCHECK_GT(output_max_len, data.byte_length());
|
|
|
| *buffer = blink::WebArrayBuffer::create(output_max_len, 1);
|
|
|
| @@ -116,8 +127,11 @@ Status AesCbcEncryptDecrypt(CipherOperation cipher_operation,
|
| reinterpret_cast<unsigned char*>(buffer->data());
|
|
|
| int output_len = 0;
|
| - if (!EVP_CipherUpdate(
|
| - context.get(), buffer_data, &output_len, data, data_size))
|
| + if (!EVP_CipherUpdate(context.get(),
|
| + buffer_data,
|
| + &output_len,
|
| + data.bytes(),
|
| + data.byte_length()))
|
| return Status::Error();
|
| int final_output_chunk_len = 0;
|
| if (!EVP_CipherFinal_ex(
|
| @@ -130,74 +144,43 @@ Status AesCbcEncryptDecrypt(CipherOperation cipher_operation,
|
| static_cast<unsigned int>(final_output_chunk_len);
|
| DCHECK_LE(final_output_len, output_max_len);
|
|
|
| - webcrypto::ShrinkBuffer(buffer, final_output_len);
|
| + ShrinkBuffer(buffer, final_output_len);
|
|
|
| return Status::Success();
|
| }
|
|
|
| -Status ExportKeyInternalRaw(
|
| - const blink::WebCryptoKey& key,
|
| - blink::WebArrayBuffer* buffer) {
|
| -
|
| - DCHECK(key.handle());
|
| - DCHECK(buffer);
|
| -
|
| - if (key.type() != blink::WebCryptoKeyTypeSecret)
|
| - return Status::ErrorUnexpectedKeyType();
|
| -
|
| - // TODO(eroman): This should be in a more generic location.
|
| - if (!key.extractable())
|
| - return Status::ErrorKeyNotExtractable();
|
| -
|
| - const SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle());
|
| -
|
| - *buffer = webcrypto::CreateArrayBuffer(
|
| - webcrypto::Uint8VectorStart(sym_key->key()), sym_key->key().size());
|
| +} // namespace
|
|
|
| +Status ExportKeyRaw(SymKey* key, blink::WebArrayBuffer* buffer) {
|
| + *buffer = CreateArrayBuffer(Uint8VectorStart(key->key()), key->key().size());
|
| return Status::Success();
|
| }
|
|
|
| -} // namespace
|
| -
|
| -void WebCryptoImpl::Init() { crypto::EnsureOpenSSLInit(); }
|
| -
|
| -Status WebCryptoImpl::EncryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| - if (algorithm.id() == blink::WebCryptoAlgorithmIdAesCbc) {
|
| - return AesCbcEncryptDecrypt(
|
| - kDoEncrypt, algorithm, key, data, data_size, buffer);
|
| - }
|
| -
|
| - return Status::ErrorUnsupported();
|
| +void Init() {
|
| + crypto::EnsureOpenSSLInit();
|
| }
|
|
|
| -Status WebCryptoImpl::DecryptInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| - if (algorithm.id() == blink::WebCryptoAlgorithmIdAesCbc) {
|
| - return AesCbcEncryptDecrypt(
|
| - kDoDecrypt, algorithm, key, data, data_size, buffer);
|
| - }
|
| -
|
| - return Status::ErrorUnsupported();
|
| +Status EncryptAesCbc(SymKey* key,
|
| + const CryptoData& iv,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + return AesCbcEncryptDecrypt(kDoEncrypt, key, iv, data, buffer);
|
| }
|
|
|
| -Status WebCryptoImpl::DigestInternal(const blink::WebCryptoAlgorithm& algorithm,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| +Status DecryptAesCbc(SymKey* key,
|
| + const CryptoData& iv,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + return AesCbcEncryptDecrypt(kDoDecrypt, key, iv, data, buffer);
|
| +}
|
|
|
| +Status DigestSha(blink::WebCryptoAlgorithmId algorithm,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| crypto::OpenSSLErrStackTracer(FROM_HERE);
|
|
|
| const EVP_MD* digest_algorithm;
|
| - switch (algorithm.id()) {
|
| + switch (algorithm) {
|
| case blink::WebCryptoAlgorithmIdSha1:
|
| digest_algorithm = EVP_sha1();
|
| break;
|
| @@ -214,8 +197,8 @@ Status WebCryptoImpl::DigestInternal(const blink::WebCryptoAlgorithm& algorithm,
|
| digest_algorithm = EVP_sha512();
|
| break;
|
| default:
|
| - // Not a digest algorithm.
|
| - return Status::ErrorUnsupported();
|
| + // Not a SHA algorithm.
|
| + return Status::ErrorUnexpected();
|
| }
|
|
|
| crypto::ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> digest_context(
|
| @@ -224,14 +207,14 @@ Status WebCryptoImpl::DigestInternal(const blink::WebCryptoAlgorithm& algorithm,
|
| return Status::Error();
|
|
|
| if (!EVP_DigestInit_ex(digest_context.get(), digest_algorithm, NULL) ||
|
| - !EVP_DigestUpdate(digest_context.get(), data, data_size)) {
|
| + !EVP_DigestUpdate(
|
| + digest_context.get(), data.bytes(), data.byte_length())) {
|
| return Status::Error();
|
| }
|
|
|
| const int hash_expected_size = EVP_MD_CTX_size(digest_context.get());
|
| - if (hash_expected_size <= 0) {
|
| + if (hash_expected_size <= 0)
|
| return Status::ErrorUnexpected();
|
| - }
|
| DCHECK_LE(hash_expected_size, EVP_MAX_MD_SIZE);
|
|
|
| *buffer = blink::WebArrayBuffer::create(hash_expected_size, 1);
|
| @@ -248,41 +231,13 @@ Status WebCryptoImpl::DigestInternal(const blink::WebCryptoAlgorithm& algorithm,
|
| return Status::Success();
|
| }
|
|
|
| -Status WebCryptoImpl::GenerateSecretKeyInternal(
|
| +Status GenerateSecretKey(
|
| const blink::WebCryptoAlgorithm& algorithm,
|
| bool extractable,
|
| blink::WebCryptoKeyUsageMask usage_mask,
|
| + unsigned keylen_bytes,
|
| blink::WebCryptoKey* key) {
|
| -
|
| - unsigned int keylen_bytes = 0;
|
| - blink::WebCryptoKeyType key_type;
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesCbc: {
|
| - const blink::WebCryptoAesKeyGenParams* params =
|
| - algorithm.aesKeyGenParams();
|
| - DCHECK(params);
|
| - if (params->lengthBits() % 8)
|
| - return Status::ErrorGenerateKeyLength();
|
| - keylen_bytes = params->lengthBits() / 8;
|
| - if (!GetAESCipherByKeyLength(keylen_bytes))
|
| - return Status::Error();
|
| - key_type = blink::WebCryptoKeyTypeSecret;
|
| - break;
|
| - }
|
| - case blink::WebCryptoAlgorithmIdHmac: {
|
| - const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams();
|
| - DCHECK(params);
|
| - if (params->hasLengthBytes())
|
| - keylen_bytes = params->optionalLengthBytes();
|
| - else
|
| - keylen_bytes = webcrypto::ShaBlockSizeBytes(params->hash().id());
|
| - key_type = blink::WebCryptoKeyTypeSecret;
|
| - break;
|
| - }
|
| -
|
| - default: { return Status::ErrorUnsupported(); }
|
| - }
|
| -
|
| + // TODO(eroman): Is this right?
|
| if (keylen_bytes == 0)
|
| return Status::ErrorGenerateKeyLength();
|
|
|
| @@ -292,14 +247,16 @@ Status WebCryptoImpl::GenerateSecretKeyInternal(
|
| if (!(RAND_bytes(&random_bytes[0], keylen_bytes)))
|
| return Status::Error();
|
|
|
| - *key = blink::WebCryptoKey::create(
|
| - new SymKeyHandle(&random_bytes[0], random_bytes.size()),
|
| - key_type, extractable, algorithm, usage_mask);
|
| + *key = blink::WebCryptoKey::create(new SymKey(CryptoData(random_bytes)),
|
| + blink::WebCryptoKeyTypeSecret,
|
| + extractable,
|
| + algorithm,
|
| + usage_mask);
|
|
|
| return Status::Success();
|
| }
|
|
|
| -Status WebCryptoImpl::GenerateKeyPairInternal(
|
| +Status GenerateRsaKeyPair(
|
| const blink::WebCryptoAlgorithm& algorithm,
|
| bool extractable,
|
| blink::WebCryptoKeyUsageMask usage_mask,
|
| @@ -310,101 +267,31 @@ Status WebCryptoImpl::GenerateKeyPairInternal(
|
| return Status::ErrorUnsupported();
|
| }
|
|
|
| -Status WebCryptoImpl::ImportKeyInternal(
|
| - blink::WebCryptoKeyFormat format,
|
| - const unsigned char* key_data,
|
| - unsigned int key_data_size,
|
| - const blink::WebCryptoAlgorithm& algorithm_or_null,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - // TODO(eroman): Currently expects algorithm to always be specified, as it is
|
| - // required for raw format.
|
| - if (algorithm_or_null.isNull())
|
| - return Status::ErrorMissingAlgorithmImportRawKey();
|
| - const blink::WebCryptoAlgorithm& algorithm = algorithm_or_null;
|
| -
|
| - // TODO(padolph): Support all relevant alg types and then remove this gate.
|
| - if (algorithm.id() != blink::WebCryptoAlgorithmIdHmac &&
|
| - algorithm.id() != blink::WebCryptoAlgorithmIdAesCbc) {
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -
|
| - // TODO(padolph): Need to split handling for symmetric (raw format) and
|
| - // asymmetric (spki or pkcs8 format) keys.
|
| - // Currently only supporting symmetric.
|
| -
|
| - // Symmetric keys are always type secret
|
| - blink::WebCryptoKeyType type = blink::WebCryptoKeyTypeSecret;
|
| -
|
| - const unsigned char* raw_key_data;
|
| - unsigned int raw_key_data_size;
|
| - switch (format) {
|
| - case blink::WebCryptoKeyFormatRaw:
|
| - raw_key_data = key_data;
|
| - raw_key_data_size = key_data_size;
|
| - // The NSS implementation fails when importing a raw AES key with a length
|
| - // incompatible with AES. The line below is to match this behavior.
|
| - if (algorithm.id() == blink::WebCryptoAlgorithmIdAesCbc &&
|
| - !GetAESCipherByKeyLength(raw_key_data_size)) {
|
| - return Status::Error();
|
| - }
|
| - break;
|
| - case blink::WebCryptoKeyFormatJwk:
|
| - return Status::ErrorUnexpected();
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -
|
| - *key = blink::WebCryptoKey::create(
|
| - new SymKeyHandle(raw_key_data, raw_key_data_size),
|
| - type, extractable, algorithm, usage_mask);
|
| +Status ImportKeyRaw(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) {
|
| + *key = blink::WebCryptoKey::create(new SymKey(key_data),
|
| + blink::WebCryptoKeyTypeSecret,
|
| + extractable,
|
| + algorithm,
|
| + usage_mask);
|
|
|
| return Status::Success();
|
| }
|
|
|
| -Status WebCryptoImpl::ExportKeyInternal(
|
| - blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key,
|
| - blink::WebArrayBuffer* buffer) {
|
| - switch (format) {
|
| - case blink::WebCryptoKeyFormatRaw:
|
| - return ExportKeyInternalRaw(key, buffer);
|
| - case blink::WebCryptoKeyFormatSpki:
|
| - // TODO(padolph): Implement spki export
|
| - return Status::ErrorUnsupported();
|
| - case blink::WebCryptoKeyFormatPkcs8:
|
| - // TODO(padolph): Implement pkcs8 export
|
| - return Status::ErrorUnsupported();
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| - return Status::ErrorUnsupported();
|
| -}
|
| -
|
| -Status WebCryptoImpl::SignInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - blink::WebArrayBuffer* buffer) {
|
| -
|
| +Status SignHmac(SymKey* key,
|
| + const blink::WebCryptoAlgorithm& hash,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| blink::WebArrayBuffer result;
|
|
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdHmac: {
|
| -
|
| - DCHECK_EQ(key.algorithm().id(), blink::WebCryptoAlgorithmIdHmac);
|
| - DCHECK_NE(0, key.usages() & blink::WebCryptoKeyUsageSign);
|
| -
|
| - const blink::WebCryptoHmacParams* const params = algorithm.hmacParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| + // TODO(eroman): De-indent this code.
|
| const EVP_MD* evp_sha = 0;
|
| unsigned int hmac_expected_length = 0;
|
| // Note that HMAC length is determined by the hash used.
|
| - switch (params->hash().id()) {
|
| + switch (hash.id()) {
|
| case blink::WebCryptoAlgorithmIdSha1:
|
| evp_sha = EVP_sha1();
|
| hmac_expected_length = SHA_DIGEST_LENGTH;
|
| @@ -430,9 +317,7 @@ Status WebCryptoImpl::SignInternal(
|
| return Status::ErrorUnsupported();
|
| }
|
|
|
| - SymKeyHandle* const sym_key =
|
| - reinterpret_cast<SymKeyHandle*>(key.handle());
|
| - const std::vector<unsigned char>& raw_key = sym_key->key();
|
| + const std::vector<unsigned char>& raw_key = key->key();
|
|
|
| // OpenSSL wierdness here.
|
| // First, HMAC() needs a void* for the key data, so make one up front as a
|
| @@ -453,66 +338,103 @@ Status WebCryptoImpl::SignInternal(
|
| unsigned char* const success = HMAC(evp_sha,
|
| raw_key_voidp,
|
| raw_key.size(),
|
| - data,
|
| - data_size,
|
| + data.bytes(),
|
| + data.byte_length(),
|
| hmac_result.safe_buffer(),
|
| &hmac_actual_length);
|
| if (!success || hmac_actual_length != hmac_expected_length)
|
| return Status::Error();
|
|
|
| - break;
|
| - }
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -
|
| *buffer = result;
|
| return Status::Success();
|
| }
|
|
|
| -Status WebCryptoImpl::VerifySignatureInternal(
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const unsigned char* signature,
|
| - unsigned int signature_size,
|
| - const unsigned char* data,
|
| - unsigned int data_size,
|
| - bool* signature_match) {
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdHmac: {
|
| - blink::WebArrayBuffer result;
|
| - Status status = SignInternal(algorithm, key, data, data_size, &result);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // Handling of truncated signatures is underspecified in the WebCrypto
|
| - // spec, so here we fail verification if a truncated signature is being
|
| - // verified.
|
| - // See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23097
|
| - *signature_match =
|
| - result.byteLength() == signature_size &&
|
| - crypto::SecureMemEqual(result.data(), signature, signature_size);
|
| +Status ImportRsaPublicKey(const CryptoData& modulus_data,
|
| + const CryptoData& exponent_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) {
|
| + // TODO(padolph): Placeholder for OpenSSL implementation.
|
| + // Issue
|
| + return Status::ErrorUnsupported();
|
| +}
|
|
|
| - break;
|
| - }
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| - return Status::Success();
|
| +Status EncryptAesGcm(SymKey* key,
|
| + const blink::WebCryptoAesGcmParams* params,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| }
|
|
|
| -Status WebCryptoImpl::ImportRsaPublicKeyInternal(
|
| - const unsigned char* modulus_data,
|
| - unsigned int modulus_size,
|
| - const unsigned char* exponent_data,
|
| - unsigned int exponent_size,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - // TODO(padolph): Placeholder for OpenSSL implementation.
|
| - // Issue http://crbug.com/267888.
|
| +// Guaranteed that params is non-null, and the key is an AES key.
|
| +Status DecryptAesGcm(SymKey* key,
|
| + const blink::WebCryptoAesGcmParams* params,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +// Guaranteed that key is valid.
|
| +Status EncryptRsaEsPkcs1v1_5(PublicKey* key,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +Status DecryptRsaEsPkcs1v1_5(PrivateKey* key,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +Status SignRsaSsaPkcs1v1_5(PrivateKey* key,
|
| + const blink::WebCryptoAlgorithm& hash,
|
| + const CryptoData& data,
|
| + blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +// Key is guaranteed to be an RSA SSA key.
|
| +Status VerifyRsaSsaPkcs1v1_5(PublicKey* key,
|
| + const blink::WebCryptoAlgorithm& hash,
|
| + const CryptoData& signature,
|
| + const CryptoData& data,
|
| + bool* signature_match) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| return Status::ErrorUnsupported();
|
| }
|
|
|
| +Status ImportKeySpki(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm_or_null,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +Status ImportKeyPkcs8(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm_or_null,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +Status ExportKeySpki(PublicKey* key, blink::WebArrayBuffer* buffer) {
|
| + // TODO(eroman): http://crbug.com/267888
|
| + return Status::ErrorUnsupported();
|
| +}
|
| +
|
| +} // namespace platform
|
| +
|
| +} // namespace webcrypto
|
| +
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 155623005:
Refactor to share more code between OpenSSL and NSS implementations. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src