[webcrypto] Add parameter parsing for AES-GCM.

Source/modules/crypto/NormalizeAlgorithm.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 51 matching lines @@
 
 struct OperationParamsMapping {
     blink::WebCryptoAlgorithmId algorithmId;
     AlgorithmOperation operation;
     AlgorithmParamsForOperation params;
 };
 
 const AlgorithmNameMapping algorithmNameMappings[] = {
     {"AES-CBC", blink::WebCryptoAlgorithmIdAesCbc},
     {"AES-CTR", blink::WebCryptoAlgorithmIdAesCtr},
+    {"AES-GCM", blink::WebCryptoAlgorithmIdAesGcm},
     {"HMAC", blink::WebCryptoAlgorithmIdHmac},
     {"RSASSA-PKCS1-v1_5", blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5},
     {"RSAES-PKCS1-v1_5", blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5},
     {"SHA-1", blink::WebCryptoAlgorithmIdSha1},
     {"SHA-224", blink::WebCryptoAlgorithmIdSha224},
     {"SHA-256", blink::WebCryptoAlgorithmIdSha256},
     {"SHA-384", blink::WebCryptoAlgorithmIdSha384},
     {"SHA-512", blink::WebCryptoAlgorithmIdSha512},
     {"AES-KW", blink::WebCryptoAlgorithmIdAesKw},
 };
@@ skipping 41 matching lines @@
     {blink::WebCryptoAlgorithmIdSha224, Digest, blink::WebCryptoAlgorithmParamsTypeNone},
     {blink::WebCryptoAlgorithmIdSha256, Digest, blink::WebCryptoAlgorithmParamsTypeNone},
     {blink::WebCryptoAlgorithmIdSha384, Digest, blink::WebCryptoAlgorithmParamsTypeNone},
     {blink::WebCryptoAlgorithmIdSha512, Digest, blink::WebCryptoAlgorithmParamsTypeNone},
 
     // AES-KW
     {blink::WebCryptoAlgorithmIdAesKw, GenerateKey, blink::WebCryptoAlgorithmParamsTypeAesKeyGenParams},
     {blink::WebCryptoAlgorithmIdAesKw, ImportKey, blink::WebCryptoAlgorithmParamsTypeNone},
     {blink::WebCryptoAlgorithmIdAesKw, UnwrapKey, blink::WebCryptoAlgorithmParamsTypeNone},
     {blink::WebCryptoAlgorithmIdAesKw, WrapKey, blink::WebCryptoAlgorithmParamsTypeNone},
+
+    // AES-GCM
+    {blink::WebCryptoAlgorithmIdAesGcm, GenerateKey, blink::WebCryptoAlgorithmParamsTypeAesKeyGenParams},
+    {blink::WebCryptoAlgorithmIdAesGcm, ImportKey, blink::WebCryptoAlgorithmParamsTypeNone},
+    {blink::WebCryptoAlgorithmIdAesGcm, Encrypt, blink::WebCryptoAlgorithmParamsTypeAesGcmParams},
+    {blink::WebCryptoAlgorithmIdAesGcm, Decrypt, blink::WebCryptoAlgorithmParamsTypeAesGcmParams},
+    {blink::WebCryptoAlgorithmIdAesGcm, UnwrapKey, blink::WebCryptoAlgorithmParamsTypeAesGcmParams},
+    {blink::WebCryptoAlgorithmIdAesGcm, WrapKey, blink::WebCryptoAlgorithmParamsTypeAesGcmParams},
 };
 
 // This structure describes an algorithm and its supported operations.
 struct AlgorithmInfo {
     AlgorithmInfo()
         : algorithmName(0)
     {
         for (size_t i = 0; i < WTF_ARRAY_LENGTH(paramsForOperation); ++i)
             paramsForOperation[i] = UnsupportedOp;
     }
@@ skipping 107 matching lines @@
         stack.add(message2);
         return stack.toString();
     }
 
 private:
     // This inline size is large enough to avoid having to grow the Vector in
     // the majority of cases (up to 1 nested algorithm identifier).
     Vector<const char*, 10> m_messages;
 };
 
-bool getArrayBufferView(const Dictionary& raw, const char* propertyName, RefPtr<ArrayBufferView>& buffer, const ErrorContext& context, String& errorDetails)
+// Defined by the WebCrypto spec as:
+//
+//     typedef (ArrayBuffer or ArrayBufferView) CryptoOperationData;
+//
+// FIXME: Currently only supports ArrayBufferView.
+bool getOptionalCryptoOperationData(const Dictionary& raw, const char* propertyName, bool& hasProperty, RefPtr<ArrayBufferView>& buffer, const ErrorContext& context, String& errorDetails)
 {
-    if (!raw.get(propertyName, buffer) || !buffer) {
-        errorDetails = context.toString(propertyName, "Missing or not a ArrayBufferView");
+    if (!raw.get(propertyName, buffer)) {
+        hasProperty = false;
+        return true;
+    }
+
+    hasProperty = true;
+
+    if (!buffer) {
+        errorDetails = context.toString(propertyName, "Not an ArrayBufferView");
         return false;
     }
+
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//     typedef (ArrayBuffer or ArrayBufferView) CryptoOperationData;
+//
+// FIXME: Currently only supports ArrayBufferView.
+bool getCryptoOperationData(const Dictionary& raw, const char* propertyName, RefPtr<ArrayBufferView>& buffer, const ErrorContext& context, String& errorDetails)
+{
+    bool hasProperty;
+    bool ok = getOptionalCryptoOperationData(raw, propertyName, hasProperty, buffer, context, errorDetails);
+    if (!hasProperty) {
+        errorDetails = context.toString(propertyName, "Missing required property");
+        return false;
+    }
+    return ok;
+}
+
 bool getUint8Array(const Dictionary& raw, const char* propertyName, RefPtr<Uint8Array>& array, const ErrorContext& context, String& errorDetails)
 {
     if (!raw.get(propertyName, array) || !array) {
         errorDetails = context.toString(propertyName, "Missing or not a Uint8Array");
         return false;
     }
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//     typedef Uint8Array BigInteger;
+bool getBigInteger(const Dictionary& raw, const char* propertyName, RefPtr<Uint8Array>& array, const ErrorContext& context, String& errorDetails)
+{
+    if (!getUint8Array(raw, propertyName, array, context, errorDetails))
+        return false;
+
+    if (!array->byteLength()) {
+        errorDetails = context.toString(propertyName, "BigInteger should not be empty");
+        return false;
+    }
+
+    if (!raw.get(propertyName, array) || !array) {
+        errorDetails = context.toString(propertyName, "Missing or not a Uint8Array");
+        return false;
+    }
+    return true;
+}
+
 // Gets an integer according to WebIDL's [EnforceRange].
 bool getOptionalInteger(const Dictionary& raw, const char* propertyName, bool& hasProperty, double& value, double minValue, double maxValue, const ErrorContext& context, String& errorDetails)
 {
     double number;
     bool ok = raw.get(propertyName, number, hasProperty);
 
     if (!hasProperty)
         return true;
 
     if (!ok || std::isnan(number)) {
@@ skipping 56 matching lines @@
 bool getOptionalUint32(const Dictionary& raw, const char* propertyName, bool& hasValue, uint32_t& value, const ErrorContext& context, String& errorDetails)
 {
     double number;
     if (!getOptionalInteger(raw, propertyName, hasValue, number, 0, 0xFFFFFFFF, context, errorDetails))
         return false;
     if (hasValue)
         value = number;
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//    dictionary AesCbcParams : Algorithm {
+//      CryptoOperationData iv;
+//    };
 bool parseAesCbcParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     RefPtr<ArrayBufferView> iv;
-    if (!getArrayBufferView(raw, "iv", iv, context, errorDetails))
+    if (!getCryptoOperationData(raw, "iv", iv, context, errorDetails))
         return false;
 
     if (iv->byteLength() != 16) {
         errorDetails = context.toString("iv", "Must be 16 bytes");
         return false;
     }
 
     params = adoptPtr(new blink::WebCryptoAesCbcParams(static_cast<unsigned char*>(iv->baseAddress()), iv->byteLength()));
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//    dictionary AesKeyGenParams : Algorithm {
+//      [EnforceRange] unsigned short length;
+//    };
 bool parseAesKeyGenParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     uint16_t length;
     if (!getUint16(raw, "length", length, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoAesKeyGenParams(length));
     return true;
 }
 
 bool parseAlgorithm(const Dictionary&, AlgorithmOperation, blink::WebCryptoAlgorithm&, ErrorContext, String&);
 
 bool parseHash(const Dictionary& raw, blink::WebCryptoAlgorithm& hash, ErrorContext context, String& errorDetails)
 {
     Dictionary rawHash;
     if (!raw.get("hash", rawHash)) {
         errorDetails = context.toString("hash", "Missing or not a dictionary");
         return false;
     }
 
     context.add("hash");
     return parseAlgorithm(rawHash, Digest, hash, context, errorDetails);
 }
 
+// Defined by the WebCrypto spec as:
+//
+//    dictionary HmacImportParams : Algorithm {
+//      AlgorithmIdentifier hash;
+//    };
 bool parseHmacParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     blink::WebCryptoAlgorithm hash;
     if (!parseHash(raw, hash, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoHmacParams(hash));
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//    dictionary HmacKeyGenParams : Algorithm {
+//      AlgorithmIdentifier hash;
+//      // The length (in bytes) of the key to generate. If unspecified, the
+//      // recommended length will be used, which is the size of the associated hash function's block
+//      // size.
+//      unsigned long length;
+//    };
 bool parseHmacKeyParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     blink::WebCryptoAlgorithm hash;
     if (!parseHash(raw, hash, context, errorDetails))
         return false;
 
     bool hasLength;
     uint32_t length = 0;
     if (!getOptionalUint32(raw, "length", hasLength, length, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoHmacKeyParams(hash, hasLength, length));
     return true;
 }
 
 bool parseRsaSsaParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     blink::WebCryptoAlgorithm hash;
     if (!parseHash(raw, hash, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoRsaSsaParams(hash));
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//    dictionary RsaKeyGenParams : Algorithm {
+//      unsigned long modulusLength;
+//      BigInteger publicExponent;
+//    };
 bool parseRsaKeyGenParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
     uint32_t modulusLength;
     if (!getUint32(raw, "modulusLength", modulusLength, context, errorDetails))
         return false;
 
     RefPtr<Uint8Array> publicExponent;
-    if (!getUint8Array(raw, "publicExponent", publicExponent, context, errorDetails))
+    if (!getBigInteger(raw, "publicExponent", publicExponent, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoRsaKeyGenParams(modulusLength, static_cast<const unsigned char*>(publicExponent->baseAddress()), publicExponent->byteLength()));
     return true;
 }
 
-bool parseAesCtrParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& es)
+// Defined by the WebCrypto spec as:
+//
+//    dictionary AesCtrParams : Algorithm {
+//      CryptoOperationData counter;
+//      [EnforceRange] octet length;
+//    };
+bool parseAesCtrParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
 {
-    RefPtr<Uint8Array> counter;
-    if (!getUint8Array(raw, "counter", counter, context, es))
+    RefPtr<ArrayBufferView> counter;
+    if (!getCryptoOperationData(raw, "counter", counter, context, errorDetails))
         return false;
 
     uint8_t length;
-    if (!getUint8(raw, "length", length, context, es))
+    if (!getUint8(raw, "length", length, context, errorDetails))
         return false;
 
     params = adoptPtr(new blink::WebCryptoAesCtrParams(length, static_cast<const unsigned char*>(counter->baseAddress()), counter->byteLength()));
     return true;
 }
 
+// Defined by the WebCrypto spec as:
+//
+//     dictionary AesGcmParams : Algorithm {
+//       CryptoOperationData iv;
+//       CryptoOperationData? additionalData;
+//       [EnforceRange] octet? tagLength;  // May be 0-128
+//     }
+bool parseAesGcmParams(const Dictionary& raw, OwnPtr<blink::WebCryptoAlgorithmParams>& params, const ErrorContext& context, String& errorDetails)
+{
+    RefPtr<ArrayBufferView> iv;
+    if (!getCryptoOperationData(raw, "iv", iv, context, errorDetails))
+        return false;
+
+    bool hasAdditionalData;
+    RefPtr<ArrayBufferView> additionalData;
+    if (!getOptionalCryptoOperationData(raw, "additionalData", hasAdditionalData, additionalData, context, errorDetails))
+        return false;
+
+    double tagLength;
+    bool hasTagLength;
+    if (!getOptionalInteger(raw, "tagLength", hasTagLength, tagLength, 0, 128, context, errorDetails))
+        return false;
+
+    const unsigned char* ivStart = static_cast<const unsigned char*>(iv->baseAddress());
+    unsigned ivLength = iv->byteLength();
+
+    const unsigned char* additionalDataStart = hasAdditionalData ? static_cast<const unsigned char*>(additionalData->baseAddress()) : 0;
+    unsigned additionalDataLength = hasAdditionalData ? additionalData->byteLength() : 0;
+
+    params = adoptPtr(new blink::WebCryptoAesGcmParams(ivStart, ivLength, hasAdditionalData, additionalDataStart, additionalDataLength, hasTagLength, tagLength));
+    return true;
+}
+
 bool parseAlgorithmParams(const Dictionary& raw, blink::WebCryptoAlgorithmParamsType type, OwnPtr<blink::WebCryptoAlgorithmParams>& params, ErrorContext& context, String& errorDetails)
 {
     switch (type) {
     case blink::WebCryptoAlgorithmParamsTypeNone:
         return true;
     case blink::WebCryptoAlgorithmParamsTypeAesCbcParams:
         context.add("AesCbcParams");
         return parseAesCbcParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeAesKeyGenParams:
         context.add("AesKeyGenParams");
         return parseAesKeyGenParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeHmacParams:
         context.add("HmacParams");
         return parseHmacParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeHmacKeyParams:
         context.add("HmacKeyParams");
         return parseHmacKeyParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeRsaSsaParams:
         context.add("RsaSSaParams");
         return parseRsaSsaParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeRsaKeyGenParams:
         context.add("RsaKeyGenParams");
         return parseRsaKeyGenParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeAesCtrParams:
         context.add("AesCtrParams");
         return parseAesCtrParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeAesGcmParams:
+        context.add("AesGcmParams");
+        return parseAesGcmParams(raw, params, context, errorDetails);
     case blink::WebCryptoAlgorithmParamsTypeRsaOaepParams:
         // TODO
         notImplemented();
         break;
     }
     ASSERT_NOT_REACHED();
     return false;
 }
 
 bool parseAlgorithm(const Dictionary& raw, AlgorithmOperation op, blink::WebCryptoAlgorithm& algorithm, ErrorContext context, String& errorDetails)
@@ skipping 44 matching lines @@
     }
     return true;
 }
 
 const char* algorithmIdToName(blink::WebCryptoAlgorithmId id)
 {
     return AlgorithmRegistry::instance().lookupAlgorithmById(id)->algorithmName;
 }
 
 } // namespace WebCore