OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/webcrypto/shared_crypto.h" | 5 #include "content/renderer/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "content/renderer/webcrypto/crypto_data.h" | 8 #include "content/renderer/webcrypto/crypto_data.h" |
9 #include "content/renderer/webcrypto/platform_crypto.h" | 9 #include "content/renderer/webcrypto/platform_crypto.h" |
10 #include "content/renderer/webcrypto/webcrypto_util.h" | 10 #include "content/renderer/webcrypto/webcrypto_util.h" |
11 #include "crypto/secure_util.h" | 11 #include "crypto/secure_util.h" |
12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | 13 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
14 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM | |
15 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" | 14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
16 #endif | |
17 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 15 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
18 | 16 |
19 namespace content { | 17 namespace content { |
20 | 18 |
21 namespace webcrypto { | 19 namespace webcrypto { |
22 | 20 |
23 namespace { | 21 namespace { |
24 | 22 |
25 // TODO(eroman): Move this helper to WebCryptoKey. | 23 // TODO(eroman): Move this helper to WebCryptoKey. |
26 bool KeyUsageAllows(const blink::WebCryptoKey& key, | 24 bool KeyUsageAllows(const blink::WebCryptoKey& key, |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
182 | 180 |
183 Status SignRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, | 181 Status SignRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, |
184 const blink::WebCryptoKey& key, | 182 const blink::WebCryptoKey& key, |
185 const CryptoData& data, | 183 const CryptoData& data, |
186 blink::WebArrayBuffer* buffer) { | 184 blink::WebArrayBuffer* buffer) { |
187 platform::PrivateKey* private_key; | 185 platform::PrivateKey* private_key; |
188 Status status = ToPlatformPrivateKey(key, &private_key); | 186 Status status = ToPlatformPrivateKey(key, &private_key); |
189 if (status.IsError()) | 187 if (status.IsError()) |
190 return status; | 188 return status; |
191 | 189 |
192 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM | |
193 return platform::SignRsaSsaPkcs1v1_5( | 190 return platform::SignRsaSsaPkcs1v1_5( |
194 private_key, key.algorithm().rsaHashedParams()->hash(), data, buffer); | 191 private_key, key.algorithm().rsaHashedParams()->hash(), data, buffer); |
195 #else | |
196 return platform::SignRsaSsaPkcs1v1_5( | |
197 private_key, algorithm.rsaSsaParams()->hash(), data, buffer); | |
198 #endif | |
199 } | 192 } |
200 | 193 |
201 Status VerifyRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, | 194 Status VerifyRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, |
202 const blink::WebCryptoKey& key, | 195 const blink::WebCryptoKey& key, |
203 const CryptoData& signature, | 196 const CryptoData& signature, |
204 const CryptoData& data, | 197 const CryptoData& data, |
205 bool* signature_match) { | 198 bool* signature_match) { |
206 platform::PublicKey* public_key; | 199 platform::PublicKey* public_key; |
207 Status status = ToPlatformPublicKey(key, &public_key); | 200 Status status = ToPlatformPublicKey(key, &public_key); |
208 if (status.IsError()) | 201 if (status.IsError()) |
209 return status; | 202 return status; |
210 | 203 |
211 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM | |
212 return platform::VerifyRsaSsaPkcs1v1_5( | 204 return platform::VerifyRsaSsaPkcs1v1_5( |
213 public_key, | 205 public_key, |
214 key.algorithm().rsaHashedParams()->hash(), | 206 key.algorithm().rsaHashedParams()->hash(), |
215 signature, | 207 signature, |
216 data, | 208 data, |
217 signature_match); | 209 signature_match); |
218 #else | |
219 return platform::VerifyRsaSsaPkcs1v1_5(public_key, | |
220 algorithm.rsaSsaParams()->hash(), | |
221 signature, | |
222 data, | |
223 signature_match); | |
224 #endif | |
225 } | 210 } |
226 | 211 |
227 Status ImportKeyRaw(const CryptoData& key_data, | 212 Status ImportKeyRaw(const CryptoData& key_data, |
228 const blink::WebCryptoAlgorithm& algorithm_or_null, | 213 const blink::WebCryptoAlgorithm& algorithm_or_null, |
229 bool extractable, | 214 bool extractable, |
230 blink::WebCryptoKeyUsageMask usage_mask, | 215 blink::WebCryptoKeyUsageMask usage_mask, |
231 blink::WebCryptoKey* key) { | 216 blink::WebCryptoKey* key) { |
232 if (algorithm_or_null.isNull()) | 217 if (algorithm_or_null.isNull()) |
233 return Status::ErrorMissingAlgorithmImportRawKey(); | 218 return Status::ErrorMissingAlgorithmImportRawKey(); |
234 | 219 |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
320 switch (algorithm.id()) { | 305 switch (algorithm.id()) { |
321 case blink::WebCryptoAlgorithmIdAesCbc: | 306 case blink::WebCryptoAlgorithmIdAesCbc: |
322 case blink::WebCryptoAlgorithmIdAesGcm: | 307 case blink::WebCryptoAlgorithmIdAesGcm: |
323 case blink::WebCryptoAlgorithmIdAesKw: { | 308 case blink::WebCryptoAlgorithmIdAesKw: { |
324 if (!IsValidAesKeyLengthBits(algorithm.aesKeyGenParams()->lengthBits())) | 309 if (!IsValidAesKeyLengthBits(algorithm.aesKeyGenParams()->lengthBits())) |
325 return Status::ErrorGenerateKeyLength(); | 310 return Status::ErrorGenerateKeyLength(); |
326 keylen_bytes = algorithm.aesKeyGenParams()->lengthBits() / 8; | 311 keylen_bytes = algorithm.aesKeyGenParams()->lengthBits() / 8; |
327 break; | 312 break; |
328 } | 313 } |
329 case blink::WebCryptoAlgorithmIdHmac: { | 314 case blink::WebCryptoAlgorithmIdHmac: { |
330 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM | |
331 const blink::WebCryptoHmacKeyGenParams* params = | 315 const blink::WebCryptoHmacKeyGenParams* params = |
332 algorithm.hmacKeyGenParams(); | 316 algorithm.hmacKeyGenParams(); |
333 #else | |
334 const blink::WebCryptoHmacKeyParams* params = algorithm.hmacKeyParams(); | |
335 #endif | |
336 DCHECK(params); | 317 DCHECK(params); |
337 if (params->hasLengthBytes()) { | 318 if (params->hasLengthBytes()) { |
338 keylen_bytes = params->optionalLengthBytes(); | 319 keylen_bytes = params->optionalLengthBytes(); |
339 } else { | 320 } else { |
340 keylen_bytes = ShaBlockSizeBytes(params->hash().id()); | 321 keylen_bytes = ShaBlockSizeBytes(params->hash().id()); |
341 if (keylen_bytes == 0) | 322 if (keylen_bytes == 0) |
342 return Status::ErrorUnsupported(); | 323 return Status::ErrorUnsupported(); |
343 } | 324 } |
344 break; | 325 break; |
345 } | 326 } |
(...skipping 11 matching lines...) Expand all Loading... |
357 algorithm, extractable, usage_mask, keylen_bytes, key); | 338 algorithm, extractable, usage_mask, keylen_bytes, key); |
358 } | 339 } |
359 | 340 |
360 Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm, | 341 Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm, |
361 bool extractable, | 342 bool extractable, |
362 blink::WebCryptoKeyUsageMask usage_mask, | 343 blink::WebCryptoKeyUsageMask usage_mask, |
363 blink::WebCryptoKey* public_key, | 344 blink::WebCryptoKey* public_key, |
364 blink::WebCryptoKey* private_key) { | 345 blink::WebCryptoKey* private_key) { |
365 // TODO(padolph): Handle other asymmetric algorithm key generation. | 346 // TODO(padolph): Handle other asymmetric algorithm key generation. |
366 switch (algorithm.paramsType()) { | 347 switch (algorithm.paramsType()) { |
367 #ifdef WEBCRYPTO_HAS_KEY_ALGORITHM | |
368 case blink::WebCryptoAlgorithmParamsTypeRsaHashedKeyGenParams: | 348 case blink::WebCryptoAlgorithmParamsTypeRsaHashedKeyGenParams: |
369 case blink::WebCryptoAlgorithmParamsTypeRsaKeyGenParams: { | 349 case blink::WebCryptoAlgorithmParamsTypeRsaKeyGenParams: { |
370 const blink::WebCryptoRsaKeyGenParams* params = NULL; | 350 const blink::WebCryptoRsaKeyGenParams* params = NULL; |
371 blink::WebCryptoAlgorithm hash_or_null = | 351 blink::WebCryptoAlgorithm hash_or_null = |
372 blink::WebCryptoAlgorithm::createNull(); | 352 blink::WebCryptoAlgorithm::createNull(); |
373 if (algorithm.rsaHashedKeyGenParams()) { | 353 if (algorithm.rsaHashedKeyGenParams()) { |
374 params = algorithm.rsaHashedKeyGenParams(); | 354 params = algorithm.rsaHashedKeyGenParams(); |
375 hash_or_null = algorithm.rsaHashedKeyGenParams()->hash(); | 355 hash_or_null = algorithm.rsaHashedKeyGenParams()->hash(); |
376 } else { | 356 } else { |
377 params = algorithm.rsaKeyGenParams(); | 357 params = algorithm.rsaKeyGenParams(); |
378 } | 358 } |
379 #else | |
380 case blink::WebCryptoAlgorithmParamsTypeRsaKeyGenParams: { | |
381 const blink::WebCryptoRsaKeyGenParams* params = | |
382 algorithm.rsaKeyGenParams(); | |
383 blink::WebCryptoAlgorithm hash_or_null = | |
384 blink::WebCryptoAlgorithm::createNull(); | |
385 #endif | |
386 | 359 |
387 if (!params->modulusLengthBits()) | 360 if (!params->modulusLengthBits()) |
388 return Status::ErrorGenerateRsaZeroModulus(); | 361 return Status::ErrorGenerateRsaZeroModulus(); |
389 | 362 |
390 CryptoData publicExponent(params->publicExponent()); | 363 CryptoData publicExponent(params->publicExponent()); |
391 if (!publicExponent.byte_length()) | 364 if (!publicExponent.byte_length()) |
392 return Status::ErrorGenerateKeyPublicExponent(); | 365 return Status::ErrorGenerateKeyPublicExponent(); |
393 | 366 |
394 return platform::GenerateRsaKeyPair(algorithm, | 367 return platform::GenerateRsaKeyPair(algorithm, |
395 extractable, | 368 extractable, |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
503 return VerifyRsaSsaPkcs1v1_5( | 476 return VerifyRsaSsaPkcs1v1_5( |
504 algorithm, key, signature, data, signature_match); | 477 algorithm, key, signature, data, signature_match); |
505 default: | 478 default: |
506 return Status::ErrorUnsupported(); | 479 return Status::ErrorUnsupported(); |
507 } | 480 } |
508 } | 481 } |
509 | 482 |
510 } // namespace webcrypto | 483 } // namespace webcrypto |
511 | 484 |
512 } // namespace content | 485 } // namespace content |
OLD | NEW |