Chromium Code Reviews Chromium Code Reviews
Issue 184043021:
[webcrypto] JWK: Updated import(ext, key_ops) and added export of symmetric keys (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@wcAesKw_nss1| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 5 #ifndef CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
| 6 #define CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 6 #define CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 #include "base/strings/string_piece.h" | |
| 12 #include "base/values.h" | |
| 11 #include "content/common/content_export.h" | 13 #include "content/common/content_export.h" |
| 12 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | 14 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
| 13 #include "third_party/WebKit/public/platform/WebCrypto.h" // TODO(eroman): delet e | 15 #include "third_party/WebKit/public/platform/WebCrypto.h" // TODO(eroman): delet e |
| 14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" | 16 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
| 15 #include "third_party/WebKit/public/platform/WebCryptoKey.h" | 17 #include "third_party/WebKit/public/platform/WebCryptoKey.h" |
| 16 | 18 |
| 17 namespace content { | 19 namespace content { |
| 18 | 20 |
| 19 namespace webcrypto { | 21 namespace webcrypto { |
| 20 | 22 |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 66 static Status ErrorJwkPropertyMissing(const std::string& property); | 68 static Status ErrorJwkPropertyMissing(const std::string& property); |
| 67 | 69 |
| 68 // The property |property| was not of type |expected_type|. | 70 // The property |property| was not of type |expected_type|. |
| 69 static Status ErrorJwkPropertyWrongType(const std::string& property, | 71 static Status ErrorJwkPropertyWrongType(const std::string& property, |
| 70 const std::string& expected_type); | 72 const std::string& expected_type); |
| 71 | 73 |
| 72 // The property |property| was a string, however could not be successfully | 74 // The property |property| was a string, however could not be successfully |
| 73 // base64 decoded. | 75 // base64 decoded. |
| 74 static Status ErrorJwkBase64Decode(const std::string& property); | 76 static Status ErrorJwkBase64Decode(const std::string& property); |
| 75 | 77 |
| 76 // The "extractable" parameter was specified but was | 78 // The "ext" parameter was specified but was |
| 77 // incompatible with the value requested by the Web Crypto call. | 79 // incompatible with the value requested by the Web Crypto call. |
| 78 static Status ErrorJwkExtractableInconsistent(); | 80 static Status ErrorJwkExtInconsistent(); |
| 79 | 81 |
| 80 // The "alg" parameter could not be converted to an equivalent | 82 // The "alg" parameter could not be converted to an equivalent |
| 81 // WebCryptoAlgorithm. Either it was malformed or unrecognized. | 83 // WebCryptoAlgorithm. Either it was malformed or unrecognized. |
| 82 static Status ErrorJwkUnrecognizedAlgorithm(); | 84 static Status ErrorJwkUnrecognizedAlgorithm(); |
| 83 | 85 |
| 84 // The "alg" parameter is incompatible with the (optional) Algorithm | 86 // The "alg" parameter is incompatible with the (optional) Algorithm |
| 85 // specified by the Web Crypto import operation. | 87 // specified by the Web Crypto import operation. |
| 86 static Status ErrorJwkAlgorithmInconsistent(); | 88 static Status ErrorJwkAlgorithmInconsistent(); |
| 87 | 89 |
| 88 // The "alg" parameter was not provided, however neither was an algorithm | 90 // The "alg" parameter was not provided, however neither was an algorithm |
| 89 // provided by the Web Crypto import operation. | 91 // provided by the Web Crypto import operation. |
| 90 static Status ErrorJwkAlgorithmMissing(); | 92 static Status ErrorJwkAlgorithmMissing(); |
| 91 | 93 |
| 92 // The "use" parameter was specified, however it couldn't be converted to an | 94 // The "use" parameter was specified, however it couldn't be converted to an |
| 93 // equivalent Web Crypto usage. | 95 // equivalent Web Crypto usage. |
| 94 static Status ErrorJwkUnrecognizedUsage(); | 96 static Status ErrorJwkUnrecognizedUse(); |
| 97 | |
| 98 // The "key_ops" parameter was specified, however one of the values in the | |
| 99 // array couldn't be converted to an equivalent Web Crypto usage. | |
| 100 static Status ErrorJwkUnrecognizedKeyop(); | |
| 95 | 101 |
| 96 // The "use" parameter was specified, however it is incompatible with that | 102 // The "use" parameter was specified, however it is incompatible with that |
| 97 // specified by the Web Crypto import operation. | 103 // specified by the Web Crypto import operation. |
| 98 static Status ErrorJwkUsageInconsistent(); | 104 static Status ErrorJwkUseInconsistent(); |
| 105 | |
| 106 // The "key_ops" parameter was specified, however it is incompatible with that | |
| 107 // specified by the Web Crypto import operation. | |
| 108 static Status ErrorJwkKeyopsInconsistent(); | |
| 109 | |
| 110 // Both the "key_ops" and the "use" parameters were specified, however they | |
| 111 // are incompatible with each other. | |
| 112 static Status ErrorJwkUseAndKeyopsInconsistent(); | |
| 99 | 113 |
| 100 // TODO(eroman): Private key import through JWK is not yet supported. | 114 // TODO(eroman): Private key import through JWK is not yet supported. |
| 101 static Status ErrorJwkRsaPrivateKeyUnsupported(); | 115 static Status ErrorJwkRsaPrivateKeyUnsupported(); |
| 102 | 116 |
| 103 // The "kty" parameter was given and was a string, however it was | 117 // The "kty" parameter was given and was a string, however it was |
| 104 // unrecognized. | 118 // unrecognized. |
| 105 static Status ErrorJwkUnrecognizedKty(); | 119 static Status ErrorJwkUnrecognizedKty(); |
| 106 | 120 |
| 107 // The amount of key data provided was incompatible with the selected | 121 // The amount of key data provided was incompatible with the selected |
| 108 // algorithm. For instance if the algorith name was A128CBC then EXACTLY | 122 // algorithm. For instance if the algorith name was A128CBC then EXACTLY |
| 109 // 128-bits of key data must have been provided. If 192-bits of key data were | 123 // 128-bits of key data must have been provided. If 192-bits of key data were |
| 110 // given that is an error. | 124 // given that is an error. |
| 111 static Status ErrorJwkIncorrectKeyLength(); | 125 static Status ErrorJwkIncorrectKeyLength(); |
| 112 | 126 |
| 127 // The inner hash associated with a Web Crypto HMAC algorithm is not | |
| 128 // compatible with JWK export. | |
| 129 static Status ErrorJwkUnsupportedHmacHash(); | |
|
eroman
2014/03/04 02:55:14
I don't believe we need this
padolph
2014/03/05 03:08:51
Removed.
| |
| 130 | |
| 113 // ------------------------------------ | 131 // ------------------------------------ |
| 114 // Other errors | 132 // Other errors |
| 115 // ------------------------------------ | 133 // ------------------------------------ |
| 116 | 134 |
| 117 // No key data was provided when importing an spki, pkcs8, or jwk formatted | 135 // No key data was provided when importing an spki, pkcs8, or jwk formatted |
| 118 // key. This does not apply to raw format, since it is possible to have empty | 136 // key. This does not apply to raw format, since it is possible to have empty |
| 119 // key data there. | 137 // key data there. |
| 120 static Status ErrorImportEmptyKeyData(); | 138 static Status ErrorImportEmptyKeyData(); |
| 121 | 139 |
| 122 // The wrong key was used for the operation. For instance, a public key was | 140 // The wrong key was used for the operation. For instance, a public key was |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 211 void ShrinkBuffer(blink::WebArrayBuffer* buffer, unsigned int new_size); | 229 void ShrinkBuffer(blink::WebArrayBuffer* buffer, unsigned int new_size); |
| 212 | 230 |
| 213 // Creates a WebArrayBuffer from a uint8 byte array | 231 // Creates a WebArrayBuffer from a uint8 byte array |
| 214 blink::WebArrayBuffer CreateArrayBuffer(const uint8* data, | 232 blink::WebArrayBuffer CreateArrayBuffer(const uint8* data, |
| 215 unsigned int data_size); | 233 unsigned int data_size); |
| 216 | 234 |
| 217 // TODO(eroman): Move this to JWK file. | 235 // TODO(eroman): Move this to JWK file. |
| 218 // This function decodes unpadded 'base64url' encoded data, as described in | 236 // This function decodes unpadded 'base64url' encoded data, as described in |
| 219 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5. | 237 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5. |
| 220 // In Web Crypto, this type of encoding is only used inside JWK. | 238 // In Web Crypto, this type of encoding is only used inside JWK. |
| 221 bool Base64DecodeUrlSafe(const std::string& input, std::string* output); | 239 CONTENT_EXPORT bool Base64DecodeUrlSafe(const std::string& input, |
| 240 std::string* output); | |
| 241 | |
| 242 // Produces an unpadded 'base64url' encoding of the input data, the opposite of | |
|
eroman
2014/03/04 02:55:14
Can these be moved into jwk.cc? (Note that I have
padolph
2014/03/04 17:38:20
Base64DecodeUrlSafe() is used by the tests. I thin
| |
| 243 // Base64DecodeUrlSafe() above. | |
| 244 void Base64EncodeUrlSafe(const base::StringPiece& input, std::string* output); | |
| 245 | |
| 246 // Composes a Web Crypto usage mask from an array of JWK key_ops values. | |
| 247 CONTENT_EXPORT Status | |
| 248 GetUsagesFromJwkKeyOps(base::ListValue* jwk_key_ops_value, | |
| 249 blink::WebCryptoKeyUsageMask* jwk_key_ops_mask); | |
| 222 | 250 |
| 223 CONTENT_EXPORT bool IsHashAlgorithm(blink::WebCryptoAlgorithmId alg_id); | 251 CONTENT_EXPORT bool IsHashAlgorithm(blink::WebCryptoAlgorithmId alg_id); |
| 224 | 252 |
| 225 // Returns the "hash" param for an algorithm if it exists, otherwise returns | 253 // Returns the "hash" param for an algorithm if it exists, otherwise returns |
| 226 // a null algorithm. | 254 // a null algorithm. |
| 227 blink::WebCryptoAlgorithm GetInnerHashAlgorithm( | 255 blink::WebCryptoAlgorithm GetInnerHashAlgorithm( |
| 228 const blink::WebCryptoAlgorithm& algorithm); | 256 const blink::WebCryptoAlgorithm& algorithm); |
| 229 | 257 |
| 230 // Creates a WebCryptoAlgorithm without any parameters. | 258 // Creates a WebCryptoAlgorithm without any parameters. |
| 231 CONTENT_EXPORT blink::WebCryptoAlgorithm CreateAlgorithm( | 259 CONTENT_EXPORT blink::WebCryptoAlgorithm CreateAlgorithm( |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 253 | 281 |
| 254 bool CreateSecretKeyAlgorithm(const blink::WebCryptoAlgorithm& algorithm, | 282 bool CreateSecretKeyAlgorithm(const blink::WebCryptoAlgorithm& algorithm, |
| 255 unsigned keylen_bytes, | 283 unsigned keylen_bytes, |
| 256 blink::WebCryptoKeyAlgorithm* key_algorithm); | 284 blink::WebCryptoKeyAlgorithm* key_algorithm); |
| 257 | 285 |
| 258 } // namespace webcrypto | 286 } // namespace webcrypto |
| 259 | 287 |
| 260 } // namespace content | 288 } // namespace content |
| 261 | 289 |
| 262 #endif // CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ | 290 #endif // CONTENT_RENDERER_WEBCRYPTO_WEBCRYPTO_UTIL_H_ |
| OLD | NEW |
