[webcrypto] JWK: Updated import(ext, key_ops) and added export of symmetric keys

content/renderer/webcrypto/webcrypto_util.h

Index: content/renderer/webcrypto/webcrypto_util.h
diff --git a/content/renderer/webcrypto/webcrypto_util.h b/content/renderer/webcrypto/webcrypto_util.h
index 28eb8e0f64e9bcdedb8c54e81b4499f003cb25f3..cf2e4efd3b94a1a0478d96c32e2258e85f52539e 100644
--- a/content/renderer/webcrypto/webcrypto_util.h
+++ b/content/renderer/webcrypto/webcrypto_util.h
@@ -8,6 +8,8 @@
 #include <string>
 #include <vector>
 #include "base/basictypes.h"
+#include "base/strings/string_piece.h"
+#include "base/values.h"
 #include "content/common/content_export.h"
 #include "third_party/WebKit/public/platform/WebArrayBuffer.h"
 #include "third_party/WebKit/public/platform/WebCrypto.h" // TODO(eroman): delete
@@ -73,9 +75,9 @@ class CONTENT_EXPORT Status {
   // base64 decoded.
   static Status ErrorJwkBase64Decode(const std::string& property);
 
-  // The "extractable" parameter was specified but was
+  // The "ext" parameter was specified but was
   // incompatible with the value requested by the Web Crypto call.
-  static Status ErrorJwkExtractableInconsistent();
+  static Status ErrorJwkExtInconsistent();
 
   // The "alg" parameter could not be converted to an equivalent
   // WebCryptoAlgorithm. Either it was malformed or unrecognized.
@@ -91,11 +93,23 @@ class CONTENT_EXPORT Status {
 
   // The "use" parameter was specified, however it couldn't be converted to an
   // equivalent Web Crypto usage.
-  static Status ErrorJwkUnrecognizedUsage();
+  static Status ErrorJwkUnrecognizedUse();
+
+  // The "key_ops" parameter was specified, however one of the values in the
+  // array couldn't be converted to an equivalent Web Crypto usage.
+  static Status ErrorJwkUnrecognizedKeyop();
 
   // The "use" parameter was specified, however it is incompatible with that
   // specified by the Web Crypto import operation.
-  static Status ErrorJwkUsageInconsistent();
+  static Status ErrorJwkUseInconsistent();
+
+  // The "key_ops" parameter was specified, however it is incompatible with that
+  // specified by the Web Crypto import operation.
+  static Status ErrorJwkKeyopsInconsistent();
+
+  // Both the "key_ops" and the "use" parameters were specified, however they
+  // are incompatible with each other.
+  static Status ErrorJwkUseAndKeyopsInconsistent();
 
   // TODO(eroman): Private key import through JWK is not yet supported.
   static Status ErrorJwkRsaPrivateKeyUnsupported();
@@ -110,6 +124,10 @@ class CONTENT_EXPORT Status {
   // given that is an error.
   static Status ErrorJwkIncorrectKeyLength();
 
+  // The inner hash associated with a Web Crypto HMAC algorithm is not
+  // compatible with JWK export.
+  static Status ErrorJwkUnsupportedHmacHash();

[eroman, 2014/03/04 02:55:14]

I don't believe we need this

[padolph, 2014/03/05 03:08:51]

Removed.

+
   // ------------------------------------
   // Other errors
   // ------------------------------------
@@ -218,7 +236,17 @@ blink::WebArrayBuffer CreateArrayBuffer(const uint8* data,
 // This function decodes unpadded 'base64url' encoded data, as described in
 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5.
 // In Web Crypto, this type of encoding is only used inside JWK.
-bool Base64DecodeUrlSafe(const std::string& input, std::string* output);
+CONTENT_EXPORT bool Base64DecodeUrlSafe(const std::string& input,
+                                        std::string* output);
+
+// Produces an unpadded 'base64url' encoding of the input data, the opposite of

[eroman, 2014/03/04 02:55:14]

Can these be moved into jwk.cc? (Note that I have  TODO more moving
Base64DecodeUrlSafe() there too)

[padolph, 2014/03/04 17:38:20]

Base64DecodeUrlSafe() is used by the tests. I think this means it can't live in
jwk.cc for linking reasons.

+// Base64DecodeUrlSafe() above.
+void Base64EncodeUrlSafe(const base::StringPiece& input, std::string* output);
+
+// Composes a Web Crypto usage mask from an array of JWK key_ops values.
+CONTENT_EXPORT Status
+    GetUsagesFromJwkKeyOps(base::ListValue* jwk_key_ops_value,
+                           blink::WebCryptoKeyUsageMask* jwk_key_ops_mask);
 
 CONTENT_EXPORT bool IsHashAlgorithm(blink::WebCryptoAlgorithmId alg_id);