Index: content/child/webcrypto/shared_crypto.cc |
diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc |
index 580754ae47966343874aee1766ea68b8d2672d52..1677270a86c2c94c2947fa6fafb11538a0c063d0 100644 |
--- a/content/child/webcrypto/shared_crypto.cc |
+++ b/content/child/webcrypto/shared_crypto.cc |
@@ -504,20 +504,29 @@ Status WrapKey(blink::WebCryptoKeyFormat format, |
if (key_to_wrap.type() != blink::WebCryptoKeyTypeSecret) |
return Status::ErrorUnsupported(); |
- platform::SymKey* platform_wrapping_key; |
- Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key); |
- if (status.IsError()) |
- return status; |
platform::SymKey* platform_key; |
- status = ToPlatformSymKey(key_to_wrap, &platform_key); |
+ Status status = ToPlatformSymKey(key_to_wrap, &platform_key); |
if (status.IsError()) |
return status; |
// TODO(padolph): Handle other wrapping algorithms |
switch (wrapping_algorithm.id()) { |
- case blink::WebCryptoAlgorithmIdAesKw: |
+ case blink::WebCryptoAlgorithmIdAesKw: { |
+ platform::SymKey* platform_wrapping_key; |
+ status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key); |
+ if (status.IsError()) |
+ return status; |
return platform::WrapSymKeyAesKw( |
platform_wrapping_key, platform_key, buffer); |
+ } |
+ case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: { |
+ platform::PublicKey* platform_wrapping_key; |
+ status = ToPlatformPublicKey(wrapping_key, &platform_wrapping_key); |
+ if (status.IsError()) |
+ return status; |
+ return platform::WrapSymKeyRsaEs( |
+ platform_wrapping_key, platform_key, buffer); |
+ } |
default: |
return Status::ErrorUnsupported(); |
} |
@@ -544,14 +553,13 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format, |
if (format == blink::WebCryptoKeyFormatRaw && algorithm_or_null.isNull()) |
return Status::ErrorMissingAlgorithmUnwrapRawKey(); |
- platform::SymKey* platform_wrapping_key; |
- Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key); |
- if (status.IsError()) |
- return status; |
- |
// TODO(padolph): Handle other wrapping algorithms |
switch (wrapping_algorithm.id()) { |
case blink::WebCryptoAlgorithmIdAesKw: { |
+ platform::SymKey* platform_wrapping_key; |
+ Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key); |
+ if (status.IsError()) |
+ return status; |
// AES-KW requires the wrapped key data size must be at least 24 bytes and |
// also a multiple of 8 bytes. |
if (wrapped_key_data.byte_length() < 24) |
@@ -565,6 +573,21 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format, |
usage_mask, |
key); |
} |
+ case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: { |
+ platform::PrivateKey* platform_wrapping_key; |
+ Status status = |
+ ToPlatformPrivateKey(wrapping_key, &platform_wrapping_key); |
+ if (status.IsError()) |
+ return status; |
+ if (!wrapped_key_data.byte_length()) |
+ return Status::ErrorDataTooSmall(); |
+ return platform::UnwrapSymKeyRsaEs(wrapped_key_data, |
+ platform_wrapping_key, |
+ algorithm_or_null, |
+ extractable, |
+ usage_mask, |
+ key); |
+ } |
default: |
return Status::ErrorUnsupported(); |
} |