| Index: content/child/webcrypto/shared_crypto.cc
|
| diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc
|
| index 580754ae47966343874aee1766ea68b8d2672d52..1677270a86c2c94c2947fa6fafb11538a0c063d0 100644
|
| --- a/content/child/webcrypto/shared_crypto.cc
|
| +++ b/content/child/webcrypto/shared_crypto.cc
|
| @@ -504,20 +504,29 @@ Status WrapKey(blink::WebCryptoKeyFormat format,
|
| if (key_to_wrap.type() != blink::WebCryptoKeyTypeSecret)
|
| return Status::ErrorUnsupported();
|
|
|
| - platform::SymKey* platform_wrapping_key;
|
| - Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| platform::SymKey* platform_key;
|
| - status = ToPlatformSymKey(key_to_wrap, &platform_key);
|
| + Status status = ToPlatformSymKey(key_to_wrap, &platform_key);
|
| if (status.IsError())
|
| return status;
|
|
|
| // TODO(padolph): Handle other wrapping algorithms
|
| switch (wrapping_algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesKw:
|
| + case blink::WebCryptoAlgorithmIdAesKw: {
|
| + platform::SymKey* platform_wrapping_key;
|
| + status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| + if (status.IsError())
|
| + return status;
|
| return platform::WrapSymKeyAesKw(
|
| platform_wrapping_key, platform_key, buffer);
|
| + }
|
| + case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
|
| + platform::PublicKey* platform_wrapping_key;
|
| + status = ToPlatformPublicKey(wrapping_key, &platform_wrapping_key);
|
| + if (status.IsError())
|
| + return status;
|
| + return platform::WrapSymKeyRsaEs(
|
| + platform_wrapping_key, platform_key, buffer);
|
| + }
|
| default:
|
| return Status::ErrorUnsupported();
|
| }
|
| @@ -544,14 +553,13 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format,
|
| if (format == blink::WebCryptoKeyFormatRaw && algorithm_or_null.isNull())
|
| return Status::ErrorMissingAlgorithmUnwrapRawKey();
|
|
|
| - platform::SymKey* platform_wrapping_key;
|
| - Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| // TODO(padolph): Handle other wrapping algorithms
|
| switch (wrapping_algorithm.id()) {
|
| case blink::WebCryptoAlgorithmIdAesKw: {
|
| + platform::SymKey* platform_wrapping_key;
|
| + Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| + if (status.IsError())
|
| + return status;
|
| // AES-KW requires the wrapped key data size must be at least 24 bytes and
|
| // also a multiple of 8 bytes.
|
| if (wrapped_key_data.byte_length() < 24)
|
| @@ -565,6 +573,21 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format,
|
| usage_mask,
|
| key);
|
| }
|
| + case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
|
| + platform::PrivateKey* platform_wrapping_key;
|
| + Status status =
|
| + ToPlatformPrivateKey(wrapping_key, &platform_wrapping_key);
|
| + if (status.IsError())
|
| + return status;
|
| + if (!wrapped_key_data.byte_length())
|
| + return Status::ErrorDataTooSmall();
|
| + return platform::UnwrapSymKeyRsaEs(wrapped_key_data,
|
| + platform_wrapping_key,
|
| + algorithm_or_null,
|
| + extractable,
|
| + usage_mask,
|
| + key);
|
| + }
|
| default:
|
| return Status::ErrorUnsupported();
|
| }
|
|
|
Chromium Code Reviews
Issue 188363002:
[webcrypto] Add raw symmetric key RSAES-PKCS1-v1_5 wrap/unwrap for NSS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@wcAesKw_nss1