[webcrypto] Add JWK symmetric key RSAES-PKCS1-v1_5 wrap / unwrap for NSS.

content/child/webcrypto/shared_crypto.cc

Index: content/child/webcrypto/shared_crypto.cc
diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc
index 63af5768b33c756b31bdcb4082716135b460ac3e..0ccf04a7bdb72d18511cee08708962ea0e9d7fef 100644
--- a/content/child/webcrypto/shared_crypto.cc
+++ b/content/child/webcrypto/shared_crypto.cc
@@ -368,6 +368,39 @@ Status UnwrapKeyRaw(const CryptoData& wrapped_key_data,
   }
 }
 
+Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key,
+                  const blink::WebCryptoKey& key_to_wrap,
+                  const blink::WebCryptoAlgorithm& wrapping_algorithm,
+                  blink::WebArrayBuffer* buffer) {
+  // A raw key is always a symmetric key.
+  platform::SymKey* platform_key;
+  Status status = ToPlatformSymKey(key_to_wrap, &platform_key);
+  if (status.IsError())
+    return status;
+
+  // TODO(padolph): Handle other wrapping algorithms
+  switch (wrapping_algorithm.id()) {
+    case blink::WebCryptoAlgorithmIdAesKw: {
+      platform::SymKey* platform_wrapping_key;
+      status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
+      if (status.IsError())
+        return status;
+      return platform::WrapSymKeyAesKw(
+          platform_wrapping_key, platform_key, buffer);
+    }
+    case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
+      platform::PublicKey* platform_wrapping_key;
+      status = ToPlatformPublicKey(wrapping_key, &platform_wrapping_key);
+      if (status.IsError())
+        return status;
+      return platform::WrapSymKeyRsaEs(
+          platform_wrapping_key, platform_key, buffer);
+    }
+    default:
+      return Status::ErrorUnsupported();
+  }
+}
+
 Status DecryptAesKw(const blink::WebCryptoAlgorithm& algorithm,
                     const blink::WebCryptoKey& key,
                     const CryptoData& data,
@@ -402,6 +435,24 @@ Status DecryptDontCheckKeyUsage(const blink::WebCryptoAlgorithm& algorithm,
   }
 }
 
+Status EncryptDontCheckUsage(const blink::WebCryptoAlgorithm& algorithm,
+                             const blink::WebCryptoKey& key,
+                             const CryptoData& data,
+                             blink::WebArrayBuffer* buffer) {
+  if (algorithm.id() != key.algorithm().id())
+    return Status::ErrorUnexpected();
+  switch (algorithm.id()) {
+    case blink::WebCryptoAlgorithmIdAesCbc:
+      return EncryptDecryptAesCbc(ENCRYPT, algorithm, key, data, buffer);
+    case blink::WebCryptoAlgorithmIdAesGcm:
+      return EncryptDecryptAesGcm(ENCRYPT, algorithm, key, data, buffer);
+    case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
+      return EncryptRsaEsPkcs1v1_5(algorithm, key, data, buffer);
+    default:
+      return Status::ErrorUnsupported();
+  }
+}
+
 Status UnwrapKeyDecryptAndImport(
     blink::WebCryptoKeyFormat format,
     const CryptoData& wrapped_key_data,
@@ -411,8 +462,6 @@ Status UnwrapKeyDecryptAndImport(
     bool extractable,
     blink::WebCryptoKeyUsageMask usage_mask,
     blink::WebCryptoKey* key) {
-  if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageUnwrapKey))

[eroman, 2014/03/19 18:40:38]

What is the motivation for removing this line? Is this another rebase issue?

[padolph, 2014/03/19 20:01:17]

It is redundant. UnwrapKey() already does this and this function is only called
by UnwrapKey(). This follows the pattern we've been using in these types of
refactorings.

Should I just make this a DCHECK()?

[eroman, 2014/03/19 22:58:09]

Makes sense. No DCHECK() necessary then.

-    return Status::ErrorUnexpected();
   blink::WebArrayBuffer buffer;
   Status status = DecryptDontCheckKeyUsage(
       wrapping_algorithm, wrapping_key, wrapped_key_data, &buffer);
@@ -430,6 +479,20 @@ Status UnwrapKeyDecryptAndImport(
   return status.IsError() ? Status::Error() : Status::Success();
 }
 
+Status WrapKeyExportAndEncrypt(
+    blink::WebCryptoKeyFormat format,
+    const blink::WebCryptoKey& wrapping_key,
+    const blink::WebCryptoKey& key_to_wrap,
+    const blink::WebCryptoAlgorithm& wrapping_algorithm,
+    blink::WebArrayBuffer* buffer) {
+  blink::WebArrayBuffer exported_data;
+  Status status = ExportKey(format, key_to_wrap, &exported_data);
+  if (status.IsError())
+    return status;
+  return EncryptDontCheckUsage(
+      wrapping_algorithm, wrapping_key, CryptoData(exported_data), buffer);
+}
+
 }  // namespace
 
 void Init() { platform::Init(); }
@@ -440,19 +503,7 @@ Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
                blink::WebArrayBuffer* buffer) {
   if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageEncrypt))
     return Status::ErrorUnexpected();
-  if (algorithm.id() != key.algorithm().id())
-    return Status::ErrorUnexpected();
-
-  switch (algorithm.id()) {
-    case blink::WebCryptoAlgorithmIdAesCbc:
-      return EncryptDecryptAesCbc(ENCRYPT, algorithm, key, data, buffer);
-    case blink::WebCryptoAlgorithmIdAesGcm:
-      return EncryptDecryptAesGcm(ENCRYPT, algorithm, key, data, buffer);
-    case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
-      return EncryptRsaEsPkcs1v1_5(algorithm, key, data, buffer);
-    default:
-      return Status::ErrorUnsupported();
-  }
+  return EncryptDontCheckUsage(algorithm, key, data, buffer);
 }
 
 Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
@@ -678,42 +729,22 @@ Status WrapKey(blink::WebCryptoKeyFormat format,
                const blink::WebCryptoKey& key_to_wrap,
                const blink::WebCryptoAlgorithm& wrapping_algorithm,
                blink::WebArrayBuffer* buffer) {
-  if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageUnwrapKey))
+  if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageWrapKey))
     return Status::ErrorUnexpected();
   if (wrapping_algorithm.id() != wrapping_key.algorithm().id())
     return Status::ErrorUnexpected();
 
-  // TODO (padolph): Handle formats other than raw
-  if (format != blink::WebCryptoKeyFormatRaw)
-    return Status::ErrorUnsupported();
-  // TODO (padolph): Handle key-to-wrap types other than secret/symmetric
-  if (key_to_wrap.type() != blink::WebCryptoKeyTypeSecret)
-    return Status::ErrorUnsupported();
-
-  platform::SymKey* platform_key;
-  Status status = ToPlatformSymKey(key_to_wrap, &platform_key);
-  if (status.IsError())
-    return status;
-
-  // TODO(padolph): Handle other wrapping algorithms
-  switch (wrapping_algorithm.id()) {
-    case blink::WebCryptoAlgorithmIdAesKw: {
-      platform::SymKey* platform_wrapping_key;
-      status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
-      if (status.IsError())
-        return status;
-      return platform::WrapSymKeyAesKw(
-          platform_wrapping_key, platform_key, buffer);
-    }
-    case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
-      platform::PublicKey* platform_wrapping_key;
-      status = ToPlatformPublicKey(wrapping_key, &platform_wrapping_key);
-      if (status.IsError())
-        return status;
-      return platform::WrapSymKeyRsaEs(
-          platform_wrapping_key, platform_key, buffer);
-    }
+  switch (format) {
+    case blink::WebCryptoKeyFormatRaw:
+      return WrapKeyRaw(wrapping_key, key_to_wrap, wrapping_algorithm, buffer);
+    case blink::WebCryptoKeyFormatJwk:
+      return WrapKeyExportAndEncrypt(
+          format, wrapping_key, key_to_wrap, wrapping_algorithm, buffer);
+    case blink::WebCryptoKeyFormatSpki:
+    case blink::WebCryptoKeyFormatPkcs8:
+      return Status::ErrorUnsupported();  // TODO(padolph)

[eroman, 2014/03/19 18:40:38]

Is there anything stopping WrapKeyExportAndEncrypt() from working for the other
wrap formats? Seems to me like it is generic enough that it can be allowed
(short of not having tests for them yet).

[padolph, 2014/03/19 20:01:17]

As per Ryan, yes we can use WrapKeyExportAndEncrypt() for public keys (spki) but
not for private keys. In the latter case we need to keep secret keying material
below the NSS line, and NSS apparently has APIs to support this.

My only reason for not including spki here was the lack of tests for it, and
making test data for the wrap/unwrap case is a bit painful. So I wanted to defer
it to a later CL.

[eroman, 2014/03/19 22:58:09]

Acknowledged. Fine as is then.

     default:
+      NOTREACHED();
       return Status::ErrorUnsupported();
   }
 }