[webcrypto] Implement structured clone of keys (chromium-side).

content/child/webcrypto/shared_crypto.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/shared_crypto.h"
 
 #include "base/logging.h"
 #include "content/child/webcrypto/crypto_data.h"
 #include "content/child/webcrypto/platform_crypto.h"
 #include "content/child/webcrypto/webcrypto_util.h"
@@ skipping 215 matching lines @@
         return Status::Error();
     // Fallthrough intentional!
     case blink::WebCryptoAlgorithmIdHmac:
       return platform::ImportKeyRaw(
           algorithm_or_null, key_data, extractable, usage_mask, key);
     default:
       return Status::ErrorUnsupported();
   }
 }
 
+// Returns the key format to use for structured cloning.
+blink::WebCryptoKeyFormat GetCloneFormatForKeyType(
+    blink::WebCryptoKeyType type) {
+  switch (type) {
+    case blink::WebCryptoKeyTypeSecret:
+      return blink::WebCryptoKeyFormatRaw;
+    case blink::WebCryptoKeyTypePublic:
+      return blink::WebCryptoKeyFormatSpki;
+    case blink::WebCryptoKeyTypePrivate:
+      return blink::WebCryptoKeyFormatPkcs8;
+  }
+
+  NOTREACHED();
+  return blink::WebCryptoKeyFormatRaw;
+}
+
+// Converts a KeyAlgorithm into an equivalent Algorithm for import.
+blink::WebCryptoAlgorithm KeyAlgorithmToImportAlgorithm(
+    const blink::WebCryptoKeyAlgorithm& algorithm) {
+  switch (algorithm.paramsType()) {
+    case blink::WebCryptoKeyAlgorithmParamsTypeAes:
+    case blink::WebCryptoKeyAlgorithmParamsTypeRsa:
+      return CreateAlgorithm(algorithm.id());
+    case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
+      return CreateHmacImportAlgorithm(algorithm.hmacParams()->hash().id());
+    case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed:
+      return CreateRsaHashedImportAlgorithm(
+          algorithm.id(), algorithm.rsaHashedParams()->hash().id());
+    case blink::WebCryptoKeyAlgorithmParamsTypeNone:
+      break;
+  }
+  return blink::WebCryptoAlgorithm::createNull();
+}
+
+// There is some duplicated information in the serialized format used by
+// structured clone (since the KeyAlgorithm is serialized separately from the
+// key data). Use this extra information to further validate what was
+// deserialized from the key data.
+//
+// A failure here implies either a bug in the code, or that the serialized data
+// was corrupted.
+Status ValidateDeserializedKey(const blink::WebCryptoKey& key,
+                               const blink::WebCryptoKeyAlgorithm& algorithm,
+                               blink::WebCryptoKeyType type) {
+  if (algorithm.id() != key.algorithm().id())
+    return Status::ErrorUnexpected();
+
+  if (key.type() != type)
+    return Status::ErrorUnexpected();
+
+  switch (algorithm.paramsType()) {
+    case blink::WebCryptoKeyAlgorithmParamsTypeAes:
+      if (algorithm.aesParams()->lengthBits() !=
+          key.algorithm().aesParams()->lengthBits())
+        return Status::ErrorUnexpected();
+      break;
+    case blink::WebCryptoKeyAlgorithmParamsTypeRsa:
+    case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed:
+      if (algorithm.rsaParams()->modulusLengthBits() !=
+          key.algorithm().rsaParams()->modulusLengthBits())
+        return Status::ErrorUnexpected();
+      if (algorithm.rsaParams()->publicExponent().size() !=
+          key.algorithm().rsaParams()->publicExponent().size())
+        return Status::ErrorUnexpected();
+      if (memcmp(algorithm.rsaParams()->publicExponent().data(),
+                 key.algorithm().rsaParams()->publicExponent().data(),
+                 key.algorithm().rsaParams()->publicExponent().size()) != 0)
+        return Status::ErrorUnexpected();
+      break;
+    case blink::WebCryptoKeyAlgorithmParamsTypeNone:
+    case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
+      break;
+  }
+
+  return Status::Success();
+}
+
 }  // namespace
 
 void Init() { platform::Init(); }
 
 Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
                const blink::WebCryptoKey& key,
                const CryptoData& data,
                blink::WebArrayBuffer* buffer) {
   if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageEncrypt))
     return Status::ErrorUnexpected();
@@ skipping 156 matching lines @@
       return platform::ImportKeyPkcs8(
           algorithm_or_null, key_data, extractable, usage_mask, key);
     case blink::WebCryptoKeyFormatJwk:
       return ImportKeyJwk(
           key_data, algorithm_or_null, extractable, usage_mask, key);
     default:
       return Status::ErrorUnsupported();
   }
 }
 
-Status ExportKey(blink::WebCryptoKeyFormat format,
-                 const blink::WebCryptoKey& key,
-                 blink::WebArrayBuffer* buffer) {
-  if (!key.extractable())
-    return Status::ErrorKeyNotExtractable();
-
+// TODO(eroman): Move this to anonymous namespace.
+Status ExportKeyDontCheckExtractability(blink::WebCryptoKeyFormat format,
+                                        const blink::WebCryptoKey& key,
+                                        blink::WebArrayBuffer* buffer) {
   switch (format) {
     case blink::WebCryptoKeyFormatRaw: {
       platform::SymKey* sym_key;
       Status status = ToPlatformSymKey(key, &sym_key);
       if (status.IsError())
         return status;
       return platform::ExportKeyRaw(sym_key, buffer);
     }
     case blink::WebCryptoKeyFormatSpki: {
       platform::PublicKey* public_key;
       Status status = ToPlatformPublicKey(key, &public_key);
       if (status.IsError())
         return status;
       return platform::ExportKeySpki(public_key, buffer);
     }
     case blink::WebCryptoKeyFormatPkcs8:
     case blink::WebCryptoKeyFormatJwk:
       // TODO(eroman):
       return Status::ErrorUnsupported();
     default:
       return Status::ErrorUnsupported();
   }
 }
 
+Status ExportKey(blink::WebCryptoKeyFormat format,
+                 const blink::WebCryptoKey& key,
+                 blink::WebArrayBuffer* buffer) {
+  if (!key.extractable())
+    return Status::ErrorKeyNotExtractable();
+  return ExportKeyDontCheckExtractability(format, key, buffer);
+}
+
 Status Sign(const blink::WebCryptoAlgorithm& algorithm,
             const blink::WebCryptoKey& key,
             const CryptoData& data,
             blink::WebArrayBuffer* buffer) {
   if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageSign))
     return Status::ErrorUnexpected();
   if (algorithm.id() != key.algorithm().id())
     return Status::ErrorUnexpected();
 
   switch (algorithm.id()) {
@@ skipping 111 matching lines @@
                                          algorithm_or_null,
                                          extractable,
                                          usage_mask,
                                          key);
     }
     default:
       return Status::ErrorUnsupported();
   }
 }
 
+Status SerializeKeyForClone(const blink::WebCryptoKey& key,
+                            blink::WebVector<unsigned char>* data) {
+  blink::WebArrayBuffer buffer;
+  Status status = ExportKeyDontCheckExtractability(
+      GetCloneFormatForKeyType(key.type()), key, &buffer);
+  if (status.IsError())
+    return status;
+  *data = blink::WebVector<unsigned char>(
+      reinterpret_cast<unsigned char*>(buffer.data()), buffer.byteLength());

[Ryan Sleevi, 2014/03/12 23:18:41]

This seems to follow a double-allocation strategy

That is, first a new (temporary) blink::WebVector must be initialized, then the
copy constructor must be invoked, which then copies from the temporary

So in the present form, you have 1 allocation + 2 copies
  1 allocation to create the WebVector
  1 copy to create the WebVector from WebArrayBuffer
  1 copy to assign the WebVector from the (temporary) WebVector

You could use
  blink::WebVector<unsigned char>(reinterpret_cast<unsigned
char*>(buffer.data()), buffer.byteLength()).swap(*data);
which forces a new allocation, but doesn't force a copy.
  1 allocation to create the WebVector
  1 copy to create the WebVector from WebArrayBuffer


Alternatively, you could use
  data->assign(buffer.data(), buffer.byteLength());
which forces a copy, but doesn't force a new allocation.
  1 copy to assign the WebVector from WebArrayBuffer

[eroman, 2014/03/13 00:32:33]

Changed to data->assign()

Oops, not sure what that silliness was about..

+  return Status::Success();
+}
+
+Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm,
+                              blink::WebCryptoKeyType type,
+                              bool extractable,
+                              blink::WebCryptoKeyUsageMask usage_mask,
+                              const CryptoData& key_data,
+                              blink::WebCryptoKey* key) {
+  Status status = ImportKey(GetCloneFormatForKeyType(type),
+                            key_data,
+                            KeyAlgorithmToImportAlgorithm(algorithm),
+                            extractable,
+                            usage_mask,
+                            key);
+  if (status.IsError())
+    return status;
+
+  return ValidateDeserializedKey(*key, algorithm, type);
+}
+
 }  // namespace webcrypto
 
 }  // namespace content