[webcrypto] Remove support for null import algorithms.

content/child/webcrypto/jwk.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <algorithm>
 #include <functional>
 #include <map>
 #include "base/json/json_reader.h"
 #include "base/json/json_writer.h"
 #include "base/lazy_instance.h"
@@ skipping 364 matching lines @@
       return Status::ErrorUnsupported();
     default:
       return Status::ErrorUnsupported();
   }
   return Status::Success();
 }
 
 }  // namespace
 
 Status ImportKeyJwk(const CryptoData& key_data,
-                    const blink::WebCryptoAlgorithm& algorithm_or_null,
+                    const blink::WebCryptoAlgorithm& algorithm,
                     bool extractable,
                     blink::WebCryptoKeyUsageMask usage_mask,
                     blink::WebCryptoKey* key) {
   // TODO(padolph): Generalize this comment to include export, and move to top
   // of file.
 
   // The goal of this method is to extract key material and meta data from the
   // incoming JWK, combine them with the input parameters, and ultimately import
   // a Web Crypto Key.
   //
@@ skipping 123 matching lines @@
   //   | "n"   | Contains the modulus value for the RSA public key.  It is    |
   //   |       | represented as the base64url encoding of the value's         |
   //   |       | unsigned big endian representation as an octet sequence.     |
   //   +-------+--------------------------------------------------------------+
   //   | "e"   | Contains the exponent value for the RSA public key.  It is   |
   //   |       | represented as the base64url encoding of the value's         |
   //   |       | unsigned big endian representation as an octet sequence.     |
   //   +-------+--------------------------------------------------------------+
   //
   // Consistency and conflict resolution
-  // The 'algorithm_or_null', 'extractable', and 'usage_mask' input parameters
+  // The 'algorithm', 'extractable', and 'usage_mask' input parameters
   // may be different than the corresponding values inside the JWK. The Web
   // Crypto spec says that if a JWK value is present but is inconsistent with
   // the input value, it is an error and the operation must fail. If no
-  // inconsistency is found, the input and JWK values are combined as follows:
+  // inconsistency is found then the input parameters are used.
   //
   // algorithm
-  //   If an algorithm is provided by both the input parameter and the JWK,
-  //   consistency between the two is based only on algorithm ID's (including an
-  //   inner hash algorithm if present). In this case if the consistency
-  //   check is passed, the input algorithm is used. If only one of either the
-  //   input algorithm and JWK alg is provided, it is used as the final
-  //   algorithm.
+  //   If the JWK algorithm is provided, it must match the web crypto input
+  //   algorithm (both the algorithm ID and inner hash if applicable).
   //
   // extractable
   //   If the JWK ext field is true but the input parameter is false, make the
   //   Web Crypto Key non-extractable. Conversely, if the JWK ext field is
   //   false but the input parameter is true, it is an inconsistency. If both
   //   are true or both are false, use that value.
   //
   // usage_mask
   //   The input usage_mask must be a strict subset of the interpreted JWK use
   //   value, else it is judged inconsistent. In all cases the input usage_mask
@@ skipping 24 matching lines @@
     bool jwk_ext_value = false;
     bool has_jwk_ext;
     status =
         GetOptionalJwkBool(dict_value, "ext", &jwk_ext_value, &has_jwk_ext);
     if (status.IsError())
       return status;
     if (has_jwk_ext && !jwk_ext_value && extractable)
       return Status::ErrorJwkExtInconsistent();
   }
 
-  // JWK "alg" (optional) --> algorithm parameter
-  // Note: input algorithm is also optional, so we have six cases to handle.
+  // JWK "alg" --> algorithm parameter
   // 1. JWK alg present but unrecognized: error
-  // 2. JWK alg valid AND input algorithm isNull: use JWK value
-  // 3. JWK alg valid AND input algorithm specified, but JWK value
-  //      inconsistent with input: error
-  // 4. JWK alg valid AND input algorithm specified, both consistent: use
-  //      input value (because it has potentially more details)
-  // 5. JWK alg missing AND input algorithm isNull: error
-  // 6. JWK alg missing AND input algorithm specified: use input value
-  blink::WebCryptoAlgorithm algorithm = blink::WebCryptoAlgorithm::createNull();
+  // 2. JWK alg valid and inconsistent with input algorithm: error
+  // 3. JWK alg valid and consistent with input algorithm: use input value
+  // 4. JWK alg is missing: use input value
   const JwkAlgorithmInfo* algorithm_info = NULL;
   std::string jwk_alg_value;
   bool has_jwk_alg;
   status =
       GetOptionalJwkString(dict_value, "alg", &jwk_alg_value, &has_jwk_alg);
   if (status.IsError())
     return status;
 
   if (has_jwk_alg) {
     // JWK alg present
 
     // TODO(padolph): Validate alg vs kty. For example kty="RSA" implies alg can
     // only be from the RSA family.
 
     blink::WebCryptoAlgorithm jwk_algorithm =
         blink::WebCryptoAlgorithm::createNull();
     algorithm_info = jwk_alg_registry.Get().GetAlgorithmInfo(jwk_alg_value);
     if (!algorithm_info ||
         !algorithm_info->CreateImportAlgorithm(&jwk_algorithm))
-      return Status::ErrorJwkUnrecognizedAlgorithm();  // case 1
+      return Status::ErrorJwkUnrecognizedAlgorithm();
 
-    // JWK alg valid
-    if (algorithm_or_null.isNull()) {
-      // input algorithm not specified
-      algorithm = jwk_algorithm;  // case 2
-    } else {
-      // input algorithm specified
-      if (!ImportAlgorithmsConsistent(jwk_algorithm, algorithm_or_null))
-        return Status::ErrorJwkAlgorithmInconsistent();  // case 3
-      algorithm = algorithm_or_null;                     // case 4
-    }
-  } else {
-    // JWK alg missing
-    if (algorithm_or_null.isNull())
-      return Status::ErrorJwkAlgorithmMissing();  // case 5
-    algorithm = algorithm_or_null;                // case 6
+    if (!ImportAlgorithmsConsistent(jwk_algorithm, algorithm))
+      return Status::ErrorJwkAlgorithmInconsistent();
   }
   DCHECK(!algorithm.isNull());
 
   // JWK "key_ops" (optional) --> usage_mask parameter
   base::ListValue* jwk_key_ops_value = NULL;
   bool has_jwk_key_ops;
   status = GetOptionalJwkList(
       dict_value, "key_ops", &jwk_key_ops_value, &has_jwk_key_ops);
   if (status.IsError())
     return status;
@@ skipping 117 matching lines @@
   std::string json;
   base::JSONWriter::Write(&jwk_dict, &json);
   *buffer = CreateArrayBuffer(reinterpret_cast<const uint8*>(json.data()),
                               json.size());
   return Status::Success();
 }
 
 }  // namespace webcrypto
 
 }  // namespace content