Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/child/webcrypto/jwk.cc

Issue 197223007: [webcrypto] Remove support for null import algorithms. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/child/webcrypto/platform_crypto_nss.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/child/webcrypto/jwk.cc
diff --git a/content/child/webcrypto/jwk.cc b/content/child/webcrypto/jwk.cc
index 513193021cd83fec9504c1b2e1b0061ca411bc6a..9d8c36c5d44deea4f7f7046e69d29ea09dea2fcf 100644
--- a/content/child/webcrypto/jwk.cc
+++ b/content/child/webcrypto/jwk.cc
@@ -237,7 +237,7 @@ Status GetOptionalJwkBool(base::DictionaryValue* dict,
} // namespace
Status ImportKeyJwk(const CryptoData& key_data,
- const blink::WebCryptoAlgorithm& algorithm_or_null,
+ const blink::WebCryptoAlgorithm& algorithm,
bool extractable,
blink::WebCryptoKeyUsageMask usage_mask,
blink::WebCryptoKey* key) {
@@ -351,19 +351,15 @@ Status ImportKeyJwk(const CryptoData& key_data,
// +-------+--------------------------------------------------------------+
//
// Consistency and conflict resolution
- // The 'algorithm_or_null', 'extractable', and 'usage_mask' input parameters
+ // The 'algorithm', 'extractable', and 'usage_mask' input parameters
// may be different than the corresponding values inside the JWK. The Web
// Crypto spec says that if a JWK value is present but is inconsistent with
// the input value, it is an error and the operation must fail. If no
- // inconsistency is found, the input and JWK values are combined as follows:
+ // inconsistency is found then the input parameters are used.
//
// algorithm
- // If an algorithm is provided by both the input parameter and the JWK,
- // consistency between the two is based only on algorithm ID's (including an
- // inner hash algorithm if present). In this case if the consistency
- // check is passed, the input algorithm is used. If only one of either the
- // input algorithm and JWK alg is provided, it is used as the final
- // algorithm.
+ // If the JWK algorithm is provided, it must match the web crypto input
+ // algorithm (both the algorithm ID and inner hash if applicable).
//
// extractable
// If the JWK extractable is true but the input parameter is false, make the
@@ -410,17 +406,7 @@ Status ImportKeyJwk(const CryptoData& key_data,
return Status::ErrorJwkExtractableInconsistent();
}
- // JWK "alg" (optional) --> algorithm parameter
- // Note: input algorithm is also optional, so we have six cases to handle.
- // 1. JWK alg present but unrecognized: error
- // 2. JWK alg valid AND input algorithm isNull: use JWK value
- // 3. JWK alg valid AND input algorithm specified, but JWK value
- // inconsistent with input: error
- // 4. JWK alg valid AND input algorithm specified, both consistent: use
- // input value (because it has potentially more details)
- // 5. JWK alg missing AND input algorithm isNull: error
- // 6. JWK alg missing AND input algorithm specified: use input value
- blink::WebCryptoAlgorithm algorithm = blink::WebCryptoAlgorithm::createNull();
+ // JWK "alg" --> algorithm parameter
Ryan Sleevi 2014/03/14 21:31:50 JWK "alg" remains optional So you still have seve
eroman 2014/03/18 01:25:29 Done.
const JwkAlgorithmInfo* algorithm_info = NULL;
std::string jwk_alg_value;
bool has_jwk_alg;
@@ -440,23 +426,11 @@ Status ImportKeyJwk(const CryptoData& key_data,
algorithm_info = jwk_alg_registry.Get().GetAlgorithmInfo(jwk_alg_value);
if (!algorithm_info ||
!algorithm_info->CreateImportAlgorithm(&jwk_algorithm))
- return Status::ErrorJwkUnrecognizedAlgorithm(); // case 1
+ return Status::ErrorJwkUnrecognizedAlgorithm();
- // JWK alg valid
- if (algorithm_or_null.isNull()) {
- // input algorithm not specified
- algorithm = jwk_algorithm; // case 2
- } else {
- // input algorithm specified
- if (!ImportAlgorithmsConsistent(jwk_algorithm, algorithm_or_null))
- return Status::ErrorJwkAlgorithmInconsistent(); // case 3
- algorithm = algorithm_or_null; // case 4
- }
- } else {
- // JWK alg missing
- if (algorithm_or_null.isNull())
- return Status::ErrorJwkAlgorithmMissing(); // case 5
- algorithm = algorithm_or_null; // case 6
+ // input algorithm specified
Ryan Sleevi 2014/03/14 21:31:50 unnecessary comment?
eroman 2014/03/18 01:25:29 Done.
+ if (!ImportAlgorithmsConsistent(jwk_algorithm, algorithm))
+ return Status::ErrorJwkAlgorithmInconsistent();
}
DCHECK(!algorithm.isNull());
« no previous file with comments | « no previous file | content/child/webcrypto/platform_crypto_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698