Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1116)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/modules/crypto/SubtleCrypto.cpp

Issue 20843008: WebCrypto: Check that the key can be used for given operation. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « LayoutTests/crypto/normalize-algorithm-expected.txt ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/modules/crypto/SubtleCrypto.cpp
diff --git a/Source/modules/crypto/SubtleCrypto.cpp b/Source/modules/crypto/SubtleCrypto.cpp
index 94919219f609354d48cff08840a34f115bc15c5a..618a480e69011eed469a44243824cc2cdc99e7ce 100644
--- a/Source/modules/crypto/SubtleCrypto.cpp
+++ b/Source/modules/crypto/SubtleCrypto.cpp
@@ -40,6 +40,7 @@
#include "modules/crypto/NormalizeAlgorithm.h"
#include "public/platform/Platform.h"
#include "public/platform/WebCrypto.h"
+#include "public/platform/WebCryptoAlgorithmParams.h"
#include "wtf/ArrayBufferView.h"
namespace WebCore {
@@ -50,12 +51,54 @@ namespace WebCore {
namespace {
-bool keyCanBeUsedForAlgorithm(const WebKit::WebCryptoKey& key, const WebKit::WebCryptoAlgorithm& algorithm, ExceptionState& es)
+WebKit::WebCryptoKeyUsageMask toKeyUsage(AlgorithmOperation operation)
{
- // FIXME: Need to enforce that the key's algorithm matches the operation,
- // and that the key's usages allow it to be used with this operation.
- notImplemented();
- return true;
+ switch (operation) {
+ case Encrypt:
+ return WebKit::WebCryptoKeyUsageEncrypt;
+ case Decrypt:
+ return WebKit::WebCryptoKeyUsageDecrypt;
+ case Sign:
+ return WebKit::WebCryptoKeyUsageSign;
+ case Verify:
+ return WebKit::WebCryptoKeyUsageVerify;
+ case DeriveKey:
+ return WebKit::WebCryptoKeyUsageDeriveKey;
+ case WrapKey:
+ return WebKit::WebCryptoKeyUsageWrapKey;
+ case UnwrapKey:
+ return WebKit::WebCryptoKeyUsageUnwrapKey;
+ case Digest:
+ case GenerateKey:
+ case ImportKey:
+ case NumberOfAlgorithmOperations:
+ break;
+ }
+
+ ASSERT_NOT_REACHED();
+ return 0;
+}
+
+bool keyCanBeUsedForAlgorithm(const WebKit::WebCryptoKey& key, const WebKit::WebCryptoAlgorithm& algorithm, AlgorithmOperation op)
+{
+ if ((key.usages() & toKeyUsage(op)) == 0)
abarth-chromium 2013/08/01 02:01:22 (key.usages() & toKeyUsage(op)) == 0 -> !(k
eroman 2013/08/01 02:57:43 Done.
+ return false;
+
+ if (key.algorithm().id() != algorithm.id())
+ return false;
+
+ if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeNone)
+ return true;
+
+ // Verify that the algorithm-specific parameters for the key conform to the
+ // algorithm.
+
+ if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeHmacParams) {
+ return key.algorithm().hmacParams()->hash().id() == algorithm.hmacParams()->hash().id();
+ }
+
+ ASSERT_NOT_REACHED();
+ return false;
}
PassRefPtr<CryptoOperation> createCryptoOperation(const Dictionary& rawAlgorithm, Key* key, AlgorithmOperation operationType, ExceptionState& es)
@@ -77,7 +120,8 @@ PassRefPtr<CryptoOperation> createCryptoOperation(const Dictionary& rawAlgorithm
return 0;
}
- if (!keyCanBeUsedForAlgorithm(key->key(), algorithm, es)) {
+ if (!keyCanBeUsedForAlgorithm(key->key(), algorithm, operationType)) {
+ es.throwDOMException(NotSupportedError);
return 0;
}
}
« no previous file with comments | « LayoutTests/crypto/normalize-algorithm-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698