Chromium Code Reviews Chromium Code Reviews
Issue 2159313002:
Miscelaneous updates to WebCrypto to match latest spec. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 140 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 140 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 141 ScriptPromise promise = result->promise(); | 141 ScriptPromise promise = result->promise(); |
| 142 | 142 |
| 143 if (!canAccessWebCrypto(scriptState, result)) | 143 if (!canAccessWebCrypto(scriptState, result)) |
| 144 return promise; | 144 return promise; |
| 145 | 145 |
| 146 // 14.3.1.2: Let data be the result of getting a copy of the bytes held by | 146 // 14.3.1.2: Let data be the result of getting a copy of the bytes held by |
| 147 // the data parameter passed to the encrypt method. | 147 // the data parameter passed to the encrypt method. |
| 148 Vector<uint8_t> data = copyBytes(rawData); | 148 Vector<uint8_t> data = copyBytes(rawData); |
| 149 | 149 |
| 150 WebCryptoAlgorithm algorithm; | 150 // 14.3.1.3: Let normalizedAlgorithm be the result of normalizing an |
| 151 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationEncrypt, algorithm, resu lt)) | 151 // algorithm, with alg set to algorithm and op set to "encrypt". |
| 152 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 153 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationEncrypt, normalizedAlgor ithm, result)) | |
| 152 return promise; | 154 return promise; |
| 153 | 155 |
| 154 if (!key->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageEncrypt, result) ) | 156 // 14.3.1.8: If the name member of normalizedAlgorithm is not equal to the |
| 157 // name attribute of the [[algorithm]] internal slot of key then | |
| 158 // throw an InvalidAccessError. | |
| 159 // | |
| 160 // 14.3.1.9: If the [[usages]] internal slot of key does not contain an | |
| 161 // entry that is "encrypt", then throw an InvalidAccessError. | |
| 162 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageEncryp t, result)) | |
| 155 return promise; | 163 return promise; |
| 156 | 164 |
| 157 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, key- >key()); | 165 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key()); |
| 158 Platform::current()->crypto()->encrypt(algorithm, key->key(), data.data(), d ata.size(), result->result()); | 166 Platform::current()->crypto()->encrypt(normalizedAlgorithm, key->key(), data .data(), data.size(), result->result()); |
| 159 return promise; | 167 return promise; |
| 160 } | 168 } |
| 161 | 169 |
| 162 ScriptPromise SubtleCrypto::decrypt(ScriptState* scriptState, const AlgorithmIde ntifier& rawAlgorithm, CryptoKey* key, const BufferSource& rawData) | 170 ScriptPromise SubtleCrypto::decrypt(ScriptState* scriptState, const AlgorithmIde ntifier& rawAlgorithm, CryptoKey* key, const BufferSource& rawData) |
| 163 { | 171 { |
| 164 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-decrypt | 172 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-decrypt |
| 165 | 173 |
| 166 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 174 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 167 ScriptPromise promise = result->promise(); | 175 ScriptPromise promise = result->promise(); |
| 168 | 176 |
| 169 if (!canAccessWebCrypto(scriptState, result)) | 177 if (!canAccessWebCrypto(scriptState, result)) |
| 170 return promise; | 178 return promise; |
| 171 | 179 |
| 172 // 14.3.2.2: Let data be the result of getting a copy of the bytes held by | 180 // 14.3.2.2: Let data be the result of getting a copy of the bytes held by |
| 173 // the data parameter passed to the decrypt method. | 181 // the data parameter passed to the decrypt method. |
| 174 Vector<uint8_t> data = copyBytes(rawData); | 182 Vector<uint8_t> data = copyBytes(rawData); |
| 175 | 183 |
| 176 WebCryptoAlgorithm algorithm; | 184 // 14.3.2.3: Let normalizedAlgorithm be the result of normalizing an |
| 177 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDecrypt, algorithm, resu lt)) | 185 // algorithm, with alg set to algorithm and op set to "decrypt". |
| 186 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 187 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDecrypt, normalizedAlgor ithm, result)) | |
| 178 return promise; | 188 return promise; |
| 179 | 189 |
| 180 if (!key->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageDecrypt, result) ) | 190 // 14.3.2.8: If the name member of normalizedAlgorithm is not equal to the |
| 191 // name attribute of the [[algorithm]] internal slot of key then | |
| 192 // throw an InvalidAccessError. | |
| 193 // | |
| 194 // 14.3.2.9: If the [[usages]] internal slot of key does not contain an | |
| 195 // entry that is "decrypt", then throw an InvalidAccessError. | |
| 196 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageDecryp t, result)) | |
| 181 return promise; | 197 return promise; |
| 182 | 198 |
| 183 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, key- >key()); | 199 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key()); |
| 184 Platform::current()->crypto()->decrypt(algorithm, key->key(), data.data(), d ata.size(), result->result()); | 200 Platform::current()->crypto()->decrypt(normalizedAlgorithm, key->key(), data .data(), data.size(), result->result()); |
| 185 return promise; | 201 return promise; |
| 186 } | 202 } |
| 187 | 203 |
| 188 ScriptPromise SubtleCrypto::sign(ScriptState* scriptState, const AlgorithmIdenti fier& rawAlgorithm, CryptoKey* key, const BufferSource& rawData) | 204 ScriptPromise SubtleCrypto::sign(ScriptState* scriptState, const AlgorithmIdenti fier& rawAlgorithm, CryptoKey* key, const BufferSource& rawData) |
| 189 { | 205 { |
| 190 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-sign | 206 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-sign |
| 191 | 207 |
| 192 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 208 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 193 ScriptPromise promise = result->promise(); | 209 ScriptPromise promise = result->promise(); |
| 194 | 210 |
| 195 if (!canAccessWebCrypto(scriptState, result)) | 211 if (!canAccessWebCrypto(scriptState, result)) |
| 196 return promise; | 212 return promise; |
| 197 | 213 |
| 198 // 14.3.3.2: Let data be the result of getting a copy of the bytes held by | 214 // 14.3.3.2: Let data be the result of getting a copy of the bytes held by |
| 199 // the data parameter passed to the sign method. | 215 // the data parameter passed to the sign method. |
| 200 Vector<uint8_t> data = copyBytes(rawData); | 216 Vector<uint8_t> data = copyBytes(rawData); |
| 201 | 217 |
| 202 WebCryptoAlgorithm algorithm; | 218 // 14.3.3.3: Let normalizedAlgorithm be the result of normalizing an |
| 203 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationSign, algorithm, result) ) | 219 // algorithm, with alg set to algorithm and op set to "sign". |
| 220 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 221 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationSign, normalizedAlgorith m, result)) | |
| 204 return promise; | 222 return promise; |
| 205 | 223 |
| 206 if (!key->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageSign, result)) | 224 // 14.3.3.8: If the name member of normalizedAlgorithm is not equal to the |
| 225 // name attribute of the [[algorithm]] internal slot of key then | |
| 226 // throw an InvalidAccessError. | |
| 227 // | |
| 228 // 14.3.3.9: If the [[usages]] internal slot of key does not contain an | |
| 229 // entry that is "sign", then throw an InvalidAccessError. | |
| 230 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageSign, result)) | |
| 207 return promise; | 231 return promise; |
| 208 | 232 |
| 209 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, key- >key()); | 233 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key()); |
| 210 Platform::current()->crypto()->sign(algorithm, key->key(), data.data(), data .size(), result->result()); | 234 Platform::current()->crypto()->sign(normalizedAlgorithm, key->key(), data.da ta(), data.size(), result->result()); |
| 211 return promise; | 235 return promise; |
| 212 } | 236 } |
| 213 | 237 |
| 214 ScriptPromise SubtleCrypto::verifySignature(ScriptState* scriptState, const Algo rithmIdentifier& rawAlgorithm, CryptoKey* key, const BufferSource& rawSignature, const BufferSource& rawData) | 238 ScriptPromise SubtleCrypto::verifySignature(ScriptState* scriptState, const Algo rithmIdentifier& rawAlgorithm, CryptoKey* key, const BufferSource& rawSignature, const BufferSource& rawData) |
| 215 { | 239 { |
| 216 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-verify | 240 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-verify |
| 217 | 241 |
| 218 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 242 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 219 ScriptPromise promise = result->promise(); | 243 ScriptPromise promise = result->promise(); |
| 220 | 244 |
| 221 if (!canAccessWebCrypto(scriptState, result)) | 245 if (!canAccessWebCrypto(scriptState, result)) |
| 222 return promise; | 246 return promise; |
| 223 | 247 |
| 224 // 14.3.4.2: Let signature be the result of getting a copy of the bytes | 248 // 14.3.4.2: Let signature be the result of getting a copy of the bytes |
| 225 // held by the signature parameter passed to the verify method. | 249 // held by the signature parameter passed to the verify method. |
| 226 Vector<uint8_t> signature = copyBytes(rawSignature); | 250 Vector<uint8_t> signature = copyBytes(rawSignature); |
| 227 | 251 |
| 228 WebCryptoAlgorithm algorithm; | 252 // 14.3.4.3: Let normalizedAlgorithm be the result of normalizing an |
| 229 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationVerify, algorithm, resul t)) | 253 // algorithm, with alg set to algorithm and op set to "verify". |
| 254 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 255 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationVerify, normalizedAlgori thm, result)) | |
| 230 return promise; | 256 return promise; |
| 231 | 257 |
| 232 // 14.3.4.5: Let data be the result of getting a copy of the bytes held by | 258 // 14.3.4.5: Let data be the result of getting a copy of the bytes held by |
| 233 // the data parameter passed to the verify method. | 259 // the data parameter passed to the verify method. |
| 234 Vector<uint8_t> data = copyBytes(rawData); | 260 Vector<uint8_t> data = copyBytes(rawData); |
| 235 | 261 |
| 236 if (!key->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageVerify, result)) | 262 // 14.3.4.9: If the name member of normalizedAlgorithm is not equal to the |
| 263 // name attribute of the [[algorithm]] internal slot of key then t hrow an | |
| 264 // InvalidAccessError. | |
| 265 // | |
| 266 // 14.3.4.10: If the [[usages]] internal slot of key does not contain an | |
| 267 // entry that is "verify", then throw an InvalidAccessError. | |
| 268 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageVerify , result)) | |
| 237 return promise; | 269 return promise; |
| 238 | 270 |
| 239 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, key- >key()); | 271 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key()); |
| 240 Platform::current()->crypto()->verifySignature(algorithm, key->key(), signat ure.data(), signature.size(), data.data(), data.size(), result->result()); | 272 Platform::current()->crypto()->verifySignature(normalizedAlgorithm, key->key (), signature.data(), signature.size(), data.data(), data.size(), result->result ()); |
| 241 return promise; | 273 return promise; |
| 242 } | 274 } |
| 243 | 275 |
| 244 ScriptPromise SubtleCrypto::digest(ScriptState* scriptState, const AlgorithmIden tifier& rawAlgorithm, const BufferSource& rawData) | 276 ScriptPromise SubtleCrypto::digest(ScriptState* scriptState, const AlgorithmIden tifier& rawAlgorithm, const BufferSource& rawData) |
| 245 { | 277 { |
| 246 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-digest | 278 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-digest |
| 247 | 279 |
| 248 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 280 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 249 ScriptPromise promise = result->promise(); | 281 ScriptPromise promise = result->promise(); |
| 250 | 282 |
| 251 if (!canAccessWebCrypto(scriptState, result)) | 283 if (!canAccessWebCrypto(scriptState, result)) |
| 252 return promise; | 284 return promise; |
| 253 | 285 |
| 254 // 14.3.5.2: Let data be the result of getting a copy of the bytes held | 286 // 14.3.5.2: Let data be the result of getting a copy of the bytes held |
| 255 // by the data parameter passed to the digest method. | 287 // by the data parameter passed to the digest method. |
| 256 Vector<uint8_t> data = copyBytes(rawData); | 288 Vector<uint8_t> data = copyBytes(rawData); |
| 257 | 289 |
| 258 WebCryptoAlgorithm algorithm; | 290 // 14.3.5.3: Let normalizedAlgorithm be the result of normalizing an |
| 259 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDigest, algorithm, resul t)) | 291 // algorithm, with alg set to algorithm and op set to "digest". |
| 292 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 293 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDigest, normalizedAlgori thm, result)) | |
| 260 return promise; | 294 return promise; |
| 261 | 295 |
| 262 histogramAlgorithm(scriptState->getExecutionContext(), algorithm); | 296 histogramAlgorithm(scriptState->getExecutionContext(), normalizedAlgorithm); |
| 263 Platform::current()->crypto()->digest(algorithm, data.data(), data.size(), r esult->result()); | 297 Platform::current()->crypto()->digest(normalizedAlgorithm, data.data(), data .size(), result->result()); |
| 264 return promise; | 298 return promise; |
| 265 } | 299 } |
| 266 | 300 |
| 267 ScriptPromise SubtleCrypto::generateKey(ScriptState* scriptState, const Algorith mIdentifier& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsages) | 301 ScriptPromise SubtleCrypto::generateKey(ScriptState* scriptState, const Algorith mIdentifier& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsages) |
| 268 { | 302 { |
| 303 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-generateKey | |
| 304 | |
| 269 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 305 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 270 ScriptPromise promise = result->promise(); | 306 ScriptPromise promise = result->promise(); |
| 271 | 307 |
| 272 if (!canAccessWebCrypto(scriptState, result)) | 308 if (!canAccessWebCrypto(scriptState, result)) |
| 273 return promise; | 309 return promise; |
| 274 | 310 |
| 275 WebCryptoKeyUsageMask keyUsages; | 311 WebCryptoKeyUsageMask keyUsages; |
| 276 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) | 312 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) |
| 277 return promise; | 313 return promise; |
| 278 | 314 |
| 279 WebCryptoAlgorithm algorithm; | 315 // 14.3.5.6: Let normalizedAlgorithm be the result of normalizing an |
| 280 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationGenerateKey, algorithm, result)) | 316 // algorithm, with alg set to algorithm and op set to |
| 317 // "generateKey". | |
| 318 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renames algorithm --> normalizedAlgorithm; no othe
| |
| 319 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationGenerateKey, normalizedA lgorithm, result)) | |
| 281 return promise; | 320 return promise; |
| 282 | 321 |
| 283 histogramAlgorithm(scriptState->getExecutionContext(), algorithm); | 322 histogramAlgorithm(scriptState->getExecutionContext(), normalizedAlgorithm); |
| 284 Platform::current()->crypto()->generateKey(algorithm, extractable, keyUsages , result->result()); | 323 Platform::current()->crypto()->generateKey(normalizedAlgorithm, extractable, keyUsages, result->result()); |
| 285 return promise; | 324 return promise; |
| 286 } | 325 } |
| 287 | 326 |
| 288 ScriptPromise SubtleCrypto::importKey(ScriptState* scriptState, const String& ra wFormat, const ArrayBufferOrArrayBufferViewOrDictionary& rawKeyData, const Algor ithmIdentifier& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsag es) | 327 ScriptPromise SubtleCrypto::importKey(ScriptState* scriptState, const String& ra wFormat, const ArrayBufferOrArrayBufferViewOrDictionary& rawKeyData, const Algor ithmIdentifier& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsag es) |
| 289 { | 328 { |
| 290 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-importKey | 329 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-importKey |
| 291 | 330 |
| 292 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 331 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 293 ScriptPromise promise = result->promise(); | 332 ScriptPromise promise = result->promise(); |
| 294 | 333 |
| 295 if (!canAccessWebCrypto(scriptState, result)) | 334 if (!canAccessWebCrypto(scriptState, result)) |
| 296 return promise; | 335 return promise; |
| 297 | 336 |
| 298 WebCryptoKeyFormat format; | 337 WebCryptoKeyFormat format; |
| 299 if (!CryptoKey::parseFormat(rawFormat, format, result)) | 338 if (!CryptoKey::parseFormat(rawFormat, format, result)) |
| 300 return promise; | 339 return promise; |
| 301 | 340 |
| 341 // 14.3.9.2: Let normalizedAlgorithm be the result of normalizing an | |
| 342 // algorithm, with alg set to algorithm and op set to | |
| 343 // "importKey". | |
| 344 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
Two changes:
(1) renames algorithm --> normalize
| |
| 345 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationImportKey, normalizedAlg orithm, result)) | |
| 346 return promise; | |
| 347 | |
| 348 // TODO(eroman): Match the procedure given in the spec to more | |
| 349 // easily provide a normative reference. | |
| 302 if (rawKeyData.isDictionary()) { | 350 if (rawKeyData.isDictionary()) { |
| 303 if (format != WebCryptoKeyFormatJwk) { | 351 if (format != WebCryptoKeyFormatJwk) { |
| 304 result->completeWithError(WebCryptoErrorTypeData, "Key data must be a buffer for non-JWK formats"); | 352 result->completeWithError(WebCryptoErrorTypeType, "Key data must be a buffer for non-JWK formats"); |
|
eroman
2016/07/19 18:22:49
intentional change (crbug.com/628413). Will be cla
| |
| 305 return promise; | 353 return promise; |
| 306 } | 354 } |
| 307 } else if (format == WebCryptoKeyFormatJwk) { | 355 } else if (format == WebCryptoKeyFormatJwk) { |
| 308 result->completeWithError(WebCryptoErrorTypeData, "Key data must be an o bject for JWK import"); | 356 result->completeWithError(WebCryptoErrorTypeType, "Key data must be an o bject for JWK import"); |
| 309 return promise; | 357 return promise; |
| 310 } | 358 } |
| 311 | 359 |
| 312 WebCryptoKeyUsageMask keyUsages; | 360 WebCryptoKeyUsageMask keyUsages; |
| 313 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) | 361 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) |
| 314 return promise; | 362 return promise; |
| 315 | 363 |
| 316 WebCryptoAlgorithm algorithm; | 364 Vector<uint8_t> keyData; |
| 317 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationImportKey, algorithm, re sult)) | |
| 318 return promise; | |
| 319 | 365 |
| 320 Vector<uint8_t> keyData; | 366 // TODO(eroman): Match the procedure given in the spec to more |
| 367 // easily provide a normative reference. | |
| 321 if (rawKeyData.isArrayBuffer()) { | 368 if (rawKeyData.isArrayBuffer()) { |
| 322 keyData = copyBytes(rawKeyData.getAsArrayBuffer()); | 369 keyData = copyBytes(rawKeyData.getAsArrayBuffer()); |
| 323 } else if (rawKeyData.isArrayBufferView()) { | 370 } else if (rawKeyData.isArrayBufferView()) { |
| 324 keyData = copyBytes(rawKeyData.getAsArrayBufferView()); | 371 keyData = copyBytes(rawKeyData.getAsArrayBufferView()); |
| 325 } else if (rawKeyData.isDictionary()) { | 372 } else if (rawKeyData.isDictionary()) { |
| 326 if (!copyJwkDictionaryToJson(rawKeyData.getAsDictionary(), keyData, resu lt)) | 373 if (!copyJwkDictionaryToJson(rawKeyData.getAsDictionary(), keyData, resu lt)) |
| 327 return promise; | 374 return promise; |
| 328 } | 375 } |
| 329 histogramAlgorithm(scriptState->getExecutionContext(), algorithm); | 376 histogramAlgorithm(scriptState->getExecutionContext(), normalizedAlgorithm); |
| 330 Platform::current()->crypto()->importKey(format, keyData.data(), keyData.siz e(), algorithm, extractable, keyUsages, result->result()); | 377 Platform::current()->crypto()->importKey(format, keyData.data(), keyData.siz e(), normalizedAlgorithm, extractable, keyUsages, result->result()); |
| 331 return promise; | 378 return promise; |
| 332 } | 379 } |
| 333 | 380 |
| 334 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, CryptoKey* key) | 381 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, CryptoKey* key) |
| 335 { | 382 { |
| 383 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-exportKey | |
| 384 | |
| 336 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 385 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 337 ScriptPromise promise = result->promise(); | 386 ScriptPromise promise = result->promise(); |
| 338 | 387 |
| 339 if (!canAccessWebCrypto(scriptState, result)) | 388 if (!canAccessWebCrypto(scriptState, result)) |
| 340 return promise; | 389 return promise; |
| 341 | 390 |
| 342 WebCryptoKeyFormat format; | 391 WebCryptoKeyFormat format; |
| 343 if (!CryptoKey::parseFormat(rawFormat, format, result)) | 392 if (!CryptoKey::parseFormat(rawFormat, format, result)) |
| 344 return promise; | 393 return promise; |
| 345 | 394 |
| 395 // 14.3.10.6: If the [[extractable]] internal slot of key is false, then | |
| 396 // throw an InvalidAccessError. | |
| 346 if (!key->extractable()) { | 397 if (!key->extractable()) { |
| 347 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key is not e xtractable"); | 398 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key is not e xtractable"); |
| 348 return promise; | 399 return promise; |
| 349 } | 400 } |
| 350 | 401 |
| 351 histogramKey(scriptState->getExecutionContext(), key->key()); | 402 histogramKey(scriptState->getExecutionContext(), key->key()); |
| 352 Platform::current()->crypto()->exportKey(format, key->key(), result->result( )); | 403 Platform::current()->crypto()->exportKey(format, key->key(), result->result( )); |
| 353 return promise; | 404 return promise; |
| 354 } | 405 } |
| 355 | 406 |
| 356 ScriptPromise SubtleCrypto::wrapKey(ScriptState* scriptState, const String& rawF ormat, CryptoKey* key, CryptoKey* wrappingKey, const AlgorithmIdentifier& rawWra pAlgorithm) | 407 ScriptPromise SubtleCrypto::wrapKey(ScriptState* scriptState, const String& rawF ormat, CryptoKey* key, CryptoKey* wrappingKey, const AlgorithmIdentifier& rawWra pAlgorithm) |
| 357 { | 408 { |
| 409 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-wrapKey | |
| 410 | |
| 358 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 411 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 359 ScriptPromise promise = result->promise(); | 412 ScriptPromise promise = result->promise(); |
| 360 | 413 |
| 361 if (!canAccessWebCrypto(scriptState, result)) | 414 if (!canAccessWebCrypto(scriptState, result)) |
| 362 return promise; | 415 return promise; |
| 363 | 416 |
| 364 WebCryptoKeyFormat format; | 417 WebCryptoKeyFormat format; |
| 365 if (!CryptoKey::parseFormat(rawFormat, format, result)) | 418 if (!CryptoKey::parseFormat(rawFormat, format, result)) |
| 366 return promise; | 419 return promise; |
| 367 | 420 |
| 368 WebCryptoAlgorithm wrapAlgorithm; | 421 // 14.3.11.2: Let normalizedAlgorithm be the result of normalizing an |
| 369 if (!parseAlgorithm(rawWrapAlgorithm, WebCryptoOperationWrapKey, wrapAlgorit hm, result)) | 422 // algorithm, with alg set to algorithm and op set to "wrapKey". |
| 423 // | |
| 424 // 14.3.11.3: If an error occurred, let normalizedAlgorithm be the result | |
| 425 // of normalizing an algorithm, with alg set to algorithm and op | |
| 426 // set to "encrypt". | |
| 427 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
rename wrapAlgorithm --> normalizedAlgorithm
| |
| 428 if (!parseAlgorithm(rawWrapAlgorithm, WebCryptoOperationWrapKey, normalizedA lgorithm, result)) | |
| 370 return promise; | 429 return promise; |
| 371 | 430 |
| 431 // 14.3.11.9: If the name member of normalizedAlgorithm is not equal to the | |
| 432 // name attribute of the [[algorithm]] internal slot of | |
| 433 // wrappingKey then throw an InvalidAccessError. | |
| 434 // | |
| 435 // 14.3.11.10: If the name member of normalizedAlgorithm is not equal to | |
| 436 // the name attribute of the [[algorithm]] internal slot of wrap pingKey | |
| 437 // then throw an InvalidAccessError. | |
|
Ryan Sleevi
2016/07/19 18:27:52
Typo: You copied 14.3.11.9 as 14.3.11.10 - but .10
eroman
2016/07/19 19:17:13
Good spot!
Ugh, embarrassing.
I will cross check
| |
| 438 if (!wrappingKey->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsa geWrapKey, result)) | |
|
eroman
2016/07/19 18:22:49
This was moved to happen before extractability che
| |
| 439 return promise; | |
| 440 | |
| 441 // TODO(crbug.com/628416): The error from step 11 | |
| 442 // (NotSupportedError) is thrown after step 12 which does not match | |
| 443 // the spec order. | |
| 444 | |
| 445 // 14.3.11.12: If the [[extractable]] internal slot of key is false, then | |
| 446 // throw an InvalidAccessError. | |
| 372 if (!key->extractable()) { | 447 if (!key->extractable()) { |
| 373 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key is not e xtractable"); | 448 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key is not e xtractable"); |
| 374 return promise; | 449 return promise; |
| 375 } | 450 } |
| 376 | 451 |
| 377 if (!wrappingKey->canBeUsedForAlgorithm(wrapAlgorithm, WebCryptoKeyUsageWrap Key, result)) | 452 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, wrappingKey->key()); |
| 378 return promise; | |
| 379 | |
| 380 histogramAlgorithmAndKey(scriptState->getExecutionContext(), wrapAlgorithm, wrappingKey->key()); | |
| 381 histogramKey(scriptState->getExecutionContext(), key->key()); | 453 histogramKey(scriptState->getExecutionContext(), key->key()); |
| 382 Platform::current()->crypto()->wrapKey(format, key->key(), wrappingKey->key( ), wrapAlgorithm, result->result()); | 454 Platform::current()->crypto()->wrapKey(format, key->key(), wrappingKey->key( ), normalizedAlgorithm, result->result()); |
| 383 return promise; | 455 return promise; |
| 384 } | 456 } |
| 385 | 457 |
| 386 ScriptPromise SubtleCrypto::unwrapKey(ScriptState* scriptState, const String& ra wFormat, const BufferSource& rawWrappedKey, CryptoKey* unwrappingKey, const Algo rithmIdentifier& rawUnwrapAlgorithm, const AlgorithmIdentifier& rawUnwrappedKeyA lgorithm, bool extractable, const Vector<String>& rawKeyUsages) | 458 ScriptPromise SubtleCrypto::unwrapKey(ScriptState* scriptState, const String& ra wFormat, const BufferSource& rawWrappedKey, CryptoKey* unwrappingKey, const Algo rithmIdentifier& rawUnwrapAlgorithm, const AlgorithmIdentifier& rawUnwrappedKeyA lgorithm, bool extractable, const Vector<String>& rawKeyUsages) |
| 387 { | 459 { |
| 388 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-unwrapKey | 460 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-unwrapKey |
| 389 | 461 |
| 390 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 462 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 391 ScriptPromise promise = result->promise(); | 463 ScriptPromise promise = result->promise(); |
| 392 | 464 |
| 393 if (!canAccessWebCrypto(scriptState, result)) | 465 if (!canAccessWebCrypto(scriptState, result)) |
| 394 return promise; | 466 return promise; |
| 395 | 467 |
| 396 WebCryptoKeyFormat format; | 468 WebCryptoKeyFormat format; |
| 397 if (!CryptoKey::parseFormat(rawFormat, format, result)) | 469 if (!CryptoKey::parseFormat(rawFormat, format, result)) |
| 398 return promise; | 470 return promise; |
| 399 | 471 |
| 400 WebCryptoKeyUsageMask keyUsages; | 472 WebCryptoKeyUsageMask keyUsages; |
| 401 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) | 473 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) |
| 402 return promise; | 474 return promise; |
| 403 | 475 |
| 404 // 14.3.12.2: Let wrappedKey be the result of getting a copy of the bytes | 476 // 14.3.12.2: Let wrappedKey be the result of getting a copy of the bytes |
| 405 // held by the wrappedKey parameter passed to the unwrapKey | 477 // held by the wrappedKey parameter passed to the unwrapKey |
| 406 // method. | 478 // method. |
| 407 Vector<uint8_t> wrappedKey = copyBytes(rawWrappedKey); | 479 Vector<uint8_t> wrappedKey = copyBytes(rawWrappedKey); |
| 408 | 480 |
| 409 WebCryptoAlgorithm unwrapAlgorithm; | 481 // 14.3.12.3: Let normalizedAlgorithm be the result of normalizing an |
| 410 if (!parseAlgorithm(rawUnwrapAlgorithm, WebCryptoOperationUnwrapKey, unwrapA lgorithm, result)) | 482 // algorithm, with alg set to algorithm and op set to |
| 483 // "unwrapKey". | |
| 484 // | |
| 485 // 14.3.12.4: If an error occurred, let normalizedAlgorithm be the result | |
| 486 // of normalizing an algorithm, with alg set to algorithm and op | |
| 487 // set to "decrypt". | |
| 488 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renamed unwrapAlgorithm --> normalizedAlgorithm
| |
| 489 if (!parseAlgorithm(rawUnwrapAlgorithm, WebCryptoOperationUnwrapKey, normali zedAlgorithm, result)) | |
| 411 return promise; | 490 return promise; |
| 412 | 491 |
| 413 WebCryptoAlgorithm unwrappedKeyAlgorithm; | 492 // 14.3.12.6: Let normalizedKeyAlgorithm be the result of normalizing an |
| 414 if (!parseAlgorithm(rawUnwrappedKeyAlgorithm, WebCryptoOperationImportKey, u nwrappedKeyAlgorithm, result)) | 493 // algorithm, with alg set to unwrappedKeyAlgorithm and op set |
| 494 // to "importKey". | |
| 495 WebCryptoAlgorithm normalizedKeyAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renamed unwrappedKeyAlgorithm --> normalizedKeyAlg
| |
| 496 if (!parseAlgorithm(rawUnwrappedKeyAlgorithm, WebCryptoOperationImportKey, n ormalizedKeyAlgorithm, result)) | |
| 415 return promise; | 497 return promise; |
| 416 | 498 |
| 417 if (!unwrappingKey->canBeUsedForAlgorithm(unwrapAlgorithm, WebCryptoKeyUsage UnwrapKey, result)) | 499 // 14.3.12.11: If the name member of normalizedAlgorithm is not equal to |
| 500 // the name attribute of the [[algorithm]] internal slot of | |
| 501 // unwrappingKey then throw an InvalidAccessError. | |
| 502 // | |
| 503 // 14.3.12.12: If the [[usages]] internal slot of unwrappingKey does not | |
| 504 // contain an entry that is "unwrapKey", then throw an | |
| 505 // InvalidAccessError. | |
| 506 if (!unwrappingKey->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyU sageUnwrapKey, result)) | |
| 418 return promise; | 507 return promise; |
| 419 | 508 |
| 420 histogramAlgorithmAndKey(scriptState->getExecutionContext(), unwrapAlgorithm , unwrappingKey->key()); | 509 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, unwrappingKey->key()); |
| 421 histogramAlgorithm(scriptState->getExecutionContext(), unwrappedKeyAlgorithm ); | 510 histogramAlgorithm(scriptState->getExecutionContext(), normalizedKeyAlgorith m); |
| 422 Platform::current()->crypto()->unwrapKey(format, wrappedKey.data(), wrappedK ey.size(), unwrappingKey->key(), unwrapAlgorithm, unwrappedKeyAlgorithm, extract able, keyUsages, result->result()); | 511 Platform::current()->crypto()->unwrapKey(format, wrappedKey.data(), wrappedK ey.size(), unwrappingKey->key(), normalizedAlgorithm, normalizedKeyAlgorithm, ex tractable, keyUsages, result->result()); |
| 423 return promise; | 512 return promise; |
| 424 } | 513 } |
| 425 | 514 |
| 426 ScriptPromise SubtleCrypto::deriveBits(ScriptState* scriptState, const Algorithm Identifier& rawAlgorithm, CryptoKey* baseKey, unsigned lengthBits) | 515 ScriptPromise SubtleCrypto::deriveBits(ScriptState* scriptState, const Algorithm Identifier& rawAlgorithm, CryptoKey* baseKey, unsigned lengthBits) |
| 427 { | 516 { |
| 517 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-deriveBits | |
| 518 | |
| 428 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 519 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 429 ScriptPromise promise = result->promise(); | 520 ScriptPromise promise = result->promise(); |
| 430 | 521 |
| 431 if (!canAccessWebCrypto(scriptState, result)) | 522 if (!canAccessWebCrypto(scriptState, result)) |
| 432 return promise; | 523 return promise; |
| 433 | 524 |
| 434 WebCryptoAlgorithm algorithm; | 525 // 14.3.8.2: Let normalizedAlgorithm be the result of normalizing an |
| 435 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDeriveBits, algorithm, r esult)) | 526 // algorithm, with alg set to algorithm and op set to |
| 527 // "deriveBits". | |
| 528 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renamed algorithm --> normalizedAlgorithm; no othe
| |
| 529 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDeriveBits, normalizedAl gorithm, result)) | |
| 436 return promise; | 530 return promise; |
| 437 | 531 |
| 438 if (!baseKey->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageDeriveBits, result)) | 532 // 14.3.8.7: If the name member of normalizedAlgorithm is not equal to the |
| 533 // name attribute of the [[algorithm]] internal slot of baseKey | |
| 534 // then throw an InvalidAccessError. | |
| 535 // | |
| 536 // 14.3.8.8: If the [[usages]] internal slot of baseKey does not contain an | |
| 537 // entry that is "deriveBits", then throw an InvalidAccessError. | |
| 538 if (!baseKey->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageDe riveBits, result)) | |
| 439 return promise; | 539 return promise; |
| 440 | 540 |
| 441 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, base Key->key()); | 541 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, baseKey->key()); |
| 442 Platform::current()->crypto()->deriveBits(algorithm, baseKey->key(), lengthB its, result->result()); | 542 Platform::current()->crypto()->deriveBits(normalizedAlgorithm, baseKey->key( ), lengthBits, result->result()); |
| 443 return promise; | 543 return promise; |
| 444 } | 544 } |
| 445 | 545 |
| 446 ScriptPromise SubtleCrypto::deriveKey(ScriptState* scriptState, const AlgorithmI dentifier& rawAlgorithm, CryptoKey* baseKey, const AlgorithmIdentifier& rawDeriv edKeyType, bool extractable, const Vector<String>& rawKeyUsages) | 546 ScriptPromise SubtleCrypto::deriveKey(ScriptState* scriptState, const AlgorithmI dentifier& rawAlgorithm, CryptoKey* baseKey, const AlgorithmIdentifier& rawDeriv edKeyType, bool extractable, const Vector<String>& rawKeyUsages) |
| 447 { | 547 { |
| 548 // Method described by: https://w3c.github.io/webcrypto/Overview.html#Subtle Crypto-method-deriveKey | |
| 549 | |
| 448 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); | 550 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); |
| 449 ScriptPromise promise = result->promise(); | 551 ScriptPromise promise = result->promise(); |
| 450 | 552 |
| 451 if (!canAccessWebCrypto(scriptState, result)) | 553 if (!canAccessWebCrypto(scriptState, result)) |
| 452 return promise; | 554 return promise; |
| 453 | 555 |
| 454 WebCryptoKeyUsageMask keyUsages; | 556 WebCryptoKeyUsageMask keyUsages; |
| 455 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) | 557 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) |
| 456 return promise; | 558 return promise; |
| 457 | 559 |
| 458 WebCryptoAlgorithm algorithm; | 560 // 14.3.7.2: Let normalizedAlgorithm be the result of normalizing an |
| 459 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDeriveBits, algorithm, r esult)) | 561 // algorithm, with alg set to algorithm and op set to |
| 562 // "deriveBits". | |
| 563 WebCryptoAlgorithm normalizedAlgorithm; | |
|
eroman
2016/07/19 18:22:49
renamed algorithm --> normalizedAlgorithm; no othe
| |
| 564 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationDeriveBits, normalizedAl gorithm, result)) | |
| 460 return promise; | 565 return promise; |
| 461 | 566 |
| 462 if (!baseKey->canBeUsedForAlgorithm(algorithm, WebCryptoKeyUsageDeriveKey, r esult)) | 567 // 14.3.7.4: Let normalizedDerivedKeyAlgorithm be the result of normalizing |
| 568 // an algorithm, with alg set to derivedKeyType and op set to "imp ortKey". | |
| 569 WebCryptoAlgorithm normalizedDerivedKeyAlgorithm; | |
|
eroman
2016/07/19 18:22:49
Two changes:
(1) renamed importAlgorithm --> nor
| |
| 570 if (!parseAlgorithm(rawDerivedKeyType, WebCryptoOperationImportKey, normaliz edDerivedKeyAlgorithm, result)) | |
| 463 return promise; | 571 return promise; |
| 464 | 572 |
| 465 WebCryptoAlgorithm importAlgorithm; | 573 // TODO(eroman): The description in the spec needs to be updated as |
| 466 if (!parseAlgorithm(rawDerivedKeyType, WebCryptoOperationImportKey, importAl gorithm, result)) | 574 // it doesn't describe algorithm normalization for the Get Key |
| 467 return promise; | 575 // Length parameters (https://github.com/w3c/webcrypto/issues/127) |
| 468 | 576 // For now reference step 10 which is the closest. |
| 577 // | |
| 578 // 14.3.7.10: If the name member of normalizedDerivedKeyAlgorithm does not | |
| 579 // identify a registered algorithm that supports the get key leng th | |
| 580 // operation, then throw a NotSupportedError. | |
| 469 WebCryptoAlgorithm keyLengthAlgorithm; | 581 WebCryptoAlgorithm keyLengthAlgorithm; |
| 470 if (!parseAlgorithm(rawDerivedKeyType, WebCryptoOperationGetKeyLength, keyLe ngthAlgorithm, result)) | 582 if (!parseAlgorithm(rawDerivedKeyType, WebCryptoOperationGetKeyLength, keyLe ngthAlgorithm, result)) |
| 471 return promise; | 583 return promise; |
| 472 | 584 |
| 473 histogramAlgorithmAndKey(scriptState->getExecutionContext(), algorithm, base Key->key()); | 585 // 14.3.7.11: If the name member of normalizedAlgorithm is not equal to the |
| 474 histogramAlgorithm(scriptState->getExecutionContext(), importAlgorithm); | 586 // name attribute of the [[algorithm]] internal slot of baseKey |
| 475 Platform::current()->crypto()->deriveKey(algorithm, baseKey->key(), importAl gorithm, keyLengthAlgorithm, extractable, keyUsages, result->result()); | 587 // then throw an InvalidAccessError. |
| 588 // | |
| 589 // 14.3.7.12: If the [[usages]] internal slot of baseKey does not contain | |
| 590 // an entry that is "deriveKey", then throw an InvalidAccessError . | |
| 591 if (!baseKey->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageDe riveKey, result)) | |
| 592 return promise; | |
| 593 | |
| 594 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, baseKey->key()); | |
| 595 histogramAlgorithm(scriptState->getExecutionContext(), normalizedDerivedKeyA lgorithm); | |
| 596 Platform::current()->crypto()->deriveKey(normalizedAlgorithm, baseKey->key() , normalizedDerivedKeyAlgorithm, keyLengthAlgorithm, extractable, keyUsages, res ult->result()); | |
| 476 return promise; | 597 return promise; |
| 477 } | 598 } |
| 478 | 599 |
| 479 } // namespace blink | 600 } // namespace blink |
| OLD | NEW |
