[webcrypto] Check for empty key usages *after* key creation rather than before, to match the spec's…

components/webcrypto/algorithms/ec.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/webcrypto/algorithms/ec.h"
 
 #include <openssl/ec.h>
 #include <openssl/ec_key.h>
 #include <openssl/evp.h>
 #include <stddef.h>
@@ skipping 272 matching lines @@
 
   status = CreateWebCryptoPrivateKey(std::move(private_pkey), key_algorithm,
                                      extractable, private_usages, &private_key);
   if (status.IsError())
     return status;
 
   result->AssignKeyPair(public_key, private_key);
   return Status::Success();
 }
 
-Status EcAlgorithm::VerifyKeyUsagesBeforeImportKey(
-    blink::WebCryptoKeyFormat format,
-    blink::WebCryptoKeyUsageMask usages) const {
-  return VerifyUsagesBeforeImportAsymmetricKey(format, all_public_key_usages_,
-                                               all_private_key_usages_, usages);
+Status EcAlgorithm::ImportKey(blink::WebCryptoKeyFormat format,
+                              const CryptoData& key_data,
+                              const blink::WebCryptoAlgorithm& algorithm,
+                              bool extractable,
+                              blink::WebCryptoKeyUsageMask usages,
+                              blink::WebCryptoKey* key) const {
+  switch (format) {
+    case blink::WebCryptoKeyFormatPkcs8:
+      return ImportKeyPkcs8(key_data, algorithm, extractable, usages, key);
+    case blink::WebCryptoKeyFormatSpki:
+      return ImportKeySpki(key_data, algorithm, extractable, usages, key);
+    case blink::WebCryptoKeyFormatJwk:
+      return ImportKeyJwk(key_data, algorithm, extractable, usages, key);
+    default:
+      return Status::ErrorUnsupportedImportKeyFormat();
+  }
+}
+
+Status EcAlgorithm::ExportKey(blink::WebCryptoKeyFormat format,
+                              const blink::WebCryptoKey& key,
+                              std::vector<uint8_t>* buffer) const {
+  switch (format) {
+    case blink::WebCryptoKeyFormatPkcs8:
+      return ExportKeyPkcs8(key, buffer);
+    case blink::WebCryptoKeyFormatSpki:
+      return ExportKeySpki(key, buffer);
+    case blink::WebCryptoKeyFormatJwk:
+      return ExportKeyJwk(key, buffer);
+    default:
+      return Status::ErrorUnsupportedExportKeyFormat();
+  }
 }
 
 Status EcAlgorithm::ImportKeyPkcs8(const CryptoData& key_data,
                                    const blink::WebCryptoAlgorithm& algorithm,
                                    bool extractable,
                                    blink::WebCryptoKeyUsageMask usages,
                                    blink::WebCryptoKey* key) const {
-  crypto::ScopedEVP_PKEY private_key;
-  Status status =
-      ImportUnverifiedPkeyFromPkcs8(key_data, EVP_PKEY_EC, &private_key);
+  Status status = CheckKeyCreationUsages(all_private_key_usages_, usages);
   if (status.IsError())
     return status;
 
+  crypto::ScopedEVP_PKEY private_key;
+  status = ImportUnverifiedPkeyFromPkcs8(key_data, EVP_PKEY_EC, &private_key);
+  if (status.IsError())
+    return status;
+
   const blink::WebCryptoEcKeyImportParams* params =
       algorithm.ecKeyImportParams();
 
   status = VerifyEcKeyAfterSpkiOrPkcs8Import(private_key.get(),
                                              params->namedCurve());
   if (status.IsError())
     return status;
 
   return CreateWebCryptoPrivateKey(std::move(private_key),
                                    blink::WebCryptoKeyAlgorithm::createEc(
                                        algorithm.id(), params->namedCurve()),
                                    extractable, usages, key);
 }
 
 Status EcAlgorithm::ImportKeySpki(const CryptoData& key_data,
                                   const blink::WebCryptoAlgorithm& algorithm,
                                   bool extractable,
                                   blink::WebCryptoKeyUsageMask usages,
                                   blink::WebCryptoKey* key) const {
-  crypto::ScopedEVP_PKEY public_key;
-  Status status =
-      ImportUnverifiedPkeyFromSpki(key_data, EVP_PKEY_EC, &public_key);
+  Status status = CheckKeyCreationUsages(all_public_key_usages_, usages);
   if (status.IsError())
     return status;
 
+  crypto::ScopedEVP_PKEY public_key;
+  status = ImportUnverifiedPkeyFromSpki(key_data, EVP_PKEY_EC, &public_key);
+  if (status.IsError())
+    return status;
+
   const blink::WebCryptoEcKeyImportParams* params =
       algorithm.ecKeyImportParams();
 
   status =
       VerifyEcKeyAfterSpkiOrPkcs8Import(public_key.get(), params->namedCurve());
   if (status.IsError())
     return status;
 
   return CreateWebCryptoPublicKey(std::move(public_key),
                                   blink::WebCryptoKeyAlgorithm::createEc(
@@ skipping 35 matching lines @@
     return status;
   if (jwk_crv != params->namedCurve())
     return Status::ErrorJwkIncorrectCrv();
 
   // Only private keys have a "d" parameter. The key may still be invalid, but
   // tentatively decide if it is a public or private key.
   bool is_private_key = jwk.HasMember("d");
 
   // Now that the key type is known, verify the usages.
   if (is_private_key) {
-    status = CheckPrivateKeyCreationUsages(all_private_key_usages_, usages);
+    status = CheckKeyCreationUsages(all_private_key_usages_, usages);
   } else {
-    status = CheckPublicKeyCreationUsages(all_public_key_usages_, usages);
+    status = CheckKeyCreationUsages(all_public_key_usages_, usages);
   }
 
   if (status.IsError())
     return status;
 
   // Create an EC_KEY.
   crypto::ScopedEC_KEY ec;
   status = CreateEC_KEY(params->namedCurve(), &ec);
   if (status.IsError())
     return status;
@@ skipping 164 matching lines @@
 
   if (algorithm.ecParams()->namedCurve() !=
       key->algorithm().ecParams()->namedCurve()) {
     return Status::ErrorUnexpected();
   }
 
   return Status::Success();
 }
 
 }  // namespace webcrypto