Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(434)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/webcrypto/algorithm_dispatch.cc

Issue 2163053002: [webcrypto] Check for empty key usages *after* key creation rather than before, to match the spec's… (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | components/webcrypto/algorithm_implementation.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/webcrypto/algorithm_dispatch.cc
diff --git a/components/webcrypto/algorithm_dispatch.cc b/components/webcrypto/algorithm_dispatch.cc
index d8d8117bc45c99c8bf180e4aa4ed480dcf6d2904..5c503167051a2fbc38a86409fbec49a438c56809 100644
--- a/components/webcrypto/algorithm_dispatch.cc
+++ b/components/webcrypto/algorithm_dispatch.cc
@@ -103,6 +103,20 @@ Status GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
if (status.IsError())
return status;
+ // The Web Crypto spec says to reject secret and private keys generated with
+ // empty usages:
+ //
+ // https://w3c.github.io/webcrypto/Overview.html#dfn-SubtleCrypto-method-generateKey
+ //
+ // (14.3.6.8):
+ // If result is a CryptoKey object:
+ // If the [[type]] internal slot of result is "secret" or "private"
+ // and usages is empty, then throw a SyntaxError.
+ //
+ // (14.3.6.9)
+ // If result is a CryptoKeyPair object:
+ // If the [[usages]] internal slot of the privateKey attribute of
+ // result is the empty sequence, then throw a SyntaxError.
const blink::WebCryptoKey* key = NULL;
if (result->type() == GenerateKeyResult::TYPE_SECRET_KEY)
key = &result->secret_key();
@@ -111,13 +125,11 @@ Status GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
if (key == NULL)
return Status::ErrorUnexpected();
- // This should only fail if an algorithm is implemented incorrectly and
- // does not do its own check of the usages.
if (key->usages() == 0) {
- DCHECK(false) << "Key usages for generateKey() must not be empty";
return Status::ErrorCreateKeyEmptyUsages();
}
- return status;
+
+ return Status::Success();
}
Status ImportKey(blink::WebCryptoKeyFormat format,
@@ -131,11 +143,24 @@ Status ImportKey(blink::WebCryptoKeyFormat format,
if (status.IsError())
return status;
- status = impl->VerifyKeyUsagesBeforeImportKey(format, usages);
+ status =
+ impl->ImportKey(format, key_data, algorithm, extractable, usages, key);
if (status.IsError())
return status;
- return impl->ImportKey(format, key_data, algorithm, extractable, usages, key);
+ // The Web Crypto spec says to reject secret and private keys imported with
+ // empty usages:
+ //
+ // https://w3c.github.io/webcrypto/Overview.html#dfn-SubtleCrypto-method-importKey
+ //
+ // 14.3.9.9: If the [[type]] internal slot of result is "secret" or "private"
+ // and usages is empty, then throw a SyntaxError.
+ if (key->usages() == 0 && (key->type() == blink::WebCryptoKeyTypeSecret ||
+ key->type() == blink::WebCryptoKeyTypePrivate)) {
+ return Status::ErrorCreateKeyEmptyUsages();
+ }
+
+ return Status::Success();
}
Status ExportKey(blink::WebCryptoKeyFormat format,
@@ -210,19 +235,9 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format,
if (wrapping_algorithm.id() != wrapping_key.algorithm().id())
return Status::ErrorUnexpected();
- // Fail fast if the import is doomed to fail.
- const AlgorithmImplementation* import_impl = NULL;
- Status status = GetAlgorithmImplementation(algorithm.id(), &import_impl);
- if (status.IsError())
- return status;
-
- status = import_impl->VerifyKeyUsagesBeforeImportKey(format, usages);
- if (status.IsError())
- return status;
-
std::vector<uint8_t> buffer;
- status = DecryptDontCheckKeyUsage(wrapping_algorithm, wrapping_key,
- wrapped_key_data, &buffer);
+ Status status = DecryptDontCheckKeyUsage(wrapping_algorithm, wrapping_key,
+ wrapped_key_data, &buffer);
if (status.IsError())
return status;
@@ -276,12 +291,6 @@ Status DeriveKey(const blink::WebCryptoAlgorithm& algorithm,
if (status.IsError())
return status;
- // Fail fast if the requested key usages are incorect.
- status = import_impl->VerifyKeyUsagesBeforeImportKey(
- blink::WebCryptoKeyFormatRaw, usages);
- if (status.IsError())
- return status;
-
// Determine how many bits long the derived key should be.
unsigned int length_bits = 0;
bool has_length_bits = false;
« no previous file with comments | « no previous file | components/webcrypto/algorithm_implementation.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698