Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(137)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/webcrypto/algorithms/pbkdf2.cc

Issue 2289033002: Require extractable=false for KDF import (Closed)
Patch Set: update another test Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/webcrypto/algorithms/hkdf.cc ('k') | components/webcrypto/status.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdint.h> 5 #include <stdint.h>
6 6
7 #include "base/memory/ptr_util.h" 7 #include "base/memory/ptr_util.h"
8 #include "base/stl_util.h" 8 #include "base/stl_util.h"
9 #include "components/webcrypto/algorithm_implementation.h" 9 #include "components/webcrypto/algorithm_implementation.h"
10 #include "components/webcrypto/algorithms/secret_key_util.h" 10 #include "components/webcrypto/algorithms/secret_key_util.h"
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
43 43
44 Status ImportKeyRaw(const CryptoData& key_data, 44 Status ImportKeyRaw(const CryptoData& key_data,
45 const blink::WebCryptoAlgorithm& algorithm, 45 const blink::WebCryptoAlgorithm& algorithm,
46 bool extractable, 46 bool extractable,
47 blink::WebCryptoKeyUsageMask usages, 47 blink::WebCryptoKeyUsageMask usages,
48 blink::WebCryptoKey* key) const { 48 blink::WebCryptoKey* key) const {
49 Status status = CheckKeyCreationUsages(kAllKeyUsages, usages); 49 Status status = CheckKeyCreationUsages(kAllKeyUsages, usages);
50 if (status.IsError()) 50 if (status.IsError())
51 return status; 51 return status;
52 52
53 if (extractable)
54 return Status::ErrorImportExtractableKdfKey();
55
53 const blink::WebCryptoKeyAlgorithm key_algorithm = 56 const blink::WebCryptoKeyAlgorithm key_algorithm =
54 blink::WebCryptoKeyAlgorithm::createWithoutParams( 57 blink::WebCryptoKeyAlgorithm::createWithoutParams(
55 blink::WebCryptoAlgorithmIdPbkdf2); 58 blink::WebCryptoAlgorithmIdPbkdf2);
56 59
57 return CreateWebCryptoSecretKey(key_data, key_algorithm, extractable, 60 return CreateWebCryptoSecretKey(key_data, key_algorithm, extractable,
58 usages, key); 61 usages, key);
59 } 62 }
60 63
61 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm, 64 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm,
62 const blink::WebCryptoKey& base_key, 65 const blink::WebCryptoKey& base_key,
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
99 } 102 }
100 return Status::Success(); 103 return Status::Success();
101 } 104 }
102 105
103 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm, 106 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm,
104 blink::WebCryptoKeyType type, 107 blink::WebCryptoKeyType type,
105 bool extractable, 108 bool extractable,
106 blink::WebCryptoKeyUsageMask usages, 109 blink::WebCryptoKeyUsageMask usages,
107 const CryptoData& key_data, 110 const CryptoData& key_data,
108 blink::WebCryptoKey* key) const override { 111 blink::WebCryptoKey* key) const override {
112 // NOTE: Unlike ImportKeyRaw(), this does not enforce extractable==false.
113 // This is intentional. Although keys cannot currently be created with
114 // extractable==true, earlier implementations permitted this, so
115 // de-serialization by structured clone should not reject them.
109 return CreateWebCryptoSecretKey(key_data, algorithm, extractable, usages, 116 return CreateWebCryptoSecretKey(key_data, algorithm, extractable, usages,
110 key); 117 key);
111 } 118 }
112 119
113 Status GetKeyLength(const blink::WebCryptoAlgorithm& key_length_algorithm, 120 Status GetKeyLength(const blink::WebCryptoAlgorithm& key_length_algorithm,
114 bool* has_length_bits, 121 bool* has_length_bits,
115 unsigned int* length_bits) const override { 122 unsigned int* length_bits) const override {
116 *has_length_bits = false; 123 *has_length_bits = false;
117 return Status::Success(); 124 return Status::Success();
118 } 125 }
119 }; 126 };
120 127
121 } // namespace 128 } // namespace
122 129
123 std::unique_ptr<AlgorithmImplementation> CreatePbkdf2Implementation() { 130 std::unique_ptr<AlgorithmImplementation> CreatePbkdf2Implementation() {
124 return base::WrapUnique(new Pbkdf2Implementation); 131 return base::WrapUnique(new Pbkdf2Implementation);
125 } 132 }
126 133
127 } // namespace webcrypto 134 } // namespace webcrypto
OLDNEW
« no previous file with comments | « components/webcrypto/algorithms/hkdf.cc ('k') | components/webcrypto/status.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698