Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(18)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/modules/crypto/SubtleCrypto.cpp

Issue 2316633003: Copy data bytes in Web Crypto's importKey() and verify() operations (Closed)
Patch Set: add layout tests Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/crypto/subtle/modify-verify-data-during-normalization-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved. 2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 264 matching lines...) Expand 10 before | Expand all | Expand 10 after
275 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); 275 CryptoResultImpl* result = CryptoResultImpl::create(scriptState);
276 ScriptPromise promise = result->promise(); 276 ScriptPromise promise = result->promise();
277 277
278 if (!canAccessWebCrypto(scriptState, result)) 278 if (!canAccessWebCrypto(scriptState, result))
279 return promise; 279 return promise;
280 280
281 // 14.3.4.2: Let signature be the result of getting a copy of the bytes 281 // 14.3.4.2: Let signature be the result of getting a copy of the bytes
282 // held by the signature parameter passed to the verify method. 282 // held by the signature parameter passed to the verify method.
283 WebVector<uint8_t> signature = copyBytes(rawSignature); 283 WebVector<uint8_t> signature = copyBytes(rawSignature);
284 284
285 // 14.3.4.3: Let normalizedAlgorithm be the result of normalizing an 285 // 14.3.4.3: Let data be the result of getting a copy of the bytes held by
286 // the data parameter passed to the verify method.
287 WebVector<uint8_t> data = copyBytes(rawData);
288
289 // 14.3.4.4: Let normalizedAlgorithm be the result of normalizing an
286 // algorithm, with alg set to algorithm and op set to "verify". 290 // algorithm, with alg set to algorithm and op set to "verify".
287 WebCryptoAlgorithm normalizedAlgorithm; 291 WebCryptoAlgorithm normalizedAlgorithm;
288 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationVerify, normalizedAlgori thm, result)) 292 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationVerify, normalizedAlgori thm, result))
289 return promise; 293 return promise;
290 294
291 // 14.3.4.5: Let data be the result of getting a copy of the bytes held by
292 // the data parameter passed to the verify method.
293 WebVector<uint8_t> data = copyBytes(rawData);
294
295 // 14.3.4.9: If the name member of normalizedAlgorithm is not equal to the 295 // 14.3.4.9: If the name member of normalizedAlgorithm is not equal to the
296 // name attribute of the [[algorithm]] internal slot of key then t hrow an 296 // name attribute of the [[algorithm]] internal slot of key then t hrow an
297 // InvalidAccessError. 297 // InvalidAccessError.
298 // 298 //
299 // 14.3.4.10: If the [[usages]] internal slot of key does not contain an 299 // 14.3.4.10: If the [[usages]] internal slot of key does not contain an
300 // entry that is "verify", then throw an InvalidAccessError. 300 // entry that is "verify", then throw an InvalidAccessError.
301 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageVerify , result)) 301 if (!key->canBeUsedForAlgorithm(normalizedAlgorithm, WebCryptoKeyUsageVerify , result))
302 return promise; 302 return promise;
303 303
304 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key()); 304 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, key->key());
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
372 return promise; 372 return promise;
373 373
374 WebCryptoKeyFormat format; 374 WebCryptoKeyFormat format;
375 if (!CryptoKey::parseFormat(rawFormat, format, result)) 375 if (!CryptoKey::parseFormat(rawFormat, format, result))
376 return promise; 376 return promise;
377 377
378 WebCryptoKeyUsageMask keyUsages; 378 WebCryptoKeyUsageMask keyUsages;
379 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result)) 379 if (!CryptoKey::parseUsageMask(rawKeyUsages, keyUsages, result))
380 return promise; 380 return promise;
381 381
382 // 14.3.9.2: Let normalizedAlgorithm be the result of normalizing an
383 // algorithm, with alg set to algorithm and op set to
384 // "importKey".
385 WebCryptoAlgorithm normalizedAlgorithm;
386 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationImportKey, normalizedAlg orithm, result))
387 return promise;
388
389 // In the case of JWK keyData will hold the UTF8-encoded JSON for the 382 // In the case of JWK keyData will hold the UTF8-encoded JSON for the
390 // JsonWebKey, otherwise it holds a copy of the BufferSource. 383 // JsonWebKey, otherwise it holds a copy of the BufferSource.
391 WebVector<uint8_t> keyData; 384 WebVector<uint8_t> keyData;
392 385
393 switch (format) { 386 switch (format) {
394 // 14.3.9.6: If format is equal to the string "raw", "pkcs8", or "spki": 387 // 14.3.9.2: If format is equal to the string "raw", "pkcs8", or "spki":
395 // 388 //
396 // (1) If the keyData parameter passed to the importKey method is a 389 // (1) If the keyData parameter passed to the importKey method is a
397 // JsonWebKey dictionary, throw a TypeError. 390 // JsonWebKey dictionary, throw a TypeError.
398 // 391 //
399 // (2) Let keyData be the result of getting a copy of the bytes held by 392 // (2) Let keyData be the result of getting a copy of the bytes held by
400 // the keyData parameter passed to the importKey method. 393 // the keyData parameter passed to the importKey method.
401 case WebCryptoKeyFormatRaw: 394 case WebCryptoKeyFormatRaw:
402 case WebCryptoKeyFormatPkcs8: 395 case WebCryptoKeyFormatPkcs8:
403 case WebCryptoKeyFormatSpki: 396 case WebCryptoKeyFormatSpki:
404 if (rawKeyData.isArrayBuffer()) { 397 if (rawKeyData.isArrayBuffer()) {
405 keyData = copyBytes(rawKeyData.getAsArrayBuffer()); 398 keyData = copyBytes(rawKeyData.getAsArrayBuffer());
406 } else if (rawKeyData.isArrayBufferView()) { 399 } else if (rawKeyData.isArrayBufferView()) {
407 keyData = copyBytes(rawKeyData.getAsArrayBufferView()); 400 keyData = copyBytes(rawKeyData.getAsArrayBufferView());
408 } else { 401 } else {
409 result->completeWithError(WebCryptoErrorTypeType, "Key data must be a BufferSource for non-JWK formats"); 402 result->completeWithError(WebCryptoErrorTypeType, "Key data must be a BufferSource for non-JWK formats");
410 return promise; 403 return promise;
411 } 404 }
412 break; 405 break;
413 // 14.3.9.6: If format is equal to the string "jwk": 406 // 14.3.9.2: If format is equal to the string "jwk":
414 // 407 //
415 // (1) If the keyData parameter passed to the importKey method is not a 408 // (1) If the keyData parameter passed to the importKey method is not a
416 // JsonWebKey dictionary, throw a TypeError. 409 // JsonWebKey dictionary, throw a TypeError.
417 // 410 //
418 // (2) Let keyData be the keyData parameter passed to the importKey 411 // (2) Let keyData be the keyData parameter passed to the importKey
419 // method. 412 // method.
420 case WebCryptoKeyFormatJwk: 413 case WebCryptoKeyFormatJwk:
421 if (rawKeyData.isDictionary()) { 414 if (rawKeyData.isDictionary()) {
422 // TODO(eroman): To match the spec error order, parsing of the 415 // TODO(eroman): To match the spec error order, parsing of the
423 // JsonWebKey should be done earlier (at the WebIDL layer of 416 // JsonWebKey should be done earlier (at the WebIDL layer of
424 // parameter checking), regardless of the format being "jwk". 417 // parameter checking), regardless of the format being "jwk".
425 if (!parseJsonWebKey(rawKeyData.getAsDictionary(), keyData, result)) 418 if (!parseJsonWebKey(rawKeyData.getAsDictionary(), keyData, result))
426 return promise; 419 return promise;
427 } else { 420 } else {
428 result->completeWithError(WebCryptoErrorTypeType, "Key data must be an object for JWK import"); 421 result->completeWithError(WebCryptoErrorTypeType, "Key data must be an object for JWK import");
429 return promise; 422 return promise;
430 } 423 }
431 break; 424 break;
432 } 425 }
426
427 // 14.3.9.3: Let normalizedAlgorithm be the result of normalizing an
428 // algorithm, with alg set to algorithm and op set to
429 // "importKey".
430 WebCryptoAlgorithm normalizedAlgorithm;
431 if (!parseAlgorithm(rawAlgorithm, WebCryptoOperationImportKey, normalizedAlg orithm, result))
432 return promise;
433
433 histogramAlgorithm(scriptState->getExecutionContext(), normalizedAlgorithm); 434 histogramAlgorithm(scriptState->getExecutionContext(), normalizedAlgorithm);
434 Platform::current()->crypto()->importKey(format, std::move(keyData), normali zedAlgorithm, extractable, keyUsages, result->result()); 435 Platform::current()->crypto()->importKey(format, std::move(keyData), normali zedAlgorithm, extractable, keyUsages, result->result());
435 return promise; 436 return promise;
436 } 437 }
437 438
438 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, CryptoKey* key) 439 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, CryptoKey* key)
439 { 440 {
440 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-exportKey 441 // Method described by: https://w3c.github.io/webcrypto/Overview.html#dfn-Su btleCrypto-method-exportKey
441 442
442 CryptoResultImpl* result = CryptoResultImpl::create(scriptState); 443 CryptoResultImpl* result = CryptoResultImpl::create(scriptState);
(...skipping 214 matching lines...) Expand 10 before | Expand all | Expand 10 after
657 // normative requirement is enforced by the platform implementation in the 658 // normative requirement is enforced by the platform implementation in the
658 // call below. 659 // call below.
659 660
660 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, baseKey->key()); 661 histogramAlgorithmAndKey(scriptState->getExecutionContext(), normalizedAlgor ithm, baseKey->key());
661 histogramAlgorithm(scriptState->getExecutionContext(), normalizedDerivedKeyA lgorithm); 662 histogramAlgorithm(scriptState->getExecutionContext(), normalizedDerivedKeyA lgorithm);
662 Platform::current()->crypto()->deriveKey(normalizedAlgorithm, baseKey->key() , normalizedDerivedKeyAlgorithm, keyLengthAlgorithm, extractable, keyUsages, res ult->result()); 663 Platform::current()->crypto()->deriveKey(normalizedAlgorithm, baseKey->key() , normalizedDerivedKeyAlgorithm, keyLengthAlgorithm, extractable, keyUsages, res ult->result());
663 return promise; 664 return promise;
664 } 665 }
665 666
666 } // namespace blink 667 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/crypto/subtle/modify-verify-data-during-normalization-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698