trunk/src/content/renderer/webcrypto_impl_nss.cc - Issue 24205003: Revert 223506 "WebCrypto: Implement importKey() and sign() for H..."

Unified Diff: trunk/src/content/renderer/webcrypto_impl_nss.cc

Issue 24205003: Revert 223506 "WebCrypto: Implement importKey() and sign() for H..." (Closed) Base URL: svn://svn.chromium.org/chrome/

Patch Set: Created 7 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: trunk/src/content/renderer/webcrypto_impl_nss.cc

===================================================================

--- trunk/src/content/renderer/webcrypto_impl_nss.cc (revision 223611)

+++ trunk/src/content/renderer/webcrypto_impl_nss.cc (working copy)

@@ -4,83 +4,47 @@

#include "content/renderer/webcrypto_impl.h"

-#include <pk11pub.h>

#include <sechash.h>

#include "base/logging.h"

#include "crypto/nss_util.h"

-#include "crypto/scoped_nss_types.h"

#include "third_party/WebKit/public/platform/WebArrayBuffer.h"

#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"

-#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"

namespace content {

-namespace {

+void WebCryptoImpl::Init() {

+ crypto::EnsureNSSInit();

-class SymKeyHandle : public WebKit::WebCryptoKeyHandle {

- public:

- explicit SymKeyHandle(crypto::ScopedPK11SymKey key) {

- DCHECK(!key_.get());

- key_ = key.Pass();

- }

+bool WebCryptoImpl::DigestInternal(

+ const WebKit::WebCryptoAlgorithm& algorithm,

+ const unsigned char* data,

+ unsigned data_size,

+ WebKit::WebArrayBuffer* buffer) {

+ HASH_HashType hash_type = HASH_AlgNULL;

- PK11SymKey* key() { return key_.get(); }

- private:

- crypto::ScopedPK11SymKey key_;

- DISALLOW_COPY_AND_ASSIGN(SymKeyHandle);

-};

-HASH_HashType WebCryptoAlgorithmToNSSHashType(

- const WebKit::WebCryptoAlgorithm& algorithm) {

switch (algorithm.id()) {

case WebKit::WebCryptoAlgorithmIdSha1:

- return HASH_AlgSHA1;

+ hash_type = HASH_AlgSHA1;

+ break;

case WebKit::WebCryptoAlgorithmIdSha224:

- return HASH_AlgSHA224;

+ hash_type = HASH_AlgSHA224;

+ break;

case WebKit::WebCryptoAlgorithmIdSha256:

- return HASH_AlgSHA256;

+ hash_type = HASH_AlgSHA256;

+ break;

case WebKit::WebCryptoAlgorithmIdSha384:

- return HASH_AlgSHA384;

+ hash_type = HASH_AlgSHA384;

+ break;

case WebKit::WebCryptoAlgorithmIdSha512:

- return HASH_AlgSHA512;

+ hash_type = HASH_AlgSHA512;

+ break;

default:

// Not a digest algorithm.

- return HASH_AlgNULL;

+ return false;

}

-CK_MECHANISM_TYPE WebCryptoAlgorithmToHMACMechanism(

- const WebKit::WebCryptoAlgorithm& algorithm) {

- switch (algorithm.id()) {

- case WebKit::WebCryptoAlgorithmIdSha1:

- return CKM_SHA_1_HMAC;

- case WebKit::WebCryptoAlgorithmIdSha256:

- return CKM_SHA256_HMAC;

- default:

- // Not a supported algorithm.

- return CKM_INVALID_MECHANISM;

- }

-} // namespace

-void WebCryptoImpl::Init() {

- crypto::EnsureNSSInit();

-bool WebCryptoImpl::DigestInternal(

- const WebKit::WebCryptoAlgorithm& algorithm,

- const unsigned char* data,

- unsigned data_size,

- WebKit::WebArrayBuffer* buffer) {

- HASH_HashType hash_type = WebCryptoAlgorithmToNSSHashType(algorithm);

- if (hash_type == HASH_AlgNULL) {

- return false;

- }

HASHContext* context = HASH_Create(hash_type);

if (!context) {

return false;

@@ -90,14 +54,14 @@

HASH_Update(context, data, data_size);

- unsigned hash_result_length = HASH_ResultLenContext(context);

+ size_t hash_result_length = HASH_ResultLenContext(context);

DCHECK_LE(hash_result_length, static_cast<size_t>(HASH_LENGTH_MAX));

*buffer = WebKit::WebArrayBuffer::create(hash_result_length, 1);

unsigned char* digest = reinterpret_cast<unsigned char*>(buffer->data());

- unsigned result_length = 0;

+ uint32 result_length = 0;

HASH_End(context, digest, &result_length, hash_result_length);

HASH_Destroy(context);

@@ -105,148 +69,4 @@

return result_length == hash_result_length;

}

-bool WebCryptoImpl::ImportKeyInternal(

- WebKit::WebCryptoKeyFormat format,

- const unsigned char* key_data,

- unsigned key_data_size,

- const WebKit::WebCryptoAlgorithm& algorithm,

- WebKit::WebCryptoKeyUsageMask usage_mask,

- scoped_ptr<WebKit::WebCryptoKeyHandle>* handle,

- WebKit::WebCryptoKeyType* type) {

- switch (algorithm.id()) {

- case WebKit::WebCryptoAlgorithmIdHmac:

- *type = WebKit::WebCryptoKeyTypeSecret;

- break;

- // TODO(bryaneyler): Support more key types.

- default:

- return false;

- }

- // TODO(bryaneyler): Need to split handling for symmetric and asymmetric keys.

- // Currently only supporting symmetric.

- CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;

- // Flags are verified at the Blink layer; here the flags are set to all

- // possible operations for this key type.

- CK_FLAGS flags = 0;

- switch(algorithm.id()) {

- case WebKit::WebCryptoAlgorithmIdHmac: {

- const WebKit::WebCryptoHmacParams* params = algorithm.hmacParams();

- if (!params) {

- return false;

- }

- mechanism = WebCryptoAlgorithmToHMACMechanism(params->hash());

- if (mechanism == CKM_INVALID_MECHANISM) {

- return false;

- }

- flags |= CKF_SIGN | CKF_VERIFY;

- break;

- }

- default:

- return false;

- }

- DCHECK_NE(CKM_INVALID_MECHANISM, mechanism);

- DCHECK_NE(0ul, flags);

- SECItem key_item = { siBuffer, NULL, 0 };

- switch (format) {

- case WebKit::WebCryptoKeyFormatRaw:

- key_item.data = const_cast<unsigned char*>(key_data);

- key_item.len = key_data_size;

- break;

- // TODO(bryaneyler): Handle additional formats.

- default:

- return false;

- }

- crypto::ScopedPK11SymKey pk11_sym_key(

- PK11_ImportSymKeyWithFlags(PK11_GetInternalSlot(),

- mechanism,

- PK11_OriginUnwrap,

- CKA_FLAGS_ONLY,

- &key_item,

- flags,

- false,

- NULL));

- if (!pk11_sym_key.get()) {

- NOTREACHED();

- return false;

- }

- scoped_ptr<SymKeyHandle> sym_key(new SymKeyHandle(pk11_sym_key.Pass()));

- *handle = sym_key.Pass();

- return true;

-bool WebCryptoImpl::SignInternal(

- const WebKit::WebCryptoAlgorithm& algorithm,

- const WebKit::WebCryptoKey& key,

- const unsigned char* data,

- unsigned data_size,

- WebKit::WebArrayBuffer* buffer) {

- WebKit::WebArrayBuffer result;

- switch (algorithm.id()) {

- case WebKit::WebCryptoAlgorithmIdHmac: {

- const WebKit::WebCryptoHmacParams* params = algorithm.hmacParams();

- if (!params) {

- return false;

- }

- SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle());

- DCHECK_EQ(PK11_GetMechanism(sym_key->key()),

- WebCryptoAlgorithmToHMACMechanism(params->hash()));

- DCHECK_NE(0, key.usages() & WebKit::WebCryptoKeyUsageSign);

- SECItem param_item = { siBuffer, NULL, 0 };

- SECItem data_item = {

- siBuffer,

- const_cast<unsigned char*>(data),

- data_size

- };

- // First call is to figure out the length.

- SECItem signature_item = { siBuffer, NULL, 0 };

- if (PK11_SignWithSymKey(sym_key->key(),

- PK11_GetMechanism(sym_key->key()),

- &param_item,

- &signature_item,

- &data_item) != SECSuccess) {

- NOTREACHED();

- return false;

- }

- DCHECK_NE(0u, signature_item.len);

- result = WebKit::WebArrayBuffer::create(signature_item.len, 1);

- signature_item.data = reinterpret_cast<unsigned char*>(result.data());

- if (PK11_SignWithSymKey(sym_key->key(),

- PK11_GetMechanism(sym_key->key()),

- &param_item,

- &signature_item,

- &data_item) != SECSuccess) {

- NOTREACHED();

- return false;

- }

- DCHECK_EQ(result.byteLength(), signature_item.len);

- break;

- }

- default:

- return false;

- }

- *buffer = result;

- return true;

} // namespace content

« no previous file with comments | « trunk/src/content/renderer/webcrypto_impl.cc ('k') | trunk/src/content/renderer/webcrypto_impl_openssl.cc » ('j') | no next file with comments »