OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "content/child/webcrypto/crypto_data.h" | 8 #include "content/child/webcrypto/crypto_data.h" |
9 #include "content/child/webcrypto/jwk.h" | 9 #include "content/child/webcrypto/jwk.h" |
10 #include "content/child/webcrypto/platform_crypto.h" | 10 #include "content/child/webcrypto/platform_crypto.h" |
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 const blink::WebCryptoKey& key, | 120 const blink::WebCryptoKey& key, |
121 const CryptoData& data, | 121 const CryptoData& data, |
122 blink::WebArrayBuffer* buffer) { | 122 blink::WebArrayBuffer* buffer) { |
123 platform::PublicKey* public_key; | 123 platform::PublicKey* public_key; |
124 Status status = ToPlatformPublicKey(key, &public_key); | 124 Status status = ToPlatformPublicKey(key, &public_key); |
125 if (status.IsError()) | 125 if (status.IsError()) |
126 return status; | 126 return status; |
127 | 127 |
128 // RSAES encryption does not support empty input | 128 // RSAES encryption does not support empty input |
129 if (!data.byte_length()) | 129 if (!data.byte_length()) |
130 return Status::Error(); | 130 return Status::ErrorDataTooSmall(); |
131 | 131 |
132 return platform::EncryptRsaEsPkcs1v1_5(public_key, data, buffer); | 132 return platform::EncryptRsaEsPkcs1v1_5(public_key, data, buffer); |
133 } | 133 } |
134 | 134 |
135 Status DecryptRsaEsPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, | 135 Status DecryptRsaEsPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm, |
136 const blink::WebCryptoKey& key, | 136 const blink::WebCryptoKey& key, |
137 const CryptoData& data, | 137 const CryptoData& data, |
138 blink::WebArrayBuffer* buffer) { | 138 blink::WebArrayBuffer* buffer) { |
139 platform::PrivateKey* private_key; | 139 platform::PrivateKey* private_key; |
140 Status status = ToPlatformPrivateKey(key, &private_key); | 140 Status status = ToPlatformPrivateKey(key, &private_key); |
141 if (status.IsError()) | 141 if (status.IsError()) |
142 return status; | 142 return status; |
143 | 143 |
144 // RSAES decryption does not support empty input | 144 // RSAES decryption does not support empty input |
145 if (!data.byte_length()) | 145 if (!data.byte_length()) |
146 return Status::Error(); | 146 return Status::ErrorDataTooSmall(); |
147 | 147 |
148 return platform::DecryptRsaEsPkcs1v1_5(private_key, data, buffer); | 148 return platform::DecryptRsaEsPkcs1v1_5(private_key, data, buffer); |
149 } | 149 } |
150 | 150 |
151 Status SignHmac(const blink::WebCryptoAlgorithm& algorithm, | 151 Status SignHmac(const blink::WebCryptoAlgorithm& algorithm, |
152 const blink::WebCryptoKey& key, | 152 const blink::WebCryptoKey& key, |
153 const CryptoData& data, | 153 const CryptoData& data, |
154 blink::WebArrayBuffer* buffer) { | 154 blink::WebArrayBuffer* buffer) { |
155 platform::SymKey* sym_key; | 155 platform::SymKey* sym_key; |
156 Status status = ToPlatformSymKey(key, &sym_key); | 156 Status status = ToPlatformSymKey(key, &sym_key); |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
215 const blink::WebCryptoAlgorithm& algorithm, | 215 const blink::WebCryptoAlgorithm& algorithm, |
216 bool extractable, | 216 bool extractable, |
217 blink::WebCryptoKeyUsageMask usage_mask, | 217 blink::WebCryptoKeyUsageMask usage_mask, |
218 blink::WebCryptoKey* key) { | 218 blink::WebCryptoKey* key) { |
219 switch (algorithm.id()) { | 219 switch (algorithm.id()) { |
220 case blink::WebCryptoAlgorithmIdAesCtr: | 220 case blink::WebCryptoAlgorithmIdAesCtr: |
221 case blink::WebCryptoAlgorithmIdAesCbc: | 221 case blink::WebCryptoAlgorithmIdAesCbc: |
222 case blink::WebCryptoAlgorithmIdAesGcm: | 222 case blink::WebCryptoAlgorithmIdAesGcm: |
223 case blink::WebCryptoAlgorithmIdAesKw: | 223 case blink::WebCryptoAlgorithmIdAesKw: |
224 if (!IsValidAesKeyLengthBytes(key_data.byte_length())) | 224 if (!IsValidAesKeyLengthBytes(key_data.byte_length())) |
225 return Status::Error(); | 225 return Status::ErrorImportAesKeyLength(); |
226 // Fallthrough intentional! | 226 // Fallthrough intentional! |
227 case blink::WebCryptoAlgorithmIdHmac: | 227 case blink::WebCryptoAlgorithmIdHmac: |
228 return platform::ImportKeyRaw( | 228 return platform::ImportKeyRaw( |
229 algorithm, key_data, extractable, usage_mask, key); | 229 algorithm, key_data, extractable, usage_mask, key); |
230 default: | 230 default: |
231 return Status::ErrorUnsupported(); | 231 return Status::ErrorUnsupported(); |
232 } | 232 } |
233 } | 233 } |
234 | 234 |
235 // Returns the key format to use for structured cloning. | 235 // Returns the key format to use for structured cloning. |
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
459 blink::WebCryptoKey* key) { | 459 blink::WebCryptoKey* key) { |
460 blink::WebArrayBuffer buffer; | 460 blink::WebArrayBuffer buffer; |
461 Status status = DecryptDontCheckKeyUsage( | 461 Status status = DecryptDontCheckKeyUsage( |
462 wrapping_algorithm, wrapping_key, wrapped_key_data, &buffer); | 462 wrapping_algorithm, wrapping_key, wrapped_key_data, &buffer); |
463 if (status.IsError()) | 463 if (status.IsError()) |
464 return status; | 464 return status; |
465 status = ImportKey( | 465 status = ImportKey( |
466 format, CryptoData(buffer), algorithm, extractable, usage_mask, key); | 466 format, CryptoData(buffer), algorithm, extractable, usage_mask, key); |
467 // NOTE! Returning the details of any ImportKey() failure here would leak | 467 // NOTE! Returning the details of any ImportKey() failure here would leak |
468 // information about the plaintext internals of the encrypted key. Instead, | 468 // information about the plaintext internals of the encrypted key. Instead, |
469 // collapse any error into the generic Status::Error(). | 469 // collapse any error into the generic Status::OperationError(). |
470 return status.IsError() ? Status::Error() : Status::Success(); | 470 return status.IsError() ? Status::OperationError() : Status::Success(); |
471 } | 471 } |
472 | 472 |
473 Status WrapKeyExportAndEncrypt( | 473 Status WrapKeyExportAndEncrypt( |
474 blink::WebCryptoKeyFormat format, | 474 blink::WebCryptoKeyFormat format, |
475 const blink::WebCryptoKey& wrapping_key, | 475 const blink::WebCryptoKey& wrapping_key, |
476 const blink::WebCryptoKey& key_to_wrap, | 476 const blink::WebCryptoKey& key_to_wrap, |
477 const blink::WebCryptoAlgorithm& wrapping_algorithm, | 477 const blink::WebCryptoAlgorithm& wrapping_algorithm, |
478 blink::WebArrayBuffer* buffer) { | 478 blink::WebArrayBuffer* buffer) { |
479 blink::WebArrayBuffer exported_data; | 479 blink::WebArrayBuffer exported_data; |
480 Status status = ExportKey(format, key_to_wrap, &exported_data); | 480 Status status = ExportKey(format, key_to_wrap, &exported_data); |
(...skipping 347 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
828 key); | 828 key); |
829 if (status.IsError()) | 829 if (status.IsError()) |
830 return status; | 830 return status; |
831 | 831 |
832 return ValidateDeserializedKey(*key, algorithm, type); | 832 return ValidateDeserializedKey(*key, algorithm, type); |
833 } | 833 } |
834 | 834 |
835 } // namespace webcrypto | 835 } // namespace webcrypto |
836 | 836 |
837 } // namespace content | 837 } // namespace content |
OLD | NEW |