Chromium Code Reviews Chromium Code Reviews
Issue 24656002:
[webcrypto] Add decrypt() for AES-CBC. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: content/renderer/webcrypto_impl_nss.cc |
| diff --git a/content/renderer/webcrypto_impl_nss.cc b/content/renderer/webcrypto_impl_nss.cc |
| index 6d9da9e292aa2f3119d1a9640c1cdc0de778505b..8c36afea1c6f5a82386bcc5e2e75dab8e45f628d 100644 |
| --- a/content/renderer/webcrypto_impl_nss.cc |
| +++ b/content/renderer/webcrypto_impl_nss.cc |
| @@ -81,23 +81,17 @@ void ShrinkBuffer(WebKit::WebArrayBuffer* buffer, unsigned new_size) { |
| *buffer = new_buffer; |
| } |
| -} // namespace |
| - |
| -void WebCryptoImpl::Init() { |
| - crypto::EnsureNSSInit(); |
| -} |
| - |
| -bool WebCryptoImpl::EncryptInternal( |
| +bool AesCbcEncryptDecrypt( |
| + CK_ATTRIBUTE_TYPE operation, |
| const WebKit::WebCryptoAlgorithm& algorithm, |
| const WebKit::WebCryptoKey& key, |
| const unsigned char* data, |
| unsigned data_size, |
| WebKit::WebArrayBuffer* buffer) { |
| - if (algorithm.id() != WebKit::WebCryptoAlgorithmIdAesCbc) |
| - return false; |
| - |
| + DCHECK_EQ(WebKit::WebCryptoAlgorithmIdAesCbc, algorithm.id()); |
| CHECK_EQ(algorithm.id(), key.algorithm().id()); |
| CHECK_EQ(WebKit::WebCryptoKeyTypeSecret, key.type()); |
| + CHECK(operation == CKA_ENCRYPT || operation == CKA_DECRYPT); |
|
jamesr
2013/09/25 21:29:05
why are these hard CHECKs?
eroman
2013/09/25 22:11:59
Changed to DCHECK()
|
| SymKeyHandle* sym_key = reinterpret_cast<SymKeyHandle*>(key.handle()); |
| @@ -115,7 +109,7 @@ bool WebCryptoImpl::EncryptInternal( |
| return false; |
| crypto::ScopedPK11Context context(PK11_CreateContextBySymKey( |
| - CKM_AES_CBC_PAD, CKA_ENCRYPT, sym_key->key(), param.get())); |
| + CKM_AES_CBC_PAD, operation, sym_key->key(), param.get())); |
| if (!context.get()) |
| return false; |
| @@ -130,6 +124,8 @@ bool WebCryptoImpl::EncryptInternal( |
| return false; |
| } |
| + // TODO(eroman): Refine the output buffer size. It can be computed exactly for |
| + // encryption, and can be smaller for decryption. |
| unsigned output_max_len = data_size + AES_BLOCK_SIZE; |
| CHECK_GT(output_max_len, data_size); |
| @@ -159,6 +155,40 @@ bool WebCryptoImpl::EncryptInternal( |
| return true; |
| } |
| +} // namespace |
| + |
| +void WebCryptoImpl::Init() { |
| + crypto::EnsureNSSInit(); |
| +} |
| + |
| +bool WebCryptoImpl::EncryptInternal( |
| + const WebKit::WebCryptoAlgorithm& algorithm, |
| + const WebKit::WebCryptoKey& key, |
| + const unsigned char* data, |
| + unsigned data_size, |
| + WebKit::WebArrayBuffer* buffer) { |
| + if (algorithm.id() == WebKit::WebCryptoAlgorithmIdAesCbc) { |
| + return AesCbcEncryptDecrypt( |
| + CKA_ENCRYPT, algorithm, key, data, data_size, buffer); |
| + } |
| + |
| + return false; |
| +} |
| + |
| +bool WebCryptoImpl::DecryptInternal( |
| + const WebKit::WebCryptoAlgorithm& algorithm, |
| + const WebKit::WebCryptoKey& key, |
| + const unsigned char* data, |
| + unsigned data_size, |
| + WebKit::WebArrayBuffer* buffer) { |
| + if (algorithm.id() == WebKit::WebCryptoAlgorithmIdAesCbc) { |
| + return AesCbcEncryptDecrypt( |
| + CKA_DECRYPT, algorithm, key, data, data_size, buffer); |
| + } |
| + |
| + return false; |
| +} |
| + |
| bool WebCryptoImpl::DigestInternal( |
| const WebKit::WebCryptoAlgorithm& algorithm, |
| const unsigned char* data, |
