Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(65)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/webcrypto/algorithms/hkdf.cc

Issue 2544533002: Have all overloads of webcrypto::AlgorithmImplementation::DeserializeKeyForClone check the params t… (Closed)
Patch Set: additional checks, per eroman Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/webcrypto/algorithms/ec.cc ('k') | components/webcrypto/algorithms/hmac.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/webcrypto/algorithms/hkdf.cc
diff --git a/components/webcrypto/algorithms/hkdf.cc b/components/webcrypto/algorithms/hkdf.cc
index 90a204513d3131012fe32ce6a5a801c99a370051..f5ac563e3db9f92a99fe6b210380a1b45e946d36 100644
--- a/components/webcrypto/algorithms/hkdf.cc
+++ b/components/webcrypto/algorithms/hkdf.cc
@@ -105,6 +105,10 @@ class HkdfImplementation : public AlgorithmImplementation {
blink::WebCryptoKeyUsageMask usages,
const CryptoData& key_data,
blink::WebCryptoKey* key) const override {
+ if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeNone ||
+ type != blink::WebCryptoKeyTypeSecret)
+ return Status::ErrorUnexpected();
+
// NOTE: Unlike ImportKeyRaw(), this does not enforce extractable==false.
// This is intentional. Although keys cannot currently be created with
// extractable==true, earlier implementations permitted this, so
« no previous file with comments | « components/webcrypto/algorithms/ec.cc ('k') | components/webcrypto/algorithms/hmac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698