Chromium Code Reviews Chromium Code Reviews
Issue 25906002:
[webcrypto] Add JWK import for HMAC and AES-CBC key. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "base/base64.h" | |
| 6 #include "base/logging.h" | |
| 7 #include "content/renderer/webcrypto/webcrypto_util.h" | |
|
eroman
2013/10/28 23:02:00
This header goes first, and then the rest (the hea
padolph
2013/10/29 02:25:40
Done.
| |
| 8 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
| 9 | |
| 10 namespace content { | |
| 11 | |
| 12 namespace { | |
| 13 | |
| 14 WebKit::WebCryptoAlgorithm CreateAesKeyGenAlgorithm( | |
| 15 WebKit::WebCryptoAlgorithmId aes_alg_id, | |
| 16 unsigned short length) { | |
| 17 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 18 aes_alg_id, new WebKit::WebCryptoAesKeyGenParams(length)); | |
| 19 } | |
| 20 | |
| 21 WebKit::WebCryptoAlgorithm CreateAlgorithmWithInnerHash( | |
| 22 WebKit::WebCryptoAlgorithmId algorithm_id, | |
| 23 unsigned short hash_key_length) { | |
| 24 WebKit::WebCryptoAlgorithmId hash_id; | |
| 25 switch (hash_key_length) { | |
| 26 case 160: | |
| 27 hash_id = WebKit::WebCryptoAlgorithmIdSha1; | |
| 28 break; | |
| 29 case 224: | |
| 30 hash_id = WebKit::WebCryptoAlgorithmIdSha224; | |
| 31 break; | |
| 32 case 256: | |
| 33 hash_id = WebKit::WebCryptoAlgorithmIdSha256; | |
| 34 break; | |
| 35 case 384: | |
| 36 hash_id = WebKit::WebCryptoAlgorithmIdSha384; | |
| 37 break; | |
| 38 case 512: | |
| 39 hash_id = WebKit::WebCryptoAlgorithmIdSha384; | |
| 40 break; | |
| 41 default: | |
| 42 NOTREACHED(); | |
| 43 // FIXME WRONG TYPE | |
| 44 return CreateAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc); | |
| 45 // return WebKit::WebCryptoAlgorithm::createNull(); | |
| 46 } | |
| 47 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 48 algorithm_id, new WebKit::WebCryptoHmacParams(CreateAlgorithm(hash_id))); | |
| 49 } | |
| 50 | |
| 51 } | |
|
eroman
2013/10/28 23:02:00
End with a comment " // namespace" to help matchi
padolph
2013/10/29 02:25:40
Done.
| |
| 52 | |
| 53 // Returns a pointer to the start of |data|, or NULL if it is empty. This is a | |
| 54 // convenience function for getting the pointer, and should not be used beyond | |
| 55 // the expected lifetime of |data|. | |
| 56 const uint8* Start(const std::vector<uint8>& data) { | |
| 57 if (data.empty()) | |
| 58 return NULL; | |
| 59 return &data[0]; | |
| 60 } | |
| 61 | |
| 62 // TODO(eroman): This works by re-allocating a new buffer. It would be better if | |
| 63 // the WebArrayBuffer could just be truncated instead. | |
| 64 void ShrinkBuffer(WebKit::WebArrayBuffer* buffer, unsigned new_size) { | |
| 65 DCHECK_LE(new_size, buffer->byteLength()); | |
| 66 | |
| 67 if (new_size == buffer->byteLength()) | |
| 68 return; | |
| 69 | |
| 70 WebKit::WebArrayBuffer new_buffer = | |
| 71 WebKit::WebArrayBuffer::create(new_size, 1); | |
| 72 DCHECK(!new_buffer.isNull()); | |
| 73 memcpy(new_buffer.data(), buffer->data(), new_size); | |
| 74 *buffer = new_buffer; | |
| 75 } | |
| 76 | |
| 77 // This function decodes unpadded 'base64url' encoded data, as described in | |
| 78 // RFC4648 (http://www.ietf.org/rfc/rfc4648.txt) Section 5. To do this, first | |
| 79 // change the incoming data to 'base64' encoding by applying the appropriate | |
| 80 // transformation including adding padding if required, and then call a base64 | |
| 81 // decoder. | |
| 82 // In Web Crypto, this type of encoding is only used inside JWK. | |
| 83 bool Base64DecodeUrlSafe(const std::string& input, std::string* output) { | |
| 84 std::string base64EncodedText(input); | |
| 85 std::replace(base64EncodedText.begin(), base64EncodedText.end(), '-', '+'); | |
| 86 std::replace(base64EncodedText.begin(), base64EncodedText.end(), '_', '/'); | |
| 87 base64EncodedText.append((4 - base64EncodedText.size() % 4) % 4, '='); | |
| 88 return base::Base64Decode(base64EncodedText, output); | |
| 89 } | |
| 90 | |
| 91 // *** Algorithm Factories *** | |
| 92 | |
| 93 WebKit::WebCryptoAlgorithm CreateAlgorithm(WebKit::WebCryptoAlgorithmId id) { | |
| 94 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate(id, NULL); | |
| 95 } | |
| 96 | |
| 97 // HMAC Operations Algorithm Factories | |
| 98 | |
| 99 WebKit::WebCryptoAlgorithm CreateHmacAlgorithmByKeyLen( | |
| 100 unsigned short hash_key_length) { | |
| 101 return CreateAlgorithmWithInnerHash(WebKit::WebCryptoAlgorithmIdHmac, | |
| 102 hash_key_length); | |
| 103 } | |
| 104 | |
| 105 WebKit::WebCryptoAlgorithm CreateHmacAlgorithmByHashId( | |
| 106 WebKit::WebCryptoAlgorithmId hashId) { | |
| 107 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 108 WebKit::WebCryptoAlgorithmIdHmac, | |
| 109 new WebKit::WebCryptoHmacParams(CreateAlgorithm(hashId))); | |
| 110 } | |
| 111 | |
| 112 // HMAC Key Generation Algorithm Factories | |
| 113 | |
| 114 WebKit::WebCryptoAlgorithm CreateHmacKeyGenAlgorithm( | |
| 115 WebKit::WebCryptoAlgorithmId hashId, | |
| 116 unsigned hash_length) { | |
| 117 // hash_length < 0 means unspecified | |
| 118 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 119 WebKit::WebCryptoAlgorithmIdHmac, | |
| 120 new WebKit::WebCryptoHmacKeyParams( | |
| 121 CreateAlgorithm(hashId), (hash_length != 0), hash_length)); | |
| 122 } | |
| 123 | |
| 124 // RSA Operations Algorithm Factories | |
| 125 | |
| 126 WebKit::WebCryptoAlgorithm CreateRsaEsAlgorithm() { | |
| 127 return CreateAlgorithm(WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5); | |
| 128 } | |
| 129 | |
| 130 WebKit::WebCryptoAlgorithm CreateRsaSsaAlgorithmByKeyLen( | |
| 131 unsigned short hash_key_length) { | |
| 132 return CreateAlgorithmWithInnerHash( | |
| 133 WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5, hash_key_length); | |
| 134 } | |
| 135 | |
| 136 WebKit::WebCryptoAlgorithm CreateRsaOaepAlgorithmByKeyLen( | |
| 137 unsigned short hash_key_length) { | |
| 138 return CreateAlgorithmWithInnerHash(WebKit::WebCryptoAlgorithmIdRsaOaep, | |
| 139 hash_key_length); | |
| 140 } | |
| 141 | |
| 142 // AES Operations Algorithm Factories | |
| 143 | |
| 144 WebKit::WebCryptoAlgorithm CreateAesCbcAlgorithm(const std::vector<uint8>& iv) { | |
| 145 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 146 WebKit::WebCryptoAlgorithmIdAesCbc, | |
| 147 new WebKit::WebCryptoAesCbcParams(Start(iv), iv.size())); | |
| 148 } | |
| 149 | |
| 150 WebKit::WebCryptoAlgorithm CreateAesGcmAlgorithm( | |
| 151 const std::vector<uint8>& iv, | |
| 152 const std::vector<uint8>& additionalData, | |
| 153 unsigned char tagLength) { | |
| 154 return WebKit::WebCryptoAlgorithm::adoptParamsAndCreate( | |
| 155 WebKit::WebCryptoAlgorithmIdAesCbc, | |
| 156 new WebKit::WebCryptoAesGcmParams(Start(iv), | |
| 157 iv.size(), | |
| 158 additionalData.size(), | |
| 159 Start(additionalData), | |
| 160 additionalData.size(), | |
| 161 tagLength != 0, | |
| 162 tagLength)); | |
| 163 } | |
| 164 | |
| 165 // AES Key Generation Algorithm Factories | |
| 166 | |
| 167 WebKit::WebCryptoAlgorithm CreateAesCbcKeyGenAlgorithm(unsigned short length) { | |
| 168 return CreateAesKeyGenAlgorithm(WebKit::WebCryptoAlgorithmIdAesCbc, length); | |
| 169 } | |
| 170 | |
| 171 WebKit::WebCryptoAlgorithm CreateAesGcmKeyGenAlgorithm(unsigned short length) { | |
| 172 return CreateAesKeyGenAlgorithm(WebKit::WebCryptoAlgorithmIdAesGcm, length); | |
| 173 } | |
| 174 | |
| 175 } // namespace content | |
| OLD | NEW |
