[webcryto] Validate key usages during key creation.

content/child/webcrypto/webcrypto_impl.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/webcrypto_impl.h"
 
 #include "base/bind.h"
 #include "base/lazy_instance.h"
 #include "base/location.h"
 #include "base/logging.h"
@@ skipping 116 matching lines @@
 void CompleteWithKeyOrError(const Status& status,
                             const blink::WebCryptoKey& key,
                             blink::WebCryptoResult* result) {
   if (status.IsError()) {
     CompleteWithError(status, result);
   } else {
     result->completeWithKey(key);
   }
 }
 
-bool IsAlgorithmAsymmetric(const blink::WebCryptoAlgorithm& algorithm) {
-  // TODO(padolph): include all other asymmetric algorithms once they are
-  // defined, e.g. EC and DH.
-  return webcrypto::IsAlgorithmRsa(algorithm.id());
-}
-
 // Gets a task runner for the current thread. The current thread is either:
 //
 //   * The main Blink thread
 //   * A Blink web worker thread
 //
 // A different mechanism is needed for posting to these threads. The main
 // thread has an associated message loop and can simply use
 // base::ThreadTaskRunnerHandle. Whereas the web worker threads are managed by
 // Blink and need to be indirected through WorkerThreadTaskRunner.
 scoped_refptr<base::TaskRunner> GetCurrentBlinkThread() {
@@ skipping 245 matching lines @@
   } else {
     if (state->is_asymmetric)
       state->result.completeWithKeyPair(state->public_key, state->private_key);
     else
       state->result.completeWithKey(state->public_key);
   }
 }
 
 void DoGenerateKey(scoped_ptr<GenerateKeyState> passed_state) {
   GenerateKeyState* state = passed_state.get();
-  state->is_asymmetric = IsAlgorithmAsymmetric(state->algorithm);
+  state->is_asymmetric =
+      webcrypto::IsAlgorithmAsymmetric(state->algorithm.id());
   if (state->is_asymmetric) {
     state->status = webcrypto::GenerateKeyPair(state->algorithm,
                                                state->extractable,
                                                state->usage_mask,
                                                &state->public_key,
                                                &state->private_key);
 
     if (state->status.IsSuccess()) {
       DCHECK(state->public_key.handle());
       DCHECK(state->private_key.handle());
       DCHECK_EQ(state->algorithm.id(), state->public_key.algorithm().id());
       DCHECK_EQ(state->algorithm.id(), state->private_key.algorithm().id());
       DCHECK_EQ(true, state->public_key.extractable());
       DCHECK_EQ(state->extractable, state->private_key.extractable());
-      DCHECK_EQ(state->usage_mask, state->public_key.usages());
-      DCHECK_EQ(state->usage_mask, state->private_key.usages());
     }
   } else {
     blink::WebCryptoKey* key = &state->public_key;
 
     state->status = webcrypto::GenerateSecretKey(
         state->algorithm, state->extractable, state->usage_mask, key);
 
     if (state->status.IsSuccess()) {
       DCHECK(key->handle());
       DCHECK_EQ(state->algorithm.id(), key->algorithm().id());
@@ skipping 302 matching lines @@
       &key);
 }
 
 bool WebCryptoImpl::serializeKeyForClone(
     const blink::WebCryptoKey& key,
     blink::WebVector<unsigned char>& key_data) {
   return webcrypto::SerializeKeyForClone(key, &key_data);
 }
 
 }  // namespace content