| Index: content/child/webcrypto/shared_crypto.cc
|
| diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc
|
| index 925730c12da3aac5beec9f7cd308b95acbf41558..779dd01774b2d8d052d02771dd4eebb2b229915a 100644
|
| --- a/content/child/webcrypto/shared_crypto.cc
|
| +++ b/content/child/webcrypto/shared_crypto.cc
|
| @@ -103,38 +103,6 @@ Status EncryptDecryptAesGcm(EncryptOrDecrypt mode,
|
| buffer);
|
| }
|
|
|
| -Status EncryptRsaEsPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::PublicKey* public_key;
|
| - Status status = ToPlatformPublicKey(key, &public_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // RSAES encryption does not support empty input
|
| - if (!data.byte_length())
|
| - return Status::ErrorDataTooSmall();
|
| -
|
| - return platform::EncryptRsaEsPkcs1v1_5(public_key, data, buffer);
|
| -}
|
| -
|
| -Status DecryptRsaEsPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::PrivateKey* private_key;
|
| - Status status = ToPlatformPrivateKey(key, &private_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // RSAES decryption does not support empty input
|
| - if (!data.byte_length())
|
| - return Status::ErrorDataTooSmall();
|
| -
|
| - return platform::DecryptRsaEsPkcs1v1_5(private_key, data, buffer);
|
| -}
|
| -
|
| Status EncryptRsaOaep(const blink::WebCryptoAlgorithm& algorithm,
|
| const blink::WebCryptoKey& key,
|
| const CryptoData& data,
|
| @@ -281,7 +249,6 @@ blink::WebCryptoAlgorithm KeyAlgorithmToImportAlgorithm(
|
| const blink::WebCryptoKeyAlgorithm& algorithm) {
|
| switch (algorithm.paramsType()) {
|
| case blink::WebCryptoKeyAlgorithmParamsTypeAes:
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeRsa:
|
| return CreateAlgorithm(algorithm.id());
|
| case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
|
| return CreateHmacImportAlgorithm(algorithm.hmacParams()->hash().id());
|
| @@ -290,6 +257,8 @@ blink::WebCryptoAlgorithm KeyAlgorithmToImportAlgorithm(
|
| algorithm.id(), algorithm.rsaHashedParams()->hash().id());
|
| case blink::WebCryptoKeyAlgorithmParamsTypeNone:
|
| break;
|
| + default:
|
| + break;
|
| }
|
| return blink::WebCryptoAlgorithm::createNull();
|
| }
|
| @@ -316,22 +285,24 @@ bool ValidateDeserializedKey(const blink::WebCryptoKey& key,
|
| key.algorithm().aesParams()->lengthBits())
|
| return false;
|
| break;
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeRsa:
|
| case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed:
|
| - if (algorithm.rsaParams()->modulusLengthBits() !=
|
| - key.algorithm().rsaParams()->modulusLengthBits())
|
| + if (algorithm.rsaHashedParams()->modulusLengthBits() !=
|
| + key.algorithm().rsaHashedParams()->modulusLengthBits())
|
| return false;
|
| - if (algorithm.rsaParams()->publicExponent().size() !=
|
| - key.algorithm().rsaParams()->publicExponent().size())
|
| + if (algorithm.rsaHashedParams()->publicExponent().size() !=
|
| + key.algorithm().rsaHashedParams()->publicExponent().size())
|
| return false;
|
| - if (memcmp(algorithm.rsaParams()->publicExponent().data(),
|
| - key.algorithm().rsaParams()->publicExponent().data(),
|
| - key.algorithm().rsaParams()->publicExponent().size()) != 0)
|
| + if (memcmp(algorithm.rsaHashedParams()->publicExponent().data(),
|
| + key.algorithm().rsaHashedParams()->publicExponent().data(),
|
| + key.algorithm().rsaHashedParams()->publicExponent().size()) !=
|
| + 0)
|
| return false;
|
| break;
|
| case blink::WebCryptoKeyAlgorithmParamsTypeNone:
|
| case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
|
| break;
|
| + default:
|
| + return false;
|
| }
|
|
|
| return true;
|
| @@ -371,21 +342,6 @@ Status UnwrapKeyRaw(const CryptoData& wrapped_key_data,
|
| usage_mask,
|
| key);
|
| }
|
| - case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
|
| - platform::PrivateKey* platform_wrapping_key;
|
| - Status status =
|
| - ToPlatformPrivateKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| - if (!wrapped_key_data.byte_length())
|
| - return Status::ErrorDataTooSmall();
|
| - return platform::UnwrapSymKeyRsaEs(wrapped_key_data,
|
| - platform_wrapping_key,
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - }
|
| default:
|
| return Status::ErrorUnsupported();
|
| }
|
| @@ -411,14 +367,6 @@ Status WrapKeyRaw(const blink::WebCryptoKey& key_to_wrap,
|
| return platform::WrapSymKeyAesKw(
|
| platform_key, platform_wrapping_key, buffer);
|
| }
|
| - case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
|
| - platform::PublicKey* platform_wrapping_key;
|
| - status = ToPlatformPublicKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::WrapSymKeyRsaEs(
|
| - platform_key, platform_wrapping_key, buffer);
|
| - }
|
| default:
|
| return Status::ErrorUnsupported();
|
| }
|
| @@ -449,8 +397,6 @@ Status DecryptDontCheckKeyUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| return EncryptDecryptAesCbc(DECRYPT, algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdAesGcm:
|
| return EncryptDecryptAesGcm(DECRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
|
| - return DecryptRsaEsPkcs1v1_5(algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdRsaOaep:
|
| return DecryptRsaOaep(algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdAesKw:
|
| @@ -471,8 +417,6 @@ Status EncryptDontCheckUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| return EncryptDecryptAesCbc(ENCRYPT, algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdAesGcm:
|
| return EncryptDecryptAesGcm(ENCRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5:
|
| - return EncryptRsaEsPkcs1v1_5(algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdRsaOaep:
|
| return EncryptRsaOaep(algorithm, key, data, buffer);
|
| default:
|
| @@ -625,17 +569,9 @@ Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm,
|
| blink::WebCryptoKey* private_key) {
|
| // TODO(padolph): Handle other asymmetric algorithm key generation.
|
| switch (algorithm.paramsType()) {
|
| - case blink::WebCryptoAlgorithmParamsTypeRsaHashedKeyGenParams:
|
| - case blink::WebCryptoAlgorithmParamsTypeRsaKeyGenParams: {
|
| - const blink::WebCryptoRsaKeyGenParams* params = NULL;
|
| - blink::WebCryptoAlgorithm hash_or_null =
|
| - blink::WebCryptoAlgorithm::createNull();
|
| - if (algorithm.rsaHashedKeyGenParams()) {
|
| - params = algorithm.rsaHashedKeyGenParams();
|
| - hash_or_null = algorithm.rsaHashedKeyGenParams()->hash();
|
| - } else {
|
| - params = algorithm.rsaKeyGenParams();
|
| - }
|
| + case blink::WebCryptoAlgorithmParamsTypeRsaHashedKeyGenParams: {
|
| + const blink::WebCryptoRsaHashedKeyGenParams* params =
|
| + algorithm.rsaHashedKeyGenParams();
|
|
|
| if (!params->modulusLengthBits())
|
| return Status::ErrorGenerateRsaZeroModulus();
|
| @@ -649,7 +585,6 @@ Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm,
|
| usage_mask,
|
| params->modulusLengthBits(),
|
| publicExponent,
|
| - hash_or_null,
|
| public_key,
|
| private_key);
|
| }
|
| @@ -782,9 +717,7 @@ Status WrapKey(blink::WebCryptoKeyFormat format,
|
|
|
| switch (format) {
|
| case blink::WebCryptoKeyFormatRaw:
|
| - if (wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw ||
|
| - wrapping_algorithm.id() ==
|
| - blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5) {
|
| + if (wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw) {
|
| // AES-KW is a special case, due to NSS's implementation only
|
| // supporting C_Wrap/C_Unwrap with AES-KW
|
| return WrapKeyRaw(
|
| @@ -819,9 +752,7 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format,
|
|
|
| switch (format) {
|
| case blink::WebCryptoKeyFormatRaw:
|
| - if (wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw ||
|
| - wrapping_algorithm.id() ==
|
| - blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5) {
|
| + if (wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw) {
|
| // AES-KW is a special case, due to NSS's implementation only
|
| // supporting C_Wrap/C_Unwrap with AES-KW
|
| return UnwrapKeyRaw(wrapped_key_data,
|
|
|
Chromium Code Reviews
Issue 282903002:
[webcrypto] Remove RSA-ES support (2 of 3) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src