Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(21)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/webcrypto/algorithms/hkdf.cc

Issue 2837383002: Raise an error when calling WebCrypto's deriveBits() for HKDF with (Closed)
Patch Set: checkpoint Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | components/webcrypto/status.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdint.h> 5 #include <stdint.h>
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/memory/ptr_util.h" 8 #include "base/memory/ptr_util.h"
9 #include "components/webcrypto/algorithm_implementation.h" 9 #include "components/webcrypto/algorithm_implementation.h"
10 #include "components/webcrypto/algorithms/secret_key_util.h" 10 #include "components/webcrypto/algorithms/secret_key_util.h"
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 64
65 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm, 65 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm,
66 const blink::WebCryptoKey& base_key, 66 const blink::WebCryptoKey& base_key,
67 bool has_optional_length_bits, 67 bool has_optional_length_bits,
68 unsigned int optional_length_bits, 68 unsigned int optional_length_bits,
69 std::vector<uint8_t>* derived_bytes) const override { 69 std::vector<uint8_t>* derived_bytes) const override {
70 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 70 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
71 if (!has_optional_length_bits) 71 if (!has_optional_length_bits)
72 return Status::ErrorHkdfDeriveBitsLengthNotSpecified(); 72 return Status::ErrorHkdfDeriveBitsLengthNotSpecified();
73 73
74 if (optional_length_bits % 8)
75 return Status::ErrorHkdfLengthNotWholeByte();
76
74 const blink::WebCryptoHkdfParams* params = algorithm.HkdfParams(); 77 const blink::WebCryptoHkdfParams* params = algorithm.HkdfParams();
75 78
76 const EVP_MD* digest_algorithm = GetDigest(params->GetHash()); 79 const EVP_MD* digest_algorithm = GetDigest(params->GetHash());
77 if (!digest_algorithm) 80 if (!digest_algorithm)
78 return Status::ErrorUnsupported(); 81 return Status::ErrorUnsupported();
79 82
80 // Size output to fit length 83 // Size output to fit length
81 unsigned int derived_bytes_len = NumBitsToBytes(optional_length_bits); 84 unsigned int derived_bytes_len = optional_length_bits / 8;
82 derived_bytes->resize(derived_bytes_len); 85 derived_bytes->resize(derived_bytes_len);
83 86
84 // Algorithm dispatch checks that the algorithm in |base_key| matches 87 // Algorithm dispatch checks that the algorithm in |base_key| matches
85 // |algorithm|. 88 // |algorithm|.
86 const std::vector<uint8_t>& raw_key = GetSymmetricKeyData(base_key); 89 const std::vector<uint8_t>& raw_key = GetSymmetricKeyData(base_key);
87 if (!HKDF(derived_bytes->data(), derived_bytes_len, digest_algorithm, 90 if (!HKDF(derived_bytes->data(), derived_bytes_len, digest_algorithm,
88 raw_key.data(), raw_key.size(), params->Salt().Data(), 91 raw_key.data(), raw_key.size(), params->Salt().Data(),
89 params->Salt().size(), params->Info().Data(), 92 params->Salt().size(), params->Info().Data(),
90 params->Info().size())) { 93 params->Info().size())) {
91 uint32_t error = ERR_get_error(); 94 uint32_t error = ERR_get_error();
92 if (ERR_GET_LIB(error) == ERR_LIB_HKDF && 95 if (ERR_GET_LIB(error) == ERR_LIB_HKDF &&
93 ERR_GET_REASON(error) == HKDF_R_OUTPUT_TOO_LARGE) { 96 ERR_GET_REASON(error) == HKDF_R_OUTPUT_TOO_LARGE) {
94 return Status::ErrorHkdfLengthTooLong(); 97 return Status::ErrorHkdfLengthTooLong();
95 } 98 }
96 return Status::OperationError(); 99 return Status::OperationError();
97 } 100 }
98 101
99 TruncateToBitLength(optional_length_bits, derived_bytes);
100 return Status::Success(); 102 return Status::Success();
101 } 103 }
102 104
103 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm, 105 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm,
104 blink::WebCryptoKeyType type, 106 blink::WebCryptoKeyType type,
105 bool extractable, 107 bool extractable,
106 blink::WebCryptoKeyUsageMask usages, 108 blink::WebCryptoKeyUsageMask usages,
107 const CryptoData& key_data, 109 const CryptoData& key_data,
108 blink::WebCryptoKey* key) const override { 110 blink::WebCryptoKey* key) const override {
109 if (algorithm.ParamsType() != blink::kWebCryptoKeyAlgorithmParamsTypeNone || 111 if (algorithm.ParamsType() != blink::kWebCryptoKeyAlgorithmParamsTypeNone ||
(...skipping 16 matching lines...) Expand all
126 } 128 }
127 }; 129 };
128 130
129 } // namespace 131 } // namespace
130 132
131 std::unique_ptr<AlgorithmImplementation> CreateHkdfImplementation() { 133 std::unique_ptr<AlgorithmImplementation> CreateHkdfImplementation() {
132 return base::WrapUnique(new HkdfImplementation); 134 return base::WrapUnique(new HkdfImplementation);
133 } 135 }
134 136
135 } // namespace webcrypto 137 } // namespace webcrypto
OLDNEW
« no previous file with comments | « no previous file | components/webcrypto/status.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698