OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdint.h> | 5 #include <stdint.h> |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/memory/ptr_util.h" | 8 #include "base/memory/ptr_util.h" |
9 #include "components/webcrypto/algorithm_implementation.h" | 9 #include "components/webcrypto/algorithm_implementation.h" |
10 #include "components/webcrypto/algorithms/secret_key_util.h" | 10 #include "components/webcrypto/algorithms/secret_key_util.h" |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
64 | 64 |
65 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm, | 65 Status DeriveBits(const blink::WebCryptoAlgorithm& algorithm, |
66 const blink::WebCryptoKey& base_key, | 66 const blink::WebCryptoKey& base_key, |
67 bool has_optional_length_bits, | 67 bool has_optional_length_bits, |
68 unsigned int optional_length_bits, | 68 unsigned int optional_length_bits, |
69 std::vector<uint8_t>* derived_bytes) const override { | 69 std::vector<uint8_t>* derived_bytes) const override { |
70 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 70 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
71 if (!has_optional_length_bits) | 71 if (!has_optional_length_bits) |
72 return Status::ErrorHkdfDeriveBitsLengthNotSpecified(); | 72 return Status::ErrorHkdfDeriveBitsLengthNotSpecified(); |
73 | 73 |
| 74 if (optional_length_bits % 8) |
| 75 return Status::ErrorHkdfLengthNotWholeByte(); |
| 76 |
74 const blink::WebCryptoHkdfParams* params = algorithm.HkdfParams(); | 77 const blink::WebCryptoHkdfParams* params = algorithm.HkdfParams(); |
75 | 78 |
76 const EVP_MD* digest_algorithm = GetDigest(params->GetHash()); | 79 const EVP_MD* digest_algorithm = GetDigest(params->GetHash()); |
77 if (!digest_algorithm) | 80 if (!digest_algorithm) |
78 return Status::ErrorUnsupported(); | 81 return Status::ErrorUnsupported(); |
79 | 82 |
80 // Size output to fit length | 83 // Size output to fit length |
81 unsigned int derived_bytes_len = NumBitsToBytes(optional_length_bits); | 84 unsigned int derived_bytes_len = optional_length_bits / 8; |
82 derived_bytes->resize(derived_bytes_len); | 85 derived_bytes->resize(derived_bytes_len); |
83 | 86 |
84 // Algorithm dispatch checks that the algorithm in |base_key| matches | 87 // Algorithm dispatch checks that the algorithm in |base_key| matches |
85 // |algorithm|. | 88 // |algorithm|. |
86 const std::vector<uint8_t>& raw_key = GetSymmetricKeyData(base_key); | 89 const std::vector<uint8_t>& raw_key = GetSymmetricKeyData(base_key); |
87 if (!HKDF(derived_bytes->data(), derived_bytes_len, digest_algorithm, | 90 if (!HKDF(derived_bytes->data(), derived_bytes_len, digest_algorithm, |
88 raw_key.data(), raw_key.size(), params->Salt().Data(), | 91 raw_key.data(), raw_key.size(), params->Salt().Data(), |
89 params->Salt().size(), params->Info().Data(), | 92 params->Salt().size(), params->Info().Data(), |
90 params->Info().size())) { | 93 params->Info().size())) { |
91 uint32_t error = ERR_get_error(); | 94 uint32_t error = ERR_get_error(); |
92 if (ERR_GET_LIB(error) == ERR_LIB_HKDF && | 95 if (ERR_GET_LIB(error) == ERR_LIB_HKDF && |
93 ERR_GET_REASON(error) == HKDF_R_OUTPUT_TOO_LARGE) { | 96 ERR_GET_REASON(error) == HKDF_R_OUTPUT_TOO_LARGE) { |
94 return Status::ErrorHkdfLengthTooLong(); | 97 return Status::ErrorHkdfLengthTooLong(); |
95 } | 98 } |
96 return Status::OperationError(); | 99 return Status::OperationError(); |
97 } | 100 } |
98 | 101 |
99 TruncateToBitLength(optional_length_bits, derived_bytes); | |
100 return Status::Success(); | 102 return Status::Success(); |
101 } | 103 } |
102 | 104 |
103 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm, | 105 Status DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm, |
104 blink::WebCryptoKeyType type, | 106 blink::WebCryptoKeyType type, |
105 bool extractable, | 107 bool extractable, |
106 blink::WebCryptoKeyUsageMask usages, | 108 blink::WebCryptoKeyUsageMask usages, |
107 const CryptoData& key_data, | 109 const CryptoData& key_data, |
108 blink::WebCryptoKey* key) const override { | 110 blink::WebCryptoKey* key) const override { |
109 if (algorithm.ParamsType() != blink::kWebCryptoKeyAlgorithmParamsTypeNone || | 111 if (algorithm.ParamsType() != blink::kWebCryptoKeyAlgorithmParamsTypeNone || |
(...skipping 16 matching lines...) Expand all Loading... |
126 } | 128 } |
127 }; | 129 }; |
128 | 130 |
129 } // namespace | 131 } // namespace |
130 | 132 |
131 std::unique_ptr<AlgorithmImplementation> CreateHkdfImplementation() { | 133 std::unique_ptr<AlgorithmImplementation> CreateHkdfImplementation() { |
132 return base::WrapUnique(new HkdfImplementation); | 134 return base::WrapUnique(new HkdfImplementation); |
133 } | 135 } |
134 | 136 |
135 } // namespace webcrypto | 137 } // namespace webcrypto |
OLD | NEW |