Chromium Code Reviews Chromium Code Reviews
Issue 298073009:
Reuse WebCrypto's normalizeCryptoAlgorithm in enterprise.platformKeys. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 var utils = require('utils'); | 5 var utils = require('utils'); |
| 6 var internalAPI = require('enterprise.platformKeys.internalAPI'); | 6 var internalAPI = require('enterprise.platformKeys.internalAPI'); |
| 7 var intersect = require('enterprise.platformKeys.utils').intersect; | 7 var intersect = require('enterprise.platformKeys.utils').intersect; |
| 8 var KeyPair = require('enterprise.platformKeys.KeyPair').KeyPair; | 8 var KeyPair = require('enterprise.platformKeys.KeyPair').KeyPair; |
| 9 var keyModule = require('enterprise.platformKeys.Key'); | 9 var keyModule = require('enterprise.platformKeys.Key'); |
| 10 var getSpki = keyModule.getSpki; | 10 var getSpki = keyModule.getSpki; |
| 11 var KeyUsage = keyModule.KeyUsage; | 11 var KeyUsage = keyModule.KeyUsage; |
| 12 | 12 |
| 13 var normalizeAlgorithm = | |
| 14 requireNative('enterprise_platform_keys_natives').NormalizeAlgorithm; | |
| 15 | |
| 13 // This error is thrown by the internal and public API's token functions and | 16 // This error is thrown by the internal and public API's token functions and |
| 14 // must be rethrown by this custom binding. Keep this in sync with the C++ part | 17 // must be rethrown by this custom binding. Keep this in sync with the C++ part |
| 15 // of this API. | 18 // of this API. |
| 16 var errorInvalidToken = "The token is not valid."; | 19 var errorInvalidToken = "The token is not valid."; |
| 17 | 20 |
| 18 // The following errors are specified in WebCrypto. | 21 // The following errors are specified in WebCrypto. |
| 19 // TODO(pneubeck): These should be DOMExceptions. | 22 // TODO(pneubeck): These should be DOMExceptions. |
| 20 function CreateNotSupportedError() { | 23 function CreateNotSupportedError() { |
| 21 return new Error('The algorithm is not supported'); | 24 return new Error('The algorithm is not supported'); |
| 22 } | 25 } |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 65 // implementation. | 68 // implementation. |
| 66 | 69 |
| 67 if (extractable) { | 70 if (extractable) { |
| 68 // Note: This deviates from WebCrypto.SubtleCrypto. | 71 // Note: This deviates from WebCrypto.SubtleCrypto. |
| 69 throw CreateNotSupportedError(); | 72 throw CreateNotSupportedError(); |
| 70 } | 73 } |
| 71 if (intersect(keyUsages, [KeyUsage.sign, KeyUsage.verify]).length != | 74 if (intersect(keyUsages, [KeyUsage.sign, KeyUsage.verify]).length != |
| 72 keyUsages.length) { | 75 keyUsages.length) { |
| 73 throw CreateDataError(); | 76 throw CreateDataError(); |
| 74 } | 77 } |
| 75 if (!algorithm.name) { | 78 var normalizedAlgorithmParameters = |
| 79 normalizeAlgorithm(algorithm, 'GenerateKey'); | |
| 80 if (!normalizedAlgorithmParameters) { | |
| 76 // TODO(pneubeck): It's not clear from the WebCrypto spec which error to | 81 // TODO(pneubeck): It's not clear from the WebCrypto spec which error to |
| 77 // throw here. | 82 // throw here. |
| 78 throw CreateSyntaxError(); | 83 throw CreateSyntaxError(); |
| 79 } | 84 } |
| 80 | 85 |
| 81 if (algorithm.name.toUpperCase() !== 'RSASSA-PKCS1-V1_5') { | 86 if (normalizedAlgorithmParameters.name !== 'RSASSA-PKCS1-V1_5') { |
| 82 // Note: This deviates from WebCrypto.SubtleCrypto. | 87 // Note: This deviates from WebCrypto.SubtleCrypto. |
| 83 throw CreateNotSupportedError(); | 88 throw CreateNotSupportedError(); |
| 84 } | 89 } |
| 85 if (!algorithm.modulusLength || !algorithm.publicExponent) | |
| 86 throw CreateSyntaxError(); | |
| 87 | 90 |
| 88 internalAPI.generateKey( | 91 internalAPI.generateKey(subtleCrypto.tokenId, |
|
eroman
2014/06/05 23:38:28
where does the hash come into play? i don't see it
pneubeck (no reviews)
2014/06/06 12:39:45
-> follow up CL.
| |
| 89 subtleCrypto.tokenId, algorithm.modulusLength, function(spki) { | 92 normalizedAlgorithmParameters.modulusLength, |
| 90 if (catchInvalidTokenError(reject)) | 93 function(spki) { |
| 91 return; | 94 if (catchInvalidTokenError(reject)) |
| 92 if (chrome.runtime.lastError) { | 95 return; |
| 93 reject(CreateOperationError()); | 96 if (chrome.runtime.lastError) { |
| 94 return; | 97 reject(CreateOperationError()); |
| 95 } | 98 return; |
| 96 resolve(new KeyPair(spki, algorithm, keyUsages)); | 99 } |
| 97 }); | 100 resolve(new KeyPair(spki, algorithm, keyUsages)); |
| 101 }); | |
| 98 }); | 102 }); |
| 99 }; | 103 }; |
| 100 | 104 |
| 101 SubtleCryptoImpl.prototype.sign = function(algorithm, key, dataView) { | 105 SubtleCryptoImpl.prototype.sign = function(algorithm, key, dataView) { |
| 102 var subtleCrypto = this; | 106 var subtleCrypto = this; |
| 103 return new Promise(function(resolve, reject) { | 107 return new Promise(function(resolve, reject) { |
| 104 if (key.type != 'private' || key.usages.indexOf(KeyUsage.sign) == -1) | 108 if (key.type != 'private' || key.usages.indexOf(KeyUsage.sign) == -1) |
| 105 throw CreateInvalidAccessError(); | 109 throw CreateInvalidAccessError(); |
| 106 | 110 |
| 111 var normalizedAlgorithmParameters = | |
| 112 normalizeAlgorithm(algorithm, 'Sign'); | |
| 113 if (!normalizedAlgorithmParameters) { | |
| 114 // TODO(pneubeck): It's not clear from the WebCrypto spec which error to | |
|
eroman
2014/06/05 23:38:28
The methods you plumbed through set the exception
pneubeck (no reviews)
2014/06/06 12:39:45
Yeah, this comment is not accurate.
a follow up CL
| |
| 115 // throw here. | |
| 116 throw CreateSyntaxError(); | |
| 117 } | |
| 118 | |
| 107 // Create an ArrayBuffer that equals the dataView. Note that dataView.buffer | 119 // Create an ArrayBuffer that equals the dataView. Note that dataView.buffer |
| 108 // might contain more data than dataView. | 120 // might contain more data than dataView. |
| 109 var data = dataView.buffer.slice(dataView.byteOffset, | 121 var data = dataView.buffer.slice(dataView.byteOffset, |
| 110 dataView.byteOffset + dataView.byteLength); | 122 dataView.byteOffset + dataView.byteLength); |
| 111 internalAPI.sign( | 123 internalAPI.sign( |
| 112 subtleCrypto.tokenId, getSpki(key), data, function(signature) { | 124 subtleCrypto.tokenId, getSpki(key), data, function(signature) { |
| 113 if (catchInvalidTokenError(reject)) | 125 if (catchInvalidTokenError(reject)) |
| 114 return; | 126 return; |
| 115 if (chrome.runtime.lastError) { | 127 if (chrome.runtime.lastError) { |
| 116 reject(CreateOperationError()); | 128 reject(CreateOperationError()); |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 135 // TODO(pneubeck): It should be possible to export to format 'jwk'. | 147 // TODO(pneubeck): It should be possible to export to format 'jwk'. |
| 136 throw CreateNotSupportedError(); | 148 throw CreateNotSupportedError(); |
| 137 } | 149 } |
| 138 }); | 150 }); |
| 139 }; | 151 }; |
| 140 | 152 |
| 141 exports.SubtleCrypto = | 153 exports.SubtleCrypto = |
| 142 utils.expose('SubtleCrypto', | 154 utils.expose('SubtleCrypto', |
| 143 SubtleCryptoImpl, | 155 SubtleCryptoImpl, |
| 144 {functions:['generateKey', 'sign', 'exportKey']}); | 156 {functions:['generateKey', 'sign', 'exportKey']}); |
| OLD | NEW |
