Chromium Code Reviews Chromium Code Reviews
Issue 328903003:
[webcrypto] Remove support for AES 192-bit keys (2 of 2) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/shared_crypto.h" | 5 #include "content/child/webcrypto/shared_crypto.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "content/child/webcrypto/crypto_data.h" | 8 #include "content/child/webcrypto/crypto_data.h" |
| 9 #include "content/child/webcrypto/jwk.h" | 9 #include "content/child/webcrypto/jwk.h" |
| 10 #include "content/child/webcrypto/platform_crypto.h" | 10 #include "content/child/webcrypto/platform_crypto.h" |
| (...skipping 201 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 212 bool extractable, | 212 bool extractable, |
| 213 blink::WebCryptoKeyUsageMask usage_mask, | 213 blink::WebCryptoKeyUsageMask usage_mask, |
| 214 blink::WebCryptoKey* key) { | 214 blink::WebCryptoKey* key) { |
| 215 switch (algorithm.id()) { | 215 switch (algorithm.id()) { |
| 216 case blink::WebCryptoAlgorithmIdAesCtr: | 216 case blink::WebCryptoAlgorithmIdAesCtr: |
| 217 case blink::WebCryptoAlgorithmIdAesCbc: | 217 case blink::WebCryptoAlgorithmIdAesCbc: |
| 218 case blink::WebCryptoAlgorithmIdAesGcm: | 218 case blink::WebCryptoAlgorithmIdAesGcm: |
| 219 case blink::WebCryptoAlgorithmIdAesKw: | 219 case blink::WebCryptoAlgorithmIdAesKw: |
| 220 if (!IsValidAesKeyLengthBytes(key_data.byte_length())) | 220 if (!IsValidAesKeyLengthBytes(key_data.byte_length())) |
| 221 return Status::ErrorImportAesKeyLength(); | 221 return Status::ErrorImportAesKeyLength(); |
| 222 if (key_data.byte_length() == 24 && | |
| 223 algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm) { | |
| 224 return Status::ErrorAesGcm192Unsupported(); | |
|
Ryan Sleevi
2014/06/10 23:44:21
Same comments re All AES
| |
| 225 } | |
| 222 // Fallthrough intentional! | 226 // Fallthrough intentional! |
| 223 case blink::WebCryptoAlgorithmIdHmac: | 227 case blink::WebCryptoAlgorithmIdHmac: |
| 224 return platform::ImportKeyRaw( | 228 return platform::ImportKeyRaw( |
| 225 algorithm, key_data, extractable, usage_mask, key); | 229 algorithm, key_data, extractable, usage_mask, key); |
| 226 default: | 230 default: |
| 227 return Status::ErrorUnsupported(); | 231 return Status::ErrorUnsupported(); |
| 228 } | 232 } |
| 229 } | 233 } |
| 230 | 234 |
| 231 // Returns the key format to use for structured cloning. | 235 // Returns the key format to use for structured cloning. |
| (...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 655 | 659 |
| 656 // Get the secret key length in bytes from generation parameters. | 660 // Get the secret key length in bytes from generation parameters. |
| 657 // This resolves any defaults. | 661 // This resolves any defaults. |
| 658 switch (algorithm.id()) { | 662 switch (algorithm.id()) { |
| 659 case blink::WebCryptoAlgorithmIdAesCbc: | 663 case blink::WebCryptoAlgorithmIdAesCbc: |
| 660 case blink::WebCryptoAlgorithmIdAesGcm: | 664 case blink::WebCryptoAlgorithmIdAesGcm: |
| 661 case blink::WebCryptoAlgorithmIdAesKw: { | 665 case blink::WebCryptoAlgorithmIdAesKw: { |
| 662 if (!IsValidAesKeyLengthBits(algorithm.aesKeyGenParams()->lengthBits())) | 666 if (!IsValidAesKeyLengthBits(algorithm.aesKeyGenParams()->lengthBits())) |
| 663 return Status::ErrorGenerateKeyLength(); | 667 return Status::ErrorGenerateKeyLength(); |
| 664 keylen_bytes = algorithm.aesKeyGenParams()->lengthBits() / 8; | 668 keylen_bytes = algorithm.aesKeyGenParams()->lengthBits() / 8; |
| 669 | |
| 670 if (keylen_bytes == 24 && | |
| 671 algorithm.id() == blink::WebCryptoAlgorithmIdAesGcm) { | |
| 672 return Status::ErrorAesGcm192Unsupported(); | |
| 673 } | |
|
Ryan Sleevi
2014/06/10 23:44:21
Same comments re All AES
| |
| 674 | |
| 665 break; | 675 break; |
| 666 } | 676 } |
| 667 case blink::WebCryptoAlgorithmIdHmac: { | 677 case blink::WebCryptoAlgorithmIdHmac: { |
| 668 const blink::WebCryptoHmacKeyGenParams* params = | 678 const blink::WebCryptoHmacKeyGenParams* params = |
| 669 algorithm.hmacKeyGenParams(); | 679 algorithm.hmacKeyGenParams(); |
| 670 DCHECK(params); | 680 DCHECK(params); |
| 671 if (params->hasLengthBits()) { | 681 if (params->hasLengthBits()) { |
| 672 if (params->optionalLengthBits() % 8) | 682 if (params->optionalLengthBits() % 8) |
| 673 return Status::ErrorGenerateKeyLength(); | 683 return Status::ErrorGenerateKeyLength(); |
| 674 keylen_bytes = params->optionalLengthBits() / 8; | 684 keylen_bytes = params->optionalLengthBits() / 8; |
| (...skipping 310 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 985 if (!ContainsKeyUsages(GetValidKeyUsagesForKeyType(algorithm, key_type), | 995 if (!ContainsKeyUsages(GetValidKeyUsagesForKeyType(algorithm, key_type), |
| 986 usages)) | 996 usages)) |
| 987 return Status::ErrorCreateKeyBadUsages(); | 997 return Status::ErrorCreateKeyBadUsages(); |
| 988 | 998 |
| 989 return Status::Success(); | 999 return Status::Success(); |
| 990 } | 1000 } |
| 991 | 1001 |
| 992 } // namespace webcrypto | 1002 } // namespace webcrypto |
| 993 | 1003 |
| 994 } // namespace content | 1004 } // namespace content |
| OLD | NEW |
