| Index: content/child/webcrypto/shared_crypto.cc
|
| diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc
|
| index 08cbf606886b6d4b3db8098a7604dfab1fa32463..c63d9d3bedd3f96b67db7719715e43ce6ea19278 100644
|
| --- a/content/child/webcrypto/shared_crypto.cc
|
| +++ b/content/child/webcrypto/shared_crypto.cc
|
| @@ -308,82 +308,26 @@ bool ValidateDeserializedKey(const blink::WebCryptoKey& key,
|
| return true;
|
| }
|
|
|
| -// Validates the size of data input to AES-KW. AES-KW requires the input data
|
| -// size to be at least 24 bytes and a multiple of 8 bytes.
|
| -Status CheckAesKwInputSize(const CryptoData& aeskw_input_data) {
|
| - if (aeskw_input_data.byte_length() < 24)
|
| - return Status::ErrorDataTooSmall();
|
| - if (aeskw_input_data.byte_length() % 8)
|
| - return Status::ErrorInvalidAesKwDataLength();
|
| - return Status::Success();
|
| -}
|
| -
|
| -Status UnwrapKeyRaw(const CryptoData& wrapped_key_data,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - // TODO(padolph): Handle other wrapping algorithms
|
| - switch (wrapping_algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesKw: {
|
| - platform::SymKey* platform_wrapping_key;
|
| - Status status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| - status = CheckAesKwInputSize(wrapped_key_data);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::UnwrapSymKeyAesKw(wrapped_key_data,
|
| - platform_wrapping_key,
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - }
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status WrapKeyRaw(const blink::WebCryptoKey& key_to_wrap,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - std::vector<uint8>* buffer) {
|
| - // A raw key is always a symmetric key.
|
| - platform::SymKey* platform_key;
|
| - Status status = ToPlatformSymKey(key_to_wrap, &platform_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // TODO(padolph): Handle other wrapping algorithms
|
| - switch (wrapping_algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesKw: {
|
| - platform::SymKey* platform_wrapping_key;
|
| - status = ToPlatformSymKey(wrapping_key, &platform_wrapping_key);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::WrapSymKeyAesKw(
|
| - platform_key, platform_wrapping_key, buffer);
|
| - }
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status DecryptAesKw(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| +Status EncryptDecryptAesKw(EncryptOrDecrypt mode,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + const blink::WebCryptoKey& key,
|
| + const CryptoData& data,
|
| + std::vector<uint8>* buffer) {
|
| platform::SymKey* sym_key;
|
| Status status = ToPlatformSymKey(key, &sym_key);
|
| if (status.IsError())
|
| return status;
|
| - status = CheckAesKwInputSize(data);
|
| +
|
| + unsigned int min_length = mode == ENCRYPT ? 16 : 24;
|
| +
|
| + if (data.byte_length() < min_length)
|
| + return Status::ErrorDataTooSmall();
|
| + if (data.byte_length() % 8)
|
| + return Status::ErrorInvalidAesKwDataLength();
|
| +
|
| if (status.IsError())
|
| return status;
|
| - return platform::DecryptAesKw(sym_key, data, buffer);
|
| + return platform::EncryptDecryptAesKw(mode, sym_key, data, buffer);
|
| }
|
|
|
| Status DecryptDontCheckKeyUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| @@ -400,7 +344,7 @@ Status DecryptDontCheckKeyUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| case blink::WebCryptoAlgorithmIdRsaOaep:
|
| return DecryptRsaOaep(algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdAesKw:
|
| - return DecryptAesKw(algorithm, key, data, buffer);
|
| + return EncryptDecryptAesKw(DECRYPT, algorithm, key, data, buffer);
|
| default:
|
| return Status::ErrorUnsupported();
|
| }
|
| @@ -417,6 +361,8 @@ Status EncryptDontCheckUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| return EncryptDecryptAesCbc(ENCRYPT, algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdAesGcm:
|
| return EncryptDecryptAesGcm(ENCRYPT, algorithm, key, data, buffer);
|
| + case blink::WebCryptoAlgorithmIdAesKw:
|
| + return EncryptDecryptAesKw(ENCRYPT, algorithm, key, data, buffer);
|
| case blink::WebCryptoAlgorithmIdRsaOaep:
|
| return EncryptRsaOaep(algorithm, key, data, buffer);
|
| default:
|
| @@ -892,13 +838,6 @@ Status WrapKey(blink::WebCryptoKeyFormat format,
|
| if (wrapping_algorithm.id() != wrapping_key.algorithm().id())
|
| return Status::ErrorUnexpected();
|
|
|
| - if (format == blink::WebCryptoKeyFormatRaw &&
|
| - wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw) {
|
| - // AES-KW is a special case, due to NSS's implementation only
|
| - // supporting C_Wrap/C_Unwrap with AES-KW
|
| - return WrapKeyRaw(key_to_wrap, wrapping_key, wrapping_algorithm, buffer);
|
| - }
|
| -
|
| return WrapKeyExportAndEncrypt(
|
| format, key_to_wrap, wrapping_key, wrapping_algorithm, buffer);
|
| }
|
| @@ -924,19 +863,6 @@ Status UnwrapKey(blink::WebCryptoKeyFormat format,
|
| if (status.IsError())
|
| return status;
|
|
|
| - if (format == blink::WebCryptoKeyFormatRaw &&
|
| - wrapping_algorithm.id() == blink::WebCryptoAlgorithmIdAesKw) {
|
| - // AES-KW is a special case, due to NSS's implementation only
|
| - // supporting C_Wrap/C_Unwrap with AES-KW
|
| - return UnwrapKeyRaw(wrapped_key_data,
|
| - wrapping_key,
|
| - wrapping_algorithm,
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - }
|
| -
|
| return UnwrapKeyDecryptAndImport(format,
|
| wrapped_key_data,
|
| wrapping_key,
|
|
|
Chromium Code Reviews
Issue 335463002:
[webcrypto] Remove a special case for AES-KW wrapping/unwrapping. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src