[webcrypto] Add RSA key generation using NSS.

content/renderer/webcrypto/webcrypto_impl.cc

Index: content/renderer/webcrypto/webcrypto_impl.cc
diff --git a/content/renderer/webcrypto/webcrypto_impl.cc b/content/renderer/webcrypto/webcrypto_impl.cc
index f2510100eb755c3f7d4b7929c6227a4bb7571a67..49544b7c4c7b1536e7cf491ab734bf0615817910 100644
--- a/content/renderer/webcrypto/webcrypto_impl.cc
+++ b/content/renderer/webcrypto/webcrypto_impl.cc
@@ -12,6 +12,19 @@
 
 namespace content {
 
+namespace {
+
+bool IsAlgorithmAsymmetric(const WebKit::WebCryptoAlgorithm& algorithm) {
+  const WebKit::WebCryptoAlgorithmId algorithm_id = algorithm.id();
+  // TODO(padolph): include all other asymmetric algorithms once they are
+  // defined, e.g. EC and DH.
+  return (algorithm_id == WebKit::WebCryptoAlgorithmIdRsaEsPkcs1v1_5  ||
+          algorithm_id == WebKit::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5 ||
+          algorithm_id == WebKit::WebCryptoAlgorithmIdRsaOaep);
+}
+
+} // namespace
+
 WebCryptoImpl::WebCryptoImpl() {
   Init();
 }
@@ -80,11 +93,36 @@ void WebCryptoImpl::generateKey(
     bool exportable,
     WebKit::WebCryptoKeyUsageMask usage,
     WebKit::WebCryptoResult result) {
-  scoped_ptr<WebKit::WebCryptoKeyHandle> handle;
-  WebKit::WebCryptoKeyType type;
-  if (!GenerateKeyInternal(algorithm, &handle, &type)) {
-    result.completeWithError();
+
+  if (IsAlgorithmAsymmetric(algorithm)) {
+    scoped_ptr<WebKit::WebCryptoKeyHandle> public_key_handle;
+    scoped_ptr<WebKit::WebCryptoKeyHandle> private_key_handle;
+    if (!GenerateKeyPairInternal(algorithm,
+                                 &public_key_handle,
+                                 &private_key_handle)) {
+      result.completeWithError();
+      return;
+    }
+    WebKit::WebCryptoKey public_key(
+        WebKit::WebCryptoKey::create(public_key_handle.release(),
+                                     WebKit::WebCryptoKeyTypePublic,
+                                     exportable,
+                                     algorithm,
+                                     usage));
+    WebKit::WebCryptoKey private_key(
+        WebKit::WebCryptoKey::create(private_key_handle.release(),
+                                     WebKit::WebCryptoKeyTypePrivate,
+                                     exportable,
+                                     algorithm,
+                                     usage));
+    result.completeWithKeyPair(public_key, private_key);

[eroman, 2013/10/24 22:28:59]

could you add a return statement here, and then get rid of the "else"?

[padolph, 2013/10/25 01:21:46]

IMO that makes the code read like asymmetric is a special case, rather than a
binary choice with symmetric, as per my earlier reply. But OK, will do.

[eroman, 2013/10/28 20:00:47]

If you feel strongly about it feel free to change it back. I was basing the
suggestion on my own personal preference.

   } else {
+    scoped_ptr<WebKit::WebCryptoKeyHandle> handle;
+    WebKit::WebCryptoKeyType type;
+    if (!GenerateKeyInternal(algorithm, &handle, &type)) {
+      result.completeWithError();
+      return;
+    }
     WebKit::WebCryptoKey key(
         WebKit::WebCryptoKey::create(handle.release(), type, exportable,
                                      algorithm, usage));