Refactor WebCrypto code

content/child/webcrypto/nss/aes_key_nss.cc

Index: content/child/webcrypto/nss/aes_key_nss.cc
diff --git a/content/child/webcrypto/nss/aes_key_nss.cc b/content/child/webcrypto/nss/aes_key_nss.cc
new file mode 100644
index 0000000000000000000000000000000000000000..d29db39267a04134557c659333c31b3a410b3cab
--- /dev/null
+++ b/content/child/webcrypto/nss/aes_key_nss.cc
@@ -0,0 +1,169 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/child/webcrypto/nss/aes_key_nss.h"
+
+#include "base/logging.h"
+#include "content/child/webcrypto/crypto_data.h"
+#include "content/child/webcrypto/jwk.h"
+#include "content/child/webcrypto/nss/key_nss.h"
+#include "content/child/webcrypto/nss/sym_key_nss.h"
+#include "content/child/webcrypto/status.h"
+#include "content/child/webcrypto/webcrypto_util.h"
+#include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
+
+namespace content {
+
+namespace webcrypto {
+
+AesAlgorithm::AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
+                           CK_FLAGS import_flags,
+                           blink::WebCryptoKeyUsageMask all_key_usages,
+                           const char* jwk_suffix)
+    : import_mechanism_(import_mechanism),
+      import_flags_(import_flags),
+      all_key_usages_(all_key_usages),
+      jwk_suffix_(jwk_suffix) {
+}
+
+AesAlgorithm::AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
+                           const char* jwk_suffix)
+    : import_mechanism_(import_mechanism),
+      import_flags_(CKF_ENCRYPT | CKF_DECRYPT),
+      all_key_usages_(blink::WebCryptoKeyUsageEncrypt |
+                      blink::WebCryptoKeyUsageDecrypt |
+                      blink::WebCryptoKeyUsageWrapKey |
+                      blink::WebCryptoKeyUsageUnwrapKey),
+      jwk_suffix_(jwk_suffix) {
+}
+
+Status AesAlgorithm::GenerateSecretKey(
+    const blink::WebCryptoAlgorithm& algorithm,
+    bool extractable,
+    blink::WebCryptoKeyUsageMask usage_mask,
+    blink::WebCryptoKey* key) const {
+  unsigned int keylen_bits = algorithm.aesKeyGenParams()->lengthBits();
+
+  if (keylen_bits == 192)
+    return Status::ErrorAes192BitUnsupported();
+
+  if (keylen_bits != 128 && keylen_bits != 256)
+    return Status::ErrorGenerateKeyLength();
+
+  return GenerateSecretKeyNss(
+      blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
+      extractable,
+      usage_mask,
+      keylen_bits / 8,
+      CKM_AES_KEY_GEN,
+      key);
+}
+
+Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey(
+    blink::WebCryptoKeyFormat format,
+    blink::WebCryptoKeyUsageMask usage_mask) const {
+  if (format != blink::WebCryptoKeyFormatRaw &&
+      format != blink::WebCryptoKeyFormatJwk)
+    return Status::ErrorUnsupportedImportKeyFormat();
+
+  if (!ContainsKeyUsages(all_key_usages_, usage_mask))
+    return Status::ErrorCreateKeyBadUsages();
+
+  return Status::Success();
+}
+
+Status AesAlgorithm::VerifyKeyUsagesBeforeGenerateKey(
+    blink::WebCryptoKeyUsageMask usage_mask) const {
+  if (!ContainsKeyUsages(all_key_usages_, usage_mask))
+    return Status::ErrorCreateKeyBadUsages();
+
+  return Status::Success();
+}
+
+Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data,
+                                  const blink::WebCryptoAlgorithm& algorithm,
+                                  bool extractable,
+                                  blink::WebCryptoKeyUsageMask usage_mask,
+                                  blink::WebCryptoKey* key) const {
+  const unsigned int keylen_bytes = key_data.byte_length();
+
+  if (keylen_bytes == 24)
+    return Status::ErrorAes192BitUnsupported();
+
+  if (keylen_bytes != 16 && keylen_bytes != 32)
+    return Status::ErrorImportAesKeyLength();
+
+  // No possibility of overflow.
+  unsigned int keylen_bits = keylen_bytes * 8;
+
+  return ImportKeyRawNss(
+      key_data,
+      blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
+      extractable,
+      usage_mask,
+      import_mechanism_,
+      import_flags_,
+      key);
+}
+
+Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data,
+                                  const blink::WebCryptoAlgorithm& algorithm,
+                                  bool extractable,
+                                  blink::WebCryptoKeyUsageMask usage_mask,
+                                  blink::WebCryptoKey* key) const {
+  std::vector<uint8> raw_data;
+  std::string jwk_algorithm_name;
+  Status status = ReadSecretKeyJwk(
+      key_data, "", extractable, usage_mask, &raw_data, &jwk_algorithm_name);
+  if (status.IsError())
+    return status;
+
+  std::string expected_algorithm_name = GetJwkAlgorithmName(raw_data.size());
+  if (!jwk_algorithm_name.empty() &&
+      jwk_algorithm_name != expected_algorithm_name) {
+    if (jwk_algorithm_name == GetJwkAlgorithmName(16) ||
+        jwk_algorithm_name == GetJwkAlgorithmName(24) ||
+        jwk_algorithm_name == GetJwkAlgorithmName(32)) {
+      return Status::ErrorJwkIncorrectKeyLength();
+    }
+    return Status::ErrorJwkAlgorithmInconsistent();
+  }
+
+  return ImportKeyRaw(
+      CryptoData(raw_data), algorithm, extractable, usage_mask, key);
+}
+
+Status AesAlgorithm::ExportKeyRaw(const blink::WebCryptoKey& key,
+                                  std::vector<uint8>* buffer) const {
+  *buffer = SymKeyNss::Cast(key)->raw_key_data();
+  return Status::Success();
+}
+
+Status AesAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key,
+                                  std::vector<uint8>* buffer) const {
+  SymKeyNss* sym_key = SymKeyNss::Cast(key);
+  const std::vector<uint8>& raw_data = sym_key->raw_key_data();
+
+  WriteSecretKeyJwk(CryptoData(raw_data),
+                    GetJwkAlgorithmName(raw_data.size()),
+                    key.extractable(),
+                    key.usages(),
+                    buffer);
+
+  return Status::Success();
+}
+
+std::string AesAlgorithm::GetJwkAlgorithmName(unsigned int keylen_bytes) const {
+  if (keylen_bytes == 16)
+    return std::string("A128") + jwk_suffix_;
+  if (keylen_bytes == 24)
+    return std::string("A192") + jwk_suffix_;
+  if (keylen_bytes == 32)
+    return std::string("A256") + jwk_suffix_;
+  return std::string();
+}
+
+}  // namespace webcrypto
+
+}  // namespace content