| Index: content/child/webcrypto/shared_crypto.cc
|
| diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc
|
| deleted file mode 100644
|
| index 03804abbfc3b1aab24b7415c6a77028f8fa88ff4..0000000000000000000000000000000000000000
|
| --- a/content/child/webcrypto/shared_crypto.cc
|
| +++ /dev/null
|
| @@ -1,944 +0,0 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "content/child/webcrypto/shared_crypto.h"
|
| -
|
| -#include "base/logging.h"
|
| -#include "content/child/webcrypto/crypto_data.h"
|
| -#include "content/child/webcrypto/jwk.h"
|
| -#include "content/child/webcrypto/platform_crypto.h"
|
| -#include "content/child/webcrypto/status.h"
|
| -#include "content/child/webcrypto/webcrypto_util.h"
|
| -#include "crypto/secure_util.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKey.h"
|
| -#include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
|
| -
|
| -namespace content {
|
| -
|
| -namespace webcrypto {
|
| -
|
| -// ------------
|
| -// Threading:
|
| -// ------------
|
| -//
|
| -// All functions in this file are called from the webcrypto worker pool except
|
| -// for:
|
| -//
|
| -// * SerializeKeyForClone()
|
| -// * DeserializeKeyForClone()
|
| -// * ImportKey() // TODO(eroman): Change this.
|
| -
|
| -namespace {
|
| -
|
| -// TODO(eroman): Move this helper to WebCryptoKey.
|
| -bool KeyUsageAllows(const blink::WebCryptoKey& key,
|
| - const blink::WebCryptoKeyUsage usage) {
|
| - return ((key.usages() & usage) != 0);
|
| -}
|
| -
|
| -bool IsValidAesKeyLengthBits(unsigned int length_bits) {
|
| - // 192-bit AES is disallowed.
|
| - return length_bits == 128 || length_bits == 256;
|
| -}
|
| -
|
| -bool IsValidAesKeyLengthBytes(unsigned int length_bytes) {
|
| - // 192-bit AES is disallowed.
|
| - return length_bytes == 16 || length_bytes == 32;
|
| -}
|
| -
|
| -const size_t kAesBlockSizeBytes = 16;
|
| -
|
| -Status EncryptDecryptAesCbc(EncryptOrDecrypt mode,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::SymKey* sym_key;
|
| - Status status = ToPlatformSymKey(key, &sym_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - const blink::WebCryptoAesCbcParams* params = algorithm.aesCbcParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| - CryptoData iv(params->iv().data(), params->iv().size());
|
| - if (iv.byte_length() != kAesBlockSizeBytes)
|
| - return Status::ErrorIncorrectSizeAesCbcIv();
|
| -
|
| - return platform::EncryptDecryptAesCbc(mode, sym_key, data, iv, buffer);
|
| -}
|
| -
|
| -Status EncryptDecryptAesGcm(EncryptOrDecrypt mode,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::SymKey* sym_key;
|
| - Status status = ToPlatformSymKey(key, &sym_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - const blink::WebCryptoAesGcmParams* params = algorithm.aesGcmParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| - unsigned int tag_length_bits = 128;
|
| - if (params->hasTagLengthBits())
|
| - tag_length_bits = params->optionalTagLengthBits();
|
| -
|
| - if (tag_length_bits != 32 && tag_length_bits != 64 && tag_length_bits != 96 &&
|
| - tag_length_bits != 104 && tag_length_bits != 112 &&
|
| - tag_length_bits != 120 && tag_length_bits != 128)
|
| - return Status::ErrorInvalidAesGcmTagLength();
|
| -
|
| - return platform::EncryptDecryptAesGcm(
|
| - mode,
|
| - sym_key,
|
| - data,
|
| - CryptoData(params->iv()),
|
| - CryptoData(params->optionalAdditionalData()),
|
| - tag_length_bits,
|
| - buffer);
|
| -}
|
| -
|
| -Status EncryptRsaOaep(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::PublicKey* public_key;
|
| - Status status = ToPlatformPublicKey(key, &public_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - const blink::WebCryptoRsaOaepParams* params = algorithm.rsaOaepParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| - return platform::EncryptRsaOaep(public_key,
|
| - key.algorithm().rsaHashedParams()->hash(),
|
| - CryptoData(params->optionalLabel()),
|
| - data,
|
| - buffer);
|
| -}
|
| -
|
| -Status DecryptRsaOaep(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::PrivateKey* private_key;
|
| - Status status = ToPlatformPrivateKey(key, &private_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - const blink::WebCryptoRsaOaepParams* params = algorithm.rsaOaepParams();
|
| - if (!params)
|
| - return Status::ErrorUnexpected();
|
| -
|
| - return platform::DecryptRsaOaep(private_key,
|
| - key.algorithm().rsaHashedParams()->hash(),
|
| - CryptoData(params->optionalLabel()),
|
| - data,
|
| - buffer);
|
| -}
|
| -
|
| -Status SignHmac(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::SymKey* sym_key;
|
| - Status status = ToPlatformSymKey(key, &sym_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - return platform::SignHmac(
|
| - sym_key, key.algorithm().hmacParams()->hash(), data, buffer);
|
| -}
|
| -
|
| -Status VerifyHmac(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& signature,
|
| - const CryptoData& data,
|
| - bool* signature_match) {
|
| - std::vector<uint8> result;
|
| - Status status = SignHmac(algorithm, key, data, &result);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // Do not allow verification of truncated MACs.
|
| - *signature_match =
|
| - result.size() == signature.byte_length() &&
|
| - crypto::SecureMemEqual(
|
| - Uint8VectorStart(result), signature.bytes(), signature.byte_length());
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -Status SignRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::PrivateKey* private_key;
|
| - Status status = ToPlatformPrivateKey(key, &private_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - return platform::SignRsaSsaPkcs1v1_5(
|
| - private_key, key.algorithm().rsaHashedParams()->hash(), data, buffer);
|
| -}
|
| -
|
| -Status VerifyRsaSsaPkcs1v1_5(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& signature,
|
| - const CryptoData& data,
|
| - bool* signature_match) {
|
| - platform::PublicKey* public_key;
|
| - Status status = ToPlatformPublicKey(key, &public_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - return platform::VerifyRsaSsaPkcs1v1_5(
|
| - public_key,
|
| - key.algorithm().rsaHashedParams()->hash(),
|
| - signature,
|
| - data,
|
| - signature_match);
|
| -}
|
| -
|
| -// Note that this function may be called from the target Blink thread.
|
| -Status ImportKeyRaw(const CryptoData& key_data,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesCtr:
|
| - case blink::WebCryptoAlgorithmIdAesCbc:
|
| - case blink::WebCryptoAlgorithmIdAesGcm:
|
| - case blink::WebCryptoAlgorithmIdAesKw:
|
| - if (!IsValidAesKeyLengthBytes(key_data.byte_length())) {
|
| - return key_data.byte_length() == 24
|
| - ? Status::ErrorAes192BitUnsupported()
|
| - : Status::ErrorImportAesKeyLength();
|
| - }
|
| - // Fallthrough intentional!
|
| - case blink::WebCryptoAlgorithmIdHmac:
|
| - return platform::ImportKeyRaw(
|
| - algorithm, key_data, extractable, usage_mask, key);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -// Returns the key format to use for structured cloning.
|
| -blink::WebCryptoKeyFormat GetCloneFormatForKeyType(
|
| - blink::WebCryptoKeyType type) {
|
| - switch (type) {
|
| - case blink::WebCryptoKeyTypeSecret:
|
| - return blink::WebCryptoKeyFormatRaw;
|
| - case blink::WebCryptoKeyTypePublic:
|
| - return blink::WebCryptoKeyFormatSpki;
|
| - case blink::WebCryptoKeyTypePrivate:
|
| - return blink::WebCryptoKeyFormatPkcs8;
|
| - }
|
| -
|
| - NOTREACHED();
|
| - return blink::WebCryptoKeyFormatRaw;
|
| -}
|
| -
|
| -// Converts a KeyAlgorithm into an equivalent Algorithm for import.
|
| -blink::WebCryptoAlgorithm KeyAlgorithmToImportAlgorithm(
|
| - const blink::WebCryptoKeyAlgorithm& algorithm) {
|
| - switch (algorithm.paramsType()) {
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeAes:
|
| - return CreateAlgorithm(algorithm.id());
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
|
| - return CreateHmacImportAlgorithm(algorithm.hmacParams()->hash().id());
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed:
|
| - return CreateRsaHashedImportAlgorithm(
|
| - algorithm.id(), algorithm.rsaHashedParams()->hash().id());
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeNone:
|
| - break;
|
| - default:
|
| - break;
|
| - }
|
| - return blink::WebCryptoAlgorithm::createNull();
|
| -}
|
| -
|
| -// There is some duplicated information in the serialized format used by
|
| -// structured clone (since the KeyAlgorithm is serialized separately from the
|
| -// key data). Use this extra information to further validate what was
|
| -// deserialized from the key data.
|
| -//
|
| -// A failure here implies either a bug in the code, or that the serialized data
|
| -// was corrupted.
|
| -bool ValidateDeserializedKey(const blink::WebCryptoKey& key,
|
| - const blink::WebCryptoKeyAlgorithm& algorithm,
|
| - blink::WebCryptoKeyType type) {
|
| - if (algorithm.id() != key.algorithm().id())
|
| - return false;
|
| -
|
| - if (key.type() != type)
|
| - return false;
|
| -
|
| - switch (algorithm.paramsType()) {
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeAes:
|
| - if (algorithm.aesParams()->lengthBits() !=
|
| - key.algorithm().aesParams()->lengthBits())
|
| - return false;
|
| - break;
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed:
|
| - if (algorithm.rsaHashedParams()->modulusLengthBits() !=
|
| - key.algorithm().rsaHashedParams()->modulusLengthBits())
|
| - return false;
|
| - if (algorithm.rsaHashedParams()->publicExponent().size() !=
|
| - key.algorithm().rsaHashedParams()->publicExponent().size())
|
| - return false;
|
| - if (memcmp(algorithm.rsaHashedParams()->publicExponent().data(),
|
| - key.algorithm().rsaHashedParams()->publicExponent().data(),
|
| - key.algorithm().rsaHashedParams()->publicExponent().size()) !=
|
| - 0)
|
| - return false;
|
| - break;
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeNone:
|
| - case blink::WebCryptoKeyAlgorithmParamsTypeHmac:
|
| - break;
|
| - default:
|
| - return false;
|
| - }
|
| -
|
| - return true;
|
| -}
|
| -
|
| -Status EncryptDecryptAesKw(EncryptOrDecrypt mode,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - platform::SymKey* sym_key;
|
| - Status status = ToPlatformSymKey(key, &sym_key);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - unsigned int min_length = mode == ENCRYPT ? 16 : 24;
|
| -
|
| - if (data.byte_length() < min_length)
|
| - return Status::ErrorDataTooSmall();
|
| - if (data.byte_length() % 8)
|
| - return Status::ErrorInvalidAesKwDataLength();
|
| -
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::EncryptDecryptAesKw(mode, sym_key, data, buffer);
|
| -}
|
| -
|
| -Status DecryptDontCheckKeyUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - if (algorithm.id() != key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesCbc:
|
| - return EncryptDecryptAesCbc(DECRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdAesGcm:
|
| - return EncryptDecryptAesGcm(DECRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdRsaOaep:
|
| - return DecryptRsaOaep(algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdAesKw:
|
| - return EncryptDecryptAesKw(DECRYPT, algorithm, key, data, buffer);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status EncryptDontCheckUsage(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - if (algorithm.id() != key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesCbc:
|
| - return EncryptDecryptAesCbc(ENCRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdAesGcm:
|
| - return EncryptDecryptAesGcm(ENCRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdAesKw:
|
| - return EncryptDecryptAesKw(ENCRYPT, algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdRsaOaep:
|
| - return EncryptRsaOaep(algorithm, key, data, buffer);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status UnwrapKeyDecryptAndImport(
|
| - blink::WebCryptoKeyFormat format,
|
| - const CryptoData& wrapped_key_data,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - std::vector<uint8> buffer;
|
| - Status status = DecryptDontCheckKeyUsage(
|
| - wrapping_algorithm, wrapping_key, wrapped_key_data, &buffer);
|
| - if (status.IsError())
|
| - return status;
|
| - // NOTE that returning the details of ImportKey() failures may leak
|
| - // information about the plaintext of the encrypted key (for instance the JWK
|
| - // key_ops). As long as the ImportKey error messages don't describe actual
|
| - // key bytes however this should be OK. For more discussion see
|
| - // http://crubg.com/372040
|
| - return ImportKey(
|
| - format, CryptoData(buffer), algorithm, extractable, usage_mask, key);
|
| -}
|
| -
|
| -Status WrapKeyExportAndEncrypt(
|
| - blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key_to_wrap,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - std::vector<uint8>* buffer) {
|
| - std::vector<uint8> exported_data;
|
| - Status status = ExportKey(format, key_to_wrap, &exported_data);
|
| - if (status.IsError())
|
| - return status;
|
| - return EncryptDontCheckUsage(
|
| - wrapping_algorithm, wrapping_key, CryptoData(exported_data), buffer);
|
| -}
|
| -
|
| -// Returns the internal block size for SHA-*
|
| -unsigned int ShaBlockSizeBytes(blink::WebCryptoAlgorithmId hash_id) {
|
| - switch (hash_id) {
|
| - case blink::WebCryptoAlgorithmIdSha1:
|
| - case blink::WebCryptoAlgorithmIdSha256:
|
| - return 64;
|
| - case blink::WebCryptoAlgorithmIdSha384:
|
| - case blink::WebCryptoAlgorithmIdSha512:
|
| - return 128;
|
| - default:
|
| - NOTREACHED();
|
| - return 0;
|
| - }
|
| -}
|
| -
|
| -// Returns the mask of all key usages that are possible for |algorithm| and
|
| -// |key_type|. If the combination of |algorithm| and |key_type| doesn't make
|
| -// sense, then returns 0 (no usages).
|
| -blink::WebCryptoKeyUsageMask GetValidKeyUsagesForKeyType(
|
| - blink::WebCryptoAlgorithmId algorithm,
|
| - blink::WebCryptoKeyType key_type) {
|
| - if (IsAlgorithmAsymmetric(algorithm) ==
|
| - (key_type == blink::WebCryptoKeyTypeSecret))
|
| - return 0;
|
| -
|
| - switch (algorithm) {
|
| - case blink::WebCryptoAlgorithmIdAesCbc:
|
| - case blink::WebCryptoAlgorithmIdAesGcm:
|
| - case blink::WebCryptoAlgorithmIdAesCtr:
|
| - return blink::WebCryptoKeyUsageEncrypt | blink::WebCryptoKeyUsageDecrypt |
|
| - blink::WebCryptoKeyUsageWrapKey |
|
| - blink::WebCryptoKeyUsageUnwrapKey;
|
| - case blink::WebCryptoAlgorithmIdAesKw:
|
| - return blink::WebCryptoKeyUsageWrapKey |
|
| - blink::WebCryptoKeyUsageUnwrapKey;
|
| - case blink::WebCryptoAlgorithmIdHmac:
|
| - return blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify;
|
| - case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
|
| - switch (key_type) {
|
| - case blink::WebCryptoKeyTypePublic:
|
| - return blink::WebCryptoKeyUsageVerify;
|
| - case blink::WebCryptoKeyTypePrivate:
|
| - return blink::WebCryptoKeyUsageSign;
|
| - default:
|
| - return 0;
|
| - }
|
| - case blink::WebCryptoAlgorithmIdRsaOaep:
|
| - switch (key_type) {
|
| - case blink::WebCryptoKeyTypePublic:
|
| - return blink::WebCryptoKeyUsageEncrypt |
|
| - blink::WebCryptoKeyUsageWrapKey;
|
| - case blink::WebCryptoKeyTypePrivate:
|
| - return blink::WebCryptoKeyUsageDecrypt |
|
| - blink::WebCryptoKeyUsageUnwrapKey;
|
| - default:
|
| - return 0;
|
| - }
|
| - default:
|
| - return 0;
|
| - }
|
| -}
|
| -
|
| -// Returns Status::Success() if |usages| is a valid set of key usages for
|
| -// |algorithm| and |key_type|. Otherwise returns an error.
|
| -// In the case of JWK format the check is incomplete for asymmetric algorithms.
|
| -Status BestEffortCheckKeyUsagesForImport(blink::WebCryptoAlgorithmId algorithm,
|
| - blink::WebCryptoKeyFormat format,
|
| - blink::WebCryptoKeyUsageMask usages) {
|
| - if (!IsAlgorithmAsymmetric(algorithm))
|
| - return CheckKeyUsages(algorithm, blink::WebCryptoKeyTypeSecret, usages);
|
| -
|
| - // Try to infer the key type given the import format.
|
| - switch (format) {
|
| - case blink::WebCryptoKeyFormatRaw:
|
| - // TODO(eroman): The spec defines Diffie-Hellman raw import for public
|
| - // keys, so this will need to be updated in the future when DH is
|
| - // implemented.
|
| - return Status::ErrorUnexpected();
|
| - case blink::WebCryptoKeyFormatSpki:
|
| - return CheckKeyUsages(algorithm, blink::WebCryptoKeyTypePublic, usages);
|
| - case blink::WebCryptoKeyFormatPkcs8:
|
| - return CheckKeyUsages(algorithm, blink::WebCryptoKeyTypePrivate, usages);
|
| - case blink::WebCryptoKeyFormatJwk:
|
| - break;
|
| - default:
|
| - return Status::ErrorUnexpected();
|
| - }
|
| -
|
| - // If the key type is not known, then the algorithm is asymmetric. Whether the
|
| - // key data describes a public or private key isn't known yet. But it must at
|
| - // least be ONE of those two.
|
| - DCHECK(IsAlgorithmAsymmetric(algorithm));
|
| -
|
| - if (CheckKeyUsages(algorithm, blink::WebCryptoKeyTypePublic, usages)
|
| - .IsError() &&
|
| - CheckKeyUsages(algorithm, blink::WebCryptoKeyTypePrivate, usages)
|
| - .IsError()) {
|
| - return Status::ErrorCreateKeyBadUsages();
|
| - }
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -// Returns an error if |combined_usage_mask| is invalid for generating a key
|
| -// pair for |algorithm|. Otherwise returns Status::Success(), and fills
|
| -// |public_key_usages| with the usages for the public key, and
|
| -// |private_key_usages| with those for the private key.
|
| -Status CheckKeyUsagesForGenerateKeyPair(
|
| - blink::WebCryptoAlgorithmId algorithm,
|
| - blink::WebCryptoKeyUsageMask combined_usage_mask,
|
| - blink::WebCryptoKeyUsageMask* public_key_usages,
|
| - blink::WebCryptoKeyUsageMask* private_key_usages) {
|
| - DCHECK(IsAlgorithmAsymmetric(algorithm));
|
| -
|
| - blink::WebCryptoKeyUsageMask all_public_key_usages =
|
| - GetValidKeyUsagesForKeyType(algorithm, blink::WebCryptoKeyTypePublic);
|
| - blink::WebCryptoKeyUsageMask all_private_key_usages =
|
| - GetValidKeyUsagesForKeyType(algorithm, blink::WebCryptoKeyTypePrivate);
|
| -
|
| - if (!ContainsKeyUsages(all_public_key_usages | all_private_key_usages,
|
| - combined_usage_mask))
|
| - return Status::ErrorCreateKeyBadUsages();
|
| -
|
| - *public_key_usages = combined_usage_mask & all_public_key_usages;
|
| - *private_key_usages = combined_usage_mask & all_private_key_usages;
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -// Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros,
|
| -// to unsigned long.
|
| -bool BigIntegerToLong(const uint8* data,
|
| - unsigned int data_size,
|
| - unsigned long* result) {
|
| - // TODO(padolph): Is it correct to say that empty data is an error, or does it
|
| - // mean value 0? See https://www.w3.org/Bugs/Public/show_bug.cgi?id=23655
|
| - if (data_size == 0)
|
| - return false;
|
| -
|
| - *result = 0;
|
| - for (size_t i = 0; i < data_size; ++i) {
|
| - size_t reverse_i = data_size - i - 1;
|
| -
|
| - if (reverse_i >= sizeof(unsigned long) && data[i])
|
| - return false; // Too large for a long.
|
| -
|
| - *result |= data[i] << 8 * reverse_i;
|
| - }
|
| - return true;
|
| -}
|
| -
|
| -
|
| -} // namespace
|
| -
|
| -void Init() { platform::Init(); }
|
| -
|
| -Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageEncrypt))
|
| - return Status::ErrorUnexpected();
|
| - return EncryptDontCheckUsage(algorithm, key, data, buffer);
|
| -}
|
| -
|
| -Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageDecrypt))
|
| - return Status::ErrorUnexpected();
|
| - return DecryptDontCheckKeyUsage(algorithm, key, data, buffer);
|
| -}
|
| -
|
| -Status Digest(const blink::WebCryptoAlgorithm& algorithm,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdSha1:
|
| - case blink::WebCryptoAlgorithmIdSha256:
|
| - case blink::WebCryptoAlgorithmIdSha384:
|
| - case blink::WebCryptoAlgorithmIdSha512:
|
| - return platform::DigestSha(algorithm.id(), data, buffer);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -scoped_ptr<blink::WebCryptoDigestor> CreateDigestor(
|
| - blink::WebCryptoAlgorithmId algorithm) {
|
| - return platform::CreateDigestor(algorithm);
|
| -}
|
| -
|
| -Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - Status status =
|
| - CheckKeyUsages(algorithm.id(), blink::WebCryptoKeyTypeSecret, usage_mask);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - unsigned int keylen_bytes = 0;
|
| -
|
| - // Get the secret key length in bytes from generation parameters.
|
| - // This resolves any defaults.
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdAesCbc:
|
| - case blink::WebCryptoAlgorithmIdAesGcm:
|
| - case blink::WebCryptoAlgorithmIdAesKw: {
|
| - if (!IsValidAesKeyLengthBits(algorithm.aesKeyGenParams()->lengthBits())) {
|
| - return algorithm.aesKeyGenParams()->lengthBits() == 192
|
| - ? Status::ErrorAes192BitUnsupported()
|
| - : Status::ErrorGenerateKeyLength();
|
| - }
|
| - keylen_bytes = algorithm.aesKeyGenParams()->lengthBits() / 8;
|
| - break;
|
| - }
|
| - case blink::WebCryptoAlgorithmIdHmac: {
|
| - const blink::WebCryptoHmacKeyGenParams* params =
|
| - algorithm.hmacKeyGenParams();
|
| - DCHECK(params);
|
| - if (params->hasLengthBits()) {
|
| - if (params->optionalLengthBits() % 8)
|
| - return Status::ErrorGenerateKeyLength();
|
| - keylen_bytes = params->optionalLengthBits() / 8;
|
| - } else {
|
| - keylen_bytes = ShaBlockSizeBytes(params->hash().id());
|
| - if (keylen_bytes == 0)
|
| - return Status::ErrorUnsupported();
|
| - }
|
| - break;
|
| - }
|
| -
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -
|
| - // TODO(eroman): Is this correct? HMAC can import zero-length keys, so should
|
| - // probably be able to allowed to generate them too.
|
| - if (keylen_bytes == 0)
|
| - return Status::ErrorGenerateKeyLength();
|
| -
|
| - return platform::GenerateSecretKey(
|
| - algorithm, extractable, usage_mask, keylen_bytes, key);
|
| -}
|
| -
|
| -Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask combined_usage_mask,
|
| - blink::WebCryptoKey* public_key,
|
| - blink::WebCryptoKey* private_key) {
|
| - blink::WebCryptoKeyUsageMask public_key_usage_mask = 0;
|
| - blink::WebCryptoKeyUsageMask private_key_usage_mask = 0;
|
| -
|
| - Status status = CheckKeyUsagesForGenerateKeyPair(algorithm.id(),
|
| - combined_usage_mask,
|
| - &public_key_usage_mask,
|
| - &private_key_usage_mask);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - // TODO(padolph): Handle other asymmetric algorithm key generation.
|
| - switch (algorithm.paramsType()) {
|
| - case blink::WebCryptoAlgorithmParamsTypeRsaHashedKeyGenParams: {
|
| - const blink::WebCryptoRsaHashedKeyGenParams* params =
|
| - algorithm.rsaHashedKeyGenParams();
|
| -
|
| - if (!params->modulusLengthBits())
|
| - return Status::ErrorGenerateRsaZeroModulus();
|
| -
|
| - unsigned long public_exponent = 0;
|
| - if (!BigIntegerToLong(params->publicExponent().data(),
|
| - params->publicExponent().size(),
|
| - &public_exponent) ||
|
| - (public_exponent != 3 && public_exponent != 65537)) {
|
| - return Status::ErrorGenerateKeyPublicExponent();
|
| - }
|
| -
|
| - return platform::GenerateRsaKeyPair(algorithm,
|
| - extractable,
|
| - public_key_usage_mask,
|
| - private_key_usage_mask,
|
| - params->modulusLengthBits(),
|
| - public_exponent,
|
| - public_key,
|
| - private_key);
|
| - }
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -// Note that this function may be called from the target Blink thread.
|
| -Status ImportKey(blink::WebCryptoKeyFormat format,
|
| - const CryptoData& key_data,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - // This is "best effort" because it is incomplete for JWK (for which the key
|
| - // type is not yet known). ImportKeyJwk() does extra checks on key usage once
|
| - // the key type has been determined.
|
| - Status status =
|
| - BestEffortCheckKeyUsagesForImport(algorithm.id(), format, usage_mask);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - switch (format) {
|
| - case blink::WebCryptoKeyFormatRaw:
|
| - return ImportKeyRaw(key_data, algorithm, extractable, usage_mask, key);
|
| - case blink::WebCryptoKeyFormatSpki:
|
| - return platform::ImportKeySpki(
|
| - algorithm, key_data, extractable, usage_mask, key);
|
| - case blink::WebCryptoKeyFormatPkcs8:
|
| - return platform::ImportKeyPkcs8(
|
| - algorithm, key_data, extractable, usage_mask, key);
|
| - case blink::WebCryptoKeyFormatJwk:
|
| - return ImportKeyJwk(key_data, algorithm, extractable, usage_mask, key);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -// TODO(eroman): Move this to anonymous namespace.
|
| -Status ExportKeyDontCheckExtractability(blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key,
|
| - std::vector<uint8>* buffer) {
|
| - switch (format) {
|
| - case blink::WebCryptoKeyFormatRaw: {
|
| - platform::SymKey* sym_key;
|
| - Status status = ToPlatformSymKey(key, &sym_key);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::ExportKeyRaw(sym_key, buffer);
|
| - }
|
| - case blink::WebCryptoKeyFormatSpki: {
|
| - platform::PublicKey* public_key;
|
| - Status status = ToPlatformPublicKey(key, &public_key);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::ExportKeySpki(public_key, buffer);
|
| - }
|
| - case blink::WebCryptoKeyFormatPkcs8: {
|
| - platform::PrivateKey* private_key;
|
| - Status status = ToPlatformPrivateKey(key, &private_key);
|
| - if (status.IsError())
|
| - return status;
|
| - return platform::ExportKeyPkcs8(private_key, key.algorithm(), buffer);
|
| - }
|
| - case blink::WebCryptoKeyFormatJwk:
|
| - return ExportKeyJwk(key, buffer);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status ExportKey(blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key,
|
| - std::vector<uint8>* buffer) {
|
| - if (!key.extractable())
|
| - return Status::ErrorKeyNotExtractable();
|
| - return ExportKeyDontCheckExtractability(format, key, buffer);
|
| -}
|
| -
|
| -Status Sign(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& data,
|
| - std::vector<uint8>* buffer) {
|
| - if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageSign))
|
| - return Status::ErrorUnexpected();
|
| - if (algorithm.id() != key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| -
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdHmac:
|
| - return SignHmac(algorithm, key, data, buffer);
|
| - case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
|
| - return SignRsaSsaPkcs1v1_5(algorithm, key, data, buffer);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status VerifySignature(const blink::WebCryptoAlgorithm& algorithm,
|
| - const blink::WebCryptoKey& key,
|
| - const CryptoData& signature,
|
| - const CryptoData& data,
|
| - bool* signature_match) {
|
| - if (!KeyUsageAllows(key, blink::WebCryptoKeyUsageVerify))
|
| - return Status::ErrorUnexpected();
|
| - if (algorithm.id() != key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| -
|
| - if (!signature.byte_length()) {
|
| - // None of the algorithms generate valid zero-length signatures so this
|
| - // will necessarily fail verification. Early return to protect
|
| - // implementations from dealing with a NULL signature pointer.
|
| - *signature_match = false;
|
| - return Status::Success();
|
| - }
|
| -
|
| - switch (algorithm.id()) {
|
| - case blink::WebCryptoAlgorithmIdHmac:
|
| - return VerifyHmac(algorithm, key, signature, data, signature_match);
|
| - case blink::WebCryptoAlgorithmIdRsaSsaPkcs1v1_5:
|
| - return VerifyRsaSsaPkcs1v1_5(
|
| - algorithm, key, signature, data, signature_match);
|
| - default:
|
| - return Status::ErrorUnsupported();
|
| - }
|
| -}
|
| -
|
| -Status WrapKey(blink::WebCryptoKeyFormat format,
|
| - const blink::WebCryptoKey& key_to_wrap,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - std::vector<uint8>* buffer) {
|
| - if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageWrapKey))
|
| - return Status::ErrorUnexpected();
|
| - if (wrapping_algorithm.id() != wrapping_key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| -
|
| - return WrapKeyExportAndEncrypt(
|
| - format, key_to_wrap, wrapping_key, wrapping_algorithm, buffer);
|
| -}
|
| -
|
| -Status UnwrapKey(blink::WebCryptoKeyFormat format,
|
| - const CryptoData& wrapped_key_data,
|
| - const blink::WebCryptoKey& wrapping_key,
|
| - const blink::WebCryptoAlgorithm& wrapping_algorithm,
|
| - const blink::WebCryptoAlgorithm& algorithm,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - blink::WebCryptoKey* key) {
|
| - if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageUnwrapKey))
|
| - return Status::ErrorUnexpected();
|
| - if (wrapping_algorithm.id() != wrapping_key.algorithm().id())
|
| - return Status::ErrorUnexpected();
|
| -
|
| - // Fail-fast if the key usages don't make sense. This avoids decrypting the
|
| - // key only to then have import fail. It is "best effort" because when
|
| - // unwrapping JWK for asymmetric algorithms the key type isn't known yet.
|
| - Status status =
|
| - BestEffortCheckKeyUsagesForImport(algorithm.id(), format, usage_mask);
|
| - if (status.IsError())
|
| - return status;
|
| -
|
| - return UnwrapKeyDecryptAndImport(format,
|
| - wrapped_key_data,
|
| - wrapping_key,
|
| - wrapping_algorithm,
|
| - algorithm,
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| -}
|
| -
|
| -// Note that this function is called from the target Blink thread.
|
| -bool SerializeKeyForClone(const blink::WebCryptoKey& key,
|
| - blink::WebVector<uint8>* key_data) {
|
| - return static_cast<webcrypto::platform::Key*>(key.handle())
|
| - ->ThreadSafeSerializeForClone(key_data);
|
| -}
|
| -
|
| -// Note that this function is called from the target Blink thread.
|
| -bool DeserializeKeyForClone(const blink::WebCryptoKeyAlgorithm& algorithm,
|
| - blink::WebCryptoKeyType type,
|
| - bool extractable,
|
| - blink::WebCryptoKeyUsageMask usage_mask,
|
| - const CryptoData& key_data,
|
| - blink::WebCryptoKey* key) {
|
| - // TODO(eroman): This should not call into the platform crypto layer.
|
| - // Otherwise it runs the risk of stalling while the NSS/OpenSSL global locks
|
| - // are held.
|
| - //
|
| - // An alternate approach is to defer the key import until the key is used.
|
| - // However this means that any deserialization errors would have to be
|
| - // surfaced as WebCrypto errors, leading to slightly different behaviors. For
|
| - // instance you could clone a key which fails to be deserialized.
|
| - Status status = ImportKey(GetCloneFormatForKeyType(type),
|
| - key_data,
|
| - KeyAlgorithmToImportAlgorithm(algorithm),
|
| - extractable,
|
| - usage_mask,
|
| - key);
|
| - if (status.IsError())
|
| - return false;
|
| - return ValidateDeserializedKey(*key, algorithm, type);
|
| -}
|
| -
|
| -Status ToPlatformSymKey(const blink::WebCryptoKey& key,
|
| - platform::SymKey** out) {
|
| - *out = static_cast<platform::Key*>(key.handle())->AsSymKey();
|
| - if (!*out)
|
| - return Status::ErrorUnexpectedKeyType();
|
| - return Status::Success();
|
| -}
|
| -
|
| -Status ToPlatformPublicKey(const blink::WebCryptoKey& key,
|
| - platform::PublicKey** out) {
|
| - *out = static_cast<platform::Key*>(key.handle())->AsPublicKey();
|
| - if (!*out)
|
| - return Status::ErrorUnexpectedKeyType();
|
| - return Status::Success();
|
| -}
|
| -
|
| -Status ToPlatformPrivateKey(const blink::WebCryptoKey& key,
|
| - platform::PrivateKey** out) {
|
| - *out = static_cast<platform::Key*>(key.handle())->AsPrivateKey();
|
| - if (!*out)
|
| - return Status::ErrorUnexpectedKeyType();
|
| - return Status::Success();
|
| -}
|
| -
|
| -// Returns Status::Success() if |usages| is a valid set of key usages for
|
| -// |algorithm| and |key_type|. Otherwise returns an error.
|
| -Status CheckKeyUsages(blink::WebCryptoAlgorithmId algorithm,
|
| - blink::WebCryptoKeyType key_type,
|
| - blink::WebCryptoKeyUsageMask usages) {
|
| - if (!ContainsKeyUsages(GetValidKeyUsagesForKeyType(algorithm, key_type),
|
| - usages))
|
| - return Status::ErrorCreateKeyBadUsages();
|
| -
|
| - return Status::Success();
|
| -}
|
| -
|
| -} // namespace webcrypto
|
| -
|
| -} // namespace content
|
|
|
Chromium Code Reviews
