Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(375)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/webcrypto_util.cc

Issue 401233004: Refactor RSA key generation for WebCrypto's NSS implementation. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/child/webcrypto/webcrypto_util.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/child/webcrypto/webcrypto_util.h" 5 #include "content/child/webcrypto/webcrypto_util.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/strings/stringprintf.h" 9 #include "base/strings/stringprintf.h"
10 #include "content/child/webcrypto/status.h" 10 #include "content/child/webcrypto/status.h"
11 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" 11 #include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h"
12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" 12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
13 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" 13 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
14 14
15 namespace content { 15 namespace content {
16 16
17 namespace webcrypto { 17 namespace webcrypto {
18 18
19 namespace {
20
21 // Converts a (big-endian) WebCrypto BigInteger, with or without leading zeros,
22 // to unsigned int.
23 bool BigIntegerToUint(const uint8_t* data,
24 unsigned int data_size,
25 unsigned int* result) {
26 // TODO(eroman): Fix handling of empty biginteger. http://crbug.com/373552
27 if (data_size == 0)
28 return false;
29
30 *result = 0;
31 for (size_t i = 0; i < data_size; ++i) {
32 size_t reverse_i = data_size - i - 1;
33
34 if (reverse_i >= sizeof(*result) && data[i])
35 return false; // Too large for a long.
Ryan Sleevi 2014/07/24 23:03:43 Comment out of date.
eroman 2014/07/24 23:36:47 Done.
36
37 *result |= data[i] << 8 * reverse_i;
38 }
39 return true;
40 }
41
42 } // namespace
43
19 const uint8_t* Uint8VectorStart(const std::vector<uint8_t>& data) { 44 const uint8_t* Uint8VectorStart(const std::vector<uint8_t>& data) {
20 if (data.empty()) 45 if (data.empty())
21 return NULL; 46 return NULL;
22 return &data[0]; 47 return &data[0];
23 } 48 }
24 49
25 uint8_t* Uint8VectorStart(std::vector<uint8_t>* data) { 50 uint8_t* Uint8VectorStart(std::vector<uint8_t>* data) {
26 if (data->empty()) 51 if (data->empty())
27 return NULL; 52 return NULL;
28 return &(*data)[0]; 53 return &(*data)[0];
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after
253 return Status::ErrorImportAesKeyLength(); 278 return Status::ErrorImportAesKeyLength();
254 } 279 }
255 280
256 Status CheckKeyCreationUsages(blink::WebCryptoKeyUsageMask all_possible_usages, 281 Status CheckKeyCreationUsages(blink::WebCryptoKeyUsageMask all_possible_usages,
257 blink::WebCryptoKeyUsageMask actual_usages) { 282 blink::WebCryptoKeyUsageMask actual_usages) {
258 if (!ContainsKeyUsages(all_possible_usages, actual_usages)) 283 if (!ContainsKeyUsages(all_possible_usages, actual_usages))
259 return Status::ErrorCreateKeyBadUsages(); 284 return Status::ErrorCreateKeyBadUsages();
260 return Status::Success(); 285 return Status::Success();
261 } 286 }
262 287
288 Status GetRsaKeyGenParameters(
289 const blink::WebCryptoRsaHashedKeyGenParams* params,
290 unsigned int* public_exponent,
291 unsigned int* modulus_length_bits) {
292 *modulus_length_bits = params->modulusLengthBits();
293
294 // Limit key sizes to those supported by NSS:
295 // * Multiple of 8 bits
296 // * 256 bits to 16K bits
297 if (*modulus_length_bits < 256 || *modulus_length_bits > 16384 ||
298 (*modulus_length_bits % 8) != 0) {
299 return Status::ErrorGenerateRsaUnsupportedModulus();
300 }
301
302 if (!BigIntegerToUint(params->publicExponent().data(),
303 params->publicExponent().size(),
304 public_exponent)) {
305 return Status::ErrorGenerateKeyPublicExponent();
306 }
307
308 // OpenSSL hangs when given bad public exponents, whereas NSS simply fails. To
309 // avoid feeding OpenSSL data that will hang use a whitelist.
310 if (*public_exponent != 3 && *public_exponent != 65537)
311 return Status::ErrorGenerateKeyPublicExponent();
312
313 return Status::Success();
314 }
315
263 } // namespace webcrypto 316 } // namespace webcrypto
264 317
265 } // namespace content 318 } // namespace content
OLDNEW
« no previous file with comments | « content/child/webcrypto/webcrypto_util.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698