| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/renderer/webcrypto/webcrypto_impl.h" | 5 #include "content/renderer/webcrypto/webcrypto_impl.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 #include <openssl/aes.h> | 8 #include <openssl/aes.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 #include <openssl/hmac.h> | 10 #include <openssl/hmac.h> |
| (...skipping 230 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 241 static_cast<int>(hash_size) != hash_expected_size) { | 241 static_cast<int>(hash_size) != hash_expected_size) { |
| 242 buffer->reset(); | 242 buffer->reset(); |
| 243 return false; | 243 return false; |
| 244 } | 244 } |
| 245 | 245 |
| 246 return true; | 246 return true; |
| 247 } | 247 } |
| 248 | 248 |
| 249 bool WebCryptoImpl::GenerateKeyInternal( | 249 bool WebCryptoImpl::GenerateKeyInternal( |
| 250 const WebKit::WebCryptoAlgorithm& algorithm, | 250 const WebKit::WebCryptoAlgorithm& algorithm, |
| 251 scoped_ptr<WebKit::WebCryptoKeyHandle>* key, | 251 bool extractable, |
| 252 WebKit::WebCryptoKeyType* type) { | 252 WebKit::WebCryptoKeyUsageMask usage_mask, |
| 253 WebKit::WebCryptoKey* key) { |
| 253 | 254 |
| 254 unsigned keylen_bytes = 0; | 255 unsigned keylen_bytes = 0; |
| 255 WebKit::WebCryptoKeyType key_type; | 256 WebKit::WebCryptoKeyType key_type; |
| 256 switch (algorithm.id()) { | 257 switch (algorithm.id()) { |
| 257 case WebKit::WebCryptoAlgorithmIdAesCbc: { | 258 case WebKit::WebCryptoAlgorithmIdAesCbc: { |
| 258 const WebKit::WebCryptoAesKeyGenParams* params = | 259 const WebKit::WebCryptoAesKeyGenParams* params = |
| 259 algorithm.aesKeyGenParams(); | 260 algorithm.aesKeyGenParams(); |
| 260 DCHECK(params); | 261 DCHECK(params); |
| 261 if (params->length() % 8) | 262 if (params->length() % 8) |
| 262 return false; | 263 return false; |
| (...skipping 21 matching lines...) Expand all Loading... |
| 284 return false; | 285 return false; |
| 285 } | 286 } |
| 286 | 287 |
| 287 crypto::OpenSSLErrStackTracer(FROM_HERE); | 288 crypto::OpenSSLErrStackTracer(FROM_HERE); |
| 288 | 289 |
| 289 std::vector<unsigned char> random_bytes(keylen_bytes, 0); | 290 std::vector<unsigned char> random_bytes(keylen_bytes, 0); |
| 290 if (!(RAND_bytes(&random_bytes[0], keylen_bytes))) { | 291 if (!(RAND_bytes(&random_bytes[0], keylen_bytes))) { |
| 291 return false; | 292 return false; |
| 292 } | 293 } |
| 293 | 294 |
| 294 key->reset(new SymKeyHandle(&random_bytes[0], random_bytes.size())); | 295 *key = WebKit::WebCryptoKey::create( |
| 295 *type = key_type; | 296 new SymKeyHandle(&random_bytes[0], random_bytes.size()), |
| 297 key_type, extractable, algorithm, usage_mask); |
| 296 | 298 |
| 297 return true; | 299 return true; |
| 298 } | 300 } |
| 299 | 301 |
| 300 bool WebCryptoImpl::ImportKeyInternal( | 302 bool WebCryptoImpl::ImportKeyInternal( |
| 301 WebKit::WebCryptoKeyFormat format, | 303 WebKit::WebCryptoKeyFormat format, |
| 302 const unsigned char* key_data, | 304 const unsigned char* key_data, |
| 303 unsigned key_data_size, | 305 unsigned key_data_size, |
| 304 const WebKit::WebCryptoAlgorithm& algorithm, | 306 const WebKit::WebCryptoAlgorithm& algorithm_or_null, |
| 305 WebKit::WebCryptoKeyUsageMask /*usage_mask*/, | 307 bool extractable, |
| 306 scoped_ptr<WebKit::WebCryptoKeyHandle>* handle, | 308 WebKit::WebCryptoKeyUsageMask usage_mask, |
| 307 WebKit::WebCryptoKeyType* type) { | 309 WebKit::WebCryptoKey* key) { |
| 310 // TODO(eroman): Currently expects algorithm to always be specified, as it is |
| 311 // required for raw format. |
| 312 if (algorithm_or_null.isNull()) |
| 313 return false; |
| 314 const WebKit::WebCryptoAlgorithm& algorithm = algorithm_or_null; |
| 308 | 315 |
| 309 // TODO(padolph): Support all relevant alg types and then remove this gate. | 316 // TODO(padolph): Support all relevant alg types and then remove this gate. |
| 310 if (algorithm.id() != WebKit::WebCryptoAlgorithmIdHmac && | 317 if (algorithm.id() != WebKit::WebCryptoAlgorithmIdHmac && |
| 311 algorithm.id() != WebKit::WebCryptoAlgorithmIdAesCbc) { | 318 algorithm.id() != WebKit::WebCryptoAlgorithmIdAesCbc) { |
| 312 return false; | 319 return false; |
| 313 } | 320 } |
| 314 | 321 |
| 315 // TODO(padolph): Need to split handling for symmetric (raw or jwk format) and | 322 // TODO(padolph): Need to split handling for symmetric (raw or jwk format) and |
| 316 // asymmetric (jwk, spki, or pkcs8 format) keys. | 323 // asymmetric (jwk, spki, or pkcs8 format) keys. |
| 317 // Currently only supporting symmetric. | 324 // Currently only supporting symmetric. |
| 318 | 325 |
| 319 // TODO(padolph): jwk handling. Define precedence between jwk contents and | 326 // TODO(padolph): jwk handling. Define precedence between jwk contents and |
| 320 // this method's parameters, e.g. 'alg' in jwk vs algorithm.id(). Who wins if | 327 // this method's parameters, e.g. 'alg' in jwk vs algorithm.id(). Who wins if |
| 321 // they differ? (jwk, probably) | 328 // they differ? (jwk, probably) |
| 322 | 329 |
| 323 // Symmetric keys are always type secret | 330 // Symmetric keys are always type secret |
| 324 *type = WebKit::WebCryptoKeyTypeSecret; | 331 WebKit::WebCryptoKeyType type = WebKit::WebCryptoKeyTypeSecret; |
| 325 | 332 |
| 326 const unsigned char* raw_key_data; | 333 const unsigned char* raw_key_data; |
| 327 unsigned raw_key_data_size; | 334 unsigned raw_key_data_size; |
| 328 switch (format) { | 335 switch (format) { |
| 329 case WebKit::WebCryptoKeyFormatRaw: | 336 case WebKit::WebCryptoKeyFormatRaw: |
| 330 raw_key_data = key_data; | 337 raw_key_data = key_data; |
| 331 raw_key_data_size = key_data_size; | 338 raw_key_data_size = key_data_size; |
| 332 // The NSS implementation fails when importing a raw AES key with a length | 339 // The NSS implementation fails when importing a raw AES key with a length |
| 333 // incompatible with AES. The line below is to match this behavior. | 340 // incompatible with AES. The line below is to match this behavior. |
| 334 if (algorithm.id() == WebKit::WebCryptoAlgorithmIdAesCbc && | 341 if (algorithm.id() == WebKit::WebCryptoAlgorithmIdAesCbc && |
| 335 !GetAESCipherByKeyLength(raw_key_data_size)) { | 342 !GetAESCipherByKeyLength(raw_key_data_size)) { |
| 336 return false; | 343 return false; |
| 337 } | 344 } |
| 338 break; | 345 break; |
| 339 case WebKit::WebCryptoKeyFormatJwk: | 346 case WebKit::WebCryptoKeyFormatJwk: |
| 340 // TODO(padolph): Handle jwk format; need simple JSON parser. | 347 // TODO(padolph): Handle jwk format; need simple JSON parser. |
| 341 // break; | 348 // break; |
| 342 return false; | 349 return false; |
| 343 default: | 350 default: |
| 344 return false; | 351 return false; |
| 345 } | 352 } |
| 346 | 353 |
| 347 handle->reset(new SymKeyHandle(raw_key_data, raw_key_data_size)); | 354 *key = WebKit::WebCryptoKey::create( |
| 355 new SymKeyHandle(raw_key_data, raw_key_data_size), |
| 356 type, extractable, algorithm, usage_mask); |
| 348 | 357 |
| 349 return true; | 358 return true; |
| 350 } | 359 } |
| 351 | 360 |
| 352 bool WebCryptoImpl::SignInternal( | 361 bool WebCryptoImpl::SignInternal( |
| 353 const WebKit::WebCryptoAlgorithm& algorithm, | 362 const WebKit::WebCryptoAlgorithm& algorithm, |
| 354 const WebKit::WebCryptoKey& key, | 363 const WebKit::WebCryptoKey& key, |
| 355 const unsigned char* data, | 364 const unsigned char* data, |
| 356 unsigned data_size, | 365 unsigned data_size, |
| 357 WebKit::WebArrayBuffer* buffer) { | 366 WebKit::WebArrayBuffer* buffer) { |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 462 | 471 |
| 463 break; | 472 break; |
| 464 } | 473 } |
| 465 default: | 474 default: |
| 466 return false; | 475 return false; |
| 467 } | 476 } |
| 468 return true; | 477 return true; |
| 469 } | 478 } |
| 470 | 479 |
| 471 } // namespace content | 480 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 50173002:
[webcrypto] Refactor to allow for unspecified "algorithm" to importKey(). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src