| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <openssl/hmac.h> | 5 #include <openssl/hmac.h> |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/numerics/safe_math.h" | 8 #include "base/numerics/safe_math.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "content/child/webcrypto/algorithm_implementation.h" | 10 #include "content/child/webcrypto/algorithm_implementation.h" |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 return Status::Success(); | 66 return Status::Success(); |
| 67 } | 67 } |
| 68 | 68 |
| 69 class HmacImplementation : public AlgorithmImplementation { | 69 class HmacImplementation : public AlgorithmImplementation { |
| 70 public: | 70 public: |
| 71 HmacImplementation() {} | 71 HmacImplementation() {} |
| 72 | 72 |
| 73 virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, | 73 virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, |
| 74 bool extractable, | 74 bool extractable, |
| 75 blink::WebCryptoKeyUsageMask usage_mask, | 75 blink::WebCryptoKeyUsageMask usage_mask, |
| 76 blink::WebCryptoKey* key) const OVERRIDE { | 76 blink::WebCryptoKey* key) const override { |
| 77 const blink::WebCryptoHmacKeyGenParams* params = | 77 const blink::WebCryptoHmacKeyGenParams* params = |
| 78 algorithm.hmacKeyGenParams(); | 78 algorithm.hmacKeyGenParams(); |
| 79 | 79 |
| 80 unsigned int keylen_bits = 0; | 80 unsigned int keylen_bits = 0; |
| 81 Status status = GetHmacKeyGenLengthInBits(params, &keylen_bits); | 81 Status status = GetHmacKeyGenLengthInBits(params, &keylen_bits); |
| 82 if (status.IsError()) | 82 if (status.IsError()) |
| 83 return status; | 83 return status; |
| 84 | 84 |
| 85 return GenerateSecretKeyOpenSsl(blink::WebCryptoKeyAlgorithm::createHmac( | 85 return GenerateSecretKeyOpenSsl(blink::WebCryptoKeyAlgorithm::createHmac( |
| 86 params->hash().id(), keylen_bits), | 86 params->hash().id(), keylen_bits), |
| 87 extractable, | 87 extractable, |
| 88 usage_mask, | 88 usage_mask, |
| 89 keylen_bits / 8, | 89 keylen_bits / 8, |
| 90 key); | 90 key); |
| 91 } | 91 } |
| 92 | 92 |
| 93 virtual Status VerifyKeyUsagesBeforeImportKey( | 93 virtual Status VerifyKeyUsagesBeforeImportKey( |
| 94 blink::WebCryptoKeyFormat format, | 94 blink::WebCryptoKeyFormat format, |
| 95 blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE { | 95 blink::WebCryptoKeyUsageMask usage_mask) const override { |
| 96 switch (format) { | 96 switch (format) { |
| 97 case blink::WebCryptoKeyFormatRaw: | 97 case blink::WebCryptoKeyFormatRaw: |
| 98 case blink::WebCryptoKeyFormatJwk: | 98 case blink::WebCryptoKeyFormatJwk: |
| 99 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); | 99 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); |
| 100 default: | 100 default: |
| 101 return Status::ErrorUnsupportedImportKeyFormat(); | 101 return Status::ErrorUnsupportedImportKeyFormat(); |
| 102 } | 102 } |
| 103 } | 103 } |
| 104 | 104 |
| 105 virtual Status VerifyKeyUsagesBeforeGenerateKey( | 105 virtual Status VerifyKeyUsagesBeforeGenerateKey( |
| 106 blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE { | 106 blink::WebCryptoKeyUsageMask usage_mask) const override { |
| 107 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); | 107 return CheckKeyCreationUsages(kAllKeyUsages, usage_mask); |
| 108 } | 108 } |
| 109 | 109 |
| 110 virtual Status ImportKeyRaw(const CryptoData& key_data, | 110 virtual Status ImportKeyRaw(const CryptoData& key_data, |
| 111 const blink::WebCryptoAlgorithm& algorithm, | 111 const blink::WebCryptoAlgorithm& algorithm, |
| 112 bool extractable, | 112 bool extractable, |
| 113 blink::WebCryptoKeyUsageMask usage_mask, | 113 blink::WebCryptoKeyUsageMask usage_mask, |
| 114 blink::WebCryptoKey* key) const OVERRIDE { | 114 blink::WebCryptoKey* key) const override { |
| 115 const blink::WebCryptoAlgorithm& hash = | 115 const blink::WebCryptoAlgorithm& hash = |
| 116 algorithm.hmacImportParams()->hash(); | 116 algorithm.hmacImportParams()->hash(); |
| 117 | 117 |
| 118 base::CheckedNumeric<unsigned int> keylen_bits(key_data.byte_length()); | 118 base::CheckedNumeric<unsigned int> keylen_bits(key_data.byte_length()); |
| 119 keylen_bits *= 8; | 119 keylen_bits *= 8; |
| 120 | 120 |
| 121 if (!keylen_bits.IsValid()) | 121 if (!keylen_bits.IsValid()) |
| 122 return Status::ErrorDataTooLarge(); | 122 return Status::ErrorDataTooLarge(); |
| 123 | 123 |
| 124 return ImportKeyRawOpenSsl(key_data, | 124 return ImportKeyRawOpenSsl(key_data, |
| 125 blink::WebCryptoKeyAlgorithm::createHmac( | 125 blink::WebCryptoKeyAlgorithm::createHmac( |
| 126 hash.id(), keylen_bits.ValueOrDie()), | 126 hash.id(), keylen_bits.ValueOrDie()), |
| 127 extractable, | 127 extractable, |
| 128 usage_mask, | 128 usage_mask, |
| 129 key); | 129 key); |
| 130 } | 130 } |
| 131 | 131 |
| 132 virtual Status ImportKeyJwk(const CryptoData& key_data, | 132 virtual Status ImportKeyJwk(const CryptoData& key_data, |
| 133 const blink::WebCryptoAlgorithm& algorithm, | 133 const blink::WebCryptoAlgorithm& algorithm, |
| 134 bool extractable, | 134 bool extractable, |
| 135 blink::WebCryptoKeyUsageMask usage_mask, | 135 blink::WebCryptoKeyUsageMask usage_mask, |
| 136 blink::WebCryptoKey* key) const OVERRIDE { | 136 blink::WebCryptoKey* key) const override { |
| 137 const char* algorithm_name = | 137 const char* algorithm_name = |
| 138 GetJwkHmacAlgorithmName(algorithm.hmacImportParams()->hash().id()); | 138 GetJwkHmacAlgorithmName(algorithm.hmacImportParams()->hash().id()); |
| 139 if (!algorithm_name) | 139 if (!algorithm_name) |
| 140 return Status::ErrorUnexpected(); | 140 return Status::ErrorUnexpected(); |
| 141 | 141 |
| 142 std::vector<uint8_t> raw_data; | 142 std::vector<uint8_t> raw_data; |
| 143 Status status = ReadSecretKeyJwk( | 143 Status status = ReadSecretKeyJwk( |
| 144 key_data, algorithm_name, extractable, usage_mask, &raw_data); | 144 key_data, algorithm_name, extractable, usage_mask, &raw_data); |
| 145 if (status.IsError()) | 145 if (status.IsError()) |
| 146 return status; | 146 return status; |
| 147 | 147 |
| 148 return ImportKeyRaw( | 148 return ImportKeyRaw( |
| 149 CryptoData(raw_data), algorithm, extractable, usage_mask, key); | 149 CryptoData(raw_data), algorithm, extractable, usage_mask, key); |
| 150 } | 150 } |
| 151 | 151 |
| 152 virtual Status ExportKeyRaw(const blink::WebCryptoKey& key, | 152 virtual Status ExportKeyRaw(const blink::WebCryptoKey& key, |
| 153 std::vector<uint8_t>* buffer) const OVERRIDE { | 153 std::vector<uint8_t>* buffer) const override { |
| 154 *buffer = SymKeyOpenSsl::Cast(key)->raw_key_data(); | 154 *buffer = SymKeyOpenSsl::Cast(key)->raw_key_data(); |
| 155 return Status::Success(); | 155 return Status::Success(); |
| 156 } | 156 } |
| 157 | 157 |
| 158 virtual Status ExportKeyJwk(const blink::WebCryptoKey& key, | 158 virtual Status ExportKeyJwk(const blink::WebCryptoKey& key, |
| 159 std::vector<uint8_t>* buffer) const OVERRIDE { | 159 std::vector<uint8_t>* buffer) const override { |
| 160 SymKeyOpenSsl* sym_key = SymKeyOpenSsl::Cast(key); | 160 SymKeyOpenSsl* sym_key = SymKeyOpenSsl::Cast(key); |
| 161 const std::vector<uint8_t>& raw_data = sym_key->raw_key_data(); | 161 const std::vector<uint8_t>& raw_data = sym_key->raw_key_data(); |
| 162 | 162 |
| 163 const char* algorithm_name = | 163 const char* algorithm_name = |
| 164 GetJwkHmacAlgorithmName(key.algorithm().hmacParams()->hash().id()); | 164 GetJwkHmacAlgorithmName(key.algorithm().hmacParams()->hash().id()); |
| 165 if (!algorithm_name) | 165 if (!algorithm_name) |
| 166 return Status::ErrorUnexpected(); | 166 return Status::ErrorUnexpected(); |
| 167 | 167 |
| 168 WriteSecretKeyJwk(CryptoData(raw_data), | 168 WriteSecretKeyJwk(CryptoData(raw_data), |
| 169 algorithm_name, | 169 algorithm_name, |
| 170 key.extractable(), | 170 key.extractable(), |
| 171 key.usages(), | 171 key.usages(), |
| 172 buffer); | 172 buffer); |
| 173 | 173 |
| 174 return Status::Success(); | 174 return Status::Success(); |
| 175 } | 175 } |
| 176 | 176 |
| 177 virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm, | 177 virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm, |
| 178 const blink::WebCryptoKey& key, | 178 const blink::WebCryptoKey& key, |
| 179 const CryptoData& data, | 179 const CryptoData& data, |
| 180 std::vector<uint8_t>* buffer) const OVERRIDE { | 180 std::vector<uint8_t>* buffer) const override { |
| 181 const blink::WebCryptoAlgorithm& hash = | 181 const blink::WebCryptoAlgorithm& hash = |
| 182 key.algorithm().hmacParams()->hash(); | 182 key.algorithm().hmacParams()->hash(); |
| 183 | 183 |
| 184 return SignHmac( | 184 return SignHmac( |
| 185 SymKeyOpenSsl::Cast(key)->raw_key_data(), hash, data, buffer); | 185 SymKeyOpenSsl::Cast(key)->raw_key_data(), hash, data, buffer); |
| 186 } | 186 } |
| 187 | 187 |
| 188 virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm, | 188 virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm, |
| 189 const blink::WebCryptoKey& key, | 189 const blink::WebCryptoKey& key, |
| 190 const CryptoData& signature, | 190 const CryptoData& signature, |
| 191 const CryptoData& data, | 191 const CryptoData& data, |
| 192 bool* signature_match) const OVERRIDE { | 192 bool* signature_match) const override { |
| 193 std::vector<uint8_t> result; | 193 std::vector<uint8_t> result; |
| 194 Status status = Sign(algorithm, key, data, &result); | 194 Status status = Sign(algorithm, key, data, &result); |
| 195 | 195 |
| 196 if (status.IsError()) | 196 if (status.IsError()) |
| 197 return status; | 197 return status; |
| 198 | 198 |
| 199 // Do not allow verification of truncated MACs. | 199 // Do not allow verification of truncated MACs. |
| 200 *signature_match = result.size() == signature.byte_length() && | 200 *signature_match = result.size() == signature.byte_length() && |
| 201 crypto::SecureMemEqual(vector_as_array(&result), | 201 crypto::SecureMemEqual(vector_as_array(&result), |
| 202 signature.bytes(), | 202 signature.bytes(), |
| 203 signature.byte_length()); | 203 signature.byte_length()); |
| 204 | 204 |
| 205 return Status::Success(); | 205 return Status::Success(); |
| 206 } | 206 } |
| 207 }; | 207 }; |
| 208 | 208 |
| 209 } // namespace | 209 } // namespace |
| 210 | 210 |
| 211 AlgorithmImplementation* CreatePlatformHmacImplementation() { | 211 AlgorithmImplementation* CreatePlatformHmacImplementation() { |
| 212 return new HmacImplementation; | 212 return new HmacImplementation; |
| 213 } | 213 } |
| 214 | 214 |
| 215 } // namespace webcrypto | 215 } // namespace webcrypto |
| 216 | 216 |
| 217 } // namespace content | 217 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 630743005:
Replace OVERRIDE and FINAL with override and final in content/child/[a-s]* (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master