| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/openssl/rsa_key_openssl.h" | 5 #include "content/child/webcrypto/openssl/rsa_key_openssl.h" |
| 6 | 6 |
| 7 #include <openssl/evp.h> | 7 #include <openssl/evp.h> |
| 8 #include <openssl/pkcs12.h> | 8 #include <openssl/pkcs12.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 rsa_algorithm, modulus_length_bits, &e[0], e.size(), hash_algorithm); | 88 rsa_algorithm, modulus_length_bits, &e[0], e.size(), hash_algorithm); |
| 89 | 89 |
| 90 return Status::Success(); | 90 return Status::Success(); |
| 91 } | 91 } |
| 92 | 92 |
| 93 Status CreateWebCryptoPrivateKey( | 93 Status CreateWebCryptoPrivateKey( |
| 94 crypto::ScopedEVP_PKEY private_key, | 94 crypto::ScopedEVP_PKEY private_key, |
| 95 const blink::WebCryptoAlgorithmId rsa_algorithm_id, | 95 const blink::WebCryptoAlgorithmId rsa_algorithm_id, |
| 96 const blink::WebCryptoAlgorithm& hash, | 96 const blink::WebCryptoAlgorithm& hash, |
| 97 bool extractable, | 97 bool extractable, |
| 98 blink::WebCryptoKeyUsageMask usage_mask, | 98 blink::WebCryptoKeyUsageMask usages, |
| 99 blink::WebCryptoKey* key) { | 99 blink::WebCryptoKey* key) { |
| 100 blink::WebCryptoKeyAlgorithm key_algorithm; | 100 blink::WebCryptoKeyAlgorithm key_algorithm; |
| 101 Status status = CreateRsaHashedKeyAlgorithm( | 101 Status status = CreateRsaHashedKeyAlgorithm( |
| 102 rsa_algorithm_id, hash.id(), private_key.get(), &key_algorithm); | 102 rsa_algorithm_id, hash.id(), private_key.get(), &key_algorithm); |
| 103 if (status.IsError()) | 103 if (status.IsError()) |
| 104 return status; | 104 return status; |
| 105 | 105 |
| 106 // Serialize the key at creation time so that if structured cloning is | 106 // Serialize the key at creation time so that if structured cloning is |
| 107 // requested it can be done synchronously from the Blink thread. | 107 // requested it can be done synchronously from the Blink thread. |
| 108 std::vector<uint8_t> pkcs8_data; | 108 std::vector<uint8_t> pkcs8_data; |
| 109 status = ExportPKeyPkcs8(private_key.get(), &pkcs8_data); | 109 status = ExportPKeyPkcs8(private_key.get(), &pkcs8_data); |
| 110 if (status.IsError()) | 110 if (status.IsError()) |
| 111 return status; | 111 return status; |
| 112 | 112 |
| 113 *key = blink::WebCryptoKey::create( | 113 *key = blink::WebCryptoKey::create( |
| 114 new AsymKeyOpenSsl(private_key.Pass(), CryptoData(pkcs8_data)), | 114 new AsymKeyOpenSsl(private_key.Pass(), CryptoData(pkcs8_data)), |
| 115 blink::WebCryptoKeyTypePrivate, | 115 blink::WebCryptoKeyTypePrivate, |
| 116 extractable, | 116 extractable, |
| 117 key_algorithm, | 117 key_algorithm, |
| 118 usage_mask); | 118 usages); |
| 119 return Status::Success(); | 119 return Status::Success(); |
| 120 } | 120 } |
| 121 | 121 |
| 122 Status CreateWebCryptoPublicKey( | 122 Status CreateWebCryptoPublicKey( |
| 123 crypto::ScopedEVP_PKEY public_key, | 123 crypto::ScopedEVP_PKEY public_key, |
| 124 const blink::WebCryptoAlgorithmId rsa_algorithm_id, | 124 const blink::WebCryptoAlgorithmId rsa_algorithm_id, |
| 125 const blink::WebCryptoAlgorithm& hash, | 125 const blink::WebCryptoAlgorithm& hash, |
| 126 bool extractable, | 126 bool extractable, |
| 127 blink::WebCryptoKeyUsageMask usage_mask, | 127 blink::WebCryptoKeyUsageMask usages, |
| 128 blink::WebCryptoKey* key) { | 128 blink::WebCryptoKey* key) { |
| 129 blink::WebCryptoKeyAlgorithm key_algorithm; | 129 blink::WebCryptoKeyAlgorithm key_algorithm; |
| 130 Status status = CreateRsaHashedKeyAlgorithm( | 130 Status status = CreateRsaHashedKeyAlgorithm( |
| 131 rsa_algorithm_id, hash.id(), public_key.get(), &key_algorithm); | 131 rsa_algorithm_id, hash.id(), public_key.get(), &key_algorithm); |
| 132 if (status.IsError()) | 132 if (status.IsError()) |
| 133 return status; | 133 return status; |
| 134 | 134 |
| 135 // Serialize the key at creation time so that if structured cloning is | 135 // Serialize the key at creation time so that if structured cloning is |
| 136 // requested it can be done synchronously from the Blink thread. | 136 // requested it can be done synchronously from the Blink thread. |
| 137 std::vector<uint8_t> spki_data; | 137 std::vector<uint8_t> spki_data; |
| 138 status = ExportPKeySpki(public_key.get(), &spki_data); | 138 status = ExportPKeySpki(public_key.get(), &spki_data); |
| 139 if (status.IsError()) | 139 if (status.IsError()) |
| 140 return status; | 140 return status; |
| 141 | 141 |
| 142 *key = blink::WebCryptoKey::create( | 142 *key = blink::WebCryptoKey::create( |
| 143 new AsymKeyOpenSsl(public_key.Pass(), CryptoData(spki_data)), | 143 new AsymKeyOpenSsl(public_key.Pass(), CryptoData(spki_data)), |
| 144 blink::WebCryptoKeyTypePublic, | 144 blink::WebCryptoKeyTypePublic, |
| 145 extractable, | 145 extractable, |
| 146 key_algorithm, | 146 key_algorithm, |
| 147 usage_mask); | 147 usages); |
| 148 return Status::Success(); | 148 return Status::Success(); |
| 149 } | 149 } |
| 150 | 150 |
| 151 // Converts a BIGNUM to a big endian byte array. | 151 // Converts a BIGNUM to a big endian byte array. |
| 152 std::vector<uint8_t> BIGNUMToVector(BIGNUM* n) { | 152 std::vector<uint8_t> BIGNUMToVector(BIGNUM* n) { |
| 153 std::vector<uint8_t> v(BN_num_bytes(n)); | 153 std::vector<uint8_t> v(BN_num_bytes(n)); |
| 154 BN_bn2bin(n, vector_as_array(&v)); | 154 BN_bn2bin(n, vector_as_array(&v)); |
| 155 return v; | 155 return v; |
| 156 } | 156 } |
| 157 | 157 |
| 158 // Allocates a new BIGNUM given a std::string big-endian representation. | 158 // Allocates a new BIGNUM given a std::string big-endian representation. |
| 159 BIGNUM* CreateBIGNUM(const std::string& n) { | 159 BIGNUM* CreateBIGNUM(const std::string& n) { |
| 160 return BN_bin2bn(reinterpret_cast<const uint8_t*>(n.data()), n.size(), NULL); | 160 return BN_bin2bn(reinterpret_cast<const uint8_t*>(n.data()), n.size(), NULL); |
| 161 } | 161 } |
| 162 | 162 |
| 163 Status ImportRsaPrivateKey(const blink::WebCryptoAlgorithm& algorithm, | 163 Status ImportRsaPrivateKey(const blink::WebCryptoAlgorithm& algorithm, |
| 164 bool extractable, | 164 bool extractable, |
| 165 blink::WebCryptoKeyUsageMask usage_mask, | 165 blink::WebCryptoKeyUsageMask usages, |
| 166 const JwkRsaInfo& params, | 166 const JwkRsaInfo& params, |
| 167 blink::WebCryptoKey* key) { | 167 blink::WebCryptoKey* key) { |
| 168 crypto::ScopedRSA rsa(RSA_new()); | 168 crypto::ScopedRSA rsa(RSA_new()); |
| 169 | 169 |
| 170 rsa->n = CreateBIGNUM(params.n); | 170 rsa->n = CreateBIGNUM(params.n); |
| 171 rsa->e = CreateBIGNUM(params.e); | 171 rsa->e = CreateBIGNUM(params.e); |
| 172 rsa->d = CreateBIGNUM(params.d); | 172 rsa->d = CreateBIGNUM(params.d); |
| 173 rsa->p = CreateBIGNUM(params.p); | 173 rsa->p = CreateBIGNUM(params.p); |
| 174 rsa->q = CreateBIGNUM(params.q); | 174 rsa->q = CreateBIGNUM(params.q); |
| 175 rsa->dmp1 = CreateBIGNUM(params.dp); | 175 rsa->dmp1 = CreateBIGNUM(params.dp); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 188 | 188 |
| 189 // Create a corresponding EVP_PKEY. | 189 // Create a corresponding EVP_PKEY. |
| 190 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); | 190 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); |
| 191 if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get())) | 191 if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get())) |
| 192 return Status::OperationError(); | 192 return Status::OperationError(); |
| 193 | 193 |
| 194 return CreateWebCryptoPrivateKey(pkey.Pass(), | 194 return CreateWebCryptoPrivateKey(pkey.Pass(), |
| 195 algorithm.id(), | 195 algorithm.id(), |
| 196 algorithm.rsaHashedImportParams()->hash(), | 196 algorithm.rsaHashedImportParams()->hash(), |
| 197 extractable, | 197 extractable, |
| 198 usage_mask, | 198 usages, |
| 199 key); | 199 key); |
| 200 } | 200 } |
| 201 | 201 |
| 202 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm, | 202 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm, |
| 203 bool extractable, | 203 bool extractable, |
| 204 blink::WebCryptoKeyUsageMask usage_mask, | 204 blink::WebCryptoKeyUsageMask usages, |
| 205 const CryptoData& n, | 205 const CryptoData& n, |
| 206 const CryptoData& e, | 206 const CryptoData& e, |
| 207 blink::WebCryptoKey* key) { | 207 blink::WebCryptoKey* key) { |
| 208 crypto::ScopedRSA rsa(RSA_new()); | 208 crypto::ScopedRSA rsa(RSA_new()); |
| 209 | 209 |
| 210 rsa->n = BN_bin2bn(n.bytes(), n.byte_length(), NULL); | 210 rsa->n = BN_bin2bn(n.bytes(), n.byte_length(), NULL); |
| 211 rsa->e = BN_bin2bn(e.bytes(), e.byte_length(), NULL); | 211 rsa->e = BN_bin2bn(e.bytes(), e.byte_length(), NULL); |
| 212 | 212 |
| 213 if (!rsa->n || !rsa->e) | 213 if (!rsa->n || !rsa->e) |
| 214 return Status::OperationError(); | 214 return Status::OperationError(); |
| 215 | 215 |
| 216 // Create a corresponding EVP_PKEY. | 216 // Create a corresponding EVP_PKEY. |
| 217 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); | 217 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); |
| 218 if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get())) | 218 if (!pkey || !EVP_PKEY_set1_RSA(pkey.get(), rsa.get())) |
| 219 return Status::OperationError(); | 219 return Status::OperationError(); |
| 220 | 220 |
| 221 return CreateWebCryptoPublicKey(pkey.Pass(), | 221 return CreateWebCryptoPublicKey(pkey.Pass(), |
| 222 algorithm.id(), | 222 algorithm.id(), |
| 223 algorithm.rsaHashedImportParams()->hash(), | 223 algorithm.rsaHashedImportParams()->hash(), |
| 224 extractable, | 224 extractable, |
| 225 usage_mask, | 225 usages, |
| 226 key); | 226 key); |
| 227 } | 227 } |
| 228 | 228 |
| 229 } // namespace | 229 } // namespace |
| 230 | 230 |
| 231 Status RsaHashedAlgorithm::GenerateKey( | 231 Status RsaHashedAlgorithm::GenerateKey( |
| 232 const blink::WebCryptoAlgorithm& algorithm, | 232 const blink::WebCryptoAlgorithm& algorithm, |
| 233 bool extractable, | 233 bool extractable, |
| 234 blink::WebCryptoKeyUsageMask combined_usage_mask, | 234 blink::WebCryptoKeyUsageMask combined_usages, |
| 235 GenerateKeyResult* result) const { | 235 GenerateKeyResult* result) const { |
| 236 Status status = CheckKeyCreationUsages( | 236 Status status = CheckKeyCreationUsages( |
| 237 all_public_key_usages_ | all_private_key_usages_, combined_usage_mask); | 237 all_public_key_usages_ | all_private_key_usages_, combined_usages); |
| 238 if (status.IsError()) | 238 if (status.IsError()) |
| 239 return status; | 239 return status; |
| 240 | 240 |
| 241 const blink::WebCryptoKeyUsageMask public_usage_mask = | 241 const blink::WebCryptoKeyUsageMask public_usages = |
| 242 combined_usage_mask & all_public_key_usages_; | 242 combined_usages & all_public_key_usages_; |
| 243 const blink::WebCryptoKeyUsageMask private_usage_mask = | 243 const blink::WebCryptoKeyUsageMask private_usages = |
| 244 combined_usage_mask & all_private_key_usages_; | 244 combined_usages & all_private_key_usages_; |
| 245 | 245 |
| 246 const blink::WebCryptoRsaHashedKeyGenParams* params = | 246 const blink::WebCryptoRsaHashedKeyGenParams* params = |
| 247 algorithm.rsaHashedKeyGenParams(); | 247 algorithm.rsaHashedKeyGenParams(); |
| 248 | 248 |
| 249 unsigned int public_exponent = 0; | 249 unsigned int public_exponent = 0; |
| 250 unsigned int modulus_length_bits = 0; | 250 unsigned int modulus_length_bits = 0; |
| 251 status = | 251 status = |
| 252 GetRsaKeyGenParameters(params, &public_exponent, &modulus_length_bits); | 252 GetRsaKeyGenParameters(params, &public_exponent, &modulus_length_bits); |
| 253 if (status.IsError()) | 253 if (status.IsError()) |
| 254 return status; | 254 return status; |
| (...skipping 30 matching lines...) Expand all Loading... |
| 285 | 285 |
| 286 blink::WebCryptoKey public_key; | 286 blink::WebCryptoKey public_key; |
| 287 blink::WebCryptoKey private_key; | 287 blink::WebCryptoKey private_key; |
| 288 | 288 |
| 289 // Note that extractable is unconditionally set to true. This is because per | 289 // Note that extractable is unconditionally set to true. This is because per |
| 290 // the WebCrypto spec generated public keys are always public. | 290 // the WebCrypto spec generated public keys are always public. |
| 291 status = CreateWebCryptoPublicKey(public_pkey.Pass(), | 291 status = CreateWebCryptoPublicKey(public_pkey.Pass(), |
| 292 algorithm.id(), | 292 algorithm.id(), |
| 293 params->hash(), | 293 params->hash(), |
| 294 true, | 294 true, |
| 295 public_usage_mask, | 295 public_usages, |
| 296 &public_key); | 296 &public_key); |
| 297 if (status.IsError()) | 297 if (status.IsError()) |
| 298 return status; | 298 return status; |
| 299 | 299 |
| 300 status = CreateWebCryptoPrivateKey(private_pkey.Pass(), | 300 status = CreateWebCryptoPrivateKey(private_pkey.Pass(), |
| 301 algorithm.id(), | 301 algorithm.id(), |
| 302 params->hash(), | 302 params->hash(), |
| 303 extractable, | 303 extractable, |
| 304 private_usage_mask, | 304 private_usages, |
| 305 &private_key); | 305 &private_key); |
| 306 if (status.IsError()) | 306 if (status.IsError()) |
| 307 return status; | 307 return status; |
| 308 | 308 |
| 309 result->AssignKeyPair(public_key, private_key); | 309 result->AssignKeyPair(public_key, private_key); |
| 310 return Status::Success(); | 310 return Status::Success(); |
| 311 } | 311 } |
| 312 | 312 |
| 313 Status RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey( | 313 Status RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey( |
| 314 blink::WebCryptoKeyFormat format, | 314 blink::WebCryptoKeyFormat format, |
| 315 blink::WebCryptoKeyUsageMask usage_mask) const { | 315 blink::WebCryptoKeyUsageMask usages) const { |
| 316 switch (format) { | 316 switch (format) { |
| 317 case blink::WebCryptoKeyFormatSpki: | 317 case blink::WebCryptoKeyFormatSpki: |
| 318 return CheckKeyCreationUsages(all_public_key_usages_, usage_mask); | 318 return CheckKeyCreationUsages(all_public_key_usages_, usages); |
| 319 case blink::WebCryptoKeyFormatPkcs8: | 319 case blink::WebCryptoKeyFormatPkcs8: |
| 320 return CheckKeyCreationUsages(all_private_key_usages_, usage_mask); | 320 return CheckKeyCreationUsages(all_private_key_usages_, usages); |
| 321 case blink::WebCryptoKeyFormatJwk: | 321 case blink::WebCryptoKeyFormatJwk: |
| 322 // TODO(eroman): http://crbug.com/395904 | 322 // TODO(eroman): http://crbug.com/395904 |
| 323 return CheckKeyCreationUsages( | 323 return CheckKeyCreationUsages( |
| 324 all_public_key_usages_ | all_private_key_usages_, usage_mask); | 324 all_public_key_usages_ | all_private_key_usages_, usages); |
| 325 default: | 325 default: |
| 326 return Status::ErrorUnsupportedImportKeyFormat(); | 326 return Status::ErrorUnsupportedImportKeyFormat(); |
| 327 } | 327 } |
| 328 } | 328 } |
| 329 | 329 |
| 330 Status RsaHashedAlgorithm::ImportKeyPkcs8( | 330 Status RsaHashedAlgorithm::ImportKeyPkcs8( |
| 331 const CryptoData& key_data, | 331 const CryptoData& key_data, |
| 332 const blink::WebCryptoAlgorithm& algorithm, | 332 const blink::WebCryptoAlgorithm& algorithm, |
| 333 bool extractable, | 333 bool extractable, |
| 334 blink::WebCryptoKeyUsageMask usage_mask, | 334 blink::WebCryptoKeyUsageMask usages, |
| 335 blink::WebCryptoKey* key) const { | 335 blink::WebCryptoKey* key) const { |
| 336 if (!key_data.byte_length()) | 336 if (!key_data.byte_length()) |
| 337 return Status::ErrorImportEmptyKeyData(); | 337 return Status::ErrorImportEmptyKeyData(); |
| 338 | 338 |
| 339 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 339 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 340 | 340 |
| 341 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), | 341 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), |
| 342 key_data.byte_length())); | 342 key_data.byte_length())); |
| 343 if (!bio.get()) | 343 if (!bio.get()) |
| 344 return Status::ErrorUnexpected(); | 344 return Status::ErrorUnexpected(); |
| (...skipping 18 matching lines...) Expand all Loading... |
| 363 if (!RSA_check_key(rsa.get())) | 363 if (!RSA_check_key(rsa.get())) |
| 364 return Status::DataError(); | 364 return Status::DataError(); |
| 365 | 365 |
| 366 // TODO(eroman): Validate the algorithm OID against the webcrypto provided | 366 // TODO(eroman): Validate the algorithm OID against the webcrypto provided |
| 367 // hash. http://crbug.com/389400 | 367 // hash. http://crbug.com/389400 |
| 368 | 368 |
| 369 return CreateWebCryptoPrivateKey(private_key.Pass(), | 369 return CreateWebCryptoPrivateKey(private_key.Pass(), |
| 370 algorithm.id(), | 370 algorithm.id(), |
| 371 algorithm.rsaHashedImportParams()->hash(), | 371 algorithm.rsaHashedImportParams()->hash(), |
| 372 extractable, | 372 extractable, |
| 373 usage_mask, | 373 usages, |
| 374 key); | 374 key); |
| 375 } | 375 } |
| 376 | 376 |
| 377 Status RsaHashedAlgorithm::ImportKeySpki( | 377 Status RsaHashedAlgorithm::ImportKeySpki( |
| 378 const CryptoData& key_data, | 378 const CryptoData& key_data, |
| 379 const blink::WebCryptoAlgorithm& algorithm, | 379 const blink::WebCryptoAlgorithm& algorithm, |
| 380 bool extractable, | 380 bool extractable, |
| 381 blink::WebCryptoKeyUsageMask usage_mask, | 381 blink::WebCryptoKeyUsageMask usages, |
| 382 blink::WebCryptoKey* key) const { | 382 blink::WebCryptoKey* key) const { |
| 383 if (!key_data.byte_length()) | 383 if (!key_data.byte_length()) |
| 384 return Status::ErrorImportEmptyKeyData(); | 384 return Status::ErrorImportEmptyKeyData(); |
| 385 | 385 |
| 386 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 386 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 387 | 387 |
| 388 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), | 388 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), |
| 389 key_data.byte_length())); | 389 key_data.byte_length())); |
| 390 if (!bio.get()) | 390 if (!bio.get()) |
| 391 return Status::ErrorUnexpected(); | 391 return Status::ErrorUnexpected(); |
| 392 | 392 |
| 393 crypto::ScopedEVP_PKEY public_key(d2i_PUBKEY_bio(bio.get(), NULL)); | 393 crypto::ScopedEVP_PKEY public_key(d2i_PUBKEY_bio(bio.get(), NULL)); |
| 394 if (!public_key.get()) | 394 if (!public_key.get()) |
| 395 return Status::DataError(); | 395 return Status::DataError(); |
| 396 | 396 |
| 397 if (EVP_PKEY_id(public_key.get()) != EVP_PKEY_RSA) | 397 if (EVP_PKEY_id(public_key.get()) != EVP_PKEY_RSA) |
| 398 return Status::DataError(); // Data did not define an RSA key. | 398 return Status::DataError(); // Data did not define an RSA key. |
| 399 | 399 |
| 400 // TODO(eroman): Validate the algorithm OID against the webcrypto provided | 400 // TODO(eroman): Validate the algorithm OID against the webcrypto provided |
| 401 // hash. http://crbug.com/389400 | 401 // hash. http://crbug.com/389400 |
| 402 | 402 |
| 403 return CreateWebCryptoPublicKey(public_key.Pass(), | 403 return CreateWebCryptoPublicKey(public_key.Pass(), |
| 404 algorithm.id(), | 404 algorithm.id(), |
| 405 algorithm.rsaHashedImportParams()->hash(), | 405 algorithm.rsaHashedImportParams()->hash(), |
| 406 extractable, | 406 extractable, |
| 407 usage_mask, | 407 usages, |
| 408 key); | 408 key); |
| 409 } | 409 } |
| 410 | 410 |
| 411 Status RsaHashedAlgorithm::ImportKeyJwk( | 411 Status RsaHashedAlgorithm::ImportKeyJwk( |
| 412 const CryptoData& key_data, | 412 const CryptoData& key_data, |
| 413 const blink::WebCryptoAlgorithm& algorithm, | 413 const blink::WebCryptoAlgorithm& algorithm, |
| 414 bool extractable, | 414 bool extractable, |
| 415 blink::WebCryptoKeyUsageMask usage_mask, | 415 blink::WebCryptoKeyUsageMask usages, |
| 416 blink::WebCryptoKey* key) const { | 416 blink::WebCryptoKey* key) const { |
| 417 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 417 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 418 | 418 |
| 419 const char* jwk_algorithm = | 419 const char* jwk_algorithm = |
| 420 GetJwkAlgorithm(algorithm.rsaHashedImportParams()->hash().id()); | 420 GetJwkAlgorithm(algorithm.rsaHashedImportParams()->hash().id()); |
| 421 | 421 |
| 422 if (!jwk_algorithm) | 422 if (!jwk_algorithm) |
| 423 return Status::ErrorUnexpected(); | 423 return Status::ErrorUnexpected(); |
| 424 | 424 |
| 425 JwkRsaInfo jwk; | 425 JwkRsaInfo jwk; |
| 426 Status status = | 426 Status status = |
| 427 ReadRsaKeyJwk(key_data, jwk_algorithm, extractable, usage_mask, &jwk); | 427 ReadRsaKeyJwk(key_data, jwk_algorithm, extractable, usages, &jwk); |
| 428 if (status.IsError()) | 428 if (status.IsError()) |
| 429 return status; | 429 return status; |
| 430 | 430 |
| 431 // Once the key type is known, verify the usages. | 431 // Once the key type is known, verify the usages. |
| 432 status = CheckKeyCreationUsages( | 432 status = CheckKeyCreationUsages( |
| 433 jwk.is_private_key ? all_private_key_usages_ : all_public_key_usages_, | 433 jwk.is_private_key ? all_private_key_usages_ : all_public_key_usages_, |
| 434 usage_mask); | 434 usages); |
| 435 if (status.IsError()) | 435 if (status.IsError()) |
| 436 return status; | 436 return status; |
| 437 | 437 |
| 438 return jwk.is_private_key | 438 return jwk.is_private_key |
| 439 ? ImportRsaPrivateKey(algorithm, extractable, usage_mask, jwk, key) | 439 ? ImportRsaPrivateKey(algorithm, extractable, usages, jwk, key) |
| 440 : ImportRsaPublicKey(algorithm, | 440 : ImportRsaPublicKey(algorithm, |
| 441 extractable, | 441 extractable, |
| 442 usage_mask, | 442 usages, |
| 443 CryptoData(jwk.n), | 443 CryptoData(jwk.n), |
| 444 CryptoData(jwk.e), | 444 CryptoData(jwk.e), |
| 445 key); | 445 key); |
| 446 } | 446 } |
| 447 | 447 |
| 448 Status RsaHashedAlgorithm::ExportKeyPkcs8(const blink::WebCryptoKey& key, | 448 Status RsaHashedAlgorithm::ExportKeyPkcs8(const blink::WebCryptoKey& key, |
| 449 std::vector<uint8_t>* buffer) const { | 449 std::vector<uint8_t>* buffer) const { |
| 450 if (key.type() != blink::WebCryptoKeyTypePrivate) | 450 if (key.type() != blink::WebCryptoKeyTypePrivate) |
| 451 return Status::ErrorUnexpectedKeyType(); | 451 return Status::ErrorUnexpectedKeyType(); |
| 452 *buffer = AsymKeyOpenSsl::Cast(key)->serialized_key_data(); | 452 *buffer = AsymKeyOpenSsl::Cast(key)->serialized_key_data(); |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 500 return Status::Success(); | 500 return Status::Success(); |
| 501 | 501 |
| 502 default: | 502 default: |
| 503 return Status::ErrorUnexpected(); | 503 return Status::ErrorUnexpected(); |
| 504 } | 504 } |
| 505 } | 505 } |
| 506 | 506 |
| 507 } // namespace webcrypto | 507 } // namespace webcrypto |
| 508 | 508 |
| 509 } // namespace content | 509 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 670773003:
Cleanup: rename usage_mask --> usages. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master