Check that usage isn't empty when generateKey() is called

content/child/webcrypto/openssl/util_openssl.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/openssl/util_openssl.h"
 
 #include <openssl/evp.h>
 #include <openssl/pkcs12.h>
 
 #include "base/stl_util.h"
@@ skipping 162 matching lines @@
   // Serialize the key at creation time so that if structured cloning is
   // requested it can be done synchronously from the Blink thread.
   std::vector<uint8_t> pkcs8_data;
   Status status = ExportPKeyPkcs8(private_key.get(), &pkcs8_data);
   if (status.IsError())
     return status;
 
   *key = blink::WebCryptoKey::create(
       new AsymKeyOpenSsl(private_key.Pass(), CryptoData(pkcs8_data)),
       blink::WebCryptoKeyTypePrivate, extractable, algorithm, usages);
+  if (key->usages() == 0)

[eroman, 2014/11/21 23:35:34]

Per our discussion this is best left to a follow-up patch since it has
implications on structured (de-)cloning.

Also we should fail faster (before doing the PKCS8 export)

[nharper, 2014/11/22 00:26:45]

I moved this check up to the GenerateKey() functions that call
CreateWebCryptoPrivateKey(), and put it right after they define private_usages.

+    return Status::ErrorCreateKeyEmptyUsages();
   return Status::Success();
 }
 
 Status ImportUnverifiedPkeyFromSpki(const CryptoData& key_data,
                                     int expected_pkey_id,
                                     crypto::ScopedEVP_PKEY* pkey) {
   if (!key_data.byte_length())
     return Status::ErrorImportEmptyKeyData();
 
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
@@ skipping 39 matching lines @@
 
 std::vector<uint8_t> BIGNUMToVector(const BIGNUM* n) {
   std::vector<uint8_t> v(BN_num_bytes(n));
   BN_bn2bin(n, vector_as_array(&v));
   return v;
 }
 
 }  // namespace webcrypto
 
 }  // namespace content