Chromium Code Reviews Chromium Code Reviews
Issue 777403004:
[WebCrypto] Throw syntaxError if keyUsage is empty in ImportKey (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/nss/rsa_key_nss.h" | 5 #include "content/child/webcrypto/nss/rsa_key_nss.h" |
| 6 | 6 |
| 7 #include <secasn1.h> | 7 #include <secasn1.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "content/child/webcrypto/crypto_data.h" | 10 #include "content/child/webcrypto/crypto_data.h" |
| (...skipping 486 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 497 } | 497 } |
| 498 | 498 |
| 499 } // namespace | 499 } // namespace |
| 500 | 500 |
| 501 Status RsaHashedAlgorithm::GenerateKey( | 501 Status RsaHashedAlgorithm::GenerateKey( |
| 502 const blink::WebCryptoAlgorithm& algorithm, | 502 const blink::WebCryptoAlgorithm& algorithm, |
| 503 bool extractable, | 503 bool extractable, |
| 504 blink::WebCryptoKeyUsageMask combined_usages, | 504 blink::WebCryptoKeyUsageMask combined_usages, |
| 505 GenerateKeyResult* result) const { | 505 GenerateKeyResult* result) const { |
| 506 Status status = CheckKeyCreationUsages( | 506 Status status = CheckKeyCreationUsages( |
| 507 all_public_key_usages_ | all_private_key_usages_, combined_usages); | 507 all_public_key_usages_ | all_private_key_usages_, combined_usages, false); |
|
eroman
2014/12/09 21:04:46
I am proposing a refactor in:
https://codereview.
Habib Virji
2014/12/15 18:48:55
Adapted to your changes.
| |
| 508 if (status.IsError()) | 508 if (status.IsError()) |
| 509 return status; | 509 return status; |
| 510 | 510 |
| 511 const blink::WebCryptoKeyUsageMask public_usages = | 511 const blink::WebCryptoKeyUsageMask public_usages = |
| 512 combined_usages & all_public_key_usages_; | 512 combined_usages & all_public_key_usages_; |
| 513 const blink::WebCryptoKeyUsageMask private_usages = | 513 const blink::WebCryptoKeyUsageMask private_usages = |
| 514 combined_usages & all_private_key_usages_; | 514 combined_usages & all_private_key_usages_; |
| 515 | 515 |
| 516 if (private_usages == 0) | 516 if (private_usages == 0) |
| 517 return Status::ErrorCreateKeyEmptyUsages(); | 517 return Status::ErrorCreateKeyEmptyUsages(); |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 583 | 583 |
| 584 result->AssignKeyPair(public_key, private_key); | 584 result->AssignKeyPair(public_key, private_key); |
| 585 return Status::Success(); | 585 return Status::Success(); |
| 586 } | 586 } |
| 587 | 587 |
| 588 Status RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey( | 588 Status RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey( |
| 589 blink::WebCryptoKeyFormat format, | 589 blink::WebCryptoKeyFormat format, |
| 590 blink::WebCryptoKeyUsageMask usages) const { | 590 blink::WebCryptoKeyUsageMask usages) const { |
| 591 switch (format) { | 591 switch (format) { |
| 592 case blink::WebCryptoKeyFormatSpki: | 592 case blink::WebCryptoKeyFormatSpki: |
| 593 return CheckKeyCreationUsages(all_public_key_usages_, usages); | 593 return CheckKeyCreationUsages(all_public_key_usages_, usages, false); |
| 594 case blink::WebCryptoKeyFormatPkcs8: | 594 case blink::WebCryptoKeyFormatPkcs8: |
| 595 return CheckKeyCreationUsages(all_private_key_usages_, usages); | 595 return CheckKeyCreationUsages(all_private_key_usages_, usages, true); |
| 596 case blink::WebCryptoKeyFormatJwk: | 596 case blink::WebCryptoKeyFormatJwk: |
| 597 // The JWK could represent either a public key or private key. The usages | 597 // The JWK could represent either a public key or private key. The usages |
| 598 // must make sense for one of the two. The usages will be checked again by | 598 // must make sense for one of the two. The usages will be checked again by |
| 599 // ImportKeyJwk() once the key type has been determined. | 599 // ImportKeyJwk() once the key type has been determined. |
| 600 if (CheckKeyCreationUsages(all_private_key_usages_, usages).IsSuccess() || | 600 if (CheckKeyCreationUsages( |
| 601 CheckKeyCreationUsages(all_public_key_usages_, usages).IsSuccess()) { | 601 all_private_key_usages_, usages, true).IsSuccess() || |
|
eroman
2014/12/09 21:04:46
I am proposing a refactor in https://codereview.ch
Habib Virji
2014/12/15 18:48:55
Adapted to your changes.
| |
| 602 CheckKeyCreationUsages( | |
| 603 all_public_key_usages_, usages, false).IsSuccess()) { | |
| 602 return Status::Success(); | 604 return Status::Success(); |
| 603 } | 605 } |
| 604 return Status::ErrorCreateKeyBadUsages(); | 606 return Status::ErrorCreateKeyBadUsages(); |
| 605 default: | 607 default: |
| 606 return Status::ErrorUnsupportedImportKeyFormat(); | 608 return Status::ErrorUnsupportedImportKeyFormat(); |
| 607 } | 609 } |
| 608 } | 610 } |
| 609 | 611 |
| 610 Status RsaHashedAlgorithm::ImportKeyPkcs8( | 612 Status RsaHashedAlgorithm::ImportKeyPkcs8( |
| 611 const CryptoData& key_data, | 613 const CryptoData& key_data, |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 756 | 758 |
| 757 JwkRsaInfo jwk; | 759 JwkRsaInfo jwk; |
| 758 Status status = | 760 Status status = |
| 759 ReadRsaKeyJwk(key_data, jwk_algorithm, extractable, usages, &jwk); | 761 ReadRsaKeyJwk(key_data, jwk_algorithm, extractable, usages, &jwk); |
| 760 if (status.IsError()) | 762 if (status.IsError()) |
| 761 return status; | 763 return status; |
| 762 | 764 |
| 763 // Once the key type is known, verify the usages. | 765 // Once the key type is known, verify the usages. |
| 764 status = CheckKeyCreationUsages( | 766 status = CheckKeyCreationUsages( |
| 765 jwk.is_private_key ? all_private_key_usages_ : all_public_key_usages_, | 767 jwk.is_private_key ? all_private_key_usages_ : all_public_key_usages_, |
| 766 usages); | 768 usages, jwk.is_private_key ? true : false); |
|
eroman
2014/12/09 21:04:46
This is already a bool no need for ternary operato
Habib Virji
2014/12/15 18:48:55
Corrected.
| |
| 767 if (status.IsError()) | 769 if (status.IsError()) |
| 768 return Status::ErrorCreateKeyBadUsages(); | 770 return Status::ErrorCreateKeyBadUsages(); |
|
eroman
2014/12/09 21:04:46
On a side note, I wander whey this isn't just "ret
Habib Virji
2014/12/15 18:48:55
Adapted to just return status.
| |
| 769 | 771 |
| 770 return jwk.is_private_key | 772 return jwk.is_private_key |
| 771 ? ImportRsaPrivateKey(algorithm, extractable, usages, jwk, key) | 773 ? ImportRsaPrivateKey(algorithm, extractable, usages, jwk, key) |
| 772 : ImportRsaPublicKey(algorithm, extractable, usages, | 774 : ImportRsaPublicKey(algorithm, extractable, usages, |
| 773 CryptoData(jwk.n), CryptoData(jwk.e), key); | 775 CryptoData(jwk.n), CryptoData(jwk.e), key); |
| 774 } | 776 } |
| 775 | 777 |
| 776 Status RsaHashedAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key, | 778 Status RsaHashedAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key, |
| 777 std::vector<uint8_t>* buffer) const { | 779 std::vector<uint8_t>* buffer) const { |
| 778 const char* jwk_algorithm = | 780 const char* jwk_algorithm = |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 878 key->algorithm().rsaHashedParams()->publicExponent().size())) { | 880 key->algorithm().rsaHashedParams()->publicExponent().size())) { |
| 879 return Status::ErrorUnexpected(); | 881 return Status::ErrorUnexpected(); |
| 880 } | 882 } |
| 881 | 883 |
| 882 return Status::Success(); | 884 return Status::Success(); |
| 883 } | 885 } |
| 884 | 886 |
| 885 } // namespace webcrypto | 887 } // namespace webcrypto |
| 886 | 888 |
| 887 } // namespace content | 889 } // namespace content |
| OLD | NEW |
