OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/child/webcrypto/webcrypto_util.h" | 5 #include "content/child/webcrypto/webcrypto_util.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/numerics/safe_math.h" | 10 #include "base/numerics/safe_math.h" |
(...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
264 return Status::Success(); | 264 return Status::Success(); |
265 | 265 |
266 // BoringSSL does not support 192-bit AES. | 266 // BoringSSL does not support 192-bit AES. |
267 if (keylen_bytes == 24) | 267 if (keylen_bytes == 24) |
268 return Status::ErrorAes192BitUnsupported(); | 268 return Status::ErrorAes192BitUnsupported(); |
269 | 269 |
270 return Status::ErrorImportAesKeyLength(); | 270 return Status::ErrorImportAesKeyLength(); |
271 } | 271 } |
272 | 272 |
273 Status CheckKeyCreationUsages(blink::WebCryptoKeyUsageMask all_possible_usages, | 273 Status CheckKeyCreationUsages(blink::WebCryptoKeyUsageMask all_possible_usages, |
274 blink::WebCryptoKeyUsageMask actual_usages) { | 274 blink::WebCryptoKeyUsageMask actual_usages, |
275 bool allow_empty_usages) { | |
276 if (allow_empty_usages && actual_usages == 0) | |
eroman
2014/12/16 01:26:45
This naming is reversed. You are passing true for
Habib Virji
2014/12/16 09:59:42
Corrected now, it has now allow_empty_usages as tr
| |
277 return Status::ErrorKeyEmptyUsages(); | |
278 | |
275 if (!ContainsKeyUsages(all_possible_usages, actual_usages)) | 279 if (!ContainsKeyUsages(all_possible_usages, actual_usages)) |
276 return Status::ErrorCreateKeyBadUsages(); | 280 return Status::ErrorCreateKeyBadUsages(); |
277 return Status::Success(); | 281 return Status::Success(); |
278 } | 282 } |
279 | 283 |
280 Status GetRsaKeyGenParameters( | 284 Status GetRsaKeyGenParameters( |
281 const blink::WebCryptoRsaHashedKeyGenParams* params, | 285 const blink::WebCryptoRsaHashedKeyGenParams* params, |
282 unsigned int* public_exponent, | 286 unsigned int* public_exponent, |
283 unsigned int* modulus_length_bits) { | 287 unsigned int* modulus_length_bits) { |
284 *modulus_length_bits = params->modulusLengthBits(); | 288 *modulus_length_bits = params->modulusLengthBits(); |
(...skipping 19 matching lines...) Expand all Loading... | |
304 return Status::Success(); | 308 return Status::Success(); |
305 } | 309 } |
306 | 310 |
307 Status VerifyUsagesBeforeImportAsymmetricKey( | 311 Status VerifyUsagesBeforeImportAsymmetricKey( |
308 blink::WebCryptoKeyFormat format, | 312 blink::WebCryptoKeyFormat format, |
309 blink::WebCryptoKeyUsageMask all_public_key_usages, | 313 blink::WebCryptoKeyUsageMask all_public_key_usages, |
310 blink::WebCryptoKeyUsageMask all_private_key_usages, | 314 blink::WebCryptoKeyUsageMask all_private_key_usages, |
311 blink::WebCryptoKeyUsageMask usages) { | 315 blink::WebCryptoKeyUsageMask usages) { |
312 switch (format) { | 316 switch (format) { |
313 case blink::WebCryptoKeyFormatSpki: | 317 case blink::WebCryptoKeyFormatSpki: |
314 return CheckKeyCreationUsages(all_public_key_usages, usages); | 318 return CheckKeyCreationUsages(all_public_key_usages, usages, false); |
315 case blink::WebCryptoKeyFormatPkcs8: | 319 case blink::WebCryptoKeyFormatPkcs8: |
316 return CheckKeyCreationUsages(all_private_key_usages, usages); | 320 return CheckKeyCreationUsages(all_private_key_usages, usages, true); |
317 case blink::WebCryptoKeyFormatJwk: { | 321 case blink::WebCryptoKeyFormatJwk: { |
318 // The JWK could represent either a public key or private key. The usages | 322 // The JWK could represent either a public key or private key. The usages |
319 // must make sense for one of the two. The usages will be checked again by | 323 // must make sense for one of the two. The usages will be checked again by |
320 // ImportKeyJwk() once the key type has been determined. | 324 // ImportKeyJwk() once the key type has been determined. |
321 if (CheckKeyCreationUsages(all_public_key_usages, usages).IsError() && | 325 if (CheckKeyCreationUsages( |
322 CheckKeyCreationUsages(all_private_key_usages, usages).IsError()) { | 326 all_public_key_usages, usages, false).IsError() && |
327 CheckKeyCreationUsages( | |
328 all_private_key_usages, usages, true).IsError()) { | |
323 return Status::ErrorCreateKeyBadUsages(); | 329 return Status::ErrorCreateKeyBadUsages(); |
324 } | 330 } |
325 return Status::Success(); | 331 return Status::Success(); |
326 } | 332 } |
327 default: | 333 default: |
328 return Status::ErrorUnsupportedImportKeyFormat(); | 334 return Status::ErrorUnsupportedImportKeyFormat(); |
329 } | 335 } |
330 } | 336 } |
331 | 337 |
332 void TruncateToBitLength(size_t length_bits, std::vector<uint8_t>* bytes) { | 338 void TruncateToBitLength(size_t length_bits, std::vector<uint8_t>* bytes) { |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
380 *has_length_bits = true; | 386 *has_length_bits = true; |
381 return GetShaBlockSizeBits(params->hash(), length_bits); | 387 return GetShaBlockSizeBits(params->hash(), length_bits); |
382 } | 388 } |
383 | 389 |
384 Status GetUsagesForGenerateAsymmetricKey( | 390 Status GetUsagesForGenerateAsymmetricKey( |
385 blink::WebCryptoKeyUsageMask combined_usages, | 391 blink::WebCryptoKeyUsageMask combined_usages, |
386 blink::WebCryptoKeyUsageMask all_public_usages, | 392 blink::WebCryptoKeyUsageMask all_public_usages, |
387 blink::WebCryptoKeyUsageMask all_private_usages, | 393 blink::WebCryptoKeyUsageMask all_private_usages, |
388 blink::WebCryptoKeyUsageMask* public_usages, | 394 blink::WebCryptoKeyUsageMask* public_usages, |
389 blink::WebCryptoKeyUsageMask* private_usages) { | 395 blink::WebCryptoKeyUsageMask* private_usages) { |
396 bool allow_empty_usage = | |
eroman
2014/12/16 01:26:45
I don't understand this, doesn't seem right to me.
Habib Virji
2014/12/16 09:59:42
Yes, i was passing true for scenario where it shou
| |
397 (combined_usages & all_private_usages) ? true : false; | |
390 Status status = CheckKeyCreationUsages(all_public_usages | all_private_usages, | 398 Status status = CheckKeyCreationUsages(all_public_usages | all_private_usages, |
391 combined_usages); | 399 combined_usages, allow_empty_usage); |
392 if (status.IsError()) | 400 if (status.IsError()) |
393 return status; | 401 return status; |
394 | 402 |
395 *public_usages = combined_usages & all_public_usages; | 403 *public_usages = combined_usages & all_public_usages; |
396 *private_usages = combined_usages & all_private_usages; | 404 *private_usages = combined_usages & all_private_usages; |
397 | 405 |
398 if (*private_usages == 0) | |
399 return Status::ErrorCreateKeyEmptyUsages(); | |
eroman
2014/12/16 01:26:45
The older mechanism was clearer, and correct. Just
Habib Virji
2014/12/16 09:59:42
I have updated above, please suggest if it is okay
| |
400 | |
401 return Status::Success(); | 406 return Status::Success(); |
402 } | 407 } |
403 | 408 |
404 } // namespace webcrypto | 409 } // namespace webcrypto |
405 | 410 |
406 } // namespace content | 411 } // namespace content |
OLD | NEW |