Index: content/child/webcrypto/openssl/rsa_key_openssl.cc |
diff --git a/content/child/webcrypto/openssl/rsa_key_openssl.cc b/content/child/webcrypto/openssl/rsa_key_openssl.cc |
index 09e277f261f71d910379228d3f4921c0faa2160f..292d18c970022f5a8695a3649e54462c8cce96fa 100644 |
--- a/content/child/webcrypto/openssl/rsa_key_openssl.cc |
+++ b/content/child/webcrypto/openssl/rsa_key_openssl.cc |
@@ -158,7 +158,7 @@ Status RsaHashedAlgorithm::GenerateKey( |
blink::WebCryptoKeyUsageMask combined_usages, |
GenerateKeyResult* result) const { |
Status status = CheckKeyCreationUsages( |
- all_public_key_usages_ | all_private_key_usages_, combined_usages); |
+ all_public_key_usages_ | all_private_key_usages_, combined_usages, false); |
if (status.IsError()) |
return status; |
@@ -236,15 +236,17 @@ Status RsaHashedAlgorithm::VerifyKeyUsagesBeforeImportKey( |
blink::WebCryptoKeyUsageMask usages) const { |
switch (format) { |
case blink::WebCryptoKeyFormatSpki: |
- return CheckKeyCreationUsages(all_public_key_usages_, usages); |
+ return CheckKeyCreationUsages(all_public_key_usages_, usages, false); |
case blink::WebCryptoKeyFormatPkcs8: |
- return CheckKeyCreationUsages(all_private_key_usages_, usages); |
+ return CheckKeyCreationUsages(all_private_key_usages_, usages, true); |
case blink::WebCryptoKeyFormatJwk: |
// The JWK could represent either a public key or private key. The usages |
// must make sense for one of the two. The usages will be checked again by |
// ImportKeyJwk() once the key type has been determined. |
- if (CheckKeyCreationUsages(all_private_key_usages_, usages).IsSuccess() || |
- CheckKeyCreationUsages(all_public_key_usages_, usages).IsSuccess()) { |
+ if (CheckKeyCreationUsages( |
+ all_private_key_usages_, usages, true).IsSuccess() || |
+ CheckKeyCreationUsages( |
+ all_public_key_usages_, usages, false).IsSuccess()) { |
return Status::Success(); |
} |
return Status::ErrorCreateKeyBadUsages(); |