Implement HKDF for WebCrypto (blink-side)

Source/platform/exported/WebCryptoKeyAlgorithm.cpp

 /*
  * Copyright (C) 2014 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 75 matching lines @@
     if (!WebCryptoAlgorithm::isHash(hash))
         return WebCryptoKeyAlgorithm();
     return WebCryptoKeyAlgorithm(id, adoptPtr(new WebCryptoRsaHashedKeyAlgorithmParams(modulusLengthBits, publicExponent, publicExponentSize, createHash(hash))));
 }
 
 WebCryptoKeyAlgorithm WebCryptoKeyAlgorithm::createEc(WebCryptoAlgorithmId id, WebCryptoNamedCurve namedCurve)
 {
     return WebCryptoKeyAlgorithm(id, adoptPtr(new WebCryptoEcKeyAlgorithmParams(namedCurve)));
 }
 
+WebCryptoKeyAlgorithm WebCryptoKeyAlgorithm::create(WebCryptoAlgorithmId id)

[eroman, 2014/12/23 20:58:24]

Call this createHkdf() instead and omit the ID parameter. (There is no other
valid ID that can be passed).

[nharper, 2014/12/23 22:46:59]

Done.

+{
+    return WebCryptoKeyAlgorithm(id, nullptr);

[eroman, 2014/12/23 20:58:24]

We should find out from the working group if this is likely to stick. It seems
like at a minimum there should be a "length" attribute for the key to match how
HMAC and AES keys work.

The reason this is important, is once we support these keys and allow
serializing them, if all the properties aren't there and are added later we will
have to monkey that in, which is not great.

[eroman, 2014/12/23 22:03:53]

Actually I am fairly confident a "length" attribute isn't a good idea. But would
still be good to confirm with Ryan before this becomes set in stone.

[nharper, 2014/12/23 22:46:59]

PBKDF2 and CONCAT both have no extra params for KeyAlgorithm, like HKDF here.
The only reason I can find for HMAC having a length attribute is for
generateKey, a method which HKDF does not support.

[eroman, 2014/12/23 23:34:29]

The other reason HMAC needs it, is HMAC keys are not necessarily byte-lengthed,
so without reflecting the key length there would be information loss when
exporting / re-importing.

(Even though algorithmically HMAC internally sets that stuff to zero...)

+}
+
 bool WebCryptoKeyAlgorithm::isNull() const
 {
     return m_private.isNull();
 }
 
 WebCryptoAlgorithmId WebCryptoKeyAlgorithm::id() const
 {
     ASSERT(!isNull());
     return m_private->id;
 }
@@ skipping 35 matching lines @@
     ASSERT(!isNull());
     if (paramsType() == WebCryptoKeyAlgorithmParamsTypeEc)
         return static_cast<WebCryptoEcKeyAlgorithmParams*>(m_private->params.get());
     return 0;
 }
 
 void WebCryptoKeyAlgorithm::writeToDictionary(WebCryptoKeyAlgorithmDictionary* dict) const
 {
     ASSERT(!isNull());
     dict->setString("name", WebCryptoAlgorithm::lookupAlgorithmInfo(id())->name);
-    m_private->params.get()->writeToDictionary(dict);
+    if (m_private->params.get())
+        m_private->params.get()->writeToDictionary(dict);
 }
 
 void WebCryptoKeyAlgorithm::assign(const WebCryptoKeyAlgorithm& other)
 {
     m_private = other.m_private;
 }
 
 void WebCryptoKeyAlgorithm::reset()
 {
     m_private.reset();
 }
 
 } // namespace blink