| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 1 | // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "content/child/webcrypto/openssl/aes_key_openssl.h" |
| 6 | |
| 7 | #include "base/logging.h" |
| 8 | #include "content/child/webcrypto/crypto_data.h" |
| 9 | #include "content/child/webcrypto/jwk.h" |
| 10 | #include "content/child/webcrypto/openssl/key_openssl.h" |
| 11 | #include "content/child/webcrypto/openssl/sym_key_openssl.h" |
| 12 | #include "content/child/webcrypto/status.h" |
| 13 | #include "content/child/webcrypto/webcrypto_util.h" |
| 14 | #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h" |
| 15 | |
| 16 | namespace content { |
| 17 | |
| 18 | namespace webcrypto { |
| 19 | |
| 20 | AesAlgorithm::AesAlgorithm(blink::WebCryptoKeyUsageMask all_key_usages, |
| 21 | const std::string& jwk_suffix) |
| 22 | : all_key_usages_(all_key_usages), jwk_suffix_(jwk_suffix) { |
| 23 | } |
| 24 | |
| 25 | AesAlgorithm::AesAlgorithm(const std::string& jwk_suffix) |
| 26 | : all_key_usages_(blink::WebCryptoKeyUsageEncrypt | |
| 27 | blink::WebCryptoKeyUsageDecrypt | |
| 28 | blink::WebCryptoKeyUsageWrapKey | |
| 29 | blink::WebCryptoKeyUsageUnwrapKey), |
| 30 | jwk_suffix_(jwk_suffix) { |
| 31 | } |
| 32 | |
| eroman | 9b747eaf | 2014-10-18 22:03:28 | [diff] [blame] | 33 | Status AesAlgorithm::GenerateKey(const blink::WebCryptoAlgorithm& algorithm, |
| 34 | bool extractable, |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 35 | blink::WebCryptoKeyUsageMask usages, |
| eroman | 9b747eaf | 2014-10-18 22:03:28 | [diff] [blame] | 36 | GenerateKeyResult* result) const { |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 37 | Status status = CheckKeyCreationUsages(all_key_usages_, usages); |
| eroman | 9b747eaf | 2014-10-18 22:03:28 | [diff] [blame] | 38 | if (status.IsError()) |
| 39 | return status; |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 40 | |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 41 | unsigned int keylen_bits; |
| eroman | 9b747eaf | 2014-10-18 22:03:28 | [diff] [blame] | 42 | status = GetAesKeyGenLengthInBits(algorithm.aesKeyGenParams(), &keylen_bits); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 43 | if (status.IsError()) |
| 44 | return status; |
| 45 | |
| 46 | return GenerateSecretKeyOpenSsl( |
| 47 | blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits), |
| eroman | 38bb4bd | 2014-11-24 23:47:06 | [diff] [blame^] | 48 | extractable, usages, keylen_bits / 8, result); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 49 | } |
| 50 | |
| 51 | Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey( |
| 52 | blink::WebCryptoKeyFormat format, |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 53 | blink::WebCryptoKeyUsageMask usages) const { |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 54 | switch (format) { |
| 55 | case blink::WebCryptoKeyFormatRaw: |
| 56 | case blink::WebCryptoKeyFormatJwk: |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 57 | return CheckKeyCreationUsages(all_key_usages_, usages); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 58 | default: |
| 59 | return Status::ErrorUnsupportedImportKeyFormat(); |
| 60 | } |
| 61 | } |
| 62 | |
| 63 | Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data, |
| 64 | const blink::WebCryptoAlgorithm& algorithm, |
| 65 | bool extractable, |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 66 | blink::WebCryptoKeyUsageMask usages, |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 67 | blink::WebCryptoKey* key) const { |
| 68 | const unsigned int keylen_bytes = key_data.byte_length(); |
| 69 | Status status = VerifyAesKeyLengthForImport(keylen_bytes); |
| 70 | if (status.IsError()) |
| 71 | return status; |
| 72 | |
| 73 | // No possibility of overflow. |
| 74 | unsigned int keylen_bits = keylen_bytes * 8; |
| 75 | |
| eroman | 38bb4bd | 2014-11-24 23:47:06 | [diff] [blame^] | 76 | return ImportKeyRawOpenSsl(key_data, blink::WebCryptoKeyAlgorithm::createAes( |
| 77 | algorithm.id(), keylen_bits), |
| 78 | extractable, usages, key); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 79 | } |
| 80 | |
| 81 | Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data, |
| 82 | const blink::WebCryptoAlgorithm& algorithm, |
| 83 | bool extractable, |
| eroman | 0e1d34e | 2014-10-21 19:13:31 | [diff] [blame] | 84 | blink::WebCryptoKeyUsageMask usages, |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 85 | blink::WebCryptoKey* key) const { |
| [email protected] | 53b6c9d2 | 2014-07-19 05:08:38 | [diff] [blame] | 86 | std::vector<uint8_t> raw_data; |
| eroman | 38bb4bd | 2014-11-24 23:47:06 | [diff] [blame^] | 87 | Status status = ReadAesSecretKeyJwk(key_data, jwk_suffix_, extractable, |
| 88 | usages, &raw_data); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 89 | if (status.IsError()) |
| 90 | return status; |
| 91 | |
| eroman | 38bb4bd | 2014-11-24 23:47:06 | [diff] [blame^] | 92 | return ImportKeyRaw(CryptoData(raw_data), algorithm, extractable, usages, |
| 93 | key); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 94 | } |
| 95 | |
| 96 | Status AesAlgorithm::ExportKeyRaw(const blink::WebCryptoKey& key, |
| [email protected] | 53b6c9d2 | 2014-07-19 05:08:38 | [diff] [blame] | 97 | std::vector<uint8_t>* buffer) const { |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 98 | *buffer = SymKeyOpenSsl::Cast(key)->raw_key_data(); |
| 99 | return Status::Success(); |
| 100 | } |
| 101 | |
| 102 | Status AesAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key, |
| [email protected] | 53b6c9d2 | 2014-07-19 05:08:38 | [diff] [blame] | 103 | std::vector<uint8_t>* buffer) const { |
| 104 | const std::vector<uint8_t>& raw_data = |
| 105 | SymKeyOpenSsl::Cast(key)->raw_key_data(); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 106 | |
| 107 | WriteSecretKeyJwk(CryptoData(raw_data), |
| 108 | MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size()), |
| eroman | 38bb4bd | 2014-11-24 23:47:06 | [diff] [blame^] | 109 | key.extractable(), key.usages(), buffer); |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 110 | |
| 111 | return Status::Success(); |
| 112 | } |
| 113 | |
| eroman | a895fed | 2014-11-08 03:10:25 | [diff] [blame] | 114 | Status AesAlgorithm::SerializeKeyForClone( |
| 115 | const blink::WebCryptoKey& key, |
| 116 | blink::WebVector<uint8_t>* key_data) const { |
| 117 | key_data->assign(SymKeyOpenSsl::Cast(key)->serialized_key_data()); |
| 118 | return Status::Success(); |
| 119 | } |
| 120 | |
| 121 | Status AesAlgorithm::DeserializeKeyForClone( |
| 122 | const blink::WebCryptoKeyAlgorithm& algorithm, |
| 123 | blink::WebCryptoKeyType type, |
| 124 | bool extractable, |
| 125 | blink::WebCryptoKeyUsageMask usages, |
| 126 | const CryptoData& key_data, |
| 127 | blink::WebCryptoKey* key) const { |
| 128 | return ImportKeyRaw(key_data, CreateAlgorithm(algorithm.id()), extractable, |
| 129 | usages, key); |
| 130 | } |
| 131 | |
| [email protected] | 38409aec | 2014-07-19 00:54:51 | [diff] [blame] | 132 | } // namespace webcrypto |
| 133 | |
| 134 | } // namespace content |
