search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Roll src/third_party/WebKit c63b89c:29324ab (svn 202546:202547)
[chromium-blink-merge.git] / components / webcrypto / algorithms / aes.cc
blob582c5b6274cb0283649441408bd2a37392519bda
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/webcrypto/algorithms/aes.h"
6
7 #include "base/logging.h"
8 #include "components/webcrypto/algorithms/util_openssl.h"
9 #include "components/webcrypto/crypto_data.h"
10 #include "components/webcrypto/jwk.h"
11 #include "components/webcrypto/key.h"
12 #include "components/webcrypto/status.h"
13 #include "components/webcrypto/webcrypto_util.h"
14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
15
16 namespace webcrypto {
17
18 namespace {
19
20 // Creates an AES algorithm name for the given key size (in bytes). For
21 // instance "A128CBC" is the result of suffix="CBC", keylen_bytes=16.
22 std::string MakeJwkAesAlgorithmName(const std::string& suffix,
23 size_t keylen_bytes) {
24 if (keylen_bytes == 16)
25 return std::string("A128") + suffix;
26 if (keylen_bytes == 24)
27 return std::string("A192") + suffix;
28 if (keylen_bytes == 32)
29 return std::string("A256") + suffix;
30 return std::string();
31 }
32
33 } // namespace
34
35 AesAlgorithm::AesAlgorithm(blink::WebCryptoKeyUsageMask all_key_usages,
36 const std::string& jwk_suffix)
37 : all_key_usages_(all_key_usages), jwk_suffix_(jwk_suffix) {
38 }
39
40 AesAlgorithm::AesAlgorithm(const std::string& jwk_suffix)
41 : all_key_usages_(blink::WebCryptoKeyUsageEncrypt |
42 blink::WebCryptoKeyUsageDecrypt |
43 blink::WebCryptoKeyUsageWrapKey |
44 blink::WebCryptoKeyUsageUnwrapKey),
45 jwk_suffix_(jwk_suffix) {
46 }
47
48 Status AesAlgorithm::GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
49 bool extractable,
50 blink::WebCryptoKeyUsageMask usages,
51 GenerateKeyResult* result) const {
52 Status status = CheckKeyCreationUsages(all_key_usages_, usages, false);
53 if (status.IsError())
54 return status;
55
56 unsigned int keylen_bits;
57 status = GetAesKeyGenLengthInBits(algorithm.aesKeyGenParams(), &keylen_bits);
58 if (status.IsError())
59 return status;
60
61 return GenerateWebCryptoSecretKey(
62 blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
63 extractable, usages, keylen_bits, result);
64 }
65
66 Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey(
67 blink::WebCryptoKeyFormat format,
68 blink::WebCryptoKeyUsageMask usages) const {
69 switch (format) {
70 case blink::WebCryptoKeyFormatRaw:
71 case blink::WebCryptoKeyFormatJwk:
72 return CheckKeyCreationUsages(all_key_usages_, usages, false);
73 default:
74 return Status::ErrorUnsupportedImportKeyFormat();
75 }
76 }
77
78 Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data,
79 const blink::WebCryptoAlgorithm& algorithm,
80 bool extractable,
81 blink::WebCryptoKeyUsageMask usages,
82 blink::WebCryptoKey* key) const {
83 const unsigned int keylen_bytes = key_data.byte_length();
84 Status status = VerifyAesKeyLengthForImport(keylen_bytes);
85 if (status.IsError())
86 return status;
87
88 // No possibility of overflow.
89 unsigned int keylen_bits = keylen_bytes * 8;
90
91 return CreateWebCryptoSecretKey(
92 key_data,
93 blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
94 extractable, usages, key);
95 }
96
97 Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data,
98 const blink::WebCryptoAlgorithm& algorithm,
99 bool extractable,
100 blink::WebCryptoKeyUsageMask usages,
101 blink::WebCryptoKey* key) const {
102 std::vector<uint8_t> raw_data;
103 JwkReader jwk;
104 Status status = ReadSecretKeyNoExpectedAlg(key_data, extractable, usages,
105 &raw_data, &jwk);
106 if (status.IsError())
107 return status;
108
109 bool has_jwk_alg;
110 std::string jwk_alg;
111 status = jwk.GetAlg(&jwk_alg, &has_jwk_alg);
112 if (status.IsError())
113 return status;
114
115 if (has_jwk_alg) {
116 std::string expected_algorithm_name =
117 MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size());
118
119 if (jwk_alg != expected_algorithm_name) {
120 // Give a different error message if the key length was wrong.
121 if (jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 16) ||
122 jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 24) ||
123 jwk_alg == MakeJwkAesAlgorithmName(jwk_suffix_, 32)) {
124 return Status::ErrorJwkIncorrectKeyLength();
125 }
126 return Status::ErrorJwkAlgorithmInconsistent();
127 }
128 }
129
130 return ImportKeyRaw(CryptoData(raw_data), algorithm, extractable, usages,
131 key);
132 }
133
134 Status AesAlgorithm::ExportKeyRaw(const blink::WebCryptoKey& key,
135 std::vector<uint8_t>* buffer) const {
136 *buffer = GetSymmetricKeyData(key);
137 return Status::Success();
138 }
139
140 Status AesAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key,
141 std::vector<uint8_t>* buffer) const {
142 const std::vector<uint8_t>& raw_data = GetSymmetricKeyData(key);
143
144 WriteSecretKeyJwk(CryptoData(raw_data),
145 MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size()),
146 key.extractable(), key.usages(), buffer);
147
148 return Status::Success();
149 }
150
151 Status AesAlgorithm::DeserializeKeyForClone(
152 const blink::WebCryptoKeyAlgorithm& algorithm,
153 blink::WebCryptoKeyType type,
154 bool extractable,
155 blink::WebCryptoKeyUsageMask usages,
156 const CryptoData& key_data,
157 blink::WebCryptoKey* key) const {
158 return ImportKeyRaw(key_data, CreateAlgorithm(algorithm.id()), extractable,
159 usages, key);
160 }
161
162 Status AesAlgorithm::GetKeyLength(
163 const blink::WebCryptoAlgorithm& key_length_algorithm,
164 bool* has_length_bits,
165 unsigned int* length_bits) const {
166 return GetAesKeyLength(key_length_algorithm, has_length_bits, length_bits);
167 }
168
169 } // namespace webcrypto