mandoline: Reland "Sandbox mojo:browser and mojo:omnibox."
[chromium-blink-merge.git] / components / webcrypto / nss / aes_algorithm_nss.cc
blobd09f5eecbec986e9e6d9c6aded72ed1fe05eb6f9
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/webcrypto/nss/aes_algorithm_nss.h"
7 #include "base/logging.h"
8 #include "components/webcrypto/crypto_data.h"
9 #include "components/webcrypto/jwk.h"
10 #include "components/webcrypto/nss/key_nss.h"
11 #include "components/webcrypto/nss/sym_key_nss.h"
12 #include "components/webcrypto/status.h"
13 #include "components/webcrypto/webcrypto_util.h"
14 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
16 namespace webcrypto {
18 AesAlgorithm::AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
19 blink::WebCryptoKeyUsageMask all_key_usages,
20 const std::string& jwk_suffix)
21 : import_mechanism_(import_mechanism),
22 all_key_usages_(all_key_usages),
23 jwk_suffix_(jwk_suffix) {
26 AesAlgorithm::AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
27 const std::string& jwk_suffix)
28 : import_mechanism_(import_mechanism),
29 all_key_usages_(blink::WebCryptoKeyUsageEncrypt |
30 blink::WebCryptoKeyUsageDecrypt |
31 blink::WebCryptoKeyUsageWrapKey |
32 blink::WebCryptoKeyUsageUnwrapKey),
33 jwk_suffix_(jwk_suffix) {
36 Status AesAlgorithm::GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
37 bool extractable,
38 blink::WebCryptoKeyUsageMask usages,
39 GenerateKeyResult* result) const {
40 Status status = CheckKeyCreationUsages(all_key_usages_, usages, false);
41 if (status.IsError())
42 return status;
44 unsigned int keylen_bits;
45 status = GetAesKeyGenLengthInBits(algorithm.aesKeyGenParams(), &keylen_bits);
46 if (status.IsError())
47 return status;
49 return GenerateSecretKeyNss(
50 blink::WebCryptoKeyAlgorithm::createAes(algorithm.id(), keylen_bits),
51 extractable, usages, keylen_bits, CKM_AES_KEY_GEN, result);
54 Status AesAlgorithm::VerifyKeyUsagesBeforeImportKey(
55 blink::WebCryptoKeyFormat format,
56 blink::WebCryptoKeyUsageMask usages) const {
57 switch (format) {
58 case blink::WebCryptoKeyFormatRaw:
59 case blink::WebCryptoKeyFormatJwk:
60 return CheckKeyCreationUsages(all_key_usages_, usages, false);
61 default:
62 return Status::ErrorUnsupportedImportKeyFormat();
65 Status AesAlgorithm::ImportKeyRaw(const CryptoData& key_data,
66 const blink::WebCryptoAlgorithm& algorithm,
67 bool extractable,
68 blink::WebCryptoKeyUsageMask usages,
69 blink::WebCryptoKey* key) const {
70 const unsigned int keylen_bytes = key_data.byte_length();
71 Status status = VerifyAesKeyLengthForImport(keylen_bytes);
72 if (status.IsError())
73 return status;
75 // No possibility of overflow.
76 unsigned int keylen_bits = keylen_bytes * 8;
78 return ImportKeyRawNss(key_data, blink::WebCryptoKeyAlgorithm::createAes(
79 algorithm.id(), keylen_bits),
80 extractable, usages, import_mechanism_, key);
83 Status AesAlgorithm::ImportKeyJwk(const CryptoData& key_data,
84 const blink::WebCryptoAlgorithm& algorithm,
85 bool extractable,
86 blink::WebCryptoKeyUsageMask usages,
87 blink::WebCryptoKey* key) const {
88 std::vector<uint8_t> raw_data;
89 Status status = ReadAesSecretKeyJwk(key_data, jwk_suffix_, extractable,
90 usages, &raw_data);
91 if (status.IsError())
92 return status;
94 return ImportKeyRaw(CryptoData(raw_data), algorithm, extractable, usages,
95 key);
98 Status AesAlgorithm::ExportKeyRaw(const blink::WebCryptoKey& key,
99 std::vector<uint8_t>* buffer) const {
100 *buffer = SymKeyNss::Cast(key)->raw_key_data();
101 return Status::Success();
104 Status AesAlgorithm::ExportKeyJwk(const blink::WebCryptoKey& key,
105 std::vector<uint8_t>* buffer) const {
106 SymKeyNss* sym_key = SymKeyNss::Cast(key);
107 const std::vector<uint8_t>& raw_data = sym_key->raw_key_data();
109 WriteSecretKeyJwk(CryptoData(raw_data),
110 MakeJwkAesAlgorithmName(jwk_suffix_, raw_data.size()),
111 key.extractable(), key.usages(), buffer);
113 return Status::Success();
116 Status AesAlgorithm::SerializeKeyForClone(
117 const blink::WebCryptoKey& key,
118 blink::WebVector<uint8_t>* key_data) const {
119 key_data->assign(SymKeyNss::Cast(key)->serialized_key_data());
120 return Status::Success();
123 Status AesAlgorithm::DeserializeKeyForClone(
124 const blink::WebCryptoKeyAlgorithm& algorithm,
125 blink::WebCryptoKeyType type,
126 bool extractable,
127 blink::WebCryptoKeyUsageMask usages,
128 const CryptoData& key_data,
129 blink::WebCryptoKey* key) const {
130 return ImportKeyRaw(key_data, CreateAlgorithm(algorithm.id()), extractable,
131 usages, key);
134 Status AesAlgorithm::GetKeyLength(
135 const blink::WebCryptoAlgorithm& key_length_algorithm,
136 bool* has_length_bits,
137 unsigned int* length_bits) const {
138 return GetAesKeyLength(key_length_algorithm, has_length_bits, length_bits);
141 } // namespace webcrypto