Re-subimission of https://codereview.chromium.org/1041213003/
[chromium-blink-merge.git] / content / child / webcrypto / status.h
bloba021555f896373427df59699c374724b5242f888
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CONTENT_CHILD_WEBCRYPTO_STATUS_H_
6 #define CONTENT_CHILD_WEBCRYPTO_STATUS_H_
8 #include <string>
9 #include "content/common/content_export.h"
10 #include "third_party/WebKit/public/platform/WebCrypto.h"
12 namespace content {
14 namespace webcrypto {
16 // Status indicates whether an operation completed successfully, or with an
17 // error. The error is used for verification in unit-tests, as well as for
18 // display to the user.
20 // As such, it is important that errors DO NOT reveal any sensitive material
21 // (like key bytes).
22 class CONTENT_EXPORT Status {
23 public:
24 Status() : type_(TYPE_ERROR) {}
26 // Returns true if the Status represents an error (any one of them).
27 bool IsError() const;
29 // Returns true if the Status represent success.
30 bool IsSuccess() const;
32 // Returns a UTF-8 error message (non-localized) describing the error.
33 const std::string& error_details() const { return error_details_; }
35 blink::WebCryptoErrorType error_type() const { return error_type_; }
37 // Constructs a status representing success.
38 static Status Success();
40 // Constructs a status representing a generic operation error. It contains no
41 // extra details.
42 static Status OperationError();
44 // Constructs a status representing a generic data error. It contains no
45 // extra details.
46 static Status DataError();
48 // ------------------------------------
49 // Errors when importing a JWK formatted key
50 // ------------------------------------
52 // The key bytes could not parsed as JSON dictionary. This either
53 // means there was a parsing error, or the JSON object was not
54 // convertable to a dictionary.
55 static Status ErrorJwkNotDictionary();
57 // The required JWK member |member_name| was missing.
58 static Status ErrorJwkMemberMissing(const std::string& member_name);
60 // The JWK member |member_name| was not of type |expected_type|.
61 static Status ErrorJwkMemberWrongType(const std::string& member_name,
62 const std::string& expected_type);
64 // The JWK member |member_name| was a string, however could not be
65 // successfully base64 decoded.
66 static Status ErrorJwkBase64Decode(const std::string& member_name);
68 // The "ext" parameter was specified but was
69 // incompatible with the value requested by the Web Crypto call.
70 static Status ErrorJwkExtInconsistent();
72 // The "alg" parameter is incompatible with the (optional) Algorithm
73 // specified by the Web Crypto import operation.
74 static Status ErrorJwkAlgorithmInconsistent();
76 // The "use" parameter was specified, however it couldn't be converted to an
77 // equivalent Web Crypto usage.
78 static Status ErrorJwkUnrecognizedUse();
80 // The "key_ops" parameter was specified, however one of the values in the
81 // array couldn't be converted to an equivalent Web Crypto usage.
82 static Status ErrorJwkUnrecognizedKeyop();
84 // The "use" parameter was specified, however it is incompatible with that
85 // specified by the Web Crypto import operation.
86 static Status ErrorJwkUseInconsistent();
88 // The "key_ops" parameter was specified, however it is incompatible with that
89 // specified by the Web Crypto import operation.
90 static Status ErrorJwkKeyopsInconsistent();
92 // Both the "key_ops" and the "use" parameters were specified, however they
93 // are incompatible with each other.
94 static Status ErrorJwkUseAndKeyopsInconsistent();
96 // The "kty" parameter was given and was a string, however it was not the
97 // expected value.
98 static Status ErrorJwkUnexpectedKty(const std::string& expected);
100 // The amount of key data provided was incompatible with the selected
101 // algorithm. For instance if the algorith name was A128CBC then EXACTLY
102 // 128-bits of key data must have been provided. If 192-bits of key data were
103 // given that is an error.
104 static Status ErrorJwkIncorrectKeyLength();
106 // The JWK member |member_name| is supposed to represent a big-endian unsigned
107 // integer, however was the empty string.
108 static Status ErrorJwkEmptyBigInteger(const std::string& member_name);
110 // The big-endian unsigned integer |member_name| contained leading zeros. This
111 // violates the JWA requirement that such octet strings be minimal.
112 static Status ErrorJwkBigIntegerHasLeadingZero(
113 const std::string& member_name);
115 // The key_ops lists a usage more than once.
116 static Status ErrorJwkDuplicateKeyOps();
118 // ------------------------------------
119 // Other errors
120 // ------------------------------------
122 // Tried importing a key using an unsupported format for the key type (for
123 // instance importing an HMAC key using format=spki).
124 static Status ErrorUnsupportedImportKeyFormat();
126 // Tried exporting a key using an unsupported format for the key type (for
127 // instance exporting an HMAC key using format=spki).
128 static Status ErrorUnsupportedExportKeyFormat();
130 // The key data buffer provided for importKey() is an incorrect length for
131 // AES.
132 static Status ErrorImportAesKeyLength();
134 // The length specified when deriving an AES key was not 128 or 256 bits.
135 static Status ErrorGetAesKeyLength();
137 // Attempted to generate an AES key with an invalid length.
138 static Status ErrorGenerateAesKeyLength();
140 // 192-bit AES keys are valid, however unsupported.
141 static Status ErrorAes192BitUnsupported();
143 // The wrong key was used for the operation. For instance, a public key was
144 // used to verify a RsaSsaPkcs1v1_5 signature, or tried exporting a private
145 // key using spki format.
146 static Status ErrorUnexpectedKeyType();
148 // When doing an AES-CBC encryption/decryption, the "iv" parameter was not 16
149 // bytes.
150 static Status ErrorIncorrectSizeAesCbcIv();
152 // When doing AES-CTR encryption/decryption, the "counter" parameter was not
153 // 16 bytes.
154 static Status ErrorIncorrectSizeAesCtrCounter();
156 // When doing AES-CTR encryption/decryption, the "length" parameter for the
157 // counter was out of range.
158 static Status ErrorInvalidAesCtrCounterLength();
160 // The input to encrypt/decrypt was too large. Based on the counter size, it
161 // would cause the counter to wraparound and repeat earlier values.
162 static Status ErrorAesCtrInputTooLongCounterRepeated();
164 // The data provided to an encrypt/decrypt/sign/verify operation was too
165 // large. This can either represent an internal limitation (for instance
166 // representing buffer lengths as uints).
167 static Status ErrorDataTooLarge();
169 // The data provided to an encrypt/decrypt/sign/verify operation was too
170 // small. This usually represents an algorithm restriction (for instance
171 // AES-KW requires a minimum of 24 bytes input data).
172 static Status ErrorDataTooSmall();
174 // Something was unsupported or unimplemented. This can mean the algorithm in
175 // question was unsupported, some parameter combination was unsupported, or
176 // something has not yet been implemented.
177 static Status ErrorUnsupported();
178 static Status ErrorUnsupported(const std::string& message);
180 // Something unexpected happened in the code, which implies there is a
181 // source-level bug. These should not happen, but safer to fail than simply
182 // DCHECK.
183 static Status ErrorUnexpected();
185 // The authentication tag length specified for AES-GCM encrypt/decrypt was
186 // not 32, 64, 96, 104, 112, 120, or 128.
187 static Status ErrorInvalidAesGcmTagLength();
189 // The input data given to an AES-KW encrypt/decrypt operation was not a
190 // multiple of 8 bytes, as required by RFC 3394.
191 static Status ErrorInvalidAesKwDataLength();
193 // The "publicExponent" used to generate a key was invalid or unsupported.
194 // Only values of 3 and 65537 are allowed.
195 static Status ErrorGenerateKeyPublicExponent();
197 // The modulus bytes were empty when importing an RSA public key.
198 static Status ErrorImportRsaEmptyModulus();
200 // The modulus length was unsupported when generating an RSA key pair.
201 static Status ErrorGenerateRsaUnsupportedModulus();
203 // The exponent bytes were empty when importing an RSA public key.
204 static Status ErrorImportRsaEmptyExponent();
206 // An unextractable key was used by an operation which exports the key data.
207 static Status ErrorKeyNotExtractable();
209 // Attempted to generate an HMAC key using a key length of 0.
210 static Status ErrorGenerateHmacKeyLengthZero();
212 // Attempted to import an HMAC key containing no data.
213 static Status ErrorHmacImportEmptyKey();
215 // Attempted to derive an HMAC key with zero length.
216 static Status ErrorGetHmacKeyLengthZero();
218 // Attempted to import an HMAC key using a bad optional length.
219 static Status ErrorHmacImportBadLength();
221 // Attempted to create a key (either by importKey(), generateKey(), or
222 // unwrapKey()) however the key usages were not applicable for the key type
223 // and algorithm.
224 static Status ErrorCreateKeyBadUsages();
226 // No usages were specified when generating/importing a secret or private key.
227 static Status ErrorCreateKeyEmptyUsages();
229 // An EC key imported using SPKI/PKCS8 format had the wrong curve specified in
230 // the key.
231 static Status ErrorImportedEcKeyIncorrectCurve();
233 // The "crv" member for a JWK did not match the expectations from importKey()
234 static Status ErrorJwkIncorrectCrv();
236 // The EC key failed validation (coordinates don't lie on curve, out of range,
237 // etc.)
238 static Status ErrorEcKeyInvalid();
240 // The octet string |member_name| was expected to be |expected_length| bytes
241 // long, but was instead |actual_length| bytes long.
242 static Status JwkOctetStringWrongLength(const std::string& member_name,
243 size_t expected_length,
244 size_t actual_length);
246 // The public key given for ECDH key derivation was not an EC public key.
247 static Status ErrorEcdhPublicKeyWrongType();
249 // The public key's algorithm was not ECDH.
250 static Status ErrorEcdhPublicKeyWrongAlgorithm();
252 // The public and private keys given to ECDH key derivation were not for the
253 // same named curve.
254 static Status ErrorEcdhCurveMismatch();
256 // The requested bit length for ECDH key derivation was too large.
257 static Status ErrorEcdhLengthTooBig(unsigned int max_length_bits);
259 // The requested length for HKDF was too large.
260 static Status ErrorHkdfLengthTooLong();
262 // No length parameter was provided for HKDF's Derive Bits operation.
263 static Status ErrorHkdfDeriveBitsLengthNotSpecified();
265 // The requested bit length for PBKDF2 key derivation was invalid.
266 static Status ErrorPbkdf2InvalidLength();
268 // No length parameter was provided for PBKDF2's Derive Bits operation.
269 static Status ErrorPbkdf2DeriveBitsLengthNotSpecified();
271 private:
272 enum Type { TYPE_ERROR, TYPE_SUCCESS };
274 // Constructs an error with the specified error type and message.
275 Status(blink::WebCryptoErrorType error_type,
276 const std::string& error_details_utf8);
278 // Constructs a success or error without any details.
279 explicit Status(Type type);
281 Type type_;
282 blink::WebCryptoErrorType error_type_;
283 std::string error_details_;
286 } // namespace webcrypto
288 } // namespace content
290 #endif // CONTENT_CHILD_WEBCRYPTO_STATUS_H_