1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/child/webcrypto/webcrypto_impl.h"
8 #include "base/lazy_instance.h"
9 #include "base/location.h"
10 #include "base/logging.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/single_thread_task_runner.h"
13 #include "base/stl_util.h"
14 #include "base/task_runner.h"
15 #include "base/thread_task_runner_handle.h"
16 #include "base/threading/sequenced_worker_pool.h"
17 #include "base/threading/worker_pool.h"
18 #include "content/child/webcrypto/algorithm_dispatch.h"
19 #include "content/child/webcrypto/crypto_data.h"
20 #include "content/child/webcrypto/generate_key_result.h"
21 #include "content/child/webcrypto/status.h"
22 #include "content/child/webcrypto/webcrypto_util.h"
23 #include "third_party/WebKit/public/platform/WebCryptoKeyAlgorithm.h"
24 #include "third_party/WebKit/public/platform/WebString.h"
28 using webcrypto::Status
;
32 // ---------------------
34 // ---------------------
36 // WebCrypto operations can be slow. For instance generating an RSA key can
39 // Moreover the underlying crypto libraries are not threadsafe when operating
42 // The strategy used here is to run a sequenced worker pool for all WebCrypto
43 // operations (except structured cloning). This same pool is also used by
44 // requests started from Blink Web Workers.
46 // A few notes to keep in mind:
48 // * PostTaskAndReply() cannot be used for two reasons:
50 // (1) Blink web worker threads do not have an associated message loop so
51 // construction of the reply callback will crash.
53 // (2) PostTaskAndReply() handles failure posting the reply by leaking the
54 // callback, rather than destroying it. In the case of Web Workers this
55 // condition is reachable via normal execution, since Web Workers can
56 // be stopped before the WebCrypto operation has finished. A policy of
57 // leaking would therefore be problematic.
59 // * blink::WebArrayBuffer is NOT threadsafe, and should therefore be allocated
60 // on the target Blink thread.
62 // TODO(eroman): Is there any way around this? Copying the result between
65 // * WebCryptoAlgorithm and WebCryptoKey are threadsafe (however the key's
66 // handle(), which wraps an NSS/OpenSSL type, may not be and should only be
67 // used from the webcrypto thread).
69 // * blink::WebCryptoResult is not threadsafe and should only be operated on
70 // the target Blink thread. HOWEVER, it is safe to delete it from any thread.
71 // This can happen if by the time the operation has completed in the crypto
72 // worker pool, the Blink worker thread that initiated the request is gone.
73 // Posting back to the origin thread will fail, and the WebCryptoResult will
74 // be deleted while running in the crypto worker pool.
75 class CryptoThreadPool
{
78 : worker_pool_(new base::SequencedWorkerPool(1, "WebCrypto")),
79 task_runner_(worker_pool_
->GetSequencedTaskRunnerWithShutdownBehavior(
80 worker_pool_
->GetSequenceToken(),
81 base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN
)) {}
83 static bool PostTask(const tracked_objects::Location
& from_here
,
84 const base::Closure
& task
);
87 scoped_refptr
<base::SequencedWorkerPool
> worker_pool_
;
88 scoped_refptr
<base::SequencedTaskRunner
> task_runner_
;
91 base::LazyInstance
<CryptoThreadPool
>::Leaky crypto_thread_pool
=
92 LAZY_INSTANCE_INITIALIZER
;
94 bool CryptoThreadPool::PostTask(const tracked_objects::Location
& from_here
,
95 const base::Closure
& task
) {
96 return crypto_thread_pool
.Get().task_runner_
->PostTask(from_here
, task
);
99 void CompleteWithThreadPoolError(blink::WebCryptoResult
* result
) {
100 result
->completeWithError(blink::WebCryptoErrorTypeOperation
,
101 "Failed posting to crypto worker pool");
104 void CompleteWithError(const Status
& status
, blink::WebCryptoResult
* result
) {
105 DCHECK(status
.IsError());
107 result
->completeWithError(status
.error_type(),
108 blink::WebString::fromUTF8(status
.error_details()));
111 void CompleteWithBufferOrError(const Status
& status
,
112 const std::vector
<uint8_t>& buffer
,
113 blink::WebCryptoResult
* result
) {
114 if (status
.IsError()) {
115 CompleteWithError(status
, result
);
117 if (buffer
.size() > UINT_MAX
) {
118 // WebArrayBuffers have a smaller range than std::vector<>, so
119 // theoretically this could overflow.
120 CompleteWithError(Status::ErrorUnexpected(), result
);
122 result
->completeWithBuffer(vector_as_array(&buffer
), buffer
.size());
127 void CompleteWithKeyOrError(const Status
& status
,
128 const blink::WebCryptoKey
& key
,
129 blink::WebCryptoResult
* result
) {
130 if (status
.IsError()) {
131 CompleteWithError(status
, result
);
133 result
->completeWithKey(key
);
137 // Gets a task runner for the current thread.
138 scoped_refptr
<base::TaskRunner
> GetCurrentBlinkThread() {
139 DCHECK(base::ThreadTaskRunnerHandle::IsSet());
140 return base::ThreadTaskRunnerHandle::Get();
143 // --------------------------------------------------------------------
145 // --------------------------------------------------------------------
147 // Explicit state classes are used rather than base::Bind(). This is done
148 // both for clarity, but also to avoid extraneous allocations for things
149 // like passing buffers and result objects between threads.
151 // BaseState is the base class common to all of the async operations, and
152 // keeps track of the thread to complete on, the error state, and the
153 // callback into Blink.
155 // Ownership of the State object is passed between the crypto thread and the
156 // Blink thread. Under normal completion it is destroyed on the Blink thread.
157 // However it may also be destroyed on the crypto thread if the Blink thread
158 // has vanished (which can happen for Blink web worker threads).
161 explicit BaseState(const blink::WebCryptoResult
& result
)
162 : origin_thread(GetCurrentBlinkThread()), result(result
) {}
164 bool cancelled() { return result
.cancelled(); }
166 scoped_refptr
<base::TaskRunner
> origin_thread
;
168 webcrypto::Status status
;
169 blink::WebCryptoResult result
;
172 // Since there is no virtual destructor, must not delete directly as a
177 struct EncryptState
: public BaseState
{
178 EncryptState(const blink::WebCryptoAlgorithm
& algorithm
,
179 const blink::WebCryptoKey
& key
,
180 const unsigned char* data
,
181 unsigned int data_size
,
182 const blink::WebCryptoResult
& result
)
184 algorithm(algorithm
),
186 data(data
, data
+ data_size
) {}
188 const blink::WebCryptoAlgorithm algorithm
;
189 const blink::WebCryptoKey key
;
190 const std::vector
<uint8_t> data
;
192 std::vector
<uint8_t> buffer
;
195 typedef EncryptState DecryptState
;
196 typedef EncryptState DigestState
;
198 struct GenerateKeyState
: public BaseState
{
199 GenerateKeyState(const blink::WebCryptoAlgorithm
& algorithm
,
201 blink::WebCryptoKeyUsageMask usages
,
202 const blink::WebCryptoResult
& result
)
204 algorithm(algorithm
),
205 extractable(extractable
),
208 const blink::WebCryptoAlgorithm algorithm
;
209 const bool extractable
;
210 const blink::WebCryptoKeyUsageMask usages
;
212 webcrypto::GenerateKeyResult generate_key_result
;
215 struct ImportKeyState
: public BaseState
{
216 ImportKeyState(blink::WebCryptoKeyFormat format
,
217 const unsigned char* key_data
,
218 unsigned int key_data_size
,
219 const blink::WebCryptoAlgorithm
& algorithm
,
221 blink::WebCryptoKeyUsageMask usages
,
222 const blink::WebCryptoResult
& result
)
225 key_data(key_data
, key_data
+ key_data_size
),
226 algorithm(algorithm
),
227 extractable(extractable
),
230 const blink::WebCryptoKeyFormat format
;
231 const std::vector
<uint8_t> key_data
;
232 const blink::WebCryptoAlgorithm algorithm
;
233 const bool extractable
;
234 const blink::WebCryptoKeyUsageMask usages
;
236 blink::WebCryptoKey key
;
239 struct ExportKeyState
: public BaseState
{
240 ExportKeyState(blink::WebCryptoKeyFormat format
,
241 const blink::WebCryptoKey
& key
,
242 const blink::WebCryptoResult
& result
)
243 : BaseState(result
), format(format
), key(key
) {}
245 const blink::WebCryptoKeyFormat format
;
246 const blink::WebCryptoKey key
;
248 std::vector
<uint8_t> buffer
;
251 typedef EncryptState SignState
;
253 struct VerifySignatureState
: public BaseState
{
254 VerifySignatureState(const blink::WebCryptoAlgorithm
& algorithm
,
255 const blink::WebCryptoKey
& key
,
256 const unsigned char* signature
,
257 unsigned int signature_size
,
258 const unsigned char* data
,
259 unsigned int data_size
,
260 const blink::WebCryptoResult
& result
)
262 algorithm(algorithm
),
264 signature(signature
, signature
+ signature_size
),
265 data(data
, data
+ data_size
),
266 verify_result(false) {}
268 const blink::WebCryptoAlgorithm algorithm
;
269 const blink::WebCryptoKey key
;
270 const std::vector
<uint8_t> signature
;
271 const std::vector
<uint8_t> data
;
276 struct WrapKeyState
: public BaseState
{
277 WrapKeyState(blink::WebCryptoKeyFormat format
,
278 const blink::WebCryptoKey
& key
,
279 const blink::WebCryptoKey
& wrapping_key
,
280 const blink::WebCryptoAlgorithm
& wrap_algorithm
,
281 const blink::WebCryptoResult
& result
)
285 wrapping_key(wrapping_key
),
286 wrap_algorithm(wrap_algorithm
) {}
288 const blink::WebCryptoKeyFormat format
;
289 const blink::WebCryptoKey key
;
290 const blink::WebCryptoKey wrapping_key
;
291 const blink::WebCryptoAlgorithm wrap_algorithm
;
293 std::vector
<uint8_t> buffer
;
296 struct UnwrapKeyState
: public BaseState
{
297 UnwrapKeyState(blink::WebCryptoKeyFormat format
,
298 const unsigned char* wrapped_key
,
299 unsigned wrapped_key_size
,
300 const blink::WebCryptoKey
& wrapping_key
,
301 const blink::WebCryptoAlgorithm
& unwrap_algorithm
,
302 const blink::WebCryptoAlgorithm
& unwrapped_key_algorithm
,
304 blink::WebCryptoKeyUsageMask usages
,
305 const blink::WebCryptoResult
& result
)
308 wrapped_key(wrapped_key
, wrapped_key
+ wrapped_key_size
),
309 wrapping_key(wrapping_key
),
310 unwrap_algorithm(unwrap_algorithm
),
311 unwrapped_key_algorithm(unwrapped_key_algorithm
),
312 extractable(extractable
),
315 const blink::WebCryptoKeyFormat format
;
316 const std::vector
<uint8_t> wrapped_key
;
317 const blink::WebCryptoKey wrapping_key
;
318 const blink::WebCryptoAlgorithm unwrap_algorithm
;
319 const blink::WebCryptoAlgorithm unwrapped_key_algorithm
;
320 const bool extractable
;
321 const blink::WebCryptoKeyUsageMask usages
;
323 blink::WebCryptoKey unwrapped_key
;
326 struct DeriveBitsState
: public BaseState
{
327 DeriveBitsState(const blink::WebCryptoAlgorithm
& algorithm
,
328 const blink::WebCryptoKey
& base_key
,
329 unsigned int length_bits
,
330 const blink::WebCryptoResult
& result
)
332 algorithm(algorithm
),
334 length_bits(length_bits
) {}
336 const blink::WebCryptoAlgorithm algorithm
;
337 const blink::WebCryptoKey base_key
;
338 const unsigned int length_bits
;
340 std::vector
<uint8_t> derived_bytes
;
343 struct DeriveKeyState
: public BaseState
{
344 DeriveKeyState(const blink::WebCryptoAlgorithm
& algorithm
,
345 const blink::WebCryptoKey
& base_key
,
346 const blink::WebCryptoAlgorithm
& import_algorithm
,
347 const blink::WebCryptoAlgorithm
& key_length_algorithm
,
349 blink::WebCryptoKeyUsageMask usages
,
350 const blink::WebCryptoResult
& result
)
352 algorithm(algorithm
),
354 import_algorithm(import_algorithm
),
355 key_length_algorithm(key_length_algorithm
),
356 extractable(extractable
),
359 const blink::WebCryptoAlgorithm algorithm
;
360 const blink::WebCryptoKey base_key
;
361 const blink::WebCryptoAlgorithm import_algorithm
;
362 const blink::WebCryptoAlgorithm key_length_algorithm
;
364 blink::WebCryptoKeyUsageMask usages
;
366 blink::WebCryptoKey derived_key
;
369 // --------------------------------------------------------------------
371 // --------------------------------------------------------------------
373 // * The methods named Do*() run on the crypto thread.
374 // * The methods named Do*Reply() run on the target Blink thread
376 void DoEncryptReply(scoped_ptr
<EncryptState
> state
) {
377 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
380 void DoEncrypt(scoped_ptr
<EncryptState
> passed_state
) {
381 EncryptState
* state
= passed_state
.get();
382 if (state
->cancelled())
385 webcrypto::Encrypt(state
->algorithm
, state
->key
,
386 webcrypto::CryptoData(state
->data
), &state
->buffer
);
387 state
->origin_thread
->PostTask(
388 FROM_HERE
, base::Bind(DoEncryptReply
, Passed(&passed_state
)));
391 void DoDecryptReply(scoped_ptr
<DecryptState
> state
) {
392 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
395 void DoDecrypt(scoped_ptr
<DecryptState
> passed_state
) {
396 DecryptState
* state
= passed_state
.get();
397 if (state
->cancelled())
400 webcrypto::Decrypt(state
->algorithm
, state
->key
,
401 webcrypto::CryptoData(state
->data
), &state
->buffer
);
402 state
->origin_thread
->PostTask(
403 FROM_HERE
, base::Bind(DoDecryptReply
, Passed(&passed_state
)));
406 void DoDigestReply(scoped_ptr
<DigestState
> state
) {
407 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
410 void DoDigest(scoped_ptr
<DigestState
> passed_state
) {
411 DigestState
* state
= passed_state
.get();
412 if (state
->cancelled())
414 state
->status
= webcrypto::Digest(
415 state
->algorithm
, webcrypto::CryptoData(state
->data
), &state
->buffer
);
416 state
->origin_thread
->PostTask(
417 FROM_HERE
, base::Bind(DoDigestReply
, Passed(&passed_state
)));
420 void DoGenerateKeyReply(scoped_ptr
<GenerateKeyState
> state
) {
421 if (state
->status
.IsError()) {
422 CompleteWithError(state
->status
, &state
->result
);
424 state
->generate_key_result
.Complete(&state
->result
);
428 void DoGenerateKey(scoped_ptr
<GenerateKeyState
> passed_state
) {
429 GenerateKeyState
* state
= passed_state
.get();
430 if (state
->cancelled())
433 webcrypto::GenerateKey(state
->algorithm
, state
->extractable
,
434 state
->usages
, &state
->generate_key_result
);
435 state
->origin_thread
->PostTask(
436 FROM_HERE
, base::Bind(DoGenerateKeyReply
, Passed(&passed_state
)));
439 void DoImportKeyReply(scoped_ptr
<ImportKeyState
> state
) {
440 CompleteWithKeyOrError(state
->status
, state
->key
, &state
->result
);
443 void DoImportKey(scoped_ptr
<ImportKeyState
> passed_state
) {
444 ImportKeyState
* state
= passed_state
.get();
445 if (state
->cancelled())
447 state
->status
= webcrypto::ImportKey(
448 state
->format
, webcrypto::CryptoData(state
->key_data
), state
->algorithm
,
449 state
->extractable
, state
->usages
, &state
->key
);
450 if (state
->status
.IsSuccess()) {
451 DCHECK(state
->key
.handle());
452 DCHECK(!state
->key
.algorithm().isNull());
453 DCHECK_EQ(state
->extractable
, state
->key
.extractable());
456 state
->origin_thread
->PostTask(
457 FROM_HERE
, base::Bind(DoImportKeyReply
, Passed(&passed_state
)));
460 void DoExportKeyReply(scoped_ptr
<ExportKeyState
> state
) {
461 if (state
->format
!= blink::WebCryptoKeyFormatJwk
) {
462 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
466 if (state
->status
.IsError()) {
467 CompleteWithError(state
->status
, &state
->result
);
469 state
->result
.completeWithJson(
470 reinterpret_cast<const char*>(vector_as_array(&state
->buffer
)),
471 state
->buffer
.size());
475 void DoExportKey(scoped_ptr
<ExportKeyState
> passed_state
) {
476 ExportKeyState
* state
= passed_state
.get();
477 if (state
->cancelled())
480 webcrypto::ExportKey(state
->format
, state
->key
, &state
->buffer
);
481 state
->origin_thread
->PostTask(
482 FROM_HERE
, base::Bind(DoExportKeyReply
, Passed(&passed_state
)));
485 void DoSignReply(scoped_ptr
<SignState
> state
) {
486 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
489 void DoSign(scoped_ptr
<SignState
> passed_state
) {
490 SignState
* state
= passed_state
.get();
491 if (state
->cancelled())
494 webcrypto::Sign(state
->algorithm
, state
->key
,
495 webcrypto::CryptoData(state
->data
), &state
->buffer
);
497 state
->origin_thread
->PostTask(
498 FROM_HERE
, base::Bind(DoSignReply
, Passed(&passed_state
)));
501 void DoVerifyReply(scoped_ptr
<VerifySignatureState
> state
) {
502 if (state
->status
.IsError()) {
503 CompleteWithError(state
->status
, &state
->result
);
505 state
->result
.completeWithBoolean(state
->verify_result
);
509 void DoVerify(scoped_ptr
<VerifySignatureState
> passed_state
) {
510 VerifySignatureState
* state
= passed_state
.get();
511 if (state
->cancelled())
513 state
->status
= webcrypto::Verify(
514 state
->algorithm
, state
->key
, webcrypto::CryptoData(state
->signature
),
515 webcrypto::CryptoData(state
->data
), &state
->verify_result
);
517 state
->origin_thread
->PostTask(
518 FROM_HERE
, base::Bind(DoVerifyReply
, Passed(&passed_state
)));
521 void DoWrapKeyReply(scoped_ptr
<WrapKeyState
> state
) {
522 CompleteWithBufferOrError(state
->status
, state
->buffer
, &state
->result
);
525 void DoWrapKey(scoped_ptr
<WrapKeyState
> passed_state
) {
526 WrapKeyState
* state
= passed_state
.get();
527 if (state
->cancelled())
530 webcrypto::WrapKey(state
->format
, state
->key
, state
->wrapping_key
,
531 state
->wrap_algorithm
, &state
->buffer
);
533 state
->origin_thread
->PostTask(
534 FROM_HERE
, base::Bind(DoWrapKeyReply
, Passed(&passed_state
)));
537 void DoUnwrapKeyReply(scoped_ptr
<UnwrapKeyState
> state
) {
538 CompleteWithKeyOrError(state
->status
, state
->unwrapped_key
, &state
->result
);
541 void DoUnwrapKey(scoped_ptr
<UnwrapKeyState
> passed_state
) {
542 UnwrapKeyState
* state
= passed_state
.get();
543 if (state
->cancelled())
545 state
->status
= webcrypto::UnwrapKey(
546 state
->format
, webcrypto::CryptoData(state
->wrapped_key
),
547 state
->wrapping_key
, state
->unwrap_algorithm
,
548 state
->unwrapped_key_algorithm
, state
->extractable
, state
->usages
,
549 &state
->unwrapped_key
);
551 state
->origin_thread
->PostTask(
552 FROM_HERE
, base::Bind(DoUnwrapKeyReply
, Passed(&passed_state
)));
555 void DoDeriveBitsReply(scoped_ptr
<DeriveBitsState
> state
) {
556 CompleteWithBufferOrError(state
->status
, state
->derived_bytes
,
560 void DoDeriveBits(scoped_ptr
<DeriveBitsState
> passed_state
) {
561 DeriveBitsState
* state
= passed_state
.get();
562 if (state
->cancelled())
565 webcrypto::DeriveBits(state
->algorithm
, state
->base_key
,
566 state
->length_bits
, &state
->derived_bytes
);
567 state
->origin_thread
->PostTask(
568 FROM_HERE
, base::Bind(DoDeriveBitsReply
, Passed(&passed_state
)));
571 void DoDeriveKeyReply(scoped_ptr
<DeriveKeyState
> state
) {
572 CompleteWithKeyOrError(state
->status
, state
->derived_key
, &state
->result
);
575 void DoDeriveKey(scoped_ptr
<DeriveKeyState
> passed_state
) {
576 DeriveKeyState
* state
= passed_state
.get();
577 if (state
->cancelled())
579 state
->status
= webcrypto::DeriveKey(
580 state
->algorithm
, state
->base_key
, state
->import_algorithm
,
581 state
->key_length_algorithm
, state
->extractable
, state
->usages
,
582 &state
->derived_key
);
583 state
->origin_thread
->PostTask(
584 FROM_HERE
, base::Bind(DoDeriveKeyReply
, Passed(&passed_state
)));
589 WebCryptoImpl::WebCryptoImpl() {
592 WebCryptoImpl::~WebCryptoImpl() {
595 void WebCryptoImpl::encrypt(const blink::WebCryptoAlgorithm
& algorithm
,
596 const blink::WebCryptoKey
& key
,
597 const unsigned char* data
,
598 unsigned int data_size
,
599 blink::WebCryptoResult result
) {
600 DCHECK(!algorithm
.isNull());
602 scoped_ptr
<EncryptState
> state(
603 new EncryptState(algorithm
, key
, data
, data_size
, result
));
604 if (!CryptoThreadPool::PostTask(FROM_HERE
,
605 base::Bind(DoEncrypt
, Passed(&state
)))) {
606 CompleteWithThreadPoolError(&result
);
610 void WebCryptoImpl::decrypt(const blink::WebCryptoAlgorithm
& algorithm
,
611 const blink::WebCryptoKey
& key
,
612 const unsigned char* data
,
613 unsigned int data_size
,
614 blink::WebCryptoResult result
) {
615 DCHECK(!algorithm
.isNull());
617 scoped_ptr
<DecryptState
> state(
618 new DecryptState(algorithm
, key
, data
, data_size
, result
));
619 if (!CryptoThreadPool::PostTask(FROM_HERE
,
620 base::Bind(DoDecrypt
, Passed(&state
)))) {
621 CompleteWithThreadPoolError(&result
);
625 void WebCryptoImpl::digest(const blink::WebCryptoAlgorithm
& algorithm
,
626 const unsigned char* data
,
627 unsigned int data_size
,
628 blink::WebCryptoResult result
) {
629 DCHECK(!algorithm
.isNull());
631 scoped_ptr
<DigestState
> state(new DigestState(
632 algorithm
, blink::WebCryptoKey::createNull(), data
, data_size
, result
));
633 if (!CryptoThreadPool::PostTask(FROM_HERE
,
634 base::Bind(DoDigest
, Passed(&state
)))) {
635 CompleteWithThreadPoolError(&result
);
639 void WebCryptoImpl::generateKey(const blink::WebCryptoAlgorithm
& algorithm
,
641 blink::WebCryptoKeyUsageMask usages
,
642 blink::WebCryptoResult result
) {
643 DCHECK(!algorithm
.isNull());
645 scoped_ptr
<GenerateKeyState
> state(
646 new GenerateKeyState(algorithm
, extractable
, usages
, result
));
647 if (!CryptoThreadPool::PostTask(FROM_HERE
,
648 base::Bind(DoGenerateKey
, Passed(&state
)))) {
649 CompleteWithThreadPoolError(&result
);
653 void WebCryptoImpl::importKey(blink::WebCryptoKeyFormat format
,
654 const unsigned char* key_data
,
655 unsigned int key_data_size
,
656 const blink::WebCryptoAlgorithm
& algorithm
,
658 blink::WebCryptoKeyUsageMask usages
,
659 blink::WebCryptoResult result
) {
660 scoped_ptr
<ImportKeyState
> state(new ImportKeyState(
661 format
, key_data
, key_data_size
, algorithm
, extractable
, usages
, result
));
662 if (!CryptoThreadPool::PostTask(FROM_HERE
,
663 base::Bind(DoImportKey
, Passed(&state
)))) {
664 CompleteWithThreadPoolError(&result
);
668 void WebCryptoImpl::exportKey(blink::WebCryptoKeyFormat format
,
669 const blink::WebCryptoKey
& key
,
670 blink::WebCryptoResult result
) {
671 scoped_ptr
<ExportKeyState
> state(new ExportKeyState(format
, key
, result
));
672 if (!CryptoThreadPool::PostTask(FROM_HERE
,
673 base::Bind(DoExportKey
, Passed(&state
)))) {
674 CompleteWithThreadPoolError(&result
);
678 void WebCryptoImpl::sign(const blink::WebCryptoAlgorithm
& algorithm
,
679 const blink::WebCryptoKey
& key
,
680 const unsigned char* data
,
681 unsigned int data_size
,
682 blink::WebCryptoResult result
) {
683 scoped_ptr
<SignState
> state(
684 new SignState(algorithm
, key
, data
, data_size
, result
));
685 if (!CryptoThreadPool::PostTask(FROM_HERE
,
686 base::Bind(DoSign
, Passed(&state
)))) {
687 CompleteWithThreadPoolError(&result
);
691 void WebCryptoImpl::verifySignature(const blink::WebCryptoAlgorithm
& algorithm
,
692 const blink::WebCryptoKey
& key
,
693 const unsigned char* signature
,
694 unsigned int signature_size
,
695 const unsigned char* data
,
696 unsigned int data_size
,
697 blink::WebCryptoResult result
) {
698 scoped_ptr
<VerifySignatureState
> state(new VerifySignatureState(
699 algorithm
, key
, signature
, signature_size
, data
, data_size
, result
));
700 if (!CryptoThreadPool::PostTask(FROM_HERE
,
701 base::Bind(DoVerify
, Passed(&state
)))) {
702 CompleteWithThreadPoolError(&result
);
706 void WebCryptoImpl::wrapKey(blink::WebCryptoKeyFormat format
,
707 const blink::WebCryptoKey
& key
,
708 const blink::WebCryptoKey
& wrapping_key
,
709 const blink::WebCryptoAlgorithm
& wrap_algorithm
,
710 blink::WebCryptoResult result
) {
711 scoped_ptr
<WrapKeyState
> state(
712 new WrapKeyState(format
, key
, wrapping_key
, wrap_algorithm
, result
));
713 if (!CryptoThreadPool::PostTask(FROM_HERE
,
714 base::Bind(DoWrapKey
, Passed(&state
)))) {
715 CompleteWithThreadPoolError(&result
);
719 void WebCryptoImpl::unwrapKey(
720 blink::WebCryptoKeyFormat format
,
721 const unsigned char* wrapped_key
,
722 unsigned wrapped_key_size
,
723 const blink::WebCryptoKey
& wrapping_key
,
724 const blink::WebCryptoAlgorithm
& unwrap_algorithm
,
725 const blink::WebCryptoAlgorithm
& unwrapped_key_algorithm
,
727 blink::WebCryptoKeyUsageMask usages
,
728 blink::WebCryptoResult result
) {
729 scoped_ptr
<UnwrapKeyState
> state(new UnwrapKeyState(
730 format
, wrapped_key
, wrapped_key_size
, wrapping_key
, unwrap_algorithm
,
731 unwrapped_key_algorithm
, extractable
, usages
, result
));
732 if (!CryptoThreadPool::PostTask(FROM_HERE
,
733 base::Bind(DoUnwrapKey
, Passed(&state
)))) {
734 CompleteWithThreadPoolError(&result
);
738 void WebCryptoImpl::deriveBits(const blink::WebCryptoAlgorithm
& algorithm
,
739 const blink::WebCryptoKey
& base_key
,
740 unsigned int length_bits
,
741 blink::WebCryptoResult result
) {
742 scoped_ptr
<DeriveBitsState
> state(
743 new DeriveBitsState(algorithm
, base_key
, length_bits
, result
));
744 if (!CryptoThreadPool::PostTask(FROM_HERE
,
745 base::Bind(DoDeriveBits
, Passed(&state
)))) {
746 CompleteWithThreadPoolError(&result
);
750 void WebCryptoImpl::deriveKey(
751 const blink::WebCryptoAlgorithm
& algorithm
,
752 const blink::WebCryptoKey
& base_key
,
753 const blink::WebCryptoAlgorithm
& import_algorithm
,
754 const blink::WebCryptoAlgorithm
& key_length_algorithm
,
756 blink::WebCryptoKeyUsageMask usages
,
757 blink::WebCryptoResult result
) {
758 scoped_ptr
<DeriveKeyState
> state(
759 new DeriveKeyState(algorithm
, base_key
, import_algorithm
,
760 key_length_algorithm
, extractable
, usages
, result
));
761 if (!CryptoThreadPool::PostTask(FROM_HERE
,
762 base::Bind(DoDeriveKey
, Passed(&state
)))) {
763 CompleteWithThreadPoolError(&result
);
767 blink::WebCryptoDigestor
* WebCryptoImpl::createDigestor(
768 blink::WebCryptoAlgorithmId algorithm_id
) {
769 return webcrypto::CreateDigestor(algorithm_id
).release();
772 bool WebCryptoImpl::deserializeKeyForClone(
773 const blink::WebCryptoKeyAlgorithm
& algorithm
,
774 blink::WebCryptoKeyType type
,
776 blink::WebCryptoKeyUsageMask usages
,
777 const unsigned char* key_data
,
778 unsigned key_data_size
,
779 blink::WebCryptoKey
& key
) {
780 return webcrypto::DeserializeKeyForClone(
781 algorithm
, type
, extractable
, usages
,
782 webcrypto::CryptoData(key_data
, key_data_size
), &key
);
785 bool WebCryptoImpl::serializeKeyForClone(
786 const blink::WebCryptoKey
& key
,
787 blink::WebVector
<unsigned char>& key_data
) {
788 return webcrypto::SerializeKeyForClone(key
, &key_data
);
791 } // namespace content