1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include "config.h"
32 #include "modules/crypto/CryptoKey.h"
33
34 #include "bindings/core/v8/ExceptionState.h"
35 #include "core/dom/ExceptionCode.h"
36 #include "platform/CryptoResult.h"
37 #include "public/platform/WebCryptoAlgorithmParams.h"
38 #include "public/platform/WebCryptoKeyAlgorithm.h"
39 #include "public/platform/WebString.h"
40
41 namespace blink {
42
43 namespace {
44
keyTypeToString(WebCryptoKeyType type)45 const char* keyTypeToString(WebCryptoKeyType type)
46 {
47 switch (type) {
48 case WebCryptoKeyTypeSecret:
49 return "secret";
50 case WebCryptoKeyTypePublic:
51 return "public";
52 case WebCryptoKeyTypePrivate:
53 return "private";
54 }
55 ASSERT_NOT_REACHED();
56 return 0;
57 }
58
59 struct KeyUsageMapping {
60 WebCryptoKeyUsage value;
61 const char* const name;
62 };
63
64 // The order of this array is the same order that will appear in
65 // CryptoKey.usages. It must be kept ordered as described by the Web Crypto
66 // spec.
67 const KeyUsageMapping keyUsageMappings[] = {
68 { WebCryptoKeyUsageEncrypt, "encrypt" },
69 { WebCryptoKeyUsageDecrypt, "decrypt" },
70 { WebCryptoKeyUsageSign, "sign" },
71 { WebCryptoKeyUsageVerify, "verify" },
72 { WebCryptoKeyUsageDeriveKey, "deriveKey" },
73 { WebCryptoKeyUsageDeriveBits, "deriveBits" },
74 { WebCryptoKeyUsageWrapKey, "wrapKey" },
75 { WebCryptoKeyUsageUnwrapKey, "unwrapKey" },
76 };
77
78 COMPILE_ASSERT(EndOfWebCryptoKeyUsage == (1 << 7) + 1, update_keyUsageMappings);
79
keyUsageToString(WebCryptoKeyUsage usage)80 const char* keyUsageToString(WebCryptoKeyUsage usage)
81 {
82 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
83 if (keyUsageMappings[i].value == usage)
84 return keyUsageMappings[i].name;
85 }
86 ASSERT_NOT_REACHED();
87 return 0;
88 }
89
keyUsageStringToMask(const String & usageString)90 WebCryptoKeyUsageMask keyUsageStringToMask(const String& usageString)
91 {
92 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
93 if (keyUsageMappings[i].name == usageString)
94 return keyUsageMappings[i].value;
95 }
96 return 0;
97 }
98
toKeyUsage(WebCryptoOperation operation)99 WebCryptoKeyUsageMask toKeyUsage(WebCryptoOperation operation)
100 {
101 switch (operation) {
102 case WebCryptoOperationEncrypt:
103 return WebCryptoKeyUsageEncrypt;
104 case WebCryptoOperationDecrypt:
105 return WebCryptoKeyUsageDecrypt;
106 case WebCryptoOperationSign:
107 return WebCryptoKeyUsageSign;
108 case WebCryptoOperationVerify:
109 return WebCryptoKeyUsageVerify;
110 case WebCryptoOperationDeriveKey:
111 return WebCryptoKeyUsageDeriveKey;
112 case WebCryptoOperationDeriveBits:
113 return WebCryptoKeyUsageDeriveBits;
114 case WebCryptoOperationWrapKey:
115 return WebCryptoKeyUsageWrapKey;
116 case WebCryptoOperationUnwrapKey:
117 return WebCryptoKeyUsageUnwrapKey;
118 case WebCryptoOperationDigest:
119 case WebCryptoOperationGenerateKey:
120 case WebCryptoOperationImportKey:
121 break;
122 }
123
124 ASSERT_NOT_REACHED();
125 return 0;
126 }
127
128 } // namespace
129
~CryptoKey()130 CryptoKey::~CryptoKey()
131 {
132 }
133
CryptoKey(const WebCryptoKey & key)134 CryptoKey::CryptoKey(const WebCryptoKey& key)
135 : m_key(key)
136 {
137 }
138
type() const139 String CryptoKey::type() const
140 {
141 return keyTypeToString(m_key.type());
142 }
143
extractable() const144 bool CryptoKey::extractable() const
145 {
146 return m_key.extractable();
147 }
148
149 // FIXME: This creates a new javascript array each time. What should happen
150 // instead is return the same (immutable) array. (Javascript callers can
151 // distinguish this by doing an == test on the arrays and seeing they are
152 // different).
usages() const153 Vector<String> CryptoKey::usages() const
154 {
155 Vector<String> result;
156 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
157 WebCryptoKeyUsage usage = keyUsageMappings[i].value;
158 if (m_key.usages() & usage)
159 result.append(keyUsageToString(usage));
160 }
161 return result;
162 }
163
canBeUsedForAlgorithm(const WebCryptoAlgorithm & algorithm,WebCryptoOperation op,CryptoResult * result) const164 bool CryptoKey::canBeUsedForAlgorithm(const WebCryptoAlgorithm& algorithm, WebCryptoOperation op, CryptoResult* result) const
165 {
166 if (!(m_key.usages() & toKeyUsage(op))) {
167 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key.usages does not permit this operation");
168 return false;
169 }
170
171 if (m_key.algorithm().id() != algorithm.id()) {
172 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key.algorithm does not match that of operation");
173 return false;
174 }
175
176 return true;
177 }
178
parseFormat(const String & formatString,WebCryptoKeyFormat & format,CryptoResult * result)179 bool CryptoKey::parseFormat(const String& formatString, WebCryptoKeyFormat& format, CryptoResult* result)
180 {
181 // There are few enough values that testing serially is fast enough.
182 if (formatString == "raw") {
183 format = WebCryptoKeyFormatRaw;
184 return true;
185 }
186 if (formatString == "pkcs8") {
187 format = WebCryptoKeyFormatPkcs8;
188 return true;
189 }
190 if (formatString == "spki") {
191 format = WebCryptoKeyFormatSpki;
192 return true;
193 }
194 if (formatString == "jwk") {
195 format = WebCryptoKeyFormatJwk;
196 return true;
197 }
198
199 result->completeWithError(WebCryptoErrorTypeSyntax, "Invalid keyFormat argument");
200 return false;
201 }
202
parseUsageMask(const Vector<String> & usages,WebCryptoKeyUsageMask & mask,CryptoResult * result)203 bool CryptoKey::parseUsageMask(const Vector<String>& usages, WebCryptoKeyUsageMask& mask, CryptoResult* result)
204 {
205 mask = 0;
206 for (size_t i = 0; i < usages.size(); ++i) {
207 WebCryptoKeyUsageMask usage = keyUsageStringToMask(usages[i]);
208 if (!usage) {
209 result->completeWithError(WebCryptoErrorTypeSyntax, "Invalid keyUsages argument");
210 return false;
211 }
212 mask |= usage;
213 }
214 return true;
215 }
216
217 } // namespace blink
218