diff options
| author | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-05-10 02:00:26 +0000 |
|---|---|---|
| committer | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-05-10 02:00:26 +0000 |
| commit | 82ca1533fccfa2beec6bbedab766231e970e61b7 (patch) | |
| tree | 6d4e5167293b3c62f57957e86e42fe89efdc21ab | |
| parent | 991229a388e96585d2649958ef47b1ee953018ef (diff) | |
| download | chromium_src-82ca1533fccfa2beec6bbedab766231e970e61b7.zip chromium_src-82ca1533fccfa2beec6bbedab766231e970e61b7.tar.gz chromium_src-82ca1533fccfa2beec6bbedab766231e970e61b7.tar.bz2 | |
[refactor] Change ordering of wrapkey parameters
crypto.subtle.wrapKey() orders the key to be wrapped before the wrapping key. Use the same convention throughout webcrypto code to avoid confusion.
BUG=245025
Review URL: https://codereview.chromium.org/272033003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269478 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | content/child/webcrypto/platform_crypto.h | 12 | ||||
| -rw-r--r-- | content/child/webcrypto/platform_crypto_nss.cc | 8 | ||||
| -rw-r--r-- | content/child/webcrypto/platform_crypto_openssl.cc | 8 | ||||
| -rw-r--r-- | content/child/webcrypto/shared_crypto.cc | 16 | ||||
| -rw-r--r-- | content/child/webcrypto/shared_crypto.h | 2 | ||||
| -rw-r--r-- | content/child/webcrypto/shared_crypto_unittest.cc | 10 | ||||
| -rw-r--r-- | content/child/webcrypto/webcrypto_impl.cc | 4 |
7 files changed, 29 insertions, 31 deletions
diff --git a/content/child/webcrypto/platform_crypto.h b/content/child/webcrypto/platform_crypto.h index accebe7..b9f429c 100644 --- a/content/child/webcrypto/platform_crypto.h +++ b/content/child/webcrypto/platform_crypto.h @@ -229,10 +229,10 @@ Status ExportKeyPkcs8(PrivateKey* key, std::vector<uint8>* buffer); // Preconditions: -// * |wrapping_key| is non-null // * |key| is non-null -Status WrapSymKeyAesKw(SymKey* wrapping_key, - SymKey* key, +// * |wrapping_key| is non-null +Status WrapSymKeyAesKw(SymKey* key, + SymKey* wrapping_key, std::vector<uint8>* buffer); // Unwraps (decrypts) |wrapped_key_data| using AES-KW and places the results in @@ -263,10 +263,10 @@ Status DecryptAesKw(SymKey* key, std::vector<uint8>* buffer); // Preconditions: -// * |wrapping_key| is non-null // * |key| is non-null -Status WrapSymKeyRsaEs(PublicKey* wrapping_key, - SymKey* key, +// * |wrapping_key| is non-null +Status WrapSymKeyRsaEs(SymKey* key, + PublicKey* wrapping_key, std::vector<uint8>* buffer); // Preconditions: diff --git a/content/child/webcrypto/platform_crypto_nss.cc b/content/child/webcrypto/platform_crypto_nss.cc index 65dbb2f..eebd9e0 100644 --- a/content/child/webcrypto/platform_crypto_nss.cc +++ b/content/child/webcrypto/platform_crypto_nss.cc @@ -1494,8 +1494,8 @@ Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm, return Status::Success(); } -Status WrapSymKeyAesKw(SymKey* wrapping_key, - SymKey* key, +Status WrapSymKeyAesKw(SymKey* key, + SymKey* wrapping_key, std::vector<uint8>* buffer) { // The data size must be at least 16 bytes and a multiple of 8 bytes. // RFC 3394 does not specify a maximum allowed data length, but since only @@ -1594,8 +1594,8 @@ Status DecryptAesKw(SymKey* wrapping_key, return Status::Success(); } -Status WrapSymKeyRsaEs(PublicKey* wrapping_key, - SymKey* key, +Status WrapSymKeyRsaEs(SymKey* key, + PublicKey* wrapping_key, std::vector<uint8>* buffer) { // Check the raw length of the key to be wrapped against the max size allowed // by the RSA wrapping key. With PKCS#1 v1.5 padding used in this function, diff --git a/content/child/webcrypto/platform_crypto_openssl.cc b/content/child/webcrypto/platform_crypto_openssl.cc index 1f2bebe..1f520e8 100644 --- a/content/child/webcrypto/platform_crypto_openssl.cc +++ b/content/child/webcrypto/platform_crypto_openssl.cc @@ -462,8 +462,8 @@ Status ExportRsaPublicKey(PublicKey* key, return Status::ErrorUnsupported(); } -Status WrapSymKeyAesKw(SymKey* wrapping_key, - SymKey* key, +Status WrapSymKeyAesKw(SymKey* key, + SymKey* wrapping_key, std::vector<uint8>* buffer) { // TODO(eroman): http://crbug.com/267888 return Status::ErrorUnsupported(); @@ -486,8 +486,8 @@ Status DecryptAesKw(SymKey* key, return Status::ErrorUnsupported(); } -Status WrapSymKeyRsaEs(PublicKey* wrapping_key, - SymKey* key, +Status WrapSymKeyRsaEs(SymKey* key, + PublicKey* wrapping_key, std::vector<uint8>* buffer) { // TODO(eroman): http://crbug.com/267888 return Status::ErrorUnsupported(); diff --git a/content/child/webcrypto/shared_crypto.cc b/content/child/webcrypto/shared_crypto.cc index 81c66cf..7d4704f 100644 --- a/content/child/webcrypto/shared_crypto.cc +++ b/content/child/webcrypto/shared_crypto.cc @@ -375,8 +375,8 @@ Status UnwrapKeyRaw(const CryptoData& wrapped_key_data, } } -Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key, - const blink::WebCryptoKey& key_to_wrap, +Status WrapKeyRaw(const blink::WebCryptoKey& key_to_wrap, + const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoAlgorithm& wrapping_algorithm, std::vector<uint8>* buffer) { // A raw key is always a symmetric key. @@ -393,7 +393,7 @@ Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key, if (status.IsError()) return status; return platform::WrapSymKeyAesKw( - platform_wrapping_key, platform_key, buffer); + platform_key, platform_wrapping_key, buffer); } case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: { platform::PublicKey* platform_wrapping_key; @@ -401,7 +401,7 @@ Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key, if (status.IsError()) return status; return platform::WrapSymKeyRsaEs( - platform_wrapping_key, platform_key, buffer); + platform_key, platform_wrapping_key, buffer); } default: return Status::ErrorUnsupported(); @@ -484,8 +484,8 @@ Status UnwrapKeyDecryptAndImport( Status WrapKeyExportAndEncrypt( blink::WebCryptoKeyFormat format, - const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoKey& key_to_wrap, + const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoAlgorithm& wrapping_algorithm, std::vector<uint8>* buffer) { std::vector<uint8> exported_data; @@ -751,8 +751,8 @@ Status VerifySignature(const blink::WebCryptoAlgorithm& algorithm, } Status WrapKey(blink::WebCryptoKeyFormat format, - const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoKey& key_to_wrap, + const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoAlgorithm& wrapping_algorithm, std::vector<uint8>* buffer) { if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageWrapKey)) @@ -762,10 +762,10 @@ Status WrapKey(blink::WebCryptoKeyFormat format, switch (format) { case blink::WebCryptoKeyFormatRaw: - return WrapKeyRaw(wrapping_key, key_to_wrap, wrapping_algorithm, buffer); + return WrapKeyRaw(key_to_wrap, wrapping_key, wrapping_algorithm, buffer); case blink::WebCryptoKeyFormatJwk: return WrapKeyExportAndEncrypt( - format, wrapping_key, key_to_wrap, wrapping_algorithm, buffer); + format, key_to_wrap, wrapping_key, wrapping_algorithm, buffer); case blink::WebCryptoKeyFormatSpki: case blink::WebCryptoKeyFormatPkcs8: return Status::ErrorUnsupported(); // TODO(padolph) diff --git a/content/child/webcrypto/shared_crypto.h b/content/child/webcrypto/shared_crypto.h index d2eaa91..3af025f 100644 --- a/content/child/webcrypto/shared_crypto.h +++ b/content/child/webcrypto/shared_crypto.h @@ -131,8 +131,8 @@ CONTENT_EXPORT Status CONTENT_EXPORT Status WrapKey(blink::WebCryptoKeyFormat format, - const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoKey& key_to_wrap, + const blink::WebCryptoKey& wrapping_key, const blink::WebCryptoAlgorithm& wrapping_algorithm, std::vector<uint8>* buffer); diff --git a/content/child/webcrypto/shared_crypto_unittest.cc b/content/child/webcrypto/shared_crypto_unittest.cc index 20f1ad5..de21c23 100644 --- a/content/child/webcrypto/shared_crypto_unittest.cc +++ b/content/child/webcrypto/shared_crypto_unittest.cc @@ -2764,8 +2764,8 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) { std::vector<uint8> wrapped_key; ASSERT_EQ(Status::Success(), WrapKey(blink::WebCryptoKeyFormatRaw, - wrapping_key, key, + wrapping_key, wrapping_algorithm, &wrapped_key)); EXPECT_BYTES_EQ(test_ciphertext, wrapped_key); @@ -3163,8 +3163,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) { std::vector<uint8> wrapped_key; ASSERT_EQ(Status::Success(), WrapKey(blink::WebCryptoKeyFormatRaw, - public_key, key, + public_key, algorithm, &wrapped_key)); @@ -3240,8 +3240,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { std::vector<uint8> wrapped_key; EXPECT_EQ(Status::ErrorUnexpectedKeyType(), WrapKey(blink::WebCryptoKeyFormatRaw, - private_key, key, + private_key, wrapping_algorithm, &wrapped_key)); @@ -3262,8 +3262,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) { &big_key)); EXPECT_EQ(Status::ErrorDataTooLarge(), WrapKey(blink::WebCryptoKeyFormatRaw, - public_key, big_key, + public_key, wrapping_algorithm, &wrapped_key)); @@ -3383,8 +3383,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) { std::vector<uint8> wrapped_data; ASSERT_EQ(Status::Success(), WrapKey(blink::WebCryptoKeyFormatJwk, - public_wrapping_key, key_to_wrap, + public_wrapping_key, wrapping_algorithm, &wrapped_data)); diff --git a/content/child/webcrypto/webcrypto_impl.cc b/content/child/webcrypto/webcrypto_impl.cc index 8891689..04e031b 100644 --- a/content/child/webcrypto/webcrypto_impl.cc +++ b/content/child/webcrypto/webcrypto_impl.cc @@ -519,11 +519,9 @@ void DoWrapKeyReply(scoped_ptr<WrapKeyState> state) { void DoWrapKey(scoped_ptr<WrapKeyState> passed_state) { WrapKeyState* state = passed_state.get(); - // TODO(eroman): The parameter ordering of webcrypto::WrapKey() is - // inconsistent with that of blink::WebCrypto::wrapKey(). state->status = webcrypto::WrapKey(state->format, - state->wrapping_key, state->key, + state->wrapping_key, state->wrap_algorithm, &state->buffer); |