diff options
| author | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-19 06:38:58 +0000 |
|---|---|---|
| committer | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-19 06:38:58 +0000 |
| commit | 47906695be00f5d8316a4e58f6fa2fdb63d92186 (patch) | |
| tree | 83b26ff7e208e67ec4b1a4ff5853766087b4df21 /content/child/webcrypto | |
| parent | e097b93086bf7be065d7400aece5edad6aca1bd6 (diff) | |
| download | chromium_src-47906695be00f5d8316a4e58f6fa2fdb63d92186.zip chromium_src-47906695be00f5d8316a4e58f6fa2fdb63d92186.tar.gz chromium_src-47906695be00f5d8316a4e58f6fa2fdb63d92186.tar.bz2 | |
[webcrypto] Add length parameter to HmacKeyAlgorithm. (chromium)
Matches a planned change to the spec:
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25094
Blink side of this change: https://codereview.chromium.org/204013006/
BUG=245025
Review URL: https://codereview.chromium.org/203303006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257878 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/child/webcrypto')
| -rw-r--r-- | content/child/webcrypto/shared_crypto_unittest.cc | 22 | ||||
| -rw-r--r-- | content/child/webcrypto/webcrypto_util.cc | 13 | ||||
| -rw-r--r-- | content/child/webcrypto/webcrypto_util.h | 2 |
3 files changed, 34 insertions, 3 deletions
diff --git a/content/child/webcrypto/shared_crypto_unittest.cc b/content/child/webcrypto/shared_crypto_unittest.cc index 55c3bb7..814a26f 100644 --- a/content/child/webcrypto/shared_crypto_unittest.cc +++ b/content/child/webcrypto/shared_crypto_unittest.cc @@ -675,6 +675,9 @@ TEST_F(SharedCryptoTest, HMACSampleSets) { blink::WebCryptoKeyUsageSign | blink::WebCryptoKeyUsageVerify); EXPECT_EQ(test_hash.id(), key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(test_key.size() * 8, key.algorithm().hmacParams()->lengthBits()); +#endif // Verify exported raw key is identical to the imported data blink::WebArrayBuffer raw_key; @@ -955,6 +958,9 @@ TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmac)) { EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); +#endif blink::WebArrayBuffer raw_key; ASSERT_STATUS_SUCCESS( @@ -975,6 +981,12 @@ TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); EXPECT_TRUE(key.handle()); EXPECT_EQ(blink::WebCryptoKeyTypeSecret, key.type()); + EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); + EXPECT_EQ(blink::WebCryptoAlgorithmIdSha1, + key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(512u, key.algorithm().hmacParams()->lengthBits()); +#endif blink::WebArrayBuffer raw_key; ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); EXPECT_EQ(64U, raw_key.byteLength()); @@ -982,8 +994,12 @@ TEST_F(SharedCryptoTest, MAYBE(GenerateKeyHmacNoLength)) { // The block size for HMAC SHA-512 is larger. algorithm = CreateHmacKeyGenAlgorithm(blink::WebCryptoAlgorithmIdSha512, 0); ASSERT_STATUS_SUCCESS(GenerateSecretKey(algorithm, true, 0, &key)); + EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); EXPECT_EQ(blink::WebCryptoAlgorithmIdSha512, key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(1024u, key.algorithm().hmacParams()->lengthBits()); +#endif ASSERT_STATUS_SUCCESS(ExportKey(blink::WebCryptoKeyFormatRaw, key, &raw_key)); EXPECT_EQ(128U, raw_key.byteLength()); } @@ -1360,6 +1376,9 @@ TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) { EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, key.algorithm().id()); EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(320u, key.algorithm().hmacParams()->lengthBits()); +#endif EXPECT_EQ(blink::WebCryptoKeyUsageVerify, key.usages()); key = blink::WebCryptoKey::createNull(); @@ -2618,6 +2637,9 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwJwkSymkeyUnwrapKnownData)) { EXPECT_EQ(blink::WebCryptoAlgorithmIdHmac, unwrapped_key.algorithm().id()); EXPECT_EQ(blink::WebCryptoAlgorithmIdSha256, unwrapped_key.algorithm().hmacParams()->hash().id()); +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + EXPECT_EQ(256u, unwrapped_key.algorithm().hmacParams()->lengthBits()); +#endif EXPECT_EQ(true, unwrapped_key.extractable()); EXPECT_EQ(blink::WebCryptoKeyUsageVerify, unwrapped_key.usages()); diff --git a/content/child/webcrypto/webcrypto_util.cc b/content/child/webcrypto/webcrypto_util.cc index 5e5fc8e..4574d3c 100644 --- a/content/child/webcrypto/webcrypto_util.cc +++ b/content/child/webcrypto/webcrypto_util.cc @@ -377,15 +377,24 @@ unsigned int ShaBlockSizeBytes(blink::WebCryptoAlgorithmId hash_id) { } bool CreateSecretKeyAlgorithm(const blink::WebCryptoAlgorithm& algorithm, - unsigned keylen_bytes, + unsigned int keylen_bytes, blink::WebCryptoKeyAlgorithm* key_algorithm) { switch (algorithm.id()) { case blink::WebCryptoAlgorithmIdHmac: { blink::WebCryptoAlgorithm hash = GetInnerHashAlgorithm(algorithm); if (hash.isNull()) return false; +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + if (keylen_bytes > UINT_MAX / 8) + return false; +#endif *key_algorithm = blink::WebCryptoKeyAlgorithm::adoptParamsAndCreate( - algorithm.id(), new blink::WebCryptoHmacKeyAlgorithmParams(hash)); + algorithm.id(), +#if defined(WEBCRYPTO_HMAC_KEY_HAS_LENGTH) + new blink::WebCryptoHmacKeyAlgorithmParams(hash, keylen_bytes * 8)); +#else + new blink::WebCryptoHmacKeyAlgorithmParams(hash)); +#endif return true; } case blink::WebCryptoAlgorithmIdAesKw: diff --git a/content/child/webcrypto/webcrypto_util.h b/content/child/webcrypto/webcrypto_util.h index 98160b5..1ca3a17 100644 --- a/content/child/webcrypto/webcrypto_util.h +++ b/content/child/webcrypto/webcrypto_util.h @@ -287,7 +287,7 @@ blink::WebCryptoAlgorithm CreateRsaOaepImportAlgorithm( unsigned int ShaBlockSizeBytes(blink::WebCryptoAlgorithmId hash_id); bool CreateSecretKeyAlgorithm(const blink::WebCryptoAlgorithm& algorithm, - unsigned keylen_bytes, + unsigned int keylen_bytes, blink::WebCryptoKeyAlgorithm* key_algorithm); } // namespace webcrypto |