1 /* 2 * Copyright (C) 2013 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include "config.h" 32 #include "modules/crypto/CryptoKey.h" 33 34 #include "bindings/core/v8/ExceptionState.h" 35 #include "core/dom/ExceptionCode.h" 36 #include "platform/CryptoResult.h" 37 #include "public/platform/WebCryptoAlgorithmParams.h" 38 #include "public/platform/WebCryptoKeyAlgorithm.h" 39 #include "public/platform/WebString.h" 40 41 namespace blink { 42 43 namespace { 44 45 const char* keyTypeToString(WebCryptoKeyType type) 46 { 47 switch (type) { 48 case WebCryptoKeyTypeSecret: 49 return "secret"; 50 case WebCryptoKeyTypePublic: 51 return "public"; 52 case WebCryptoKeyTypePrivate: 53 return "private"; 54 } 55 ASSERT_NOT_REACHED(); 56 return 0; 57 } 58 59 struct KeyUsageMapping { 60 WebCryptoKeyUsage value; 61 const char* const name; 62 }; 63 64 // The order of this array is the same order that will appear in 65 // CryptoKey.usages. It must be kept ordered as described by the Web Crypto 66 // spec. 67 const KeyUsageMapping keyUsageMappings[] = { 68 { WebCryptoKeyUsageEncrypt, "encrypt" }, 69 { WebCryptoKeyUsageDecrypt, "decrypt" }, 70 { WebCryptoKeyUsageSign, "sign" }, 71 { WebCryptoKeyUsageVerify, "verify" }, 72 { WebCryptoKeyUsageDeriveKey, "deriveKey" }, 73 { WebCryptoKeyUsageDeriveBits, "deriveBits" }, 74 { WebCryptoKeyUsageWrapKey, "wrapKey" }, 75 { WebCryptoKeyUsageUnwrapKey, "unwrapKey" }, 76 }; 77 78 COMPILE_ASSERT(EndOfWebCryptoKeyUsage == (1 << 7) + 1, update_keyUsageMappings); 79 80 const char* keyUsageToString(WebCryptoKeyUsage usage) 81 { 82 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) { 83 if (keyUsageMappings[i].value == usage) 84 return keyUsageMappings[i].name; 85 } 86 ASSERT_NOT_REACHED(); 87 return 0; 88 } 89 90 WebCryptoKeyUsageMask keyUsageStringToMask(const String& usageString) 91 { 92 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) { 93 if (keyUsageMappings[i].name == usageString) 94 return keyUsageMappings[i].value; 95 } 96 return 0; 97 } 98 99 WebCryptoKeyUsageMask toKeyUsage(WebCryptoOperation operation) 100 { 101 switch (operation) { 102 case WebCryptoOperationEncrypt: 103 return WebCryptoKeyUsageEncrypt; 104 case WebCryptoOperationDecrypt: 105 return WebCryptoKeyUsageDecrypt; 106 case WebCryptoOperationSign: 107 return WebCryptoKeyUsageSign; 108 case WebCryptoOperationVerify: 109 return WebCryptoKeyUsageVerify; 110 case WebCryptoOperationDeriveKey: 111 return WebCryptoKeyUsageDeriveKey; 112 case WebCryptoOperationDeriveBits: 113 return WebCryptoKeyUsageDeriveBits; 114 case WebCryptoOperationWrapKey: 115 return WebCryptoKeyUsageWrapKey; 116 case WebCryptoOperationUnwrapKey: 117 return WebCryptoKeyUsageUnwrapKey; 118 case WebCryptoOperationDigest: 119 case WebCryptoOperationGenerateKey: 120 case WebCryptoOperationImportKey: 121 break; 122 } 123 124 ASSERT_NOT_REACHED(); 125 return 0; 126 } 127 128 } // namespace 129 130 CryptoKey::~CryptoKey() 131 { 132 } 133 134 CryptoKey::CryptoKey(const WebCryptoKey& key) 135 : m_key(key) 136 { 137 } 138 139 String CryptoKey::type() const 140 { 141 return keyTypeToString(m_key.type()); 142 } 143 144 bool CryptoKey::extractable() const 145 { 146 return m_key.extractable(); 147 } 148 149 // FIXME: This creates a new javascript array each time. What should happen 150 // instead is return the same (immutable) array. (Javascript callers can 151 // distinguish this by doing an == test on the arrays and seeing they are 152 // different). 153 Vector<String> CryptoKey::usages() const 154 { 155 Vector<String> result; 156 for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) { 157 WebCryptoKeyUsage usage = keyUsageMappings[i].value; 158 if (m_key.usages() & usage) 159 result.append(keyUsageToString(usage)); 160 } 161 return result; 162 } 163 164 bool CryptoKey::canBeUsedForAlgorithm(const WebCryptoAlgorithm& algorithm, WebCryptoOperation op, CryptoResult* result) const 165 { 166 if (!(m_key.usages() & toKeyUsage(op))) { 167 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key.usages does not permit this operation"); 168 return false; 169 } 170 171 if (m_key.algorithm().id() != algorithm.id()) { 172 result->completeWithError(WebCryptoErrorTypeInvalidAccess, "key.algorithm does not match that of operation"); 173 return false; 174 } 175 176 return true; 177 } 178 179 bool CryptoKey::parseFormat(const String& formatString, WebCryptoKeyFormat& format, CryptoResult* result) 180 { 181 // There are few enough values that testing serially is fast enough. 182 if (formatString == "raw") { 183 format = WebCryptoKeyFormatRaw; 184 return true; 185 } 186 if (formatString == "pkcs8") { 187 format = WebCryptoKeyFormatPkcs8; 188 return true; 189 } 190 if (formatString == "spki") { 191 format = WebCryptoKeyFormatSpki; 192 return true; 193 } 194 if (formatString == "jwk") { 195 format = WebCryptoKeyFormatJwk; 196 return true; 197 } 198 199 result->completeWithError(WebCryptoErrorTypeSyntax, "Invalid keyFormat argument"); 200 return false; 201 } 202 203 bool CryptoKey::parseUsageMask(const Vector<String>& usages, WebCryptoKeyUsageMask& mask, CryptoResult* result) 204 { 205 mask = 0; 206 for (size_t i = 0; i < usages.size(); ++i) { 207 WebCryptoKeyUsageMask usage = keyUsageStringToMask(usages[i]); 208 if (!usage) { 209 result->completeWithError(WebCryptoErrorTypeSyntax, "Invalid keyUsages argument"); 210 return false; 211 } 212 mask |= usage; 213 } 214 return true; 215 } 216 217 } // namespace blink 218