| Index: Source/modules/crypto/SubtleCrypto.cpp
|
| diff --git a/Source/modules/crypto/SubtleCrypto.cpp b/Source/modules/crypto/SubtleCrypto.cpp
|
| index 94919219f609354d48cff08840a34f115bc15c5a..1b2ea95c5352620101ad5e6a78cae9099accc73f 100644
|
| --- a/Source/modules/crypto/SubtleCrypto.cpp
|
| +++ b/Source/modules/crypto/SubtleCrypto.cpp
|
| @@ -40,6 +40,7 @@
|
| #include "modules/crypto/NormalizeAlgorithm.h"
|
| #include "public/platform/Platform.h"
|
| #include "public/platform/WebCrypto.h"
|
| +#include "public/platform/WebCryptoAlgorithmParams.h"
|
| #include "wtf/ArrayBufferView.h"
|
|
|
| namespace WebCore {
|
| @@ -50,12 +51,54 @@ namespace WebCore {
|
|
|
| namespace {
|
|
|
| -bool keyCanBeUsedForAlgorithm(const WebKit::WebCryptoKey& key, const WebKit::WebCryptoAlgorithm& algorithm, ExceptionState& es)
|
| +WebKit::WebCryptoKeyUsageMask toKeyUsage(AlgorithmOperation operation)
|
| {
|
| - // FIXME: Need to enforce that the key's algorithm matches the operation,
|
| - // and that the key's usages allow it to be used with this operation.
|
| - notImplemented();
|
| - return true;
|
| + switch (operation) {
|
| + case Encrypt:
|
| + return WebKit::WebCryptoKeyUsageEncrypt;
|
| + case Decrypt:
|
| + return WebKit::WebCryptoKeyUsageDecrypt;
|
| + case Sign:
|
| + return WebKit::WebCryptoKeyUsageSign;
|
| + case Verify:
|
| + return WebKit::WebCryptoKeyUsageVerify;
|
| + case DeriveKey:
|
| + return WebKit::WebCryptoKeyUsageDeriveKey;
|
| + case WrapKey:
|
| + return WebKit::WebCryptoKeyUsageWrapKey;
|
| + case UnwrapKey:
|
| + return WebKit::WebCryptoKeyUsageUnwrapKey;
|
| + case Digest:
|
| + case GenerateKey:
|
| + case ImportKey:
|
| + case NumberOfAlgorithmOperations:
|
| + break;
|
| + }
|
| +
|
| + ASSERT_NOT_REACHED();
|
| + return 0;
|
| +}
|
| +
|
| +bool keyCanBeUsedForAlgorithm(const WebKit::WebCryptoKey& key, const WebKit::WebCryptoAlgorithm& algorithm, AlgorithmOperation op)
|
| +{
|
| + if (!(key.usages() & toKeyUsage(op)))
|
| + return false;
|
| +
|
| + if (key.algorithm().id() != algorithm.id())
|
| + return false;
|
| +
|
| + if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeNone)
|
| + return true;
|
| +
|
| + // Verify that the algorithm-specific parameters for the key conform to the
|
| + // algorithm.
|
| +
|
| + if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeHmacParams) {
|
| + return key.algorithm().hmacParams()->hash().id() == algorithm.hmacParams()->hash().id();
|
| + }
|
| +
|
| + ASSERT_NOT_REACHED();
|
| + return false;
|
| }
|
|
|
| PassRefPtr<CryptoOperation> createCryptoOperation(const Dictionary& rawAlgorithm, Key* key, AlgorithmOperation operationType, ExceptionState& es)
|
| @@ -77,7 +120,8 @@ PassRefPtr<CryptoOperation> createCryptoOperation(const Dictionary& rawAlgorithm
|
| return 0;
|
| }
|
|
|
| - if (!keyCanBeUsedForAlgorithm(key->key(), algorithm, es)) {
|
| + if (!keyCanBeUsedForAlgorithm(key->key(), algorithm, operationType)) {
|
| + es.throwDOMException(NotSupportedError);
|
| return 0;
|
| }
|
| }
|
|
|
Chromium Code Reviews
Issue 20843008:
WebCrypto: Check that the key can be used for given operation. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk