WebCrypto: Check for HmacKeyParams when seeing if a Key can be used for an Algorithm.

Source/modules/crypto/SubtleCrypto.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 23 matching lines @@
 #include "V8Key.h" // Must precede ScriptPromiseResolver.h
 #include "bindings/v8/ExceptionState.h"
 #include "bindings/v8/custom/V8ArrayBufferCustom.h" // Must precede ScriptPromiseResolver.h
 #include "bindings/v8/ScriptPromiseResolver.h"
 #include "core/dom/ExceptionCode.h"
 #include "modules/crypto/Key.h"
 #include "modules/crypto/NormalizeAlgorithm.h"
 #include "public/platform/Platform.h"
 #include "public/platform/WebArrayBuffer.h"
 #include "public/platform/WebCrypto.h"
-#include "public/platform/WebCryptoAlgorithmParams.h"
+#include "public/platform/WebCryptoAlgorithm.h"
 #include "wtf/ArrayBufferView.h"
 
 namespace WebCore {
 
 // FIXME: asynchronous completion of CryptoResult. Need to re-enter the
 //        v8::Context before trying to fulfill the promise, and enable test.
 
 namespace {
 
 class CryptoResult : public WebKit::WebCryptoResultPrivate, public ThreadSafeRefCounted<CryptoResult> {
@@ skipping 55 matching lines @@
     void finish()
     {
         ASSERT(!m_finished);
         m_finished = true;
     }
 
     RefPtr<ScriptPromiseResolver> m_promiseResolver;
     bool m_finished;
 };
 
-WebKit::WebCryptoKeyUsageMask toKeyUsage(AlgorithmOperation operation)
-{
-    switch (operation) {
-    case Encrypt:
-        return WebKit::WebCryptoKeyUsageEncrypt;
-    case Decrypt:
-        return WebKit::WebCryptoKeyUsageDecrypt;
-    case Sign:
-        return WebKit::WebCryptoKeyUsageSign;
-    case Verify:
-        return WebKit::WebCryptoKeyUsageVerify;
-    case DeriveKey:
-        return WebKit::WebCryptoKeyUsageDeriveKey;
-    case WrapKey:
-        return WebKit::WebCryptoKeyUsageWrapKey;
-    case UnwrapKey:
-        return WebKit::WebCryptoKeyUsageUnwrapKey;
-    case Digest:
-    case GenerateKey:
-    case ImportKey:
-    case NumberOfAlgorithmOperations:
-        break;
-    }
-
-    ASSERT_NOT_REACHED();
-    return 0;
-}
-
-bool keyCanBeUsedForAlgorithm(const WebKit::WebCryptoKey& key, const WebKit::WebCryptoAlgorithm& algorithm, AlgorithmOperation op)
-{
-    if (!(key.usages() & toKeyUsage(op)))
-        return false;
-
-    if (key.algorithm().id() != algorithm.id())
-        return false;
-
-    if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeNone)
-        return true;
-
-    // Verify that the algorithm-specific parameters for the key conform to the
-    // algorithm.
-
-    if (key.algorithm().paramsType() == WebKit::WebCryptoAlgorithmParamsTypeHmacParams) {
-        return key.algorithm().hmacParams()->hash().id() == algorithm.hmacParams()->hash().id();
-    }
-
-    ASSERT_NOT_REACHED();
-    return false;
-}
-
 ScriptObject startCryptoOperation(const Dictionary& rawAlgorithm, Key* key, AlgorithmOperation operationType, ArrayBufferView* signature, ArrayBufferView* dataBuffer, ExceptionState& es)
 {
     WebKit::WebCrypto* platformCrypto = WebKit::Platform::current()->crypto();
     if (!platformCrypto) {
         es.throwDOMException(NotSupportedError);
         return ScriptObject();
     }
 
     WebKit::WebCryptoAlgorithm algorithm;
     if (!normalizeAlgorithm(rawAlgorithm, operationType, algorithm, es))
         return ScriptObject();
 
     // All operations other than Digest require a valid Key.
     if (operationType != Digest) {
         if (!key) {
             es.throwTypeError();
             return ScriptObject();
         }
 
-        if (!keyCanBeUsedForAlgorithm(key->key(), algorithm, operationType)) {
-            es.throwDOMException(NotSupportedError);
+        if (!key->canBeUsedForAlgorithm(algorithm, operationType, es))
             return ScriptObject();
-        }
     }
 
     // Only Verify takes a signature.
     if (operationType == Verify && !signature) {
         es.throwTypeError();
         return ScriptObject();
     }
 
     if (!dataBuffer) {
         es.throwTypeError();
@@ skipping 114 matching lines @@
         return ScriptObject();
 
     const unsigned char* keyDataBytes = static_cast<unsigned char*>(keyData->baseAddress());
 
     RefPtr<CryptoResult> result = CryptoResult::create();
     platformCrypto->importKey(format, keyDataBytes, keyData->byteLength(), algorithm, extractable, keyUsages, result->result());
     return result->promise();
 }
 
 } // namespace WebCore