1/*
2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 *     * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *     * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 *     * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include "config.h"
32#include "modules/crypto/Key.h"
33
34#include "bindings/v8/ExceptionState.h"
35#include "core/dom/ExceptionCode.h"
36#include "modules/crypto/KeyAlgorithm.h"
37#include "platform/CryptoResult.h"
38#include "public/platform/WebCryptoAlgorithmParams.h"
39#include "public/platform/WebString.h"
40
41namespace WebCore {
42
43namespace {
44
45const char* keyTypeToString(blink::WebCryptoKeyType type)
46{
47    switch (type) {
48    case blink::WebCryptoKeyTypeSecret:
49        return "secret";
50    case blink::WebCryptoKeyTypePublic:
51        return "public";
52    case blink::WebCryptoKeyTypePrivate:
53        return "private";
54    }
55    ASSERT_NOT_REACHED();
56    return 0;
57}
58
59struct KeyUsageMapping {
60    blink::WebCryptoKeyUsage value;
61    const char* const name;
62};
63
64// The order of this array is the same order that will appear in Key.usages. It
65// must be kept ordered as described by the Web Crypto spec.
66const KeyUsageMapping keyUsageMappings[] = {
67    { blink::WebCryptoKeyUsageEncrypt, "encrypt" },
68    { blink::WebCryptoKeyUsageDecrypt, "decrypt" },
69    { blink::WebCryptoKeyUsageSign, "sign" },
70    { blink::WebCryptoKeyUsageVerify, "verify" },
71    { blink::WebCryptoKeyUsageDeriveKey, "deriveKey" },
72    { blink::WebCryptoKeyUsageDeriveBits, "deriveBits" },
73    { blink::WebCryptoKeyUsageWrapKey, "wrapKey" },
74    { blink::WebCryptoKeyUsageUnwrapKey, "unwrapKey" },
75};
76
77COMPILE_ASSERT(blink::EndOfWebCryptoKeyUsage == (1 << 7) + 1, update_keyUsageMappings);
78
79const char* keyUsageToString(blink::WebCryptoKeyUsage usage)
80{
81    for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
82        if (keyUsageMappings[i].value == usage)
83            return keyUsageMappings[i].name;
84    }
85    ASSERT_NOT_REACHED();
86    return 0;
87}
88
89blink::WebCryptoKeyUsageMask keyUsageStringToMask(const String& usageString)
90{
91    for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
92        if (keyUsageMappings[i].name == usageString)
93            return keyUsageMappings[i].value;
94    }
95    return 0;
96}
97
98blink::WebCryptoKeyUsageMask toKeyUsage(blink::WebCryptoOperation operation)
99{
100    switch (operation) {
101    case blink::WebCryptoOperationEncrypt:
102        return blink::WebCryptoKeyUsageEncrypt;
103    case blink::WebCryptoOperationDecrypt:
104        return blink::WebCryptoKeyUsageDecrypt;
105    case blink::WebCryptoOperationSign:
106        return blink::WebCryptoKeyUsageSign;
107    case blink::WebCryptoOperationVerify:
108        return blink::WebCryptoKeyUsageVerify;
109    case blink::WebCryptoOperationDeriveKey:
110        return blink::WebCryptoKeyUsageDeriveKey;
111    case blink::WebCryptoOperationDeriveBits:
112        return blink::WebCryptoKeyUsageDeriveBits;
113    case blink::WebCryptoOperationWrapKey:
114        return blink::WebCryptoKeyUsageWrapKey;
115    case blink::WebCryptoOperationUnwrapKey:
116        return blink::WebCryptoKeyUsageUnwrapKey;
117    case blink::WebCryptoOperationDigest:
118    case blink::WebCryptoOperationGenerateKey:
119    case blink::WebCryptoOperationImportKey:
120        break;
121    }
122
123    ASSERT_NOT_REACHED();
124    return 0;
125}
126
127} // namespace
128
129Key::~Key()
130{
131}
132
133Key::Key(const blink::WebCryptoKey& key)
134    : m_key(key)
135{
136    ScriptWrappable::init(this);
137}
138
139String Key::type() const
140{
141    return keyTypeToString(m_key.type());
142}
143
144bool Key::extractable() const
145{
146    return m_key.extractable();
147}
148
149KeyAlgorithm* Key::algorithm()
150{
151    if (!m_algorithm)
152        m_algorithm = KeyAlgorithm::create(m_key.algorithm());
153    return m_algorithm.get();
154}
155
156// FIXME: This creates a new javascript array each time. What should happen
157//        instead is return the same (immutable) array. (Javascript callers can
158//        distinguish this by doing an == test on the arrays and seeing they are
159//        different).
160Vector<String> Key::usages() const
161{
162    Vector<String> result;
163    for (size_t i = 0; i < WTF_ARRAY_LENGTH(keyUsageMappings); ++i) {
164        blink::WebCryptoKeyUsage usage = keyUsageMappings[i].value;
165        if (m_key.usages() & usage)
166            result.append(keyUsageToString(usage));
167    }
168    return result;
169}
170
171bool Key::canBeUsedForAlgorithm(const blink::WebCryptoAlgorithm& algorithm, blink::WebCryptoOperation op, CryptoResult* result) const
172{
173    if (!(m_key.usages() & toKeyUsage(op))) {
174        result->completeWithError(blink::WebCryptoErrorTypeInvalidAccess, "key.usages does not permit this operation");
175        return false;
176    }
177
178    if (m_key.algorithm().id() != algorithm.id()) {
179        result->completeWithError(blink::WebCryptoErrorTypeInvalidAccess, "key.algorithm does not match that of operation");
180        return false;
181    }
182
183    return true;
184}
185
186bool Key::parseFormat(const String& formatString, blink::WebCryptoKeyFormat& format, CryptoResult* result)
187{
188    // There are few enough values that testing serially is fast enough.
189    if (formatString == "raw") {
190        format = blink::WebCryptoKeyFormatRaw;
191        return true;
192    }
193    if (formatString == "pkcs8") {
194        format = blink::WebCryptoKeyFormatPkcs8;
195        return true;
196    }
197    if (formatString == "spki") {
198        format = blink::WebCryptoKeyFormatSpki;
199        return true;
200    }
201    if (formatString == "jwk") {
202        format = blink::WebCryptoKeyFormatJwk;
203        return true;
204    }
205
206    result->completeWithError(blink::WebCryptoErrorTypeSyntax, "Invalid keyFormat argument");
207    return false;
208}
209
210bool Key::parseUsageMask(const Vector<String>& usages, blink::WebCryptoKeyUsageMask& mask, CryptoResult* result)
211{
212    mask = 0;
213    for (size_t i = 0; i < usages.size(); ++i) {
214        blink::WebCryptoKeyUsageMask usage = keyUsageStringToMask(usages[i]);
215        if (!usage) {
216            result->completeWithError(blink::WebCryptoErrorTypeSyntax, "Invalid keyUsages argument");
217            return false;
218        }
219        mask |= usage;
220    }
221    return true;
222}
223
224void Key::trace(Visitor* visitor)
225{
226    visitor->trace(m_algorithm);
227}
228
229} // namespace WebCore
230