[refactor] Change ordering of wrapkey parameters

crypto.subtle.wrapKey() orders the key to be wrapped before the wrapping key. Use the same convention throughout webcrypto code to avoid confusion. BUG=245025 Review URL: https://codereview.chromium.org/272033003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269478 0039d316-1c4b-4281-b951-d872f2087c98

[refactor] Change ordering of wrapkey parameters
crypto.subtle.wrapKey() orders the key to be wrapped before the wrapping key. Use the same convention throughout webcrypto code to avoid confusion. BUG=245025 Review URL: https://codereview.chromium.org/272033003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269478 0039d316-1c4b-4281-b951-d872f2087c98
82ca1533 · eroman@chromium.org · 991229a3 · 82ca1533 · 82ca1533 · 82ca1533
Commit 82ca1533 authored May 10, 2014 by eroman@chromium.org
7 changed files
--- a/content/child/webcrypto/platform_crypto.h
+++ b/content/child/webcrypto/platform_crypto.h
@@ -229,10 +229,10 @@ Status ExportKeyPkcs8(PrivateKey* key,
                      std::vector<uint8>* buffer);

 // Preconditions:
-//  * |wrapping_key| is non-null
 //  * |key| is non-null
-Status WrapSymKeyAesKw(SymKey* wrapping_key,
-                       SymKey* key,
+//  * |wrapping_key| is non-null
+Status WrapSymKeyAesKw(SymKey* key,
+                       SymKey* wrapping_key,
                       std::vector<uint8>* buffer);

 // Unwraps (decrypts) |wrapped_key_data| using AES-KW and places the results in
@@ -263,10 +263,10 @@ Status DecryptAesKw(SymKey* key,
                    std::vector<uint8>* buffer);

 // Preconditions:
-//  * |wrapping_key| is non-null
 //  * |key| is non-null
-Status WrapSymKeyRsaEs(PublicKey* wrapping_key,
-                       SymKey* key,
+//  * |wrapping_key| is non-null
+Status WrapSymKeyRsaEs(SymKey* key,
+                       PublicKey* wrapping_key,
                       std::vector<uint8>* buffer);

 // Preconditions:

--- a/content/child/webcrypto/platform_crypto_nss.cc
+++ b/content/child/webcrypto/platform_crypto_nss.cc
@@ -1494,8 +1494,8 @@ Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm,
  return Status::Success();
 }

-Status WrapSymKeyAesKw(SymKey* wrapping_key,
-                       SymKey* key,
+Status WrapSymKeyAesKw(SymKey* key,
+                       SymKey* wrapping_key,
                       std::vector<uint8>* buffer) {
  // The data size must be at least 16 bytes and a multiple of 8 bytes.
  // RFC 3394 does not specify a maximum allowed data length, but since only
@@ -1594,8 +1594,8 @@ Status DecryptAesKw(SymKey* wrapping_key,
  return Status::Success();
 }

-Status WrapSymKeyRsaEs(PublicKey* wrapping_key,
-                       SymKey* key,
+Status WrapSymKeyRsaEs(SymKey* key,
+                       PublicKey* wrapping_key,
                       std::vector<uint8>* buffer) {
  // Check the raw length of the key to be wrapped against the max size allowed
  // by the RSA wrapping key. With PKCS#1 v1.5 padding used in this function,

--- a/content/child/webcrypto/platform_crypto_openssl.cc
+++ b/content/child/webcrypto/platform_crypto_openssl.cc
@@ -462,8 +462,8 @@ Status ExportRsaPublicKey(PublicKey* key,
  return Status::ErrorUnsupported();
 }

-Status WrapSymKeyAesKw(SymKey* wrapping_key,
-                       SymKey* key,
+Status WrapSymKeyAesKw(SymKey* key,
+                       SymKey* wrapping_key,
                       std::vector<uint8>* buffer) {
  // TODO(eroman): http://crbug.com/267888
  return Status::ErrorUnsupported();
@@ -486,8 +486,8 @@ Status DecryptAesKw(SymKey* key,
  return Status::ErrorUnsupported();
 }

-Status WrapSymKeyRsaEs(PublicKey* wrapping_key,
-                       SymKey* key,
+Status WrapSymKeyRsaEs(SymKey* key,
+                       PublicKey* wrapping_key,
                       std::vector<uint8>* buffer) {
  // TODO(eroman): http://crbug.com/267888
  return Status::ErrorUnsupported();

--- a/content/child/webcrypto/shared_crypto.cc
+++ b/content/child/webcrypto/shared_crypto.cc
@@ -375,8 +375,8 @@ Status UnwrapKeyRaw(const CryptoData& wrapped_key_data,
  }
 }

-Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key,
-                  const blink::WebCryptoKey& key_to_wrap,
+Status WrapKeyRaw(const blink::WebCryptoKey& key_to_wrap,
+                  const blink::WebCryptoKey& wrapping_key,
                  const blink::WebCryptoAlgorithm& wrapping_algorithm,
                  std::vector<uint8>* buffer) {
  // A raw key is always a symmetric key.
@@ -393,7 +393,7 @@ Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key,
      if (status.IsError())
        return status;
      return platform::WrapSymKeyAesKw(
-          platform_wrapping_key, platform_key, buffer);
+          platform_key, platform_wrapping_key, buffer);
    }
    case blink::WebCryptoAlgorithmIdRsaEsPkcs1v1_5: {
      platform::PublicKey* platform_wrapping_key;
@@ -401,7 +401,7 @@ Status WrapKeyRaw(const blink::WebCryptoKey& wrapping_key,
      if (status.IsError())
        return status;
      return platform::WrapSymKeyRsaEs(
-          platform_wrapping_key, platform_key, buffer);
+          platform_key, platform_wrapping_key, buffer);
    }
    default:
      return Status::ErrorUnsupported();
@@ -484,8 +484,8 @@ Status UnwrapKeyDecryptAndImport(

 Status WrapKeyExportAndEncrypt(
    blink::WebCryptoKeyFormat format,
-    const blink::WebCryptoKey& wrapping_key,
    const blink::WebCryptoKey& key_to_wrap,
+    const blink::WebCryptoKey& wrapping_key,
    const blink::WebCryptoAlgorithm& wrapping_algorithm,
    std::vector<uint8>* buffer) {
  std::vector<uint8> exported_data;
@@ -751,8 +751,8 @@ Status VerifySignature(const blink::WebCryptoAlgorithm& algorithm,
 }

 Status WrapKey(blink::WebCryptoKeyFormat format,
-               const blink::WebCryptoKey& wrapping_key,
               const blink::WebCryptoKey& key_to_wrap,
+               const blink::WebCryptoKey& wrapping_key,
               const blink::WebCryptoAlgorithm& wrapping_algorithm,
               std::vector<uint8>* buffer) {
  if (!KeyUsageAllows(wrapping_key, blink::WebCryptoKeyUsageWrapKey))
@@ -762,10 +762,10 @@ Status WrapKey(blink::WebCryptoKeyFormat format,

  switch (format) {
    case blink::WebCryptoKeyFormatRaw:
-      return WrapKeyRaw(wrapping_key, key_to_wrap, wrapping_algorithm, buffer);
+      return WrapKeyRaw(key_to_wrap, wrapping_key, wrapping_algorithm, buffer);
    case blink::WebCryptoKeyFormatJwk:
      return WrapKeyExportAndEncrypt(
-          format, wrapping_key, key_to_wrap, wrapping_algorithm, buffer);
+          format, key_to_wrap, wrapping_key, wrapping_algorithm, buffer);
    case blink::WebCryptoKeyFormatSpki:
    case blink::WebCryptoKeyFormatPkcs8:
      return Status::ErrorUnsupported();  // TODO(padolph)

--- a/content/child/webcrypto/shared_crypto.h
+++ b/content/child/webcrypto/shared_crypto.h
@@ -131,8 +131,8 @@ CONTENT_EXPORT Status

 CONTENT_EXPORT Status
    WrapKey(blink::WebCryptoKeyFormat format,
-            const blink::WebCryptoKey& wrapping_key,
            const blink::WebCryptoKey& key_to_wrap,
+            const blink::WebCryptoKey& wrapping_key,
            const blink::WebCryptoAlgorithm& wrapping_algorithm,
            std::vector<uint8>* buffer);


--- a/content/child/webcrypto/shared_crypto_unittest.cc
+++ b/content/child/webcrypto/shared_crypto_unittest.cc
@@ -2764,8 +2764,8 @@ TEST_F(SharedCryptoTest, MAYBE(AesKwRawSymkeyWrapUnwrapKnownAnswer)) {
    std::vector<uint8> wrapped_key;
    ASSERT_EQ(Status::Success(),
              WrapKey(blink::WebCryptoKeyFormatRaw,
-                      wrapping_key,
                      key,
+                      wrapping_key,
                      wrapping_algorithm,
                      &wrapped_key));
    EXPECT_BYTES_EQ(test_ciphertext, wrapped_key);
@@ -3163,8 +3163,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapKnownAnswer)) {
  std::vector<uint8> wrapped_key;
  ASSERT_EQ(Status::Success(),
            WrapKey(blink::WebCryptoKeyFormatRaw,
-                    public_key,
                    key,
+                    public_key,
                    algorithm,
                    &wrapped_key));

@@ -3240,8 +3240,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) {
  std::vector<uint8> wrapped_key;
  EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
            WrapKey(blink::WebCryptoKeyFormatRaw,
-                    private_key,
                    key,
+                    private_key,
                    wrapping_algorithm,
                    &wrapped_key));

@@ -3262,8 +3262,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsRawSymkeyWrapUnwrapErrors)) {
                      &big_key));
  EXPECT_EQ(Status::ErrorDataTooLarge(),
            WrapKey(blink::WebCryptoKeyFormatRaw,
-                    public_key,
                    big_key,
+                    public_key,
                    wrapping_algorithm,
                    &wrapped_key));

@@ -3383,8 +3383,8 @@ TEST_F(SharedCryptoTest, MAYBE(RsaEsJwkSymkeyWrapUnwrapRoundTrip)) {
  std::vector<uint8> wrapped_data;
  ASSERT_EQ(Status::Success(),
            WrapKey(blink::WebCryptoKeyFormatJwk,
-                    public_wrapping_key,
                    key_to_wrap,
+                    public_wrapping_key,
                    wrapping_algorithm,
                    &wrapped_data));


--- a/content/child/webcrypto/webcrypto_impl.cc
+++ b/content/child/webcrypto/webcrypto_impl.cc
@@ -519,11 +519,9 @@ void DoWrapKeyReply(scoped_ptr<WrapKeyState> state) {

 void DoWrapKey(scoped_ptr<WrapKeyState> passed_state) {
  WrapKeyState* state = passed_state.get();
-  // TODO(eroman): The parameter ordering of webcrypto::WrapKey() is
-  //               inconsistent with that of blink::WebCrypto::wrapKey().
  state->status = webcrypto::WrapKey(state->format,
-                                     state->wrapping_key,
                                     state->key,
+                                     state->wrapping_key,
                                     state->wrap_algorithm,
                                     &state->buffer);