Chromium Code Reviews Chromium Code Reviews
Issue 19757011:
WebCrypto: Implement digest() using NSS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/renderer/webcrypto_sha_digest_nss.cc |
| diff --git a/content/renderer/webcrypto_sha_digest_nss.cc b/content/renderer/webcrypto_sha_digest_nss.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..801a2c0df56592b5ed51753ebebcb0762bdd629b |
| --- /dev/null |
| +++ b/content/renderer/webcrypto_sha_digest_nss.cc |
| @@ -0,0 +1,127 @@ |
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "content/renderer/webcrypto_sha_digest.h" |
| + |
| +#include <pk11pub.h> |
| + |
| +#include "base/logging.h" |
| +#include "crypto/nss_util.h" |
| +#include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
| +#include "third_party/WebKit/public/platform/WebCryptoAlgorithm.h" |
| + |
| +namespace content { |
| + |
| +WebCryptoSHADigest::WebCryptoSHADigest( |
| + const WebKit::WebCryptoAlgorithmId algorithm_id, |
| + WebKit::WebCryptoOperationResult* result) |
| + : result_(result), |
| + context_(NULL), |
| + hash_algorithm_(SEC_OID_UNKNOWN), |
| + hash_result_length_(0) { |
| + switch (algorithm_id) { |
| + case WebKit::WebCryptoAlgorithmIdSha1: |
| + hash_algorithm_ = SEC_OID_SHA1; |
| + hash_result_length_ = 20; |
| + break; |
| + case WebKit::WebCryptoAlgorithmIdSha224: |
| + hash_algorithm_ = SEC_OID_SHA224; |
| + hash_result_length_ = 28; |
| + break; |
| + case WebKit::WebCryptoAlgorithmIdSha256: |
| + hash_algorithm_ = SEC_OID_SHA256; |
| + hash_result_length_ = 32; |
| + break; |
| + case WebKit::WebCryptoAlgorithmIdSha384: |
| + hash_algorithm_ = SEC_OID_SHA384; |
| + hash_result_length_ = 48; |
| + break; |
| + case WebKit::WebCryptoAlgorithmIdSha512: |
| + hash_algorithm_ = SEC_OID_SHA512; |
| + hash_result_length_ = 64; |
| + break; |
| + default: |
| + hash_algorithm_ = SEC_OID_UNKNOWN; |
|
eroman
2013/07/24 01:33:50
This should be unreachable code, put a NOTREACHED(
Bryan Eyler
2013/07/31 00:28:44
Done.
|
| + hash_result_length_ = 0; |
| + } |
| +} |
| + |
| +WebCryptoSHADigest::~WebCryptoSHADigest() { |
| + if (context_) { |
| + PK11_DestroyContext(context_, PR_TRUE); |
| + } |
| +} |
| + |
| +bool WebCryptoSHADigest::Initialize() { |
| + crypto::EnsureNSSInit(); |
| + |
| + context_ = PK11_CreateDigestContext(hash_algorithm_); |
| + if (!context_) { |
| + LOG(ERROR) << "Could not create digest context for hash algorithm: " |
| + << hash_algorithm_; |
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
isn't this handled now?
Bryan Eyler
2013/07/31 00:28:44
Yes, nothing left to do. Removed comment.
|
| + return false; |
| + } |
| + |
| + if (PK11_DigestBegin(context_) != SECSuccess) { |
| + LOG(ERROR) << "Could not initialize digest context."; |
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
Isn't this handled now?
Bryan Eyler
2013/07/31 00:28:44
Same.
|
| + return false; |
| + } |
| + |
| + return true; |
| +} |
| + |
| +void WebCryptoSHADigest::process(const unsigned char* bytes, size_t size) { |
| + // If this is the first process request, need to setup the context. |
| + if (!context_) { |
| + LOG(ERROR) << "No valid context initialized."; |
|
eroman
2013/07/24 01:33:50
This shouldn't be reachable, since failure to crea
Bryan Eyler
2013/07/31 00:28:44
Changed to DCHECK.
|
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
result_->completeWithError();
Bryan Eyler
2013/07/31 00:28:44
Removed.
|
| + return; |
| + } |
| + |
| + if (PK11_DigestOp(context_, bytes, size) != SECSuccess) { |
| + LOG(ERROR) << "Could not process digest contents of size: " << size; |
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
result_->completeWithError();
Bryan Eyler
2013/07/31 00:28:44
Done.
|
| + } |
| +} |
| + |
| +void WebCryptoSHADigest::abort() { |
| + delete this; |
| +} |
| + |
| +void WebCryptoSHADigest::finish() { |
| + // If no context yet created; create an empty one. |
| + if (!context_) { |
|
eroman
2013/07/24 01:33:50
This should be an assertion instead
Bryan Eyler
2013/07/31 00:28:44
Done.
|
| + LOG(ERROR) << "No valid context initialized."; |
| + // TODO(bryaneyler): Error out. |
| + return; |
| + } |
| + |
| + unsigned char* digest = NULL; |
| + |
| + WebKit::WebArrayBuffer buffer( |
| + WebKit::WebArrayBuffer::create(hash_result_length_, 1)); |
| + |
| + digest = reinterpret_cast<unsigned char*>(buffer.data()); |
| + if (!digest) { |
| + LOG(ERROR) << "Could not allocate digest data."; |
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
result_->completeWithError();
... however I don't
Bryan Eyler
2013/07/31 00:28:44
Should this be a DCHECK then?
|
| + return; |
| + } |
| + |
| + unsigned int result_length = 0; |
| + if (PK11_DigestFinal(context_, digest, &result_length, hash_result_length_) |
| + != SECSuccess || result_length != hash_result_length_) { |
| + LOG(ERROR) << "Could not finalize digest data."; |
| + // TODO(bryaneyler): Error out. |
|
eroman
2013/07/24 01:33:50
result_->completeWithError();
Bryan Eyler
2013/07/31 00:28:44
Done.
|
| + return; |
| + } |
| + |
| + result_->completeWithArrayBuffer(buffer); |
| + |
| + delete this; |
| +} |
| + |
| +} // namespace content |
