[webcrypto] Make operations run on worker threads.

content/child/webcrypto/platform_crypto_openssl.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/webcrypto/platform_crypto.h"
 
 #include <vector>
 #include <openssl/aes.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
@@ skipping 18 matching lines @@
 namespace platform {
 
 class SymKey : public Key {
  public:
   explicit SymKey(const CryptoData& key_data)
       : key_(key_data.bytes(), key_data.bytes() + key_data.byte_length()) {}
 
   virtual SymKey* AsSymKey() OVERRIDE { return this; }
   virtual PublicKey* AsPublicKey() OVERRIDE { return NULL; }
   virtual PrivateKey* AsPrivateKey() OVERRIDE { return NULL; }
+  virtual bool ThreadSafeSerializeForClone(
+      blink::WebVector<uint8>* key_data) OVERRIDE {
+    key_data->assign(Uint8VectorStart(key_), key_.size());
+    return true;
+  }
 
   const std::vector<unsigned char>& key() const { return key_; }
 
  private:
   const std::vector<unsigned char> key_;
 
   DISALLOW_COPY_AND_ASSIGN(SymKey);
 };
 
 namespace {
@@ skipping 27 matching lines @@
   }
 }
 
 // OpenSSL constants for EVP_CipherInit_ex(), do not change
 enum CipherOperation { kDoDecrypt = 0, kDoEncrypt = 1 };
 
 Status AesCbcEncryptDecrypt(EncryptOrDecrypt mode,
                             SymKey* key,
                             const CryptoData& iv,
                             const CryptoData& data,
-                            blink::WebArrayBuffer* buffer) {
+                            std::vector<uint8>* buffer) {
   CipherOperation cipher_operation =
       (mode == ENCRYPT) ? kDoEncrypt : kDoDecrypt;
 
   if (data.byte_length() >= INT_MAX - AES_BLOCK_SIZE) {
     // TODO(padolph): Handle this by chunking the input fed into OpenSSL. Right
     // now it doesn't make much difference since the one-shot API would end up
     // blowing out the memory and crashing anyway.
     return Status::ErrorDataTooLarge();
   }
 
@@ skipping 18 matching lines @@
 
   // According to the openssl docs, the amount of data written may be as large
   // as (data_size + cipher_block_size - 1), constrained to a multiple of
   // cipher_block_size.
   unsigned int output_max_len = data.byte_length() + AES_BLOCK_SIZE - 1;
   const unsigned remainder = output_max_len % AES_BLOCK_SIZE;
   if (remainder != 0)
     output_max_len += AES_BLOCK_SIZE - remainder;
   DCHECK_GT(output_max_len, data.byte_length());
 
-  *buffer = blink::WebArrayBuffer::create(output_max_len, 1);
+  buffer->resize(output_max_len);
 
-  unsigned char* const buffer_data =
-      reinterpret_cast<unsigned char*>(buffer->data());
+  unsigned char* const buffer_data = Uint8VectorStart(buffer);
 
   int output_len = 0;
   if (!EVP_CipherUpdate(context.get(),
                         buffer_data,
                         &output_len,
                         data.bytes(),
                         data.byte_length()))
     return Status::OperationError();
   int final_output_chunk_len = 0;
   if (!EVP_CipherFinal_ex(
           context.get(), buffer_data + output_len, &final_output_chunk_len)) {
     return Status::OperationError();
   }
 
   const unsigned int final_output_len =
       static_cast<unsigned int>(output_len) +
       static_cast<unsigned int>(final_output_chunk_len);
   DCHECK_LE(final_output_len, output_max_len);
 
-  ShrinkBuffer(buffer, final_output_len);
+  buffer->resize(final_output_len);
 
   return Status::Success();
 }
 
 }  // namespace
 
 class DigestorOpenSSL : public blink::WebCryptoDigestor {
  public:
   explicit DigestorOpenSSL(blink::WebCryptoAlgorithmId algorithm_id)
       : initialized_(false),
@@ skipping 18 matching lines @@
 
   virtual bool finish(unsigned char*& result_data,
                       unsigned int& result_data_size) {
     Status error = FinishInternal(result_, &result_data_size);
     if (!error.IsSuccess())
       return false;
     result_data = result_;
     return true;
   }
 
-  Status FinishWithWebArrayAndStatus(blink::WebArrayBuffer* result) {
+  Status FinishWithVectorAndStatus(std::vector<uint8>* result) {
     const int hash_expected_size = EVP_MD_CTX_size(digest_context_.get());
-    *result = blink::WebArrayBuffer::create(hash_expected_size, 1);
-    unsigned char* const hash_buffer =
-        static_cast<unsigned char* const>(result->data());
+    result->resize(hash_expected_size);
+    unsigned char* const hash_buffer = Uint8VectorStart(result);
     unsigned int hash_buffer_size;  // ignored
-    Status error = FinishInternal(hash_buffer, &hash_buffer_size);
-    if (!error.IsSuccess())
-      result->reset();
-    return error;
+    return FinishInternal(hash_buffer, &hash_buffer_size);
   }
 
  private:
   Status Init() {
     if (initialized_)
       return Status::Success();
 
     const EVP_MD* digest_algorithm = GetDigest(algorithm_id_);
     if (!digest_algorithm)
       return Status::ErrorUnexpected();
@@ skipping 25 matching lines @@
 
     return Status::Success();
   }
 
   bool initialized_;
   crypto::ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> digest_context_;
   blink::WebCryptoAlgorithmId algorithm_id_;
   unsigned char result_[EVP_MAX_MD_SIZE];
 };
 
-Status ExportKeyRaw(SymKey* key, blink::WebArrayBuffer* buffer) {
-  *buffer = CreateArrayBuffer(Uint8VectorStart(key->key()), key->key().size());
+Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer) {
+  *buffer = key->key();
   return Status::Success();
 }
 
 void Init() { crypto::EnsureOpenSSLInit(); }
 
 Status EncryptDecryptAesCbc(EncryptOrDecrypt mode,
                             SymKey* key,
                             const CryptoData& data,
                             const CryptoData& iv,
-                            blink::WebArrayBuffer* buffer) {
+                            std::vector<uint8>* buffer) {
   // TODO(eroman): inline the function here.
   return AesCbcEncryptDecrypt(mode, key, iv, data, buffer);
 }
 
 Status DigestSha(blink::WebCryptoAlgorithmId algorithm,
                  const CryptoData& data,
-                 blink::WebArrayBuffer* buffer) {
+                 std::vector<uint8>* buffer) {
   DigestorOpenSSL digestor(algorithm);
   Status error = digestor.ConsumeWithStatus(data.bytes(), data.byte_length());
   if (!error.IsSuccess())
     return error;
-  return digestor.FinishWithWebArrayAndStatus(buffer);
+  return digestor.FinishWithVectorAndStatus(buffer);
 }
 
 scoped_ptr<blink::WebCryptoDigestor> CreateDigestor(
     blink::WebCryptoAlgorithmId algorithm_id) {
   return scoped_ptr<blink::WebCryptoDigestor>(
       new DigestorOpenSSL(algorithm_id));
 }
 
 Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
                          bool extractable,
@@ skipping 52 matching lines @@
                                      extractable,
                                      key_algorithm,
                                      usage_mask);
 
   return Status::Success();
 }
 
 Status SignHmac(SymKey* key,
                 const blink::WebCryptoAlgorithm& hash,
                 const CryptoData& data,
-                blink::WebArrayBuffer* buffer) {
-  blink::WebArrayBuffer result;
-
+                std::vector<uint8>* buffer) {
   const EVP_MD* digest_algorithm = GetDigest(hash.id());
   if (!digest_algorithm)
     return Status::ErrorUnsupported();
   unsigned int hmac_expected_length = EVP_MD_size(digest_algorithm);
 
   const std::vector<unsigned char>& raw_key = key->key();
 
   // OpenSSL wierdness here.
   // First, HMAC() needs a void* for the key data, so make one up front as a
   // cosmetic to avoid a cast. Second, OpenSSL does not like a NULL key,
   // which will result if the raw_key vector is empty; an entirely valid
   // case. Handle this specific case by pointing to an empty array.
   const unsigned char null_key[] = {};
   const void* const raw_key_voidp = raw_key.size() ? &raw_key[0] : null_key;
 
-  result = blink::WebArrayBuffer::create(hmac_expected_length, 1);
+  buffer->resize(hmac_expected_length);
   crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result(
-      reinterpret_cast<unsigned char*>(result.data()), hmac_expected_length);
+      Uint8VectorStart(buffer), hmac_expected_length);
 
   crypto::OpenSSLErrStackTracer(FROM_HERE);
 
   unsigned int hmac_actual_length;
   unsigned char* const success = HMAC(digest_algorithm,
                                       raw_key_voidp,
                                       raw_key.size(),
                                       data.bytes(),
                                       data.byte_length(),
                                       hmac_result.safe_buffer(),
                                       &hmac_actual_length);
   if (!success || hmac_actual_length != hmac_expected_length)
     return Status::OperationError();
 
-  *buffer = result;
   return Status::Success();
 }
 
 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm,
                           bool extractable,
                           blink::WebCryptoKeyUsageMask usage_mask,
                           const CryptoData& modulus_data,
                           const CryptoData& exponent_data,
                           blink::WebCryptoKey* key) {
   // TODO(padolph): Placeholder for OpenSSL implementation.
   // Issue
   return Status::ErrorUnsupported();
 }
 
 Status EncryptDecryptAesGcm(EncryptOrDecrypt mode,
                             SymKey* key,
                             const CryptoData& data,
                             const CryptoData& iv,
                             const CryptoData& additional_data,
                             unsigned int tag_length_bits,
-                            blink::WebArrayBuffer* buffer) {
+                            std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 // Guaranteed that key is valid.
 Status EncryptRsaEsPkcs1v1_5(PublicKey* key,
                              const CryptoData& data,
-                             blink::WebArrayBuffer* buffer) {
+                             std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status DecryptRsaEsPkcs1v1_5(PrivateKey* key,
                              const CryptoData& data,
-                             blink::WebArrayBuffer* buffer) {
+                             std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status SignRsaSsaPkcs1v1_5(PrivateKey* key,
                            const blink::WebCryptoAlgorithm& hash,
                            const CryptoData& data,
-                           blink::WebArrayBuffer* buffer) {
+                           std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 // Key is guaranteed to be an RSA SSA key.
 Status VerifyRsaSsaPkcs1v1_5(PublicKey* key,
                              const blink::WebCryptoAlgorithm& hash,
                              const CryptoData& signature,
                              const CryptoData& data,
                              bool* signature_match) {
@@ skipping 12 matching lines @@
 
 Status ImportKeyPkcs8(const blink::WebCryptoAlgorithm& algorithm,
                       const CryptoData& key_data,
                       bool extractable,
                       blink::WebCryptoKeyUsageMask usage_mask,
                       blink::WebCryptoKey* key) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
-Status ExportKeySpki(PublicKey* key, blink::WebArrayBuffer* buffer) {
+Status ExportKeySpki(PublicKey* key, std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status ExportKeyPkcs8(PrivateKey* key,
                       const blink::WebCryptoKeyAlgorithm& key_algorithm,
-                      blink::WebArrayBuffer* buffer) {
+                      std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status ExportRsaPublicKey(PublicKey* key,
                           std::vector<uint8>* modulus,
                           std::vector<uint8>* public_exponent) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status WrapSymKeyAesKw(SymKey* wrapping_key,
                        SymKey* key,
-                       blink::WebArrayBuffer* buffer) {
+                       std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status UnwrapSymKeyAesKw(const CryptoData& wrapped_key_data,
                          SymKey* wrapping_key,
                          const blink::WebCryptoAlgorithm& algorithm,
                          bool extractable,
                          blink::WebCryptoKeyUsageMask usage_mask,
                          blink::WebCryptoKey* key) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status DecryptAesKw(SymKey* key,
                     const CryptoData& data,
-                    blink::WebArrayBuffer* buffer) {
+                    std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status WrapSymKeyRsaEs(PublicKey* wrapping_key,
                        SymKey* key,
-                       blink::WebArrayBuffer* buffer) {
+                       std::vector<uint8>* buffer) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
 Status UnwrapSymKeyRsaEs(const CryptoData& wrapped_key_data,
                          PrivateKey* wrapping_key,
                          const blink::WebCryptoAlgorithm& algorithm,
                          bool extractable,
                          blink::WebCryptoKeyUsageMask usage_mask,
                          blink::WebCryptoKey* key) {
   // TODO(eroman): http://crbug.com/267888
   return Status::ErrorUnsupported();
 }
 
+bool ThreadSafeDeserializeKeyForClone(
+    const blink::WebCryptoKeyAlgorithm& algorithm,
+    blink::WebCryptoKeyType type,
+    bool extractable,
+    blink::WebCryptoKeyUsageMask usages,
+    const CryptoData& key_data,
+    blink::WebCryptoKey* key) {
+  // TODO(eroman): http://crbug.com/267888
+  return false;
+}
+
 }  // namespace platform
 
 }  // namespace webcrypto
 
 }  // namespace content