Chromium Code Reviews Chromium Code Reviews
Issue 299253003:
[webcrypto] Only allow crypto.subtle.* to be used from "secure origins". (Closed)
Base URL: svn://svn.chromium.org/blink/trunk| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #include "config.h" | 31 #include "config.h" |
| 32 #include "modules/crypto/SubtleCrypto.h" | 32 #include "modules/crypto/SubtleCrypto.h" |
| 33 | 33 |
| 34 #include "bindings/v8/Dictionary.h" | 34 #include "bindings/v8/Dictionary.h" |
| 35 #include "core/dom/ExecutionContext.h" | |
| 35 #include "modules/crypto/CryptoResultImpl.h" | 36 #include "modules/crypto/CryptoResultImpl.h" |
| 36 #include "modules/crypto/Key.h" | 37 #include "modules/crypto/Key.h" |
| 37 #include "modules/crypto/NormalizeAlgorithm.h" | 38 #include "modules/crypto/NormalizeAlgorithm.h" |
| 38 #include "public/platform/Platform.h" | 39 #include "public/platform/Platform.h" |
| 39 #include "public/platform/WebCrypto.h" | 40 #include "public/platform/WebCrypto.h" |
| 40 #include "public/platform/WebCryptoAlgorithm.h" | 41 #include "public/platform/WebCryptoAlgorithm.h" |
| 41 #include "wtf/ArrayBufferView.h" | 42 #include "wtf/ArrayBufferView.h" |
| 42 | 43 |
| 43 namespace WebCore { | 44 namespace WebCore { |
| 44 | 45 |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 57 static bool ensureNotNull(Key* key, const char* paramName, CryptoResult* result) | 58 static bool ensureNotNull(Key* key, const char* paramName, CryptoResult* result) |
| 58 { | 59 { |
| 59 if (!key) { | 60 if (!key) { |
| 60 String message = String("Invalid ") + paramName + String(" argument"); | 61 String message = String("Invalid ") + paramName + String(" argument"); |
| 61 result->completeWithError(blink::WebCryptoErrorTypeType, blink::WebStrin g(message)); | 62 result->completeWithError(blink::WebCryptoErrorTypeType, blink::WebStrin g(message)); |
| 62 return false; | 63 return false; |
| 63 } | 64 } |
| 64 return true; | 65 return true; |
| 65 } | 66 } |
| 66 | 67 |
| 68 static bool ensureCanAccessWebCrypto(ScriptState* scriptState, CryptoResult* res ult) | |
| 69 { | |
| 70 SecurityOrigin* origin = scriptState->executionContext()->securityOrigin(); | |
|
palmer
2014/05/24 01:44:30
Can |origin| be declared const here? Does it matte
eroman
2014/05/24 02:08:57
Done.
| |
| 71 if (!origin->canAccessFeatureRequiringSecureOrigin()) { | |
| 72 result->completeWithError(blink::WebCryptoErrorTypeNotSupported, "WebCry pto is only supported over secure origins. See http://crbug.com/373032"); | |
| 73 return false; | |
| 74 } | |
| 75 | |
| 76 return true; | |
| 77 } | |
| 78 | |
| 67 static ScriptPromise startCryptoOperation(ScriptState* scriptState, const Dictio nary& rawAlgorithm, Key* key, AlgorithmOperation operationType, const ArrayPiece & signature, const ArrayPiece& dataBuffer) | 79 static ScriptPromise startCryptoOperation(ScriptState* scriptState, const Dictio nary& rawAlgorithm, Key* key, AlgorithmOperation operationType, const ArrayPiece & signature, const ArrayPiece& dataBuffer) |
| 68 { | 80 { |
| 69 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 81 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 70 ScriptPromise promise = result->promise(); | 82 ScriptPromise promise = result->promise(); |
| 71 | 83 |
| 84 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 85 return promise; | |
| 86 | |
| 72 bool requiresKey = operationType != Digest; | 87 bool requiresKey = operationType != Digest; |
| 73 | 88 |
| 74 if (requiresKey && !ensureNotNull(key, "key", result.get())) | 89 if (requiresKey && !ensureNotNull(key, "key", result.get())) |
| 75 return promise; | 90 return promise; |
| 76 if (operationType == Verify && !ensureNotNull(signature, "signature", result .get())) | 91 if (operationType == Verify && !ensureNotNull(signature, "signature", result .get())) |
| 77 return promise; | 92 return promise; |
| 78 if (!ensureNotNull(dataBuffer, "dataBuffer", result.get())) | 93 if (!ensureNotNull(dataBuffer, "dataBuffer", result.get())) |
| 79 return promise; | 94 return promise; |
| 80 | 95 |
| 81 blink::WebCryptoAlgorithm algorithm; | 96 blink::WebCryptoAlgorithm algorithm; |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 140 ScriptPromise SubtleCrypto::digest(ScriptState* scriptState, const Dictionary& r awAlgorithm, const ArrayPiece& data) | 155 ScriptPromise SubtleCrypto::digest(ScriptState* scriptState, const Dictionary& r awAlgorithm, const ArrayPiece& data) |
| 141 { | 156 { |
| 142 return startCryptoOperation(scriptState, rawAlgorithm, 0, Digest, ArrayPiece (), data); | 157 return startCryptoOperation(scriptState, rawAlgorithm, 0, Digest, ArrayPiece (), data); |
| 143 } | 158 } |
| 144 | 159 |
| 145 ScriptPromise SubtleCrypto::generateKey(ScriptState* scriptState, const Dictiona ry& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsages) | 160 ScriptPromise SubtleCrypto::generateKey(ScriptState* scriptState, const Dictiona ry& rawAlgorithm, bool extractable, const Vector<String>& rawKeyUsages) |
| 146 { | 161 { |
| 147 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 162 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 148 ScriptPromise promise = result->promise(); | 163 ScriptPromise promise = result->promise(); |
| 149 | 164 |
| 165 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 166 return promise; | |
| 167 | |
| 150 blink::WebCryptoKeyUsageMask keyUsages; | 168 blink::WebCryptoKeyUsageMask keyUsages; |
| 151 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) | 169 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) |
| 152 return promise; | 170 return promise; |
| 153 | 171 |
| 154 blink::WebCryptoAlgorithm algorithm; | 172 blink::WebCryptoAlgorithm algorithm; |
| 155 if (!parseAlgorithm(rawAlgorithm, GenerateKey, algorithm, result.get())) | 173 if (!parseAlgorithm(rawAlgorithm, GenerateKey, algorithm, result.get())) |
| 156 return promise; | 174 return promise; |
| 157 | 175 |
| 158 blink::Platform::current()->crypto()->generateKey(algorithm, extractable, ke yUsages, result->result()); | 176 blink::Platform::current()->crypto()->generateKey(algorithm, extractable, ke yUsages, result->result()); |
| 159 return promise; | 177 return promise; |
| 160 } | 178 } |
| 161 | 179 |
| 162 ScriptPromise SubtleCrypto::importKey(ScriptState* scriptState, const String& ra wFormat, const ArrayPiece& keyData, const Dictionary& rawAlgorithm, bool extract able, const Vector<String>& rawKeyUsages) | 180 ScriptPromise SubtleCrypto::importKey(ScriptState* scriptState, const String& ra wFormat, const ArrayPiece& keyData, const Dictionary& rawAlgorithm, bool extract able, const Vector<String>& rawKeyUsages) |
| 163 { | 181 { |
| 164 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 182 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 165 ScriptPromise promise = result->promise(); | 183 ScriptPromise promise = result->promise(); |
| 166 | 184 |
| 185 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 186 return promise; | |
| 187 | |
| 167 if (!ensureNotNull(keyData, "keyData", result.get())) | 188 if (!ensureNotNull(keyData, "keyData", result.get())) |
| 168 return promise; | 189 return promise; |
| 169 | 190 |
| 170 blink::WebCryptoKeyFormat format; | 191 blink::WebCryptoKeyFormat format; |
| 171 if (!Key::parseFormat(rawFormat, format, result.get())) | 192 if (!Key::parseFormat(rawFormat, format, result.get())) |
| 172 return promise; | 193 return promise; |
| 173 | 194 |
| 174 blink::WebCryptoKeyUsageMask keyUsages; | 195 blink::WebCryptoKeyUsageMask keyUsages; |
| 175 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) | 196 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) |
| 176 return promise; | 197 return promise; |
| 177 | 198 |
| 178 blink::WebCryptoAlgorithm algorithm; | 199 blink::WebCryptoAlgorithm algorithm; |
| 179 if (!parseAlgorithm(rawAlgorithm, ImportKey, algorithm, result.get())) | 200 if (!parseAlgorithm(rawAlgorithm, ImportKey, algorithm, result.get())) |
| 180 return promise; | 201 return promise; |
| 181 | 202 |
| 182 blink::Platform::current()->crypto()->importKey(format, keyData.bytes(), key Data.byteLength(), algorithm, extractable, keyUsages, result->result()); | 203 blink::Platform::current()->crypto()->importKey(format, keyData.bytes(), key Data.byteLength(), algorithm, extractable, keyUsages, result->result()); |
| 183 return promise; | 204 return promise; |
| 184 } | 205 } |
| 185 | 206 |
| 186 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, Key* key) | 207 ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra wFormat, Key* key) |
| 187 { | 208 { |
| 188 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 209 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 189 ScriptPromise promise = result->promise(); | 210 ScriptPromise promise = result->promise(); |
| 190 | 211 |
| 212 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 213 return promise; | |
| 214 | |
| 191 if (!ensureNotNull(key, "key", result.get())) | 215 if (!ensureNotNull(key, "key", result.get())) |
| 192 return promise; | 216 return promise; |
| 193 | 217 |
| 194 blink::WebCryptoKeyFormat format; | 218 blink::WebCryptoKeyFormat format; |
| 195 if (!Key::parseFormat(rawFormat, format, result.get())) | 219 if (!Key::parseFormat(rawFormat, format, result.get())) |
| 196 return promise; | 220 return promise; |
| 197 | 221 |
| 198 if (!key->extractable()) { | 222 if (!key->extractable()) { |
| 199 result->completeWithError(blink::WebCryptoErrorTypeInvalidAccess, "key i s not extractable"); | 223 result->completeWithError(blink::WebCryptoErrorTypeInvalidAccess, "key i s not extractable"); |
| 200 return promise; | 224 return promise; |
| 201 } | 225 } |
| 202 | 226 |
| 203 blink::Platform::current()->crypto()->exportKey(format, key->key(), result-> result()); | 227 blink::Platform::current()->crypto()->exportKey(format, key->key(), result-> result()); |
| 204 return promise; | 228 return promise; |
| 205 } | 229 } |
| 206 | 230 |
| 207 ScriptPromise SubtleCrypto::wrapKey(ScriptState* scriptState, const String& rawF ormat, Key* key, Key* wrappingKey, const Dictionary& rawWrapAlgorithm) | 231 ScriptPromise SubtleCrypto::wrapKey(ScriptState* scriptState, const String& rawF ormat, Key* key, Key* wrappingKey, const Dictionary& rawWrapAlgorithm) |
| 208 { | 232 { |
| 209 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 233 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 210 ScriptPromise promise = result->promise(); | 234 ScriptPromise promise = result->promise(); |
| 211 | 235 |
| 236 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 237 return promise; | |
| 238 | |
| 212 if (!ensureNotNull(key, "key", result.get())) | 239 if (!ensureNotNull(key, "key", result.get())) |
| 213 return promise; | 240 return promise; |
| 214 | 241 |
| 215 if (!ensureNotNull(wrappingKey, "wrappingKey", result.get())) | 242 if (!ensureNotNull(wrappingKey, "wrappingKey", result.get())) |
| 216 return promise; | 243 return promise; |
| 217 | 244 |
| 218 blink::WebCryptoKeyFormat format; | 245 blink::WebCryptoKeyFormat format; |
| 219 if (!Key::parseFormat(rawFormat, format, result.get())) | 246 if (!Key::parseFormat(rawFormat, format, result.get())) |
| 220 return promise; | 247 return promise; |
| 221 | 248 |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 233 | 260 |
| 234 blink::Platform::current()->crypto()->wrapKey(format, key->key(), wrappingKe y->key(), wrapAlgorithm, result->result()); | 261 blink::Platform::current()->crypto()->wrapKey(format, key->key(), wrappingKe y->key(), wrapAlgorithm, result->result()); |
| 235 return promise; | 262 return promise; |
| 236 } | 263 } |
| 237 | 264 |
| 238 ScriptPromise SubtleCrypto::unwrapKey(ScriptState* scriptState, const String& ra wFormat, const ArrayPiece& wrappedKey, Key* unwrappingKey, const Dictionary& raw UnwrapAlgorithm, const Dictionary& rawUnwrappedKeyAlgorithm, bool extractable, c onst Vector<String>& rawKeyUsages) | 265 ScriptPromise SubtleCrypto::unwrapKey(ScriptState* scriptState, const String& ra wFormat, const ArrayPiece& wrappedKey, Key* unwrappingKey, const Dictionary& raw UnwrapAlgorithm, const Dictionary& rawUnwrappedKeyAlgorithm, bool extractable, c onst Vector<String>& rawKeyUsages) |
| 239 { | 266 { |
| 240 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); | 267 RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState); |
| 241 ScriptPromise promise = result->promise(); | 268 ScriptPromise promise = result->promise(); |
| 242 | 269 |
| 270 if (!ensureCanAccessWebCrypto(scriptState, result.get())) | |
| 271 return promise; | |
| 272 | |
| 243 if (!ensureNotNull(wrappedKey, "wrappedKey", result.get())) | 273 if (!ensureNotNull(wrappedKey, "wrappedKey", result.get())) |
| 244 return promise; | 274 return promise; |
| 245 if (!ensureNotNull(unwrappingKey, "unwrappingKey", result.get())) | 275 if (!ensureNotNull(unwrappingKey, "unwrappingKey", result.get())) |
| 246 return promise; | 276 return promise; |
| 247 | 277 |
| 248 blink::WebCryptoKeyFormat format; | 278 blink::WebCryptoKeyFormat format; |
| 249 if (!Key::parseFormat(rawFormat, format, result.get())) | 279 if (!Key::parseFormat(rawFormat, format, result.get())) |
| 250 return promise; | 280 return promise; |
| 251 | 281 |
| 252 blink::WebCryptoKeyUsageMask keyUsages; | 282 blink::WebCryptoKeyUsageMask keyUsages; |
| 253 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) | 283 if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get())) |
| 254 return promise; | 284 return promise; |
| 255 | 285 |
| 256 blink::WebCryptoAlgorithm unwrapAlgorithm; | 286 blink::WebCryptoAlgorithm unwrapAlgorithm; |
| 257 if (!parseAlgorithm(rawUnwrapAlgorithm, UnwrapKey, unwrapAlgorithm, result.g et())) | 287 if (!parseAlgorithm(rawUnwrapAlgorithm, UnwrapKey, unwrapAlgorithm, result.g et())) |
| 258 return promise; | 288 return promise; |
| 259 | 289 |
| 260 blink::WebCryptoAlgorithm unwrappedKeyAlgorithm; | 290 blink::WebCryptoAlgorithm unwrappedKeyAlgorithm; |
| 261 if (!parseAlgorithm(rawUnwrappedKeyAlgorithm, ImportKey, unwrappedKeyAlgorit hm, result.get())) | 291 if (!parseAlgorithm(rawUnwrappedKeyAlgorithm, ImportKey, unwrappedKeyAlgorit hm, result.get())) |
| 262 return promise; | 292 return promise; |
| 263 | 293 |
| 264 if (!unwrappingKey->canBeUsedForAlgorithm(unwrapAlgorithm, UnwrapKey, result .get())) | 294 if (!unwrappingKey->canBeUsedForAlgorithm(unwrapAlgorithm, UnwrapKey, result .get())) |
| 265 return promise; | 295 return promise; |
| 266 | 296 |
| 267 blink::Platform::current()->crypto()->unwrapKey(format, wrappedKey.bytes(), wrappedKey.byteLength(), unwrappingKey->key(), unwrapAlgorithm, unwrappedKeyAlgo rithm, extractable, keyUsages, result->result()); | 297 blink::Platform::current()->crypto()->unwrapKey(format, wrappedKey.bytes(), wrappedKey.byteLength(), unwrappingKey->key(), unwrapAlgorithm, unwrappedKeyAlgo rithm, extractable, keyUsages, result->result()); |
| 268 return promise; | 298 return promise; |
| 269 } | 299 } |
| 270 | 300 |
| 271 } // namespace WebCore | 301 } // namespace WebCore |
| OLD | NEW |
