[webcrypto] Only allow crypto.subtle.* to be used from "secure origins".

Source/modules/crypto/SubtleCrypto.cpp

Index: Source/modules/crypto/SubtleCrypto.cpp
diff --git a/Source/modules/crypto/SubtleCrypto.cpp b/Source/modules/crypto/SubtleCrypto.cpp
index 4ecb2874b99d442da1ac4945e4efa4f9f5812810..4621b93f9942d87162297ebdd9a794881aa437a1 100644
--- a/Source/modules/crypto/SubtleCrypto.cpp
+++ b/Source/modules/crypto/SubtleCrypto.cpp
@@ -32,6 +32,7 @@
 #include "modules/crypto/SubtleCrypto.h"
 
 #include "bindings/v8/Dictionary.h"
+#include "core/dom/ExecutionContext.h"
 #include "modules/crypto/CryptoResultImpl.h"
 #include "modules/crypto/Key.h"
 #include "modules/crypto/NormalizeAlgorithm.h"
@@ -64,11 +65,25 @@ static bool ensureNotNull(Key* key, const char* paramName, CryptoResult* result)
     return true;
 }
 
+static bool ensureCanAccessWebCrypto(ScriptState* scriptState, CryptoResult* result)
+{
+    SecurityOrigin* origin = scriptState->executionContext()->securityOrigin();

[palmer, 2014/05/24 01:44:30]

Can |origin| be declared const here? Does it matter? I don't know Blink
conventions well, but it occurred to me.

[eroman, 2014/05/24 02:08:57]

Done.

+    if (!origin->canAccessFeatureRequiringSecureOrigin()) {
+        result->completeWithError(blink::WebCryptoErrorTypeNotSupported, "WebCrypto is only supported over secure origins. See http://crbug.com/373032");
+        return false;
+    }
+
+    return true;
+}
+
 static ScriptPromise startCryptoOperation(ScriptState* scriptState, const Dictionary& rawAlgorithm, Key* key, AlgorithmOperation operationType, const ArrayPiece& signature, const ArrayPiece& dataBuffer)
 {
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     bool requiresKey = operationType != Digest;
 
     if (requiresKey && !ensureNotNull(key, "key", result.get()))
@@ -147,6 +162,9 @@ ScriptPromise SubtleCrypto::generateKey(ScriptState* scriptState, const Dictiona
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     blink::WebCryptoKeyUsageMask keyUsages;
     if (!Key::parseUsageMask(rawKeyUsages, keyUsages, result.get()))
         return promise;
@@ -164,6 +182,9 @@ ScriptPromise SubtleCrypto::importKey(ScriptState* scriptState, const String& ra
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     if (!ensureNotNull(keyData, "keyData", result.get()))
         return promise;
 
@@ -188,6 +209,9 @@ ScriptPromise SubtleCrypto::exportKey(ScriptState* scriptState, const String& ra
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     if (!ensureNotNull(key, "key", result.get()))
         return promise;
 
@@ -209,6 +233,9 @@ ScriptPromise SubtleCrypto::wrapKey(ScriptState* scriptState, const String& rawF
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     if (!ensureNotNull(key, "key", result.get()))
         return promise;
 
@@ -240,6 +267,9 @@ ScriptPromise SubtleCrypto::unwrapKey(ScriptState* scriptState, const String& ra
     RefPtr<CryptoResultImpl> result = CryptoResultImpl::create(scriptState);
     ScriptPromise promise = result->promise();
 
+    if (!ensureCanAccessWebCrypto(scriptState, result.get()))
+        return promise;
+
     if (!ensureNotNull(wrappedKey, "wrappedKey", result.get()))
         return promise;
     if (!ensureNotNull(unwrappingKey, "unwrappingKey", result.get()))