Chromium Code Reviews Chromium Code Reviews
Issue 341923004:
[webcrypto] Don't execute cancelled crypto operations. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/child/webcrypto/webcrypto_impl.h" | 5 #include "content/child/webcrypto/webcrypto_impl.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/lazy_instance.h" | 8 #include "base/lazy_instance.h" |
| 9 #include "base/location.h" | 9 #include "base/location.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 163 // | 163 // |
| 164 // Ownership of the State object is passed between the crypto thread and the | 164 // Ownership of the State object is passed between the crypto thread and the |
| 165 // Blink thread. Under normal completion it is destroyed on the Blink thread. | 165 // Blink thread. Under normal completion it is destroyed on the Blink thread. |
| 166 // However it may also be destroyed on the crypto thread if the Blink thread | 166 // However it may also be destroyed on the crypto thread if the Blink thread |
| 167 // has vanished (which can happen for Blink web worker threads). | 167 // has vanished (which can happen for Blink web worker threads). |
| 168 | 168 |
| 169 struct BaseState { | 169 struct BaseState { |
| 170 explicit BaseState(const blink::WebCryptoResult& result) | 170 explicit BaseState(const blink::WebCryptoResult& result) |
| 171 : origin_thread(GetCurrentBlinkThread()), result(result) {} | 171 : origin_thread(GetCurrentBlinkThread()), result(result) {} |
| 172 | 172 |
| 173 bool cancelled() { | |
| 174 #ifdef WEBCRYPTO_RESULT_HAS_CANCELLED | |
| 175 return result.cancelled(); | |
|
Ryan Sleevi
2014/06/18 23:59:51
Is this really safe? Seems like we try to only acc
| |
| 176 #else | |
| 177 return false; | |
| 178 #endif | |
| 179 } | |
| 180 | |
| 173 scoped_refptr<base::TaskRunner> origin_thread; | 181 scoped_refptr<base::TaskRunner> origin_thread; |
| 174 | 182 |
| 175 webcrypto::Status status; | 183 webcrypto::Status status; |
| 176 blink::WebCryptoResult result; | 184 blink::WebCryptoResult result; |
| 177 | 185 |
| 178 protected: | 186 protected: |
| 179 // Since there is no virtual destructor, must not delete directly as a | 187 // Since there is no virtual destructor, must not delete directly as a |
| 180 // BaseState. | 188 // BaseState. |
| 181 ~BaseState() {} | 189 ~BaseState() {} |
| 182 }; | 190 }; |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 345 // | 353 // |
| 346 // * The methods named Do*() run on the crypto thread. | 354 // * The methods named Do*() run on the crypto thread. |
| 347 // * The methods named Do*Reply() run on the target Blink thread | 355 // * The methods named Do*Reply() run on the target Blink thread |
| 348 | 356 |
| 349 void DoEncryptReply(scoped_ptr<EncryptState> state) { | 357 void DoEncryptReply(scoped_ptr<EncryptState> state) { |
| 350 CompleteWithBufferOrError(state->status, state->buffer, &state->result); | 358 CompleteWithBufferOrError(state->status, state->buffer, &state->result); |
| 351 } | 359 } |
| 352 | 360 |
| 353 void DoEncrypt(scoped_ptr<EncryptState> passed_state) { | 361 void DoEncrypt(scoped_ptr<EncryptState> passed_state) { |
| 354 EncryptState* state = passed_state.get(); | 362 EncryptState* state = passed_state.get(); |
| 363 if (state->cancelled()) | |
| 364 return; | |
| 355 state->status = webcrypto::Encrypt(state->algorithm, | 365 state->status = webcrypto::Encrypt(state->algorithm, |
| 356 state->key, | 366 state->key, |
| 357 webcrypto::CryptoData(state->data), | 367 webcrypto::CryptoData(state->data), |
| 358 &state->buffer); | 368 &state->buffer); |
| 359 state->origin_thread->PostTask( | 369 state->origin_thread->PostTask( |
| 360 FROM_HERE, base::Bind(DoEncryptReply, Passed(&passed_state))); | 370 FROM_HERE, base::Bind(DoEncryptReply, Passed(&passed_state))); |
| 361 } | 371 } |
| 362 | 372 |
| 363 void DoDecryptReply(scoped_ptr<DecryptState> state) { | 373 void DoDecryptReply(scoped_ptr<DecryptState> state) { |
| 364 CompleteWithBufferOrError(state->status, state->buffer, &state->result); | 374 CompleteWithBufferOrError(state->status, state->buffer, &state->result); |
| 365 } | 375 } |
| 366 | 376 |
| 367 void DoDecrypt(scoped_ptr<DecryptState> passed_state) { | 377 void DoDecrypt(scoped_ptr<DecryptState> passed_state) { |
| 368 DecryptState* state = passed_state.get(); | 378 DecryptState* state = passed_state.get(); |
| 379 if (state->cancelled()) | |
| 380 return; | |
| 369 state->status = webcrypto::Decrypt(state->algorithm, | 381 state->status = webcrypto::Decrypt(state->algorithm, |
| 370 state->key, | 382 state->key, |
| 371 webcrypto::CryptoData(state->data), | 383 webcrypto::CryptoData(state->data), |
| 372 &state->buffer); | 384 &state->buffer); |
| 373 state->origin_thread->PostTask( | 385 state->origin_thread->PostTask( |
| 374 FROM_HERE, base::Bind(DoDecryptReply, Passed(&passed_state))); | 386 FROM_HERE, base::Bind(DoDecryptReply, Passed(&passed_state))); |
| 375 } | 387 } |
| 376 | 388 |
| 377 void DoDigestReply(scoped_ptr<DigestState> state) { | 389 void DoDigestReply(scoped_ptr<DigestState> state) { |
| 378 CompleteWithBufferOrError(state->status, state->buffer, &state->result); | 390 CompleteWithBufferOrError(state->status, state->buffer, &state->result); |
| 379 } | 391 } |
| 380 | 392 |
| 381 void DoDigest(scoped_ptr<DigestState> passed_state) { | 393 void DoDigest(scoped_ptr<DigestState> passed_state) { |
| 382 DigestState* state = passed_state.get(); | 394 DigestState* state = passed_state.get(); |
| 395 if (state->cancelled()) | |
| 396 return; | |
| 383 state->status = webcrypto::Digest( | 397 state->status = webcrypto::Digest( |
| 384 state->algorithm, webcrypto::CryptoData(state->data), &state->buffer); | 398 state->algorithm, webcrypto::CryptoData(state->data), &state->buffer); |
| 385 state->origin_thread->PostTask( | 399 state->origin_thread->PostTask( |
| 386 FROM_HERE, base::Bind(DoDigestReply, Passed(&passed_state))); | 400 FROM_HERE, base::Bind(DoDigestReply, Passed(&passed_state))); |
| 387 } | 401 } |
| 388 | 402 |
| 389 void DoGenerateKeyReply(scoped_ptr<GenerateKeyState> state) { | 403 void DoGenerateKeyReply(scoped_ptr<GenerateKeyState> state) { |
| 390 if (state->status.IsError()) { | 404 if (state->status.IsError()) { |
| 391 CompleteWithError(state->status, &state->result); | 405 CompleteWithError(state->status, &state->result); |
| 392 } else { | 406 } else { |
| 393 if (state->is_asymmetric) | 407 if (state->is_asymmetric) |
| 394 state->result.completeWithKeyPair(state->public_key, state->private_key); | 408 state->result.completeWithKeyPair(state->public_key, state->private_key); |
| 395 else | 409 else |
| 396 state->result.completeWithKey(state->public_key); | 410 state->result.completeWithKey(state->public_key); |
| 397 } | 411 } |
| 398 } | 412 } |
| 399 | 413 |
| 400 void DoGenerateKey(scoped_ptr<GenerateKeyState> passed_state) { | 414 void DoGenerateKey(scoped_ptr<GenerateKeyState> passed_state) { |
| 401 GenerateKeyState* state = passed_state.get(); | 415 GenerateKeyState* state = passed_state.get(); |
| 416 if (state->cancelled()) | |
| 417 return; | |
| 402 state->is_asymmetric = | 418 state->is_asymmetric = |
| 403 webcrypto::IsAlgorithmAsymmetric(state->algorithm.id()); | 419 webcrypto::IsAlgorithmAsymmetric(state->algorithm.id()); |
| 404 if (state->is_asymmetric) { | 420 if (state->is_asymmetric) { |
| 405 state->status = webcrypto::GenerateKeyPair(state->algorithm, | 421 state->status = webcrypto::GenerateKeyPair(state->algorithm, |
| 406 state->extractable, | 422 state->extractable, |
| 407 state->usage_mask, | 423 state->usage_mask, |
| 408 &state->public_key, | 424 &state->public_key, |
| 409 &state->private_key); | 425 &state->private_key); |
| 410 | 426 |
| 411 if (state->status.IsSuccess()) { | 427 if (state->status.IsSuccess()) { |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 433 state->origin_thread->PostTask( | 449 state->origin_thread->PostTask( |
| 434 FROM_HERE, base::Bind(DoGenerateKeyReply, Passed(&passed_state))); | 450 FROM_HERE, base::Bind(DoGenerateKeyReply, Passed(&passed_state))); |
| 435 } | 451 } |
| 436 | 452 |
| 437 void DoImportKeyReply(scoped_ptr<ImportKeyState> state) { | 453 void DoImportKeyReply(scoped_ptr<ImportKeyState> state) { |
| 438 CompleteWithKeyOrError(state->status, state->key, &state->result); | 454 CompleteWithKeyOrError(state->status, state->key, &state->result); |
| 439 } | 455 } |
| 440 | 456 |
| 441 void DoImportKey(scoped_ptr<ImportKeyState> passed_state) { | 457 void DoImportKey(scoped_ptr<ImportKeyState> passed_state) { |
| 442 ImportKeyState* state = passed_state.get(); | 458 ImportKeyState* state = passed_state.get(); |
| 459 if (state->cancelled()) | |
| 460 return; | |
| 443 state->status = webcrypto::ImportKey(state->format, | 461 state->status = webcrypto::ImportKey(state->format, |
| 444 webcrypto::CryptoData(state->key_data), | 462 webcrypto::CryptoData(state->key_data), |
| 445 state->algorithm, | 463 state->algorithm, |
| 446 state->extractable, | 464 state->extractable, |
| 447 state->usage_mask, | 465 state->usage_mask, |
| 448 &state->key); | 466 &state->key); |
| 449 if (state->status.IsSuccess()) { | 467 if (state->status.IsSuccess()) { |
| 450 DCHECK(state->key.handle()); | 468 DCHECK(state->key.handle()); |
| 451 DCHECK(!state->key.algorithm().isNull()); | 469 DCHECK(!state->key.algorithm().isNull()); |
| 452 DCHECK_EQ(state->extractable, state->key.extractable()); | 470 DCHECK_EQ(state->extractable, state->key.extractable()); |
| (...skipping 19 matching lines...) Expand all Loading... | |
| 472 state->result.completeWithJson( | 490 state->result.completeWithJson( |
| 473 reinterpret_cast<const char*>( | 491 reinterpret_cast<const char*>( |
| 474 webcrypto::Uint8VectorStart(&state->buffer)), | 492 webcrypto::Uint8VectorStart(&state->buffer)), |
| 475 state->buffer.size()); | 493 state->buffer.size()); |
| 476 } | 494 } |
| 477 #endif | 495 #endif |
| 478 } | 496 } |
| 479 | 497 |
| 480 void DoExportKey(scoped_ptr<ExportKeyState> passed_state) { | 498 void DoExportKey(scoped_ptr<ExportKeyState> passed_state) { |
| 481 ExportKeyState* state = passed_state.get(); | 499 ExportKeyState* state = passed_state.get(); |
| 500 if (state->cancelled()) | |
| 501 return; | |
| 482 state->status = | 502 state->status = |
| 483 webcrypto::ExportKey(state->format, state->key, &state->buffer); | 503 webcrypto::ExportKey(state->format, state->key, &state->buffer); |
| 484 state->origin_thread->PostTask( | 504 state->origin_thread->PostTask( |
| 485 FROM_HERE, base::Bind(DoExportKeyReply, Passed(&passed_state))); | 505 FROM_HERE, base::Bind(DoExportKeyReply, Passed(&passed_state))); |
| 486 } | 506 } |
| 487 | 507 |
| 488 void DoSignReply(scoped_ptr<SignState> state) { | 508 void DoSignReply(scoped_ptr<SignState> state) { |
| 489 CompleteWithBufferOrError(state->status, state->buffer, &state->result); | 509 CompleteWithBufferOrError(state->status, state->buffer, &state->result); |
| 490 } | 510 } |
| 491 | 511 |
| 492 void DoSign(scoped_ptr<SignState> passed_state) { | 512 void DoSign(scoped_ptr<SignState> passed_state) { |
| 493 SignState* state = passed_state.get(); | 513 SignState* state = passed_state.get(); |
| 514 if (state->cancelled()) | |
| 515 return; | |
| 494 state->status = webcrypto::Sign(state->algorithm, | 516 state->status = webcrypto::Sign(state->algorithm, |
| 495 state->key, | 517 state->key, |
| 496 webcrypto::CryptoData(state->data), | 518 webcrypto::CryptoData(state->data), |
| 497 &state->buffer); | 519 &state->buffer); |
| 498 | 520 |
| 499 state->origin_thread->PostTask( | 521 state->origin_thread->PostTask( |
| 500 FROM_HERE, base::Bind(DoSignReply, Passed(&passed_state))); | 522 FROM_HERE, base::Bind(DoSignReply, Passed(&passed_state))); |
| 501 } | 523 } |
| 502 | 524 |
| 503 void DoVerifyReply(scoped_ptr<VerifySignatureState> state) { | 525 void DoVerifyReply(scoped_ptr<VerifySignatureState> state) { |
| 504 if (state->status.IsError()) { | 526 if (state->status.IsError()) { |
| 505 CompleteWithError(state->status, &state->result); | 527 CompleteWithError(state->status, &state->result); |
| 506 } else { | 528 } else { |
| 507 state->result.completeWithBoolean(state->verify_result); | 529 state->result.completeWithBoolean(state->verify_result); |
| 508 } | 530 } |
| 509 } | 531 } |
| 510 | 532 |
| 511 void DoVerify(scoped_ptr<VerifySignatureState> passed_state) { | 533 void DoVerify(scoped_ptr<VerifySignatureState> passed_state) { |
| 512 VerifySignatureState* state = passed_state.get(); | 534 VerifySignatureState* state = passed_state.get(); |
| 535 if (state->cancelled()) | |
| 536 return; | |
| 513 state->status = | 537 state->status = |
| 514 webcrypto::VerifySignature(state->algorithm, | 538 webcrypto::VerifySignature(state->algorithm, |
| 515 state->key, | 539 state->key, |
| 516 webcrypto::CryptoData(state->signature), | 540 webcrypto::CryptoData(state->signature), |
| 517 webcrypto::CryptoData(state->data), | 541 webcrypto::CryptoData(state->data), |
| 518 &state->verify_result); | 542 &state->verify_result); |
| 519 | 543 |
| 520 state->origin_thread->PostTask( | 544 state->origin_thread->PostTask( |
| 521 FROM_HERE, base::Bind(DoVerifyReply, Passed(&passed_state))); | 545 FROM_HERE, base::Bind(DoVerifyReply, Passed(&passed_state))); |
| 522 } | 546 } |
| 523 | 547 |
| 524 void DoWrapKeyReply(scoped_ptr<WrapKeyState> state) { | 548 void DoWrapKeyReply(scoped_ptr<WrapKeyState> state) { |
| 525 CompleteWithBufferOrError(state->status, state->buffer, &state->result); | 549 CompleteWithBufferOrError(state->status, state->buffer, &state->result); |
| 526 } | 550 } |
| 527 | 551 |
| 528 void DoWrapKey(scoped_ptr<WrapKeyState> passed_state) { | 552 void DoWrapKey(scoped_ptr<WrapKeyState> passed_state) { |
| 529 WrapKeyState* state = passed_state.get(); | 553 WrapKeyState* state = passed_state.get(); |
| 554 if (state->cancelled()) | |
| 555 return; | |
| 530 state->status = webcrypto::WrapKey(state->format, | 556 state->status = webcrypto::WrapKey(state->format, |
| 531 state->key, | 557 state->key, |
| 532 state->wrapping_key, | 558 state->wrapping_key, |
| 533 state->wrap_algorithm, | 559 state->wrap_algorithm, |
| 534 &state->buffer); | 560 &state->buffer); |
| 535 | 561 |
| 536 state->origin_thread->PostTask( | 562 state->origin_thread->PostTask( |
| 537 FROM_HERE, base::Bind(DoWrapKeyReply, Passed(&passed_state))); | 563 FROM_HERE, base::Bind(DoWrapKeyReply, Passed(&passed_state))); |
| 538 } | 564 } |
| 539 | 565 |
| 540 void DoUnwrapKeyReply(scoped_ptr<UnwrapKeyState> state) { | 566 void DoUnwrapKeyReply(scoped_ptr<UnwrapKeyState> state) { |
| 541 CompleteWithKeyOrError(state->status, state->unwrapped_key, &state->result); | 567 CompleteWithKeyOrError(state->status, state->unwrapped_key, &state->result); |
| 542 } | 568 } |
| 543 | 569 |
| 544 void DoUnwrapKey(scoped_ptr<UnwrapKeyState> passed_state) { | 570 void DoUnwrapKey(scoped_ptr<UnwrapKeyState> passed_state) { |
| 545 UnwrapKeyState* state = passed_state.get(); | 571 UnwrapKeyState* state = passed_state.get(); |
| 572 if (state->cancelled()) | |
| 573 return; | |
| 546 state->status = | 574 state->status = |
| 547 webcrypto::UnwrapKey(state->format, | 575 webcrypto::UnwrapKey(state->format, |
| 548 webcrypto::CryptoData(state->wrapped_key), | 576 webcrypto::CryptoData(state->wrapped_key), |
| 549 state->wrapping_key, | 577 state->wrapping_key, |
| 550 state->unwrap_algorithm, | 578 state->unwrap_algorithm, |
| 551 state->unwrapped_key_algorithm, | 579 state->unwrapped_key_algorithm, |
| 552 state->extractable, | 580 state->extractable, |
| 553 state->usages, | 581 state->usages, |
| 554 &state->unwrapped_key); | 582 &state->unwrapped_key); |
| 555 | 583 |
| (...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 747 &key); | 775 &key); |
| 748 } | 776 } |
| 749 | 777 |
| 750 bool WebCryptoImpl::serializeKeyForClone( | 778 bool WebCryptoImpl::serializeKeyForClone( |
| 751 const blink::WebCryptoKey& key, | 779 const blink::WebCryptoKey& key, |
| 752 blink::WebVector<unsigned char>& key_data) { | 780 blink::WebVector<unsigned char>& key_data) { |
| 753 return webcrypto::SerializeKeyForClone(key, &key_data); | 781 return webcrypto::SerializeKeyForClone(key, &key_data); |
| 754 } | 782 } |
| 755 | 783 |
| 756 } // namespace content | 784 } // namespace content |
| OLD | NEW |
