diff options
Diffstat (limited to 'chromium/components/nacl/loader/nacl_validation_query.cc')
| -rw-r--r-- | chromium/components/nacl/loader/nacl_validation_query.cc | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/chromium/components/nacl/loader/nacl_validation_query.cc b/chromium/components/nacl/loader/nacl_validation_query.cc deleted file mode 100644 index 6bd8641460f..00000000000 --- a/chromium/components/nacl/loader/nacl_validation_query.cc +++ /dev/null @@ -1,172 +0,0 @@ -// Copyright 2013 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "components/nacl/loader/nacl_validation_query.h" - -#include "base/logging.h" -#include "components/nacl/loader/nacl_validation_db.h" -#include "crypto/nss_util.h" -#include "native_client/src/include/portability.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" -#include "native_client/src/trusted/validator/validation_cache.h" - -NaClValidationQueryContext::NaClValidationQueryContext( - NaClValidationDB* db, - const std::string& profile_key, - const std::string& nacl_version) - : db_(db), - profile_key_(profile_key), - nacl_version_(nacl_version) { - - // Sanity checks. - CHECK(profile_key.length() >= 8); - CHECK(nacl_version.length() >= 4); -} - -NaClValidationQuery* NaClValidationQueryContext::CreateQuery() { - NaClValidationQuery* query = new NaClValidationQuery(db_, profile_key_); - // Changing the version effectively invalidates existing hashes. - query->AddData(nacl_version_); - return query; -} - -bool NaClValidationQueryContext::ResolveFileToken( - struct NaClFileToken* file_token, - int32* fd, - std::string* path) { - return db_->ResolveFileToken(file_token, fd, path); -} - -NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db, - const std::string& profile_key) - : state_(READY), - hasher_(crypto::HMAC::SHA256), - db_(db), - buffer_length_(0) { - // Without this line on Linux, HMAC::Init will instantiate a singleton that - // in turn attempts to open a file. Disabling this behavior avoids a ~70 ms - // stall the first time HMAC is used. - // This function is also called in nacl_helper_linux.cc, but nacl_helper may - // not be used in all cases. - // TODO(ncbray) remove when nacl_helper becomes the only code path. - // http://code.google.com/p/chromium/issues/detail?id=118263 -#if defined(USE_NSS) - crypto::ForceNSSNoDBInit(); -#endif - CHECK(hasher_.Init(profile_key)); -} - -void NaClValidationQuery::AddData(const char* data, size_t length) { - CHECK(state_ == READY); - CHECK(buffer_length_ <= sizeof(buffer_)); - // Chrome's HMAC class doesn't support incremental signing. Work around - // this by using a (small) temporary buffer to accumulate data. - // Check if there is space in the buffer. - if (buffer_length_ + kDigestLength > sizeof(buffer_)) { - // Hash the buffer to make space. - CompressBuffer(); - } - // Hash the input data into the buffer. Assumes that sizeof(buffer_) >= - // kDigestLength * 2 (the buffer can store at least two digests.) - CHECK(hasher_.Sign(base::StringPiece(data, length), - reinterpret_cast<unsigned char*>(buffer_ + buffer_length_), - kDigestLength)); - buffer_length_ += kDigestLength; -} - -void NaClValidationQuery::AddData(const unsigned char* data, size_t length) { - AddData(reinterpret_cast<const char*>(data), length); -} - -void NaClValidationQuery::AddData(const base::StringPiece& data) { - AddData(data.data(), data.length()); -} - -int NaClValidationQuery::QueryKnownToValidate() { - CHECK(state_ == READY); - // It is suspicious if we have less than a digest's worth of data. - CHECK(buffer_length_ >= kDigestLength); - CHECK(buffer_length_ <= sizeof(buffer_)); - state_ = GET_CALLED; - // Ensure the buffer contains only one digest worth of data. - CompressBuffer(); - return db_->QueryKnownToValidate(std::string(buffer_, buffer_length_)); -} - -void NaClValidationQuery::SetKnownToValidate() { - CHECK(state_ == GET_CALLED); - CHECK(buffer_length_ == kDigestLength); - state_ = SET_CALLED; - db_->SetKnownToValidate(std::string(buffer_, buffer_length_)); -} - -// Reduce the size of the data in the buffer by hashing it and writing it back -// to the buffer. -void NaClValidationQuery::CompressBuffer() { - // Calculate the digest into a temp buffer. It is likely safe to calculate it - // directly back into the buffer, but this is an "accidental" semantic we're - // avoiding depending on. - unsigned char temp[kDigestLength]; - CHECK(hasher_.Sign(base::StringPiece(buffer_, buffer_length_), temp, - kDigestLength)); - memcpy(buffer_, temp, kDigestLength); - buffer_length_ = kDigestLength; -} - -// OO wrappers - -static void* CreateQuery(void* handle) { - return static_cast<NaClValidationQueryContext*>(handle)->CreateQuery(); -} - -static void AddData(void* query, const uint8* data, size_t length) { - static_cast<NaClValidationQuery*>(query)->AddData(data, length); -} - -static int QueryKnownToValidate(void* query) { - return static_cast<NaClValidationQuery*>(query)->QueryKnownToValidate(); -} - -static void SetKnownToValidate(void* query) { - static_cast<NaClValidationQuery*>(query)->SetKnownToValidate(); -} - -static void DestroyQuery(void* query) { - delete static_cast<NaClValidationQuery*>(query); -} - -static int ResolveFileToken(void* handle, struct NaClFileToken* file_token, - int32* fd, char** file_path, - uint32* file_path_length) { - std::string path; - *file_path = NULL; - *file_path_length = 0; - bool ok = static_cast<NaClValidationQueryContext*>(handle)-> - ResolveFileToken(file_token, fd, &path); - if (ok) { - *file_path = static_cast<char*>(malloc(path.length() + 1)); - CHECK(*file_path); - memcpy(*file_path, path.data(), path.length()); - (*file_path)[path.length()] = 0; - *file_path_length = static_cast<uint32>(path.length()); - } - return ok; -} - -struct NaClValidationCache* CreateValidationCache( - NaClValidationDB* db, const std::string& profile_key, - const std::string& nacl_version) { - NaClValidationCache* cache = - static_cast<NaClValidationCache*>(malloc(sizeof(NaClValidationCache))); - // Make sure any fields introduced in a cross-repo change are zeroed. - memset(cache, 0, sizeof(*cache)); - cache->handle = new NaClValidationQueryContext(db, profile_key, nacl_version); - cache->CreateQuery = CreateQuery; - cache->AddData = AddData; - cache->QueryKnownToValidate = QueryKnownToValidate; - cache->SetKnownToValidate = SetKnownToValidate; - cache->DestroyQuery = DestroyQuery; - cache->ResolveFileToken = ResolveFileToken; - return cache; -} |