diff options
Diffstat (limited to 'chromium/storage/browser/quota/padding_key.cc')
-rw-r--r-- | chromium/storage/browser/quota/padding_key.cc | 87 |
1 files changed, 0 insertions, 87 deletions
diff --git a/chromium/storage/browser/quota/padding_key.cc b/chromium/storage/browser/quota/padding_key.cc deleted file mode 100644 index 788f6f4634c..00000000000 --- a/chromium/storage/browser/quota/padding_key.cc +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2019 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "storage/browser/quota/padding_key.h" - -#include <cstdint> -#include <vector> - -#include "base/no_destructor.h" -#include "crypto/hmac.h" -#include "net/http/http_request_headers.h" - -using crypto::SymmetricKey; - -namespace storage { - -namespace { - -const SymmetricKey::Algorithm kPaddingKeyAlgorithm = SymmetricKey::AES; - -// The range of the padding added to response sizes for opaque resources. -// Increment the CacheStorage padding version if changed. -constexpr uint64_t kPaddingRange = 14431 * 1024; - -std::unique_ptr<SymmetricKey>* GetPaddingKeyInternal() { - static base::NoDestructor<std::unique_ptr<SymmetricKey>> s_padding_key([] { - return SymmetricKey::GenerateRandomKey(kPaddingKeyAlgorithm, 128); - }()); - return s_padding_key.get(); -} - -} // namespace - -const SymmetricKey* GetDefaultPaddingKey() { - return GetPaddingKeyInternal()->get(); -} - -std::unique_ptr<SymmetricKey> CopyDefaultPaddingKey() { - return SymmetricKey::Import(kPaddingKeyAlgorithm, - (*GetPaddingKeyInternal())->key()); -} - -std::unique_ptr<SymmetricKey> DeserializePaddingKey( - const std::string& raw_key) { - return SymmetricKey::Import(kPaddingKeyAlgorithm, raw_key); -} - -std::string SerializeDefaultPaddingKey() { - return (*GetPaddingKeyInternal())->key(); -} - -void ResetPaddingKeyForTesting() { - *GetPaddingKeyInternal() = - SymmetricKey::GenerateRandomKey(kPaddingKeyAlgorithm, 128); -} - -int64_t ComputeResponsePadding(const std::string& response_url, - const crypto::SymmetricKey* padding_key, - bool has_metadata, - bool loaded_with_credentials, - const std::string& request_method) { - DCHECK(!response_url.empty()); - - crypto::HMAC hmac(crypto::HMAC::SHA256); - CHECK(hmac.Init(padding_key)); - - std::string key = response_url; - if (has_metadata) - key += "METADATA"; - if (loaded_with_credentials) - key += "CREDENTIALED"; - - // It should only be possible to have a CORS safelisted method here since - // the spec does not permit other methods for no-cors requests. - DCHECK(request_method == net::HttpRequestHeaders::kGetMethod || - request_method == net::HttpRequestHeaders::kHeadMethod || - request_method == net::HttpRequestHeaders::kPostMethod); - key += request_method; - - uint64_t digest_start; - CHECK(hmac.Sign(key, reinterpret_cast<uint8_t*>(&digest_start), - sizeof(digest_start))); - return digest_start % kPaddingRange; -} - -} // namespace storage |