[WebCrypto] Push WorkQueue dispatches for HKDF, HMAC, PBKDF2 algorithms into shared...
authorzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 29 Aug 2017 11:30:49 +0000 (11:30 +0000)
committerzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 29 Aug 2017 11:30:49 +0000 (11:30 +0000)
https://bugs.webkit.org/show_bug.cgi?id=175620

Reviewed by Jiewen Tan.

Push the WorkQueue dispatch code and other code duplicated between the
Mac and libgcrypt implementations of Web Crypto into the shared layer.
This patch focuses on the HKDF, HMAC and PBKDF2 algorithms.

Functions with platform-specific implementations that are invoked from
these asynchronous dispatches are made static and return an ExceptionOr
value. CryptoAlgorithmParameters objects are passed through non-const
references because data getters could lazily construct the underlying
Vector objects. CryptoKey objects are passed through const references.
Implementations can then manually retrieve and further validate any key
or parameter data, as required for that specific implementation. Input
data is passed through const references to the original Vector objects.

No new tests -- no changes in behavior that's covered by existing tests.

* crypto/algorithms/CryptoAlgorithmHKDF.cpp:
(WebCore::CryptoAlgorithmHKDF::deriveBits):
* crypto/algorithms/CryptoAlgorithmHKDF.h:
* crypto/algorithms/CryptoAlgorithmHMAC.cpp:
(WebCore::CryptoAlgorithmHMAC::sign):
(WebCore::CryptoAlgorithmHMAC::verify):
* crypto/algorithms/CryptoAlgorithmHMAC.h:
* crypto/algorithms/CryptoAlgorithmPBKDF2.cpp:
(WebCore::CryptoAlgorithmPBKDF2::deriveBits):
* crypto/algorithms/CryptoAlgorithmPBKDF2.h:
* crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp:
(WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
* crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp:
(WebCore::CryptoAlgorithmHMAC::platformSign):
(WebCore::CryptoAlgorithmHMAC::platformVerify):
* crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:
(WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):
* crypto/mac/CryptoAlgorithmHKDFMac.cpp:
(WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
* crypto/mac/CryptoAlgorithmHMACMac.cpp:
(WebCore::CryptoAlgorithmHMAC::platformSign):
(WebCore::CryptoAlgorithmHMAC::platformVerify):
* crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp:
(WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@221294 268f45cc-cd09-0410-ab3c-d52691b4dbfc

13 files changed:
Source/WebCore/ChangeLog
Source/WebCore/crypto/algorithms/CryptoAlgorithmHKDF.cpp
Source/WebCore/crypto/algorithms/CryptoAlgorithmHKDF.h
Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.cpp
Source/WebCore/crypto/algorithms/CryptoAlgorithmHMAC.h
Source/WebCore/crypto/algorithms/CryptoAlgorithmPBKDF2.cpp
Source/WebCore/crypto/algorithms/CryptoAlgorithmPBKDF2.h
Source/WebCore/crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp
Source/WebCore/crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp
Source/WebCore/crypto/mac/CryptoAlgorithmHKDFMac.cpp
Source/WebCore/crypto/mac/CryptoAlgorithmHMACMac.cpp
Source/WebCore/crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp

index c860e4b..ad80921 100644 (file)
@@ -1,5 +1,52 @@
 2017-08-29  Zan Dobersek  <zdobersek@igalia.com>
 
+        [WebCrypto] Push WorkQueue dispatches for HKDF, HMAC, PBKDF2 algorithms into shared code
+        https://bugs.webkit.org/show_bug.cgi?id=175620
+
+        Reviewed by Jiewen Tan.
+
+        Push the WorkQueue dispatch code and other code duplicated between the
+        Mac and libgcrypt implementations of Web Crypto into the shared layer.
+        This patch focuses on the HKDF, HMAC and PBKDF2 algorithms.
+
+        Functions with platform-specific implementations that are invoked from
+        these asynchronous dispatches are made static and return an ExceptionOr
+        value. CryptoAlgorithmParameters objects are passed through non-const
+        references because data getters could lazily construct the underlying
+        Vector objects. CryptoKey objects are passed through const references.
+        Implementations can then manually retrieve and further validate any key
+        or parameter data, as required for that specific implementation. Input
+        data is passed through const references to the original Vector objects.
+
+        No new tests -- no changes in behavior that's covered by existing tests.
+
+        * crypto/algorithms/CryptoAlgorithmHKDF.cpp:
+        (WebCore::CryptoAlgorithmHKDF::deriveBits):
+        * crypto/algorithms/CryptoAlgorithmHKDF.h:
+        * crypto/algorithms/CryptoAlgorithmHMAC.cpp:
+        (WebCore::CryptoAlgorithmHMAC::sign):
+        (WebCore::CryptoAlgorithmHMAC::verify):
+        * crypto/algorithms/CryptoAlgorithmHMAC.h:
+        * crypto/algorithms/CryptoAlgorithmPBKDF2.cpp:
+        (WebCore::CryptoAlgorithmPBKDF2::deriveBits):
+        * crypto/algorithms/CryptoAlgorithmPBKDF2.h:
+        * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp:
+        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
+        * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp:
+        (WebCore::CryptoAlgorithmHMAC::platformSign):
+        (WebCore::CryptoAlgorithmHMAC::platformVerify):
+        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:
+        (WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):
+        * crypto/mac/CryptoAlgorithmHKDFMac.cpp:
+        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
+        * crypto/mac/CryptoAlgorithmHMACMac.cpp:
+        (WebCore::CryptoAlgorithmHMAC::platformSign):
+        (WebCore::CryptoAlgorithmHMAC::platformVerify):
+        * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp:
+        (WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):
+
+2017-08-29  Zan Dobersek  <zdobersek@igalia.com>
+
         [WebCrypto] Push WorkQueue dispatches for EC algorithms into shared code
         https://bugs.webkit.org/show_bug.cgi?id=175619
 
index fb3e21d..ec71ef1 100644 (file)
@@ -49,7 +49,11 @@ void CryptoAlgorithmHKDF::deriveBits(std::unique_ptr<CryptoAlgorithmParameters>&
         exceptionCallback(OperationError);
         return;
     }
-    platformDeriveBits(WTFMove(parameters), WTFMove(baseKey), length, WTFMove(callback), WTFMove(exceptionCallback), context, workQueue);
+
+    dispatchOperation(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback),
+        [parameters = WTFMove(parameters), baseKey = WTFMove(baseKey), length] {
+            return platformDeriveBits(*parameters, baseKey, length);
+        });
 }
 
 void CryptoAlgorithmHKDF::importKey(CryptoKeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback)
index 6b7df9b..980215b 100644 (file)
@@ -45,7 +45,7 @@ private:
     void importKey(CryptoKeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final;
     ExceptionOr<size_t> getKeyLength(const CryptoAlgorithmParameters&) final;
 
-    void platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, size_t length, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&);
+    static ExceptionOr<Vector<uint8_t>> platformDeriveBits(CryptoAlgorithmParameters&, const CryptoKey&, size_t);
 };
 
 } // namespace WebCore
index af6521c..041a292 100644 (file)
@@ -57,12 +57,18 @@ CryptoAlgorithmIdentifier CryptoAlgorithmHMAC::identifier() const
 
 void CryptoAlgorithmHMAC::sign(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
 {
-    platformSign(WTFMove(key), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue);
+    dispatchOperation(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback),
+        [key = WTFMove(key), data = WTFMove(data)] {
+            return platformSign(key, data);
+        });
 }
 
 void CryptoAlgorithmHMAC::verify(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
 {
-    platformVerify(WTFMove(key), WTFMove(signature), WTFMove(data), WTFMove(callback), WTFMove(exceptionCallback), context, workQueue);
+    dispatchOperation(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback),
+        [key = WTFMove(key), signature = WTFMove(signature), data = WTFMove(data)] {
+            return platformVerify(key, signature, data);
+        });
 }
 
 void CryptoAlgorithmHMAC::generateKey(const CryptoAlgorithmParameters& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyOrKeyPairCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext&)
index 0aa889b..a55bd89 100644 (file)
@@ -50,8 +50,8 @@ private:
     void exportKey(CryptoKeyFormat, Ref<CryptoKey>&&, KeyDataCallback&&, ExceptionCallback&&) final;
     ExceptionOr<size_t> getKeyLength(const CryptoAlgorithmParameters&) final;
 
-    void platformSign(Ref<CryptoKey>&&, Vector<uint8_t>&&, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&);
-    void platformVerify(Ref<CryptoKey>&&, Vector<uint8_t>&& signature, Vector<uint8_t>&&, BoolCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&);
+    static ExceptionOr<Vector<uint8_t>> platformSign(const CryptoKey&, const Vector<uint8_t>&);
+    static ExceptionOr<bool> platformVerify(const CryptoKey&, const Vector<uint8_t>&, const Vector<uint8_t>&);
 };
 
 } // namespace WebCore
index 005255c..200df3a 100644 (file)
@@ -49,7 +49,11 @@ void CryptoAlgorithmPBKDF2::deriveBits(std::unique_ptr<CryptoAlgorithmParameters
         exceptionCallback(OperationError);
         return;
     }
-    platformDeriveBits(WTFMove(parameters), WTFMove(baseKey), length, WTFMove(callback), WTFMove(exceptionCallback), context, workQueue);
+
+    dispatchOperation(workQueue, context, WTFMove(callback), WTFMove(exceptionCallback),
+        [parameters = WTFMove(parameters), baseKey = WTFMove(baseKey), length] {
+            return platformDeriveBits(*parameters, baseKey, length);
+        });
 }
 
 void CryptoAlgorithmPBKDF2::importKey(CryptoKeyFormat format, KeyData&& data, const std::unique_ptr<CryptoAlgorithmParameters>&& parameters, bool extractable, CryptoKeyUsageBitmap usages, KeyCallback&& callback, ExceptionCallback&& exceptionCallback)
index 570bbd3..9732b1c 100644 (file)
@@ -45,7 +45,7 @@ private:
     void importKey(CryptoKeyFormat, KeyData&&, const std::unique_ptr<CryptoAlgorithmParameters>&&, bool extractable, CryptoKeyUsageBitmap, KeyCallback&&, ExceptionCallback&&) final;
     ExceptionOr<size_t> getKeyLength(const CryptoAlgorithmParameters&) final;
 
-    void platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&&, Ref<CryptoKey>&&, size_t length, VectorCallback&&, ExceptionCallback&&, ScriptExecutionContext&, WorkQueue&);
+    static ExceptionOr<Vector<uint8_t>> platformDeriveBits(CryptoAlgorithmParameters&, const CryptoKey&, size_t);
 };
 
 } // namespace WebCore
index 76e4541..07588d9 100644 (file)
@@ -33,7 +33,6 @@
 #include "CryptoAlgorithmHkdfParams.h"
 #include "CryptoKeyRaw.h"
 #include "GCryptUtilities.h"
-#include "ScriptExecutionContext.h"
 
 namespace WebCore {
 
@@ -153,32 +152,15 @@ static std::optional<Vector<uint8_t>> gcryptDeriveBits(const Vector<uint8_t>& ke
     return output;
 }
 
-void CryptoAlgorithmHKDF::platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHKDF::platformDeriveBits(CryptoAlgorithmParameters& parameters, const CryptoKey& key, size_t length)
 {
-    context.ref();
-    workQueue.dispatch(
-        [parameters = WTFMove(parameters), baseKey = WTFMove(baseKey), length, callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-            auto& hkdfParameters = downcast<CryptoAlgorithmHkdfParams>(*parameters);
-            auto& rawKey = downcast<CryptoKeyRaw>(baseKey.get());
-
-            auto output = gcryptDeriveBits(rawKey.key(), hkdfParameters.saltVector(), hkdfParameters.infoVector(), length / 8, hkdfParameters.hashIdentifier);
-            if (!output) {
-                // We should only dereference callbacks after being back to the Document/Worker threads.
-                context.postTask(
-                    [callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                        exceptionCallback(OperationError);
-                        context.deref();
-                    });
-                return;
-            }
+    auto& hkdfParameters = downcast<CryptoAlgorithmHkdfParams>(parameters);
+    auto& rawKey = downcast<CryptoKeyRaw>(key);
 
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask(
-                [output = WTFMove(*output), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                    callback(output);
-                    context.deref();
-                });
-        });
+    auto output = gcryptDeriveBits(rawKey.key(), hkdfParameters.saltVector(), hkdfParameters.infoVector(), length / 8, hkdfParameters.hashIdentifier);
+    if (!output)
+        return Exception { OperationError };
+    return WTFMove(*output);
 }
 
 } // namespace WebCore
index 6bb1545..0256e5c 100644 (file)
@@ -32,7 +32,6 @@
 #if ENABLE(SUBTLE_CRYPTO)
 
 #include "CryptoKeyHMAC.h"
-#include "ScriptExecutionContext.h"
 #include <pal/crypto/gcrypt/Handle.h>
 #include <wtf/CryptographicUtilities.h>
 
@@ -83,56 +82,33 @@ static std::optional<Vector<uint8_t>> calculateSignature(int algorithm, const Ve
     return WTFMove(signature);
 }
 
-void CryptoAlgorithmHMAC::platformSign(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHMAC::platformSign(const CryptoKey& key, const Vector<uint8_t>& data)
 {
-    context.ref();
-    workQueue.dispatch([key = WTFMove(key), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& hmacKey = downcast<CryptoKeyHMAC>(key.get());
-        auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier());
-        if (algorithm != GCRY_MAC_NONE) {
-            auto result = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size());
-            if (result) {
-                // We should only dereference callbacks after being back to the Document/Worker threads.
-                context.postTask([callback = WTFMove(callback), result = WTFMove(*result), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                    callback(result);
-                    context.deref();
-                });
-                return;
-            }
-        }
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-            exceptionCallback(OperationError);
-            context.deref();
-        });
-    });
+    auto& hmacKey = downcast<CryptoKeyHMAC>(key);
+
+    auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier());
+    if (algorithm == GCRY_MAC_NONE)
+        return Exception { OperationError };
+
+    auto result = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size());
+    if (!result)
+        return Exception { OperationError };
+    return WTFMove(*result);
 }
 
-void CryptoAlgorithmHMAC::platformVerify(Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<bool> CryptoAlgorithmHMAC::platformVerify(const CryptoKey& key, const Vector<uint8_t>& signature, const Vector<uint8_t>& data)
 {
-    context.ref();
-    workQueue.dispatch([key = WTFMove(key), signature = WTFMove(signature), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& hmacKey = downcast<CryptoKeyHMAC>(key.get());
-        auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier());
-        if (algorithm != GCRY_MAC_NONE) {
-            auto expectedSignature = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size());
-            if (expectedSignature) {
-                // Using a constant time comparison to prevent timing attacks.
-                bool result = signature.size() == expectedSignature->size() && !constantTimeMemcmp(expectedSignature->data(), signature.data(), expectedSignature->size());
-                // We should only dereference callbacks after being back to the Document/Worker threads.
-                context.postTask([callback = WTFMove(callback), result, exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                    callback(result);
-                    context.deref();
-                });
-                return;
-            }
-        }
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-            exceptionCallback(OperationError);
-            context.deref();
-        });
-    });
+    auto& hmacKey = downcast<CryptoKeyHMAC>(key);
+
+    auto algorithm = getGCryptDigestAlgorithm(hmacKey.hashAlgorithmIdentifier());
+    if (algorithm == GCRY_MAC_NONE)
+        return Exception { OperationError };
+
+    auto expectedSignature = calculateSignature(algorithm, hmacKey.key(), data.data(), data.size());
+    if (!expectedSignature)
+        return Exception { OperationError };
+    // Using a constant time comparison to prevent timing attacks.
+    return signature.size() == expectedSignature->size() && !constantTimeMemcmp(expectedSignature->data(), signature.data(), expectedSignature->size());
 }
 
 }
index f1f7921..8fe4574 100644 (file)
@@ -33,7 +33,6 @@
 #include "CryptoAlgorithmPbkdf2Params.h"
 #include "CryptoKeyRaw.h"
 #include "GCryptUtilities.h"
-#include "ScriptExecutionContext.h"
 
 namespace WebCore {
 
@@ -58,32 +57,15 @@ static std::optional<Vector<uint8_t>> gcryptDeriveBits(const Vector<uint8_t>& ke
     return result;
 }
 
-void CryptoAlgorithmPBKDF2::platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& key, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmPBKDF2::platformDeriveBits(CryptoAlgorithmParameters& parameters, const CryptoKey& key, size_t length)
 {
-    context.ref();
-    workQueue.dispatch(
-        [parameters = WTFMove(parameters), key = WTFMove(key), length, callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-            auto& pbkdf2Parameters = downcast<CryptoAlgorithmPbkdf2Params>(*parameters);
-            auto& rawKey = downcast<CryptoKeyRaw>(key.get());
+    auto& pbkdf2Parameters = downcast<CryptoAlgorithmPbkdf2Params>(parameters);
+    auto& rawKey = downcast<CryptoKeyRaw>(key);
 
-            auto output = gcryptDeriveBits(rawKey.key(), pbkdf2Parameters.saltVector(), pbkdf2Parameters.hashIdentifier, pbkdf2Parameters.iterations, length);
-            if (!output) {
-                // We should only dereference callbacks after being back to the Document/Worker threads.
-                context.postTask(
-                    [callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                        exceptionCallback(OperationError);
-                        context.deref();
-                    });
-                return;
-            }
-
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask(
-                [output = WTFMove(*output), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-                    callback(output);
-                    context.deref();
-                });
-        });
+    auto output = gcryptDeriveBits(rawKey.key(), pbkdf2Parameters.saltVector(), pbkdf2Parameters.hashIdentifier, pbkdf2Parameters.iterations, length);
+    if (!output)
+        return Exception { OperationError };
+    return WTFMove(*output);
 }
 
 } // namespace WebCore
index a5f3b4d..b31e00f 100644 (file)
 #include "CommonCryptoUtilities.h"
 #include "CryptoAlgorithmHkdfParams.h"
 #include "CryptoKeyRaw.h"
-#include "ScriptExecutionContext.h"
 
 namespace WebCore {
 
-void CryptoAlgorithmHKDF::platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHKDF::platformDeriveBits(CryptoAlgorithmParameters& parameters, const CryptoKey& key, size_t length)
 {
-    context.ref();
-    workQueue.dispatch([parameters = WTFMove(parameters), baseKey = WTFMove(baseKey), length, callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& hkdfParameters = downcast<CryptoAlgorithmHkdfParams>(*parameters);
-        auto& rawKey = downcast<CryptoKeyRaw>(baseKey.get());
+    auto& hkdfParameters = downcast<CryptoAlgorithmHkdfParams>(parameters);
+    auto& rawKey = downcast<CryptoKeyRaw>(key);
 
-        Vector<uint8_t> result(length / 8);
-        CCDigestAlgorithm digestAlgorithm;
-        getCommonCryptoDigestAlgorithm(hkdfParameters.hashIdentifier, digestAlgorithm);
-        // <rdar://problem/32439455> Currently, when rawKey is null, CCKeyDerivationHMac will bail out.
-        if (CCKeyDerivationHMac(kCCKDFAlgorithmHKDF, digestAlgorithm, 0, rawKey.key().data(), rawKey.key().size(), 0, 0, hkdfParameters.infoVector().data(), hkdfParameters.infoVector().size(), 0, 0, hkdfParameters.saltVector().data(), hkdfParameters.saltVector().size(), result.data(), result.size())) {
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-                exceptionCallback(OperationError);
-                context.deref();
-            });
-            return;
-        }
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([callback = WTFMove(callback), result = WTFMove(result), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-            callback(result);
-            context.deref();
-        });
-    });
+    Vector<uint8_t> result(length / 8);
+    CCDigestAlgorithm digestAlgorithm;
+    getCommonCryptoDigestAlgorithm(hkdfParameters.hashIdentifier, digestAlgorithm);
+
+    // <rdar://problem/32439455> Currently, when rawKey is null, CCKeyDerivationHMac will bail out.
+    if (CCKeyDerivationHMac(kCCKDFAlgorithmHKDF, digestAlgorithm, 0, rawKey.key().data(), rawKey.key().size(), 0, 0, hkdfParameters.infoVector().data(), hkdfParameters.infoVector().size(), 0, 0, hkdfParameters.saltVector().data(), hkdfParameters.saltVector().size(), result.data(), result.size()))
+        return Exception { OperationError };
+    return WTFMove(result);
 }
 
 }
index 56b6a7a..b0af8b4 100644 (file)
@@ -29,7 +29,6 @@
 #if ENABLE(SUBTLE_CRYPTO)
 
 #include "CryptoKeyHMAC.h"
-#include "ScriptExecutionContext.h"
 #include <CommonCrypto/CommonHMAC.h>
 #include <wtf/CryptographicUtilities.h>
 
@@ -82,53 +81,26 @@ static Vector<uint8_t> calculateSignature(CCHmacAlgorithm algorithm, const Vecto
     return result;
 }
 
-void CryptoAlgorithmHMAC::platformSign(Ref<CryptoKey>&& key, Vector<uint8_t>&& data, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmHMAC::platformSign(const CryptoKey& key, const Vector<uint8_t>& data)
 {
-    context.ref();
-    workQueue.dispatch([key = WTFMove(key), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& hmacKey = downcast<CryptoKeyHMAC>(key.get());
-        auto algorithm = commonCryptoHMACAlgorithm(hmacKey.hashAlgorithmIdentifier());
-        if (!algorithm) {
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-                exceptionCallback(OperationError);
-                context.deref();
-            });
-            return;
-        }
-        auto result = calculateSignature(*algorithm, hmacKey.key(), data);
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([callback = WTFMove(callback), result = WTFMove(result), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-            callback(result);
-            context.deref();
-        });
-    });
+    auto& hmacKey = downcast<CryptoKeyHMAC>(key);
+    auto algorithm = commonCryptoHMACAlgorithm(hmacKey.hashAlgorithmIdentifier());
+    if (!algorithm)
+        return Exception { OperationError };
 
+    return calculateSignature(*algorithm, hmacKey.key(), data);
 }
 
-void CryptoAlgorithmHMAC::platformVerify(Ref<CryptoKey>&& key, Vector<uint8_t>&& signature, Vector<uint8_t>&& data, BoolCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<bool> CryptoAlgorithmHMAC::platformVerify(const CryptoKey& key, const Vector<uint8_t>& signature, const Vector<uint8_t>& data)
 {
-    context.ref();
-    workQueue.dispatch([key = WTFMove(key), signature = WTFMove(signature), data = WTFMove(data), callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& hmacKey = downcast<CryptoKeyHMAC>(key.get());
-        auto algorithm = commonCryptoHMACAlgorithm(hmacKey.hashAlgorithmIdentifier());
-        if (!algorithm) {
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-                exceptionCallback(OperationError);
-                context.deref();
-            });
-            return;
-        }
-        auto expectedSignature = calculateSignature(*algorithm, hmacKey.key(), data);
-        // Using a constant time comparison to prevent timing attacks.
-        bool result = signature.size() == expectedSignature.size() && !constantTimeMemcmp(expectedSignature.data(), signature.data(), expectedSignature.size());
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([callback = WTFMove(callback), result, exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-            callback(result);
-            context.deref();
-        });
-    });
+    auto& hmacKey = downcast<CryptoKeyHMAC>(key);
+    auto algorithm = commonCryptoHMACAlgorithm(hmacKey.hashAlgorithmIdentifier());
+    if (!algorithm)
+        return Exception { OperationError };
+
+    auto expectedSignature = calculateSignature(*algorithm, hmacKey.key(), data);
+    // Using a constant time comparison to prevent timing attacks.
+    return signature.size() == expectedSignature.size() && !constantTimeMemcmp(expectedSignature.data(), signature.data(), expectedSignature.size());
 }
 
 }
index d61533b..5c3d56b 100644 (file)
@@ -30,7 +30,6 @@
 
 #include "CryptoAlgorithmPbkdf2Params.h"
 #include "CryptoKeyRaw.h"
-#include "ScriptExecutionContext.h"
 #include <CommonCrypto/CommonKeyDerivation.h>
 
 namespace WebCore {
@@ -54,29 +53,16 @@ static CCPseudoRandomAlgorithm commonCryptoHMACAlgorithm(CryptoAlgorithmIdentifi
     }
 }
 
-void CryptoAlgorithmPBKDF2::platformDeriveBits(std::unique_ptr<CryptoAlgorithmParameters>&& parameters, Ref<CryptoKey>&& baseKey, size_t length, VectorCallback&& callback, ExceptionCallback&& exceptionCallback, ScriptExecutionContext& context, WorkQueue& workQueue)
+ExceptionOr<Vector<uint8_t>> CryptoAlgorithmPBKDF2::platformDeriveBits(CryptoAlgorithmParameters& parameters, const CryptoKey& key, size_t length)
 {
-    context.ref();
-    workQueue.dispatch([parameters = WTFMove(parameters), baseKey = WTFMove(baseKey), length, callback = WTFMove(callback), exceptionCallback = WTFMove(exceptionCallback), &context]() mutable {
-        auto& pbkdf2Parameters = downcast<CryptoAlgorithmPbkdf2Params>(*parameters);
-        auto& rawKey = downcast<CryptoKeyRaw>(baseKey.get());
+    auto& pbkdf2Parameters = downcast<CryptoAlgorithmPbkdf2Params>(parameters);
+    auto& rawKey = downcast<CryptoKeyRaw>(key);
 
-        Vector<uint8_t> result(length / 8);
-        // <rdar://problem/32439955> Currently, CCKeyDerivationPBKDF bails out when an empty password/salt is provided.
-        if (CCKeyDerivationPBKDF(kCCPBKDF2, reinterpret_cast<const char *>(rawKey.key().data()), rawKey.key().size(), pbkdf2Parameters.saltVector().data(), pbkdf2Parameters.saltVector().size(), commonCryptoHMACAlgorithm(pbkdf2Parameters.hashIdentifier), pbkdf2Parameters.iterations, result.data(), length / 8)) {
-            // We should only dereference callbacks after being back to the Document/Worker threads.
-            context.postTask([exceptionCallback = WTFMove(exceptionCallback), callback = WTFMove(callback)](ScriptExecutionContext& context) {
-                exceptionCallback(OperationError);
-                context.deref();
-            });
-            return;
-        }
-        // We should only dereference callbacks after being back to the Document/Worker threads.
-        context.postTask([callback = WTFMove(callback), result = WTFMove(result), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) {
-            callback(result);
-            context.deref();
-        });
-    });
+    Vector<uint8_t> result(length / 8);
+    // <rdar://problem/32439955> Currently, CCKeyDerivationPBKDF bails out when an empty password/salt is provided.
+    if (CCKeyDerivationPBKDF(kCCPBKDF2, reinterpret_cast<const char *>(rawKey.key().data()), rawKey.key().size(), pbkdf2Parameters.saltVector().data(), pbkdf2Parameters.saltVector().size(), commonCryptoHMACAlgorithm(pbkdf2Parameters.hashIdentifier), pbkdf2Parameters.iterations, result.data(), length / 8))
+        return Exception { OperationError };
+    return WTFMove(result);
 }
 
 }