forked from mirrors/gecko-dev
94a31a8931
<!-- Please describe your changes on the following line: --> This PR implements an in-memory random number generator that only uses an OS RNG for (re)seeding. The OS RNG is shared, so there's only one file descriptor for `/dev/urandom` being used. The PR also implements a tidy check that we don't accidentally introduce an RNG. Rather annoyingly, there are a lot of transitive dependencies on `rand`, notably hash maps in `std`. This PR makes it possible to use uuids for identifiers such as pipeline and frame ids. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes do not require tests because it's fixing a resource issue <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> Source-Repo: https://github.com/servo/servo Source-Revision: 36ddf763f66b1b971db07649ff5c69b2e9fd5f91
83 lines
2.6 KiB
Rust
83 lines
2.6 KiB
Rust
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
use core::nonzero::NonZero;
|
|
use dom::bindings::cell::DOMRefCell;
|
|
use dom::bindings::codegen::Bindings::CryptoBinding;
|
|
use dom::bindings::codegen::Bindings::CryptoBinding::CryptoMethods;
|
|
use dom::bindings::error::{Error, Fallible};
|
|
use dom::bindings::js::Root;
|
|
use dom::bindings::reflector::{Reflector, reflect_dom_object};
|
|
use dom::globalscope::GlobalScope;
|
|
use js::jsapi::{JSContext, JSObject};
|
|
use js::jsapi::{JS_GetArrayBufferViewType, Type};
|
|
use servo_rand::{ServoRng, Rng};
|
|
|
|
unsafe_no_jsmanaged_fields!(ServoRng);
|
|
|
|
// https://developer.mozilla.org/en-US/docs/Web/API/Crypto
|
|
#[dom_struct]
|
|
pub struct Crypto {
|
|
reflector_: Reflector,
|
|
#[ignore_heap_size_of = "Defined in rand"]
|
|
rng: DOMRefCell<ServoRng>,
|
|
}
|
|
|
|
impl Crypto {
|
|
fn new_inherited() -> Crypto {
|
|
Crypto {
|
|
reflector_: Reflector::new(),
|
|
rng: DOMRefCell::new(ServoRng::new()),
|
|
}
|
|
}
|
|
|
|
pub fn new(global: &GlobalScope) -> Root<Crypto> {
|
|
reflect_dom_object(box Crypto::new_inherited(), global, CryptoBinding::Wrap)
|
|
}
|
|
}
|
|
|
|
impl CryptoMethods for Crypto {
|
|
#[allow(unsafe_code)]
|
|
// https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#Crypto-method-getRandomValues
|
|
unsafe fn GetRandomValues(&self,
|
|
_cx: *mut JSContext,
|
|
input: *mut JSObject)
|
|
-> Fallible<NonZero<*mut JSObject>> {
|
|
assert!(!input.is_null());
|
|
typedarray!(in(_cx) let mut array_buffer_view: ArrayBufferView = input);
|
|
let mut data = match array_buffer_view.as_mut() {
|
|
Ok(x) => x.as_mut_slice(),
|
|
Err(_) => {
|
|
return Err(Error::Type("Argument to Crypto.getRandomValues is not an ArrayBufferView"
|
|
.to_owned()));
|
|
}
|
|
};
|
|
|
|
if !is_integer_buffer(input) {
|
|
return Err(Error::TypeMismatch);
|
|
}
|
|
|
|
if data.len() > 65536 {
|
|
return Err(Error::QuotaExceeded);
|
|
}
|
|
|
|
self.rng.borrow_mut().fill_bytes(&mut data);
|
|
|
|
Ok(NonZero::new(input))
|
|
}
|
|
}
|
|
|
|
#[allow(unsafe_code)]
|
|
fn is_integer_buffer(input: *mut JSObject) -> bool {
|
|
match unsafe { JS_GetArrayBufferViewType(input) } {
|
|
Type::Uint8 |
|
|
Type::Uint8Clamped |
|
|
Type::Int8 |
|
|
Type::Uint16 |
|
|
Type::Int16 |
|
|
Type::Uint32 |
|
|
Type::Int32 => true,
|
|
_ => false,
|
|
}
|
|
}
|