BASELINE: Update Chromium to 57.0.2987.144

Change-Id: I29db402ff696c71a04c4dbaec822c2e53efe0267 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
author: Allan Sandfeld Jensen <allan.jensen@qt.io> 2017-04-05 14:08:31 +0200
committer: Allan Sandfeld Jensen <allan.jensen@qt.io> 2017-04-11 07:46:53 +0000
commit: 6a4cabb866f66d4128a97cdc6d9d08ce074f1247 (patch)
tree: ab00f70a5e89278d6a0d16ff0c42578dc4d84a2d /chromium/components/webcrypto
parent: e733310db58160074f574c429d48f8308c0afe17 (diff)
download: qtwebengine-chromium-6a4cabb866f66d4128a97cdc6d9d08ce074f1247.tar.gz
12 files changed, 48 insertions, 6 deletions
diff --git a/chromium/components/webcrypto/algorithm_dispatch.h b/chromium/components/webcrypto/algorithm_dispatch.h
index 2c2c72f97c0..815587f46f9 100644
--- a/chromium/components/webcrypto/algorithm_dispatch.h
+++ b/chromium/components/webcrypto/algorithm_dispatch.h
@@ -14,7 +14,6 @@
 
 namespace webcrypto {
 
-class AlgorithmImplementation;
 class CryptoData;
 class GenerateKeyResult;
 class Status;
diff --git a/chromium/components/webcrypto/algorithm_implementation.h b/chromium/components/webcrypto/algorithm_implementation.h
index b6461dcf4be..1489c5374d1 100644
--- a/chromium/components/webcrypto/algorithm_implementation.h
+++ b/chromium/components/webcrypto/algorithm_implementation.h
@@ -159,6 +159,7 @@ class AlgorithmImplementation {
   //   * Use a stable format (a serialized key must forever be de-serializable,
   //     and be able to survive future migrations to crypto libraries)
   //   * Work for all keys (including ones marked as non-extractable).
+  //   * Gracefully handle invalid inputs
   //
   // Tests to verify structured cloning are available in:
   //   LayoutTests/crypto/clone-*.html
@@ -168,6 +169,25 @@ class AlgorithmImplementation {
   Status SerializeKeyForClone(const blink::WebCryptoKey& key,
                               blink::WebVector<uint8_t>* key_data) const;
 
+  // Deserializes key data from Blink (used for structured cloning).
+  //
+  // The inputs to this function originate from Blink, and may not be
+  // consistent or valid. Implementations must return a failure when processing
+  // invalid or adversarially constructed inputs.
+  //
+  // The ONLY guarantee implementations can assume is that |algorithm.id()|
+  // corresponds with that which the AlgorithmImplementation was registered
+  // under.
+  //
+  // Implementations must be prepared to handle:
+  //
+  // * |type| being invalid for this algorithm's key type(s)
+  // * |algorithm.params()| being inconsistent with the |algorithm.id()|
+  // * |usages| being inconsistent with the key type
+  // * |extractable| being inconsistent with the key type
+  // * |key_data| containing an incorrect serialized format
+  // * Backwards-compatibility: the inputs may have been produced by older
+  //   versions of the code.
   virtual Status DeserializeKeyForClone(
       const blink::WebCryptoKeyAlgorithm& algorithm,
       blink::WebCryptoKeyType type,
diff --git a/chromium/components/webcrypto/algorithms/aes.cc b/chromium/components/webcrypto/algorithms/aes.cc
index f46ea15a119..1a21dc5ca1a 100644
--- a/chromium/components/webcrypto/algorithms/aes.cc
+++ b/chromium/components/webcrypto/algorithms/aes.cc
@@ -199,6 +199,10 @@ Status AesAlgorithm::DeserializeKeyForClone(
     blink::WebCryptoKeyUsageMask usages,
     const CryptoData& key_data,
     blink::WebCryptoKey* key) const {
+  if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeAes ||
+      type != blink::WebCryptoKeyTypeSecret)
+    return Status::ErrorUnexpected();
+
   return ImportKeyRaw(key_data, SynthesizeImportAlgorithmForClone(algorithm),
                       extractable, usages, key);
 }
diff --git a/chromium/components/webcrypto/algorithms/aes_cbc.cc b/chromium/components/webcrypto/algorithms/aes_cbc.cc
index c9e941aa7ee..678aa5ac2ce 100644
--- a/chromium/components/webcrypto/algorithms/aes_cbc.cc
+++ b/chromium/components/webcrypto/algorithms/aes_cbc.cc
@@ -1,3 +1,4 @@
+
 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
@@ -55,7 +56,8 @@ Status AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation,
   if (!output_max_len.IsValid())
     return Status::ErrorDataTooLarge();
 
-  const unsigned remainder = output_max_len.ValueOrDie() % AES_BLOCK_SIZE;
+  const unsigned remainder =
+      base::ValueOrDieForType<unsigned>(output_max_len % AES_BLOCK_SIZE);
   if (remainder != 0)
     output_max_len += AES_BLOCK_SIZE - remainder;
   if (!output_max_len.IsValid())
@@ -71,7 +73,7 @@ Status AesCbcEncryptDecrypt(EncryptOrDecrypt cipher_operation,
     return Status::OperationError();
   }
 
-  buffer->resize(output_max_len.ValueOrDie());
+  buffer->resize(base::ValueOrDieForType<size_t>(output_max_len));
 
   int output_len = 0;
   if (!EVP_CipherUpdate(context.get(), buffer->data(), &output_len,
diff --git a/chromium/components/webcrypto/algorithms/aes_ctr.cc b/chromium/components/webcrypto/algorithms/aes_ctr.cc
index dd7f012f254..3525c5ff37d 100644
--- a/chromium/components/webcrypto/algorithms/aes_ctr.cc
+++ b/chromium/components/webcrypto/algorithms/aes_ctr.cc
@@ -166,7 +166,7 @@ Status AesCtrEncryptDecrypt(const blink::WebCryptoAlgorithm& algorithm,
     return Status::ErrorUnexpected();
 
   const CryptoData counter_block(params->counter());
-  buffer->resize(output_max_len.ValueOrDie());
+  buffer->resize(base::ValueOrDieForType<size_t>(output_max_len));
 
   // The total number of possible counter values is pow(2, counter_length_bits)
   bssl::UniquePtr<BIGNUM> num_counter_values(BN_new());
diff --git a/chromium/components/webcrypto/algorithms/ec.cc b/chromium/components/webcrypto/algorithms/ec.cc
index 1436ad19b57..2a6d312de3a 100644
--- a/chromium/components/webcrypto/algorithms/ec.cc
+++ b/chromium/components/webcrypto/algorithms/ec.cc
@@ -656,6 +656,9 @@ Status EcAlgorithm::DeserializeKeyForClone(
     blink::WebCryptoKeyUsageMask usages,
     const CryptoData& key_data,
     blink::WebCryptoKey* key) const {
+  if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeEc)
+    return Status::ErrorUnexpected();
+
   blink::WebCryptoAlgorithm import_algorithm =
       SynthesizeImportAlgorithmForClone(algorithm);
 
diff --git a/chromium/components/webcrypto/algorithms/hkdf.cc b/chromium/components/webcrypto/algorithms/hkdf.cc
index 90a204513d3..f5ac563e3db 100644
--- a/chromium/components/webcrypto/algorithms/hkdf.cc
+++ b/chromium/components/webcrypto/algorithms/hkdf.cc
@@ -105,6 +105,10 @@ class HkdfImplementation : public AlgorithmImplementation {
                                 blink::WebCryptoKeyUsageMask usages,
                                 const CryptoData& key_data,
                                 blink::WebCryptoKey* key) const override {
+    if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeNone ||
+        type != blink::WebCryptoKeyTypeSecret)
+      return Status::ErrorUnexpected();
+
     // NOTE: Unlike ImportKeyRaw(), this does not enforce extractable==false.
     // This is intentional. Although keys cannot currently be created with
     // extractable==true, earlier implementations permitted this, so
diff --git a/chromium/components/webcrypto/algorithms/hmac.cc b/chromium/components/webcrypto/algorithms/hmac.cc
index 05caa7c6c5c..9678654b630 100644
--- a/chromium/components/webcrypto/algorithms/hmac.cc
+++ b/chromium/components/webcrypto/algorithms/hmac.cc
@@ -291,6 +291,10 @@ class HmacImplementation : public AlgorithmImplementation {
                                 blink::WebCryptoKeyUsageMask usages,
                                 const CryptoData& key_data,
                                 blink::WebCryptoKey* key) const override {
+    if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeHmac ||
+        type != blink::WebCryptoKeyTypeSecret)
+      return Status::ErrorUnexpected();
+
     return CreateWebCryptoSecretKey(key_data, algorithm, extractable, usages,
                                     key);
   }
diff --git a/chromium/components/webcrypto/algorithms/pbkdf2.cc b/chromium/components/webcrypto/algorithms/pbkdf2.cc
index 5e62bc567fc..53e65ce0748 100644
--- a/chromium/components/webcrypto/algorithms/pbkdf2.cc
+++ b/chromium/components/webcrypto/algorithms/pbkdf2.cc
@@ -110,6 +110,10 @@ class Pbkdf2Implementation : public AlgorithmImplementation {
                                 blink::WebCryptoKeyUsageMask usages,
                                 const CryptoData& key_data,
                                 blink::WebCryptoKey* key) const override {
+    if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeNone ||
+        type != blink::WebCryptoKeyTypeSecret)
+      return Status::ErrorUnexpected();
+
     // NOTE: Unlike ImportKeyRaw(), this does not enforce extractable==false.
     // This is intentional. Although keys cannot currently be created with
     // extractable==true, earlier implementations permitted this, so
diff --git a/chromium/components/webcrypto/algorithms/rsa.cc b/chromium/components/webcrypto/algorithms/rsa.cc
index bd3be5ba159..35053d889c9 100644
--- a/chromium/components/webcrypto/algorithms/rsa.cc
+++ b/chromium/components/webcrypto/algorithms/rsa.cc
@@ -532,6 +532,9 @@ Status RsaHashedAlgorithm::DeserializeKeyForClone(
     blink::WebCryptoKeyUsageMask usages,
     const CryptoData& key_data,
     blink::WebCryptoKey* key) const {
+  if (algorithm.paramsType() != blink::WebCryptoKeyAlgorithmParamsTypeRsaHashed)
+    return Status::ErrorUnexpected();
+
   blink::WebCryptoAlgorithm import_algorithm =
       SynthesizeImportAlgorithmForClone(algorithm);
 
diff --git a/chromium/components/webcrypto/algorithms/test_helpers.cc b/chromium/components/webcrypto/algorithms/test_helpers.cc
index 8751735496e..8138f0d5493 100644
--- a/chromium/components/webcrypto/algorithms/test_helpers.cc
+++ b/chromium/components/webcrypto/algorithms/test_helpers.cc
@@ -391,7 +391,7 @@ std::unique_ptr<base::DictionaryValue> GetJwkDictionary(
                                 json.size());
   std::unique_ptr<base::Value> value = base::JSONReader::Read(json_string);
   EXPECT_TRUE(value.get());
-  EXPECT_TRUE(value->IsType(base::Value::TYPE_DICTIONARY));
+  EXPECT_TRUE(value->IsType(base::Value::Type::DICTIONARY));
 
   return std::unique_ptr<base::DictionaryValue>(
       static_cast<base::DictionaryValue*>(value.release()));
diff --git a/chromium/components/webcrypto/algorithms/util.h b/chromium/components/webcrypto/algorithms/util.h
index 51ecd66079d..a0342f6fcf4 100644
--- a/chromium/components/webcrypto/algorithms/util.h
+++ b/chromium/components/webcrypto/algorithms/util.h
@@ -21,7 +21,6 @@
 namespace webcrypto {
 
 class CryptoData;
-class GenerateKeyResult;
 class Status;
 
 // Returns the EVP_MD that corresponds with |hash_algorithm|, or nullptr on
author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2017-04-05 14:08:31 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2017-04-11 07:46:53 +0000
commit	6a4cabb866f66d4128a97cdc6d9d08ce074f1247 (patch)
tree	ab00f70a5e89278d6a0d16ff0c42578dc4d84a2d /chromium/components/webcrypto
parent	e733310db58160074f574c429d48f8308c0afe17 (diff)
download	qtwebengine-chromium-6a4cabb866f66d4128a97cdc6d9d08ce074f1247.tar.gz