chrome/nacl/nacl_validation_query.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/nacl/nacl_validation_query.h"
   6
   7 #include "base/logging.h"
   8 #include "crypto/nss_util.h"
   9 #include "chrome/nacl/nacl_validation_db.h"
  10 #include "native_client/src/trusted/validator/validation_cache.h"
  11
  12 NaClValidationQueryContext::NaClValidationQueryContext(
  13     NaClValidationDB* db,
  14     const std::string& profile_key,
  15     const std::string& nacl_version)
  16     : db_(db),
  17       profile_key_(profile_key),
  18       nacl_version_(nacl_version) {
  19
  20   // Sanity checks.
  21   CHECK(profile_key.length() >= 8);
  22   CHECK(nacl_version.length() >= 4);
  23 }
  24
  25 NaClValidationQuery* NaClValidationQueryContext::CreateQuery() {
  26   NaClValidationQuery* query = new NaClValidationQuery(db_, profile_key_);
  27   // Changing the version effectively invalidates existing hashes.
  28   query->AddData(nacl_version_);
  29   return query;
  30 }
  31
  32 NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db,
  33                                          const std::string& profile_key)
  34     : state_(READY),
  35       hasher_(crypto::HMAC::SHA256),
  36       db_(db),
  37       buffer_length_(0) {
  38   // Without this line on Linux, HMAC::Init will instantiate a singleton that
  39   // in turn attempts to open a file.  Disabling this behavior avoids a ~70 ms
  40   // stall the first time HMAC is used.
  41   // This function is also called in nacl_helper_linux.cc, but nacl_helper may
  42   // not be used in all cases.
  43   // TODO(ncbray) remove when nacl_helper becomes the only code path.
  44   // http://code.google.com/p/chromium/issues/detail?id=118263
  45 #if defined(OS_LINUX)
  46   crypto::ForceNSSNoDBInit();
  47 #endif
  48   CHECK(hasher_.Init(profile_key));
  49 }
  50
  51 void NaClValidationQuery::AddData(const char* data, size_t length) {
  52   CHECK(state_ == READY);
  53   CHECK(buffer_length_ >= 0);
  54   CHECK(buffer_length_ <= (int) sizeof(buffer_));
  55   // Chrome's HMAC class doesn't support incremental signing.  Work around
  56   // this by using a (small) temporary buffer to accumulate data.
  57   // Check if there is space in the buffer.
  58   if (buffer_length_ + kDigestLength > (int) sizeof(buffer_)) {
  59     // Hash the buffer to make space.
  60     CompressBuffer();
  61   }
  62   // Hash the input data into the buffer.  Assumes that sizeof(buffer_) >=
  63   // kDigestLength * 2 (the buffer can store at least two digests.)
  64   CHECK(hasher_.Sign(base::StringPiece(data, length),
  65                      reinterpret_cast<unsigned char*>(buffer_ + buffer_length_),
  66                      kDigestLength));
  67   buffer_length_ += kDigestLength;
  68 }
  69
  70 void NaClValidationQuery::AddData(const unsigned char* data, size_t length) {
  71   AddData(reinterpret_cast<const char*>(data), length);
  72 }
  73
  74 void NaClValidationQuery::AddData(const base::StringPiece& data) {
  75   AddData(data.data(), data.length());
  76 }
  77
  78 int NaClValidationQuery::QueryKnownToValidate() {
  79   CHECK(state_ == READY);
  80   // It is suspicious if we have less than a digest's worth of data.
  81   CHECK(buffer_length_ >= kDigestLength);
  82   CHECK(buffer_length_ <= (int) sizeof(buffer_));
  83   state_ = GET_CALLED;
  84   // Ensure the buffer contains only one digest worth of data.
  85   CompressBuffer();
  86   return db_->QueryKnownToValidate(std::string(buffer_, buffer_length_));
  87 }
  88
  89 void NaClValidationQuery::SetKnownToValidate() {
  90   CHECK(state_ == GET_CALLED);
  91   CHECK(buffer_length_ == kDigestLength);
  92   state_ = SET_CALLED;
  93   db_->SetKnownToValidate(std::string(buffer_, buffer_length_));
  94 }
  95
  96 // Reduce the size of the data in the buffer by hashing it and writing it back
  97 // to the buffer.
  98 void NaClValidationQuery::CompressBuffer() {
  99   // Calculate the digest into a temp buffer.  It is likely safe to calculate it
 100   // directly back into the buffer, but this is an "accidental" semantic we're
 101   // avoiding depending on.
 102   unsigned char temp[kDigestLength];
 103   CHECK(hasher_.Sign(base::StringPiece(buffer_, buffer_length_), temp,
 104                      kDigestLength));
 105   memcpy(buffer_, temp, kDigestLength);
 106   buffer_length_ = kDigestLength;
 107 }
 108
 109 // OO wrappers
 110
 111 static void* CreateQuery(void* handle) {
 112   return static_cast<NaClValidationQueryContext*>(handle)->CreateQuery();
 113 }
 114
 115 static void AddData(void* query, const uint8* data, size_t length) {
 116   static_cast<NaClValidationQuery*>(query)->AddData(data, length);
 117 }
 118
 119 static int QueryKnownToValidate(void* query) {
 120   return static_cast<NaClValidationQuery*>(query)->QueryKnownToValidate();
 121 }
 122
 123 static void SetKnownToValidate(void* query) {
 124   static_cast<NaClValidationQuery*>(query)->SetKnownToValidate();
 125 }
 126
 127 static void DestroyQuery(void* query) {
 128   delete static_cast<NaClValidationQuery*>(query);
 129 }
 130
 131 struct NaClValidationCache* CreateValidationCache(
 132     NaClValidationDB* db, const std::string& profile_key,
 133     const std::string& nacl_version) {
 134   NaClValidationCache* cache =
 135       static_cast<NaClValidationCache*>(malloc(sizeof(NaClValidationCache)));
 136   // Make sure any fields introduced in a cross-repo change are zeroed.
 137   memset(cache, 0, sizeof(*cache));
 138   cache->handle = new NaClValidationQueryContext(db, profile_key, nacl_version);
 139   cache->CreateQuery = CreateQuery;
 140   cache->AddData = AddData;
 141   cache->QueryKnownToValidate = QueryKnownToValidate;
 142   cache->SetKnownToValidate = SetKnownToValidate;
 143   cache->DestroyQuery = DestroyQuery;
 144   return cache;
 145 }