-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
On Browser DOM scenarios use the SubtleCrypto API #49511
Closed
Closed
Changes from all commits
Commits
Show all changes
36 commits
Select commit
Hold shift + click to select a range
1863d35
[WIP] - Start crypto worker and initialize channel.
AaronRobinsonMSFT d5c4199
Make Emscripten minimizer happy by using getters instead of fields.
AaronRobinsonMSFT 4e2d738
Add new System.Security.Cryptography.Native.Browser library.
AaronRobinsonMSFT 5ec3db7
Initialize WebWorker earlier.
AaronRobinsonMSFT c7e3888
Update logging and be less strict for output buffer size.
AaronRobinsonMSFT 47b5e6c
Focus SHA tests for non-browser and browser DOM scenarios.
AaronRobinsonMSFT 891b23c
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT d4ea7d6
Add missing namespaces to test builds.
AaronRobinsonMSFT 8062a2f
Additional locations for that need the crypto_worker.js file.
AaronRobinsonMSFT 2b38fdd
Add new JS and native binaries... everywhere.
AaronRobinsonMSFT 84dd60b
Reference the correct location for the webworker file.
AaronRobinsonMSFT 36b2f56
Specify the correct native directory path for the JS WebWorker file.
AaronRobinsonMSFT 80087a5
Only enable Crypto WebWorker when running in the browser scenario.
AaronRobinsonMSFT 6a3b8a6
Condition more tests based on platform Crypto support needed.
AaronRobinsonMSFT d78f0e2
Rename crypto_worker.js to dotnet_crypto_worker.js
AaronRobinsonMSFT 2e74b1f
Missing installer directory.
AaronRobinsonMSFT 7eb087d
Style
AaronRobinsonMSFT b04d0cc
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT 925dcc0
Change internal API name to use generic "digest" name instead
AaronRobinsonMSFT 753c57b
Add test for not supported platform crypto WRT SHA
AaronRobinsonMSFT 74a4e7e
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT b217fc4
Browser uses Unix binary builds so removing Windows placeholder.
AaronRobinsonMSFT a95e9d6
Add libSystem.Security.Cryptography.Native.Browser.a for Windows build.
AaronRobinsonMSFT ce6d2b1
More Windows build changes.
AaronRobinsonMSFT 42eac88
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT 55dfe74
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT f777cb3
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT c13a76e
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT f2e28fc
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT c749ab5
Merge remote-tracking branch 'upstream/main' into wasm_crypto
AaronRobinsonMSFT 4c5a3e0
Merge remote-tracking branch 'upstream/main' into wasm_crypto
lewing 44ea919
Merge branch 'main' into wasm_crypto
lewing 742cbc3
Fix the js inclusion logic
lewing 76dd72b
Add libSystem.Globalization.Native explicitly
lewing bc7ec42
Merge branch 'main' into wasm_crypto
jeffhandley 3eb7b2f
Merge branch 'main' into wasm_crypto
jeffhandley File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
12 changes: 12 additions & 0 deletions
12
src/libraries/Common/src/Interop/Browser/Interop.Libraries.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
internal static partial class Interop | ||
{ | ||
internal static partial class Libraries | ||
{ | ||
// Shims | ||
internal const string SystemNative = "libSystem.Native"; | ||
internal const string CryptoNative = "libSystem.Security.Cryptography.Native.Browser"; | ||
} | ||
} |
28 changes: 28 additions & 0 deletions
28
...c/Interop/Browser/System.Security.Cryptography.Native.Browser/Interop.SimpleDigestHash.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using System; | ||
using System.Diagnostics; | ||
using System.Runtime.InteropServices; | ||
|
||
internal static partial class Interop | ||
{ | ||
internal static partial class BrowserCrypto | ||
{ | ||
internal enum SimpleDigest | ||
{ | ||
Sha1, | ||
Sha256, | ||
Sha384, | ||
Sha512, | ||
}; | ||
|
||
[DllImport(Libraries.CryptoNative, EntryPoint = "SystemCryptoNativeBrowser_SimpleDigestHash")] | ||
internal static extern unsafe int SimpleDigestHash( | ||
SimpleDigest hash, | ||
byte* input_buffer, | ||
int input_len, | ||
byte* output_buffer, | ||
int output_len); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 changes: 18 additions & 0 deletions
18
src/libraries/Native/AnyOS/System.Security.Cryptography.Native.Browser/pal_browser.h
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
#pragma once | ||
|
||
#include <emscripten.h> | ||
|
||
#ifndef __EMSCRIPTEN__ | ||
#error Cryptography Native Browser is designed to be compiled with Emscripten. | ||
#endif // __EMSCRIPTEN__ | ||
|
||
#ifndef PALEXPORT | ||
#ifdef TARGET_UNIX | ||
#define PALEXPORT __attribute__ ((__visibility__ ("default"))) | ||
#else | ||
#define PALEXPORT __declspec(dllexport) | ||
#endif | ||
#endif // PALEXPORT |
23 changes: 23 additions & 0 deletions
23
...libraries/Native/AnyOS/System.Security.Cryptography.Native.Browser/pal_crypto_webworker.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
#include "pal_browser.h" | ||
#include "pal_crypto_webworker.h" | ||
|
||
// Forward declarations | ||
extern int32_t dotnet_browser_simple_digest_hash( | ||
enum simple_digest ver, | ||
uint8_t* input_buffer, | ||
int32_t input_len, | ||
uint8_t* output_buffer, | ||
int32_t output_len); | ||
|
||
int32_t SystemCryptoNativeBrowser_SimpleDigestHash( | ||
enum simple_digest ver, | ||
uint8_t* input_buffer, | ||
int32_t input_len, | ||
uint8_t* output_buffer, | ||
int32_t output_len) | ||
{ | ||
return dotnet_browser_simple_digest_hash(ver, input_buffer, input_len, output_buffer, output_len); | ||
} |
21 changes: 21 additions & 0 deletions
21
...libraries/Native/AnyOS/System.Security.Cryptography.Native.Browser/pal_crypto_webworker.h
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
#pragma once | ||
|
||
#include <stdint.h> | ||
|
||
enum simple_digest | ||
{ | ||
sd_sha_1, | ||
sd_sha_256, | ||
sd_sha_384, | ||
sd_sha_512, | ||
}; | ||
|
||
PALEXPORT int32_t SystemCryptoNativeBrowser_SimpleDigestHash( | ||
enum simple_digest ver, | ||
uint8_t* input_buffer, | ||
int32_t input_len, | ||
uint8_t* output_buffer, | ||
int32_t output_len); |
32 changes: 32 additions & 0 deletions
32
...ibraries/Native/AnyOS/System.Security.Cryptography.Native.Browser/pal_crypto_webworker.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
var CryptoWebWorkerLib = { | ||
$CRYPTOWEBWORKER: { | ||
call_digest: function (hash, input_buffer, input_len, output_buffer, output_len) { | ||
if (MONO.mono_wasm_crypto.channel === null) { | ||
return 0; // Not supported | ||
} | ||
|
||
var msg = { | ||
func: "digest", | ||
type: hash, | ||
data: Array.from(Module.HEAPU8.subarray (input_buffer, input_buffer + input_len)) | ||
}; | ||
var response = MONO.mono_wasm_crypto.channel.send_msg (JSON.stringify (msg)); | ||
var digest = JSON.parse (response); | ||
if (digest.length > output_len) { | ||
throw "DIGEST HASH: Digest length exceeds output length: " + digest.length + " > " + output_len; | ||
} | ||
|
||
Module.HEAPU8.set (digest, output_buffer); | ||
return 1; | ||
} | ||
}, | ||
dotnet_browser_simple_digest_hash: function (hash, input_buffer, input_len, output_buffer, output_len) { | ||
return CRYPTOWEBWORKER.call_digest (hash, input_buffer, input_len, output_buffer, output_len); | ||
}, | ||
}; | ||
|
||
autoAddDeps(CryptoWebWorkerLib, '$CRYPTOWEBWORKER') | ||
mergeInto(LibraryManager.library, CryptoWebWorkerLib) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 17 additions & 0 deletions
17
src/libraries/Native/Unix/System.Security.Cryptography.Native.Browser/CMakeLists.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
project(System.Security.Cryptography.Native.Browser C) | ||
|
||
set(ANYOS_SOURCES_DIR ../../AnyOS/System.Security.Cryptography.Native.Browser) | ||
include_directories("${ANYOS_SOURCES_DIR}") | ||
|
||
set (NATIVE_SOURCES | ||
${ANYOS_SOURCES_DIR}/pal_crypto_webworker.c | ||
) | ||
|
||
add_library (System.Security.Cryptography.Native.Browser-Static | ||
STATIC | ||
${NATIVE_SOURCES} | ||
) | ||
|
||
set_target_properties(System.Security.Cryptography.Native.Browser-Static PROPERTIES OUTPUT_NAME System.Security.Cryptography.Native.Browser CLEAN_DIRECT_OUTPUT 1) | ||
|
||
install (TARGETS System.Security.Cryptography.Native.Browser-Static DESTINATION ${STATIC_LIB_DESTINATION}) |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ViktorHofer just curious, what is the purpose of this file? From the linked issue, it seems that signing validation happens in an outer ring - in which case what is the purpose of these exclusions. Just curious
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That file predates the outer ring signing validation. @mmitche do you know if the Validate-DotNet outer ring validation honors the SignCheckExclusionFile in our repo?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also just saw that the outer ring signing validation is failing and opened https://github.com/dotnet/core-eng/issues/12601 to better understand who tracks that pipeline.