Bug 1116269 - Add 'crypto' to sandbox global properties, r=gabor

--HG--
extra : rebase_source : 559500a07bf8c5d7a280310a776195d85d313e57

js/xpconnect/src/Sandbox.cpp

@@ -27,8 +27,10 @@
 #include "xpcprivate.h"
 #include "XPCWrapper.h"
 #include "XrayWrapper.h"
+#include "Crypto.h"
 #include "mozilla/dom/BindingUtils.h"
 #include "mozilla/dom/BlobBinding.h"
+#include "mozilla/dom/CryptoBinding.h"
 #include "mozilla/dom/CSSBinding.h"
 #include "mozilla/dom/indexedDB/IndexedDatabaseManager.h"
 #include "mozilla/dom/FileBinding.h"
@@ -217,6 +219,20 @@ SandboxCreateXMLHttpRequest(JSContext *cx, unsigned argc, jsval *vp)
     return true;
 }
 
+static bool
+SandboxCreateCrypto(JSContext *cx, JS::HandleObject obj)
+{
+    MOZ_ASSERT(JS_IsGlobalObject(obj));
+
+    nsIGlobalObject* native = xpc::NativeGlobal(obj);
+    MOZ_ASSERT(native);
+
+    dom::Crypto* crypto = new dom::Crypto();
+    crypto->Init(native);
+    JS::RootedObject wrapped(cx, dom::CryptoBinding::Wrap(cx, crypto));
+    return JS_DefineProperty(cx, obj, "crypto", wrapped, JSPROP_ENUMERATE);
+}
+
 static bool
 SandboxIsProxy(JSContext *cx, unsigned argc, jsval *vp)
 {
@@ -783,6 +799,8 @@ xpc::GlobalProperties::Parse(JSContext *cx, JS::HandleObject obj)
             Blob = true;
         } else if (!strcmp(name.ptr(), "File")) {
             File = true;
+        } else if (!strcmp(name.ptr(), "crypto")) {
+            crypto = true;
         } else {
             JS_ReportError(cx, "Unknown property name: %s", name.ptr());
             return false;
@@ -837,6 +855,9 @@ xpc::GlobalProperties::Define(JSContext *cx, JS::HandleObject obj)
         !dom::FileBinding::GetConstructorObject(cx, obj))
         return false;
 
+    if (crypto && !SandboxCreateCrypto(cx, obj))
+        return false;
+
     return true;
 }
 

js/xpconnect/src/xpcprivate.h

@@ -3371,6 +3371,7 @@ struct GlobalProperties {
     bool btoa : 1;
     bool Blob : 1;
     bool File : 1;
+    bool crypto : 1;
 };
 
 // Infallible.

js/xpconnect/tests/unit/test_crypto.js

@@ -0,0 +1,28 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+function run_test() {
+  let Cu = Components.utils;
+  let sb = new Cu.Sandbox('https://www.example.com',
+                          { wantGlobalProperties:
+                            ["crypto", "TextEncoder", "TextDecoder"]
+                          });
+  sb.ok = ok;
+  Cu.evalInSandbox('ok(this.crypto);', sb);
+  Cu.evalInSandbox('ok(this.crypto.subtle);', sb);
+  sb.do_check_eq = do_check_eq;
+  let innerPromise = new Promise(r => (sb.test_done = r));
+  Cu.evalInSandbox('crypto.subtle.digest("SHA-256", ' +
+                   '                     new TextEncoder("utf-8").encode("abc"))' +
+                   '  .then(h => do_check_eq(new Uint16Array(h)[0], 30906))' +
+                   '  .then(test_done);', sb);
+
+  Cu.importGlobalProperties(["crypto"]);
+  ok(crypto);
+  ok(crypto.subtle);
+  let outerPromise = crypto.subtle.digest("SHA-256", new TextEncoder("utf-8").encode("abc"))
+      .then(h => do_check_eq(new Uint16Array(h)[0], 30906));
+
+  do_test_pending();
+  Promise.all([innerPromise, outerPromise]).then(() => do_test_finished());
+}

js/xpconnect/tests/unit/xpcshell.ini

@@ -91,6 +91,7 @@ skip-if = os == "android" # native test components aren't available on Android
 [test_textDecoder.js]
 [test_url.js]
 [test_URLSearchParams.js]
+[test_crypto.js]
 [test_css.js]
 [test_sandbox_atob.js]
 [test_isProxy.js]