зеркало из https://github.com/mozilla/gecko-dev.git
100 строки
3.4 KiB
C
100 строки
3.4 KiB
C
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||
|
|
||
|
#ifndef mozilla_dom_GeneratePlaceholderCanvasData_h
|
||
|
#define mozilla_dom_GeneratePlaceholderCanvasData_h
|
||
|
|
||
|
#include "mozilla/StaticPrefs_privacy.h"
|
||
|
#include "nsCOMPtr.h"
|
||
|
#include "nsIRandomGenerator.h"
|
||
|
#include "nsServiceManagerUtils.h"
|
||
|
|
||
|
#define RANDOM_BYTES_TO_SAMPLE 32
|
||
|
|
||
|
namespace mozilla {
|
||
|
namespace dom {
|
||
|
|
||
|
/**
|
||
|
* When privacy.resistFingerprinting.randomDataOnCanvasExtract is true, tries
|
||
|
* to generate random data for placeholder canvas by sampling
|
||
|
* RANDOM_BYTES_TO_SAMPLE bytes and then returning it. If this fails or if
|
||
|
* privacy.resistFingerprinting.randomDataOnCanvasExtract is false, returns
|
||
|
* nullptr.
|
||
|
*
|
||
|
* @return uint8_t* output buffer
|
||
|
*/
|
||
|
inline uint8_t* TryToGenerateRandomDataForPlaceholderCanvasData() {
|
||
|
if (!StaticPrefs::privacy_resistFingerprinting_randomDataOnCanvasExtract()) {
|
||
|
return nullptr;
|
||
|
}
|
||
|
nsresult rv;
|
||
|
nsCOMPtr<nsIRandomGenerator> rg =
|
||
|
do_GetService("@mozilla.org/security/random-generator;1", &rv);
|
||
|
if (NS_FAILED(rv)) {
|
||
|
return nullptr;
|
||
|
}
|
||
|
uint8_t* randomData;
|
||
|
rv = rg->GenerateRandomBytes(RANDOM_BYTES_TO_SAMPLE, &randomData);
|
||
|
if (NS_FAILED(rv)) {
|
||
|
return nullptr;
|
||
|
}
|
||
|
return randomData;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* If randomData not nullptr, repeats those bytes many times to fill buffer. If
|
||
|
* randomData is nullptr, returns all-white pixel data.
|
||
|
*
|
||
|
* @param[in] randomData Buffer of RANDOM_BYTES_TO_SAMPLE bytes of random
|
||
|
* data, or nullptr
|
||
|
* @param[in] size Size of output buffer
|
||
|
* @param[out] buffer Output buffer
|
||
|
*/
|
||
|
inline void FillPlaceholderCanvas(uint8_t* randomData, uint32_t size,
|
||
|
uint8_t* buffer) {
|
||
|
if (!randomData) {
|
||
|
memset(buffer, 0xFF, size);
|
||
|
return;
|
||
|
}
|
||
|
auto remaining_to_fill = size;
|
||
|
auto index = 0;
|
||
|
while (remaining_to_fill > 0) {
|
||
|
auto bytes_to_write = (remaining_to_fill > RANDOM_BYTES_TO_SAMPLE)
|
||
|
? RANDOM_BYTES_TO_SAMPLE
|
||
|
: remaining_to_fill;
|
||
|
memcpy(buffer + (index * RANDOM_BYTES_TO_SAMPLE), randomData,
|
||
|
bytes_to_write);
|
||
|
remaining_to_fill -= bytes_to_write;
|
||
|
index++;
|
||
|
}
|
||
|
free(randomData);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* When privacy.resistFingerprinting.randomDataOnCanvasExtract is true, tries
|
||
|
* to generate random canvas data by sampling RANDOM_BYTES_TO_SAMPLE bytes and
|
||
|
* then repeating those bytes many times to fill the buffer. If this fails or
|
||
|
* if privacy.resistFingerprinting.randomDataOnCanvasExtract is false, returns
|
||
|
* all-white, opaque pixel data.
|
||
|
*
|
||
|
* It is recommended that callers call this function instead of individually
|
||
|
* calling TryToGenerateRandomDataForPlaceholderCanvasData and
|
||
|
* FillPlaceholderCanvas unless there are requirements, like NoGC, that prevent
|
||
|
* them from calling the RNG service inside this function.
|
||
|
*
|
||
|
* @param[in] size Size of output buffer
|
||
|
* @param[out] buffer Output buffer
|
||
|
*/
|
||
|
inline void GeneratePlaceholderCanvasData(uint32_t size, uint8_t* buffer) {
|
||
|
uint8_t* randomData = TryToGenerateRandomDataForPlaceholderCanvasData();
|
||
|
FillPlaceholderCanvas(randomData, size, buffer);
|
||
|
}
|
||
|
|
||
|
} // namespace dom
|
||
|
} // namespace mozilla
|
||
|
|
||
|
#endif // mozilla_dom_GeneratePlaceholderCanvasData_h
|