Line data Source code
1 : /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 : /* This Source Code Form is subject to the terms of the Mozilla Public
4 : * License, v. 2.0. If a copy of the MPL was not distributed with this
5 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 :
7 : #ifndef mozilla_dom_SRICheck_h
8 : #define mozilla_dom_SRICheck_h
9 :
10 : #include "nsCOMPtr.h"
11 : #include "nsICryptoHash.h"
12 :
13 : class nsIChannel;
14 : class nsIUnicharStreamLoader;
15 : class nsIConsoleReportCollector;
16 :
17 : namespace mozilla {
18 : namespace dom {
19 :
20 : class SRIMetadata;
21 :
22 : class SRICheck final
23 : {
24 : public:
25 : static const uint32_t MAX_METADATA_LENGTH = 24*1024;
26 : static const uint32_t MAX_METADATA_TOKENS = 512;
27 :
28 : /**
29 : * Parse the multiple hashes specified in the integrity attribute and
30 : * return the strongest supported hash.
31 : */
32 : static nsresult IntegrityMetadata(const nsAString& aMetadataList,
33 : const nsACString& aSourceFileURI,
34 : nsIConsoleReportCollector* aReporter,
35 : SRIMetadata* outMetadata);
36 :
37 : /**
38 : * Process the integrity attribute of the element. A result of false
39 : * must prevent the resource from loading.
40 : */
41 : static nsresult VerifyIntegrity(const SRIMetadata& aMetadata,
42 : nsIUnicharStreamLoader* aLoader,
43 : const nsAString& aString,
44 : const nsACString& aSourceFileURI,
45 : nsIConsoleReportCollector* aReporter);
46 : };
47 :
48 : // The SRICheckDataVerifier can be used in 2 different mode:
49 : //
50 : // 1. The streaming mode involves reading bytes from an input, and to use
51 : // the |Update| function to stream new bytes, and to use the |Verify|
52 : // function to check the hash of the content with the hash provided by
53 : // the metadata.
54 : //
55 : // Optionally, one can serialize the verified hash with |ExportDataSummary|,
56 : // in a buffer in order to rely on the second mode the next time.
57 : //
58 : // 2. The pre-computed mode, involves reading a hash with |ImportDataSummary|,
59 : // which got exported by the SRICheckDataVerifier and potentially cached, and
60 : // then use the |Verify| function to check against the hash provided by the
61 : // metadata.
62 0 : class SRICheckDataVerifier final
63 : {
64 : public:
65 : SRICheckDataVerifier(const SRIMetadata& aMetadata,
66 : const nsACString& aSourceFileURI,
67 : nsIConsoleReportCollector* aReporter);
68 :
69 : // Append the following bytes to the content used to compute the hash. Once
70 : // all bytes are streamed, use the Verify function to check the integrity.
71 : nsresult Update(uint32_t aStringLen, const uint8_t* aString);
72 :
73 : // Verify that the computed hash corresponds to the metadata.
74 : nsresult Verify(const SRIMetadata& aMetadata, nsIChannel* aChannel,
75 : const nsACString& aSourceFileURI,
76 : nsIConsoleReportCollector* aReporter);
77 :
78 0 : bool IsComplete() const {
79 0 : return mComplete;
80 : }
81 :
82 : // Report the length of the computed hash and its type, such that we can
83 : // reserve the space for encoding it in a vector.
84 : uint32_t DataSummaryLength();
85 : static uint32_t EmptyDataSummaryLength();
86 :
87 : // Write the computed hash and its type in a pre-allocated buffer.
88 : nsresult ExportDataSummary(uint32_t aDataLen, uint8_t* aData);
89 : static nsresult ExportEmptyDataSummary(uint32_t aDataLen, uint8_t* aData);
90 :
91 : // Report the length of the computed hash and its type, such that we can
92 : // skip these data while reading a buffer.
93 : static nsresult DataSummaryLength(uint32_t aDataLen, const uint8_t* aData, uint32_t* length);
94 :
95 : // Extract the computed hash and its type, such that we can |Verify| if it
96 : // matches the metadata. The buffer should be at least the same size or
97 : // larger than the value returned by |DataSummaryLength|.
98 : nsresult ImportDataSummary(uint32_t aDataLen, const uint8_t* aData);
99 :
100 : private:
101 : nsCOMPtr<nsICryptoHash> mCryptoHash;
102 : nsAutoCString mComputedHash;
103 : size_t mBytesHashed;
104 : uint32_t mHashLength;
105 : int8_t mHashType;
106 : bool mInvalidMetadata;
107 : bool mComplete;
108 :
109 : nsresult EnsureCryptoHash();
110 : nsresult Finish();
111 : nsresult VerifyHash(const SRIMetadata& aMetadata, uint32_t aHashIndex,
112 : const nsACString& aSourceFileURI,
113 : nsIConsoleReportCollector* aReporter);
114 : };
115 :
116 : } // namespace dom
117 : } // namespace mozilla
118 :
119 : #endif // mozilla_dom_SRICheck_h
|
