OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/SubresourceIntegrity.h" | 6 #include "core/frame/SubresourceIntegrity.h" |
7 | 7 |
8 #include "core/HTMLNames.h" | 8 #include "core/HTMLNames.h" |
9 #include "core/dom/Document.h" | 9 #include "core/dom/Document.h" |
10 #include "core/dom/Element.h" | 10 #include "core/dom/Element.h" |
11 #include "core/fetch/Resource.h" | 11 #include "core/fetch/Resource.h" |
12 #include "core/frame/ConsoleTypes.h" | 12 #include "core/frame/ConsoleTypes.h" |
13 #include "core/frame/UseCounter.h" | 13 #include "core/frame/UseCounter.h" |
14 #include "core/inspector/ConsoleMessage.h" | 14 #include "core/inspector/ConsoleMessage.h" |
15 #include "platform/Crypto.h" | 15 #include "platform/Crypto.h" |
16 #include "platform/ParsingUtilities.h" | 16 #include "platform/ParsingUtilities.h" |
17 #include "platform/RuntimeEnabledFeatures.h" | 17 #include "platform/RuntimeEnabledFeatures.h" |
18 #include "platform/weborigin/KURL.h" | 18 #include "platform/weborigin/KURL.h" |
19 #include "platform/weborigin/SecurityOrigin.h" | 19 #include "platform/weborigin/SecurityOrigin.h" |
20 #include "public/platform/WebCrypto.h" | 20 #include "public/platform/WebCrypto.h" |
21 #include "public/platform/WebCryptoAlgorithm.h" | 21 #include "public/platform/WebCryptoAlgorithm.h" |
22 #include "wtf/ASCIICType.h" | 22 #include "wtf/ASCIICType.h" |
23 #include "wtf/Vector.h" | 23 #include "wtf/Vector.h" |
| 24 #include "wtf/dtoa/utils.h" |
24 #include "wtf/text/Base64.h" | 25 #include "wtf/text/Base64.h" |
25 #include "wtf/text/StringUTF8Adaptor.h" | 26 #include "wtf/text/StringUTF8Adaptor.h" |
26 #include "wtf/text/WTFString.h" | 27 #include "wtf/text/WTFString.h" |
27 | 28 |
28 namespace blink { | 29 namespace blink { |
29 | 30 |
30 // FIXME: This should probably use common functions with ContentSecurityPolicy. | 31 // FIXME: This should probably use common functions with ContentSecurityPolicy. |
31 static bool isIntegrityCharacter(UChar c) | 32 static bool isIntegrityCharacter(UChar c) |
32 { | 33 { |
33 // Check if it's a base64 encoded value. We're pretty loose here, as there's | 34 // Check if it's a base64 encoded value. We're pretty loose here, as there's |
(...skipping 24 matching lines...) Expand all Loading... |
58 | 59 |
59 return true; | 60 return true; |
60 } | 61 } |
61 | 62 |
62 static String digestToString(const DigestValue& digest) | 63 static String digestToString(const DigestValue& digest) |
63 { | 64 { |
64 // We always output base64url encoded data, even though we use base64 intern
ally. | 65 // We always output base64url encoded data, even though we use base64 intern
ally. |
65 return base64URLEncode(reinterpret_cast<const char*>(digest.data()), digest.
size(), Base64DoNotInsertLFs); | 66 return base64URLEncode(reinterpret_cast<const char*>(digest.data()), digest.
size(), Base64DoNotInsertLFs); |
66 } | 67 } |
67 | 68 |
| 69 |
| 70 HashAlgorithm SubresourceIntegrity::getPrioritizedHashFunction(HashAlgorithm alg
orithm1, HashAlgorithm algorithm2) |
| 71 { |
| 72 const HashAlgorithm weakerThanSha384[] = { HashAlgorithmSha256 }; |
| 73 const HashAlgorithm weakerThanSha512[] = { HashAlgorithmSha256, HashAlgorith
mSha384 }; |
| 74 |
| 75 ASSERT(algorithm1 != HashAlgorithmSha1); |
| 76 ASSERT(algorithm2 != HashAlgorithmSha1); |
| 77 |
| 78 if (algorithm1 == algorithm2) |
| 79 return algorithm1; |
| 80 |
| 81 const HashAlgorithm* weakerAlgorithms = 0; |
| 82 size_t length = 0; |
| 83 switch (algorithm1) { |
| 84 case HashAlgorithmSha256: |
| 85 break; |
| 86 case HashAlgorithmSha384: |
| 87 weakerAlgorithms = weakerThanSha384; |
| 88 length = ARRAY_SIZE(weakerThanSha384); |
| 89 break; |
| 90 case HashAlgorithmSha512: |
| 91 weakerAlgorithms = weakerThanSha512; |
| 92 length = ARRAY_SIZE(weakerThanSha512); |
| 93 break; |
| 94 default: |
| 95 ASSERT_NOT_REACHED(); |
| 96 }; |
| 97 |
| 98 for (size_t i = 0; i < length; i++) { |
| 99 if (weakerAlgorithms[i] == algorithm2) |
| 100 return algorithm1; |
| 101 } |
| 102 |
| 103 return algorithm2; |
| 104 } |
| 105 |
68 bool SubresourceIntegrity::CheckSubresourceIntegrity(const Element& element, con
st String& source, const KURL& resourceUrl, const Resource& resource) | 106 bool SubresourceIntegrity::CheckSubresourceIntegrity(const Element& element, con
st String& source, const KURL& resourceUrl, const Resource& resource) |
69 { | 107 { |
70 if (!RuntimeEnabledFeatures::subresourceIntegrityEnabled()) | 108 if (!RuntimeEnabledFeatures::subresourceIntegrityEnabled()) |
71 return true; | 109 return true; |
72 | 110 |
73 Document& document = element.document(); | 111 Document& document = element.document(); |
74 String attribute = element.fastGetAttribute(HTMLNames::integrityAttr); | 112 String attribute = element.fastGetAttribute(HTMLNames::integrityAttr); |
75 if (attribute.isEmpty()) | 113 if (attribute.isEmpty()) |
76 return true; | 114 return true; |
77 | 115 |
78 if (!resource.isEligibleForIntegrityCheck(document.securityOrigin())) { | 116 if (!resource.isEligibleForIntegrityCheck(document.securityOrigin())) { |
79 logErrorToConsole("Subresource Integrity: The resource '" + resourceUrl.
elidedString() + "' has an integrity attribute, but the resource requires CORS t
o be enabled to check the integrity, and it is not. The resource has been blocke
d.", document); | 117 logErrorToConsole("Subresource Integrity: The resource '" + resourceUrl.
elidedString() + "' has an integrity attribute, but the resource requires CORS t
o be enabled to check the integrity, and it is not. The resource has been blocke
d.", document); |
80 return false; | 118 return false; |
81 } | 119 } |
82 | 120 |
83 WTF::Vector<IntegrityMetadata> metadataList; | 121 WTF::Vector<IntegrityMetadata> metadataList; |
84 IntegrityParseResult integrityParseResult = parseIntegrityAttribute(attribut
e, metadataList, document); | 122 IntegrityParseResult integrityParseResult = parseIntegrityAttribute(attribut
e, metadataList, document); |
85 if (integrityParseResult != IntegrityParseValidResult) | 123 if (integrityParseResult != IntegrityParseValidResult) |
86 return false; | 124 return false; |
87 | 125 |
88 StringUTF8Adaptor normalizedSource(source, StringUTF8Adaptor::Normalize, WTF
::EntitiesForUnencodables); | 126 StringUTF8Adaptor normalizedSource(source, StringUTF8Adaptor::Normalize, WTF
::EntitiesForUnencodables); |
89 | 127 |
90 if (!metadataList.size()) | 128 if (!metadataList.size()) |
91 return true; | 129 return true; |
92 | 130 |
| 131 HashAlgorithm strongestAlgorithm = HashAlgorithmSha256; |
| 132 for (const IntegrityMetadata& metadata : metadataList) |
| 133 strongestAlgorithm = getPrioritizedHashFunction(metadata.algorithm, stro
ngestAlgorithm); |
| 134 |
93 DigestValue digest; | 135 DigestValue digest; |
94 for (IntegrityMetadata& metadata : metadataList) { | 136 for (const IntegrityMetadata& metadata : metadataList) { |
| 137 if (metadata.algorithm != strongestAlgorithm) |
| 138 continue; |
| 139 |
95 digest.clear(); | 140 digest.clear(); |
96 bool digestSuccess = computeDigest(metadata.algorithm, normalizedSource.
data(), normalizedSource.length(), digest); | 141 bool digestSuccess = computeDigest(metadata.algorithm, normalizedSource.
data(), normalizedSource.length(), digest); |
97 | 142 |
98 if (digestSuccess) { | 143 if (digestSuccess) { |
99 Vector<char> hashVector; | 144 Vector<char> hashVector; |
100 base64Decode(metadata.digest, hashVector); | 145 base64Decode(metadata.digest, hashVector); |
101 DigestValue convertedHashVector; | 146 DigestValue convertedHashVector; |
102 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.dat
a()), hashVector.size()); | 147 convertedHashVector.append(reinterpret_cast<uint8_t*>(hashVector.dat
a()), hashVector.size()); |
103 | 148 |
104 if (DigestsEqual(digest, convertedHashVector)) { | 149 if (DigestsEqual(digest, convertedHashVector)) { |
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
274 metadataList.append(integrityMetadata); | 319 metadataList.append(integrityMetadata); |
275 } | 320 } |
276 | 321 |
277 if (metadataList.size() == 0 && error) | 322 if (metadataList.size() == 0 && error) |
278 return IntegrityParseNoValidResult; | 323 return IntegrityParseNoValidResult; |
279 | 324 |
280 return IntegrityParseValidResult; | 325 return IntegrityParseValidResult; |
281 } | 326 } |
282 | 327 |
283 } // namespace blink | 328 } // namespace blink |
OLD | NEW |