/src/mozilla-central/dom/security/SRIMetadata.cpp

Source (jump to first uncovered line)
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "SRIMetadata.h"

#include "hasht.h"
#include "mozilla/dom/URLSearchParams.h"
#include "mozilla/Logging.h"
#include "nsICryptoHash.h"

static mozilla::LogModule*
GetSriMetadataLog()
{
  static mozilla::LazyLogModule gSriMetadataPRLog("SRIMetadata");
  return gSriMetadataPRLog;
}

#define SRIMETADATALOG(args) MOZ_LOG(GetSriMetadataLog(), mozilla::LogLevel::Debug, args)
#define SRIMETADATAERROR(args) MOZ_LOG(GetSriMetadataLog(), mozilla::LogLevel::Error, args)

namespace mozilla {
namespace dom {

SRIMetadata::SRIMetadata(const nsACString& aToken)
  : mAlgorithmType(SRIMetadata::UNKNOWN_ALGORITHM), mEmpty(false)
{
  MOZ_ASSERT(!aToken.IsEmpty()); // callers should check this first

  SRIMETADATALOG(("SRIMetadata::SRIMetadata, aToken='%s'",
                  PromiseFlatCString(aToken).get()));

  int32_t hyphen = aToken.FindChar('-');
  if (hyphen == -1) {
    SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (no hyphen)"));
    return; // invalid metadata
  }

  // split the token into its components
  mAlgorithm = Substring(aToken, 0, hyphen);
  uint32_t hashStart = hyphen + 1;
  if (hashStart >= aToken.Length()) {
    SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (missing digest)"));
    return; // invalid metadata
  }
  int32_t question = aToken.FindChar('?');
  if (question == -1) {
    mHashes.AppendElement(Substring(aToken, hashStart,
                                    aToken.Length() - hashStart));
  } else {
    MOZ_ASSERT(question > 0);
    if (static_cast<uint32_t>(question) <= hashStart) {
      SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (options w/o digest)"));
      return; // invalid metadata
    }
    mHashes.AppendElement(Substring(aToken, hashStart,
                                    question - hashStart));
  }

  if (mAlgorithm.EqualsLiteral("sha256")) {
    mAlgorithmType = nsICryptoHash::SHA256;
  } else if (mAlgorithm.EqualsLiteral("sha384")) {
    mAlgorithmType = nsICryptoHash::SHA384;
  } else if (mAlgorithm.EqualsLiteral("sha512")) {
    mAlgorithmType = nsICryptoHash::SHA512;
  }

  SRIMETADATALOG(("SRIMetadata::SRIMetadata, hash='%s'; alg='%s'",
                  mHashes[0].get(), mAlgorithm.get()));
}

bool
SRIMetadata::operator<(const SRIMetadata& aOther) const
{
  static_assert(nsICryptoHash::SHA256 < nsICryptoHash::SHA384,
                "We rely on the order indicating relative alg strength");
  static_assert(nsICryptoHash::SHA384 < nsICryptoHash::SHA512,
                "We rely on the order indicating relative alg strength");
  MOZ_ASSERT(mAlgorithmType == SRIMetadata::UNKNOWN_ALGORITHM ||
             mAlgorithmType == nsICryptoHash::SHA256 ||
             mAlgorithmType == nsICryptoHash::SHA384 ||
             mAlgorithmType == nsICryptoHash::SHA512);
  MOZ_ASSERT(aOther.mAlgorithmType == SRIMetadata::UNKNOWN_ALGORITHM ||
             aOther.mAlgorithmType == nsICryptoHash::SHA256 ||
             aOther.mAlgorithmType == nsICryptoHash::SHA384 ||
             aOther.mAlgorithmType == nsICryptoHash::SHA512);

  if (mEmpty) {
    SRIMETADATALOG(("SRIMetadata::operator<, first metadata is empty"));
    return true; // anything beats the empty metadata (incl. invalid ones)
  }

  SRIMETADATALOG(("SRIMetadata::operator<, alg1='%d'; alg2='%d'",
                  mAlgorithmType, aOther.mAlgorithmType));
  return (mAlgorithmType < aOther.mAlgorithmType);
}

bool
SRIMetadata::operator>(const SRIMetadata& aOther) const
{
  MOZ_ASSERT(false);
  return false;
}

SRIMetadata&
SRIMetadata::operator+=(const SRIMetadata& aOther)
{
  MOZ_ASSERT(!aOther.IsEmpty() && !IsEmpty());
  MOZ_ASSERT(aOther.IsValid() && IsValid());
  MOZ_ASSERT(mAlgorithmType == aOther.mAlgorithmType);

  // We only pull in the first element of the other metadata
  MOZ_ASSERT(aOther.mHashes.Length() == 1);
  if (mHashes.Length() < SRIMetadata::MAX_ALTERNATE_HASHES) {
    SRIMETADATALOG(("SRIMetadata::operator+=, appending another '%s' hash (new length=%zu)",
                    mAlgorithm.get(), mHashes.Length()));
    mHashes.AppendElement(aOther.mHashes[0]);
  }

  MOZ_ASSERT(mHashes.Length() > 1);
  MOZ_ASSERT(mHashes.Length() <= SRIMetadata::MAX_ALTERNATE_HASHES);
  return *this;
}

bool
SRIMetadata::operator==(const SRIMetadata& aOther) const
{
  if (IsEmpty() || !IsValid()) {
    return false;
  }
  return mAlgorithmType == aOther.mAlgorithmType;
}

void
SRIMetadata::GetHash(uint32_t aIndex, nsCString* outHash) const
{
  MOZ_ASSERT(aIndex < SRIMetadata::MAX_ALTERNATE_HASHES);
  if (NS_WARN_IF(aIndex >= mHashes.Length())) {
    *outHash = nullptr;
    return;
  }
  *outHash = mHashes[aIndex];
}

void
SRIMetadata::GetHashType(int8_t* outType, uint32_t* outLength) const
{
  // these constants are defined in security/nss/lib/util/hasht.h and
  // netwerk/base/public/nsICryptoHash.idl
  switch (mAlgorithmType) {
    case nsICryptoHash::SHA256:
      *outLength = SHA256_LENGTH;
      break;
    case nsICryptoHash::SHA384:
      *outLength = SHA384_LENGTH;
      break;
    case nsICryptoHash::SHA512:
      *outLength = SHA512_LENGTH;
      break;
    default:
      *outLength = 0;
  }
  *outType = mAlgorithmType;
}

} // namespace dom
} // namespace mozilla

Line	Count	Source (jump to first uncovered line)
1		/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
2		/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3		/* This Source Code Form is subject to the terms of the Mozilla Public
4		* License, v. 2.0. If a copy of the MPL was not distributed with this
5		* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7		#include "SRIMetadata.h"
8
9		#include "hasht.h"
10		#include "mozilla/dom/URLSearchParams.h"
11		#include "mozilla/Logging.h"
12		#include "nsICryptoHash.h"
13
14		static mozilla::LogModule*
15		GetSriMetadataLog()
16	0	{
17	0	static mozilla::LazyLogModule gSriMetadataPRLog("SRIMetadata");
18	0	return gSriMetadataPRLog;
19	0	}
20
21	0	#define SRIMETADATALOG(args) MOZ_LOG(GetSriMetadataLog(), mozilla::LogLevel::Debug, args)
22	0	#define SRIMETADATAERROR(args) MOZ_LOG(GetSriMetadataLog(), mozilla::LogLevel::Error, args)
23
24		namespace mozilla {
25		namespace dom {
26
27		SRIMetadata::SRIMetadata(const nsACString& aToken)
28		: mAlgorithmType(SRIMetadata::UNKNOWN_ALGORITHM), mEmpty(false)
29	0	{
30	0	MOZ_ASSERT(!aToken.IsEmpty()); // callers should check this first
31	0
32	0	SRIMETADATALOG(("SRIMetadata::SRIMetadata, aToken='%s'",
33	0	PromiseFlatCString(aToken).get()));
34	0
35	0	int32_t hyphen = aToken.FindChar('-');
36	0	if (hyphen == -1) {
37	0	SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (no hyphen)"));
38	0	return; // invalid metadata
39	0	}
40	0
41	0	// split the token into its components
42	0	mAlgorithm = Substring(aToken, 0, hyphen);
43	0	uint32_t hashStart = hyphen + 1;
44	0	if (hashStart >= aToken.Length()) {
45	0	SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (missing digest)"));
46	0	return; // invalid metadata
47	0	}
48	0	int32_t question = aToken.FindChar('?');
49	0	if (question == -1) {
50	0	mHashes.AppendElement(Substring(aToken, hashStart,
51	0	aToken.Length() - hashStart));
52	0	} else {
53	0	MOZ_ASSERT(question > 0);
54	0	if (static_cast<uint32_t>(question) <= hashStart) {
55	0	SRIMETADATAERROR(("SRIMetadata::SRIMetadata, invalid (options w/o digest)"));
56	0	return; // invalid metadata
57	0	}
58	0	mHashes.AppendElement(Substring(aToken, hashStart,
59	0	question - hashStart));
60	0	}
61	0
62	0	if (mAlgorithm.EqualsLiteral("sha256")) {
63	0	mAlgorithmType = nsICryptoHash::SHA256;
64	0	} else if (mAlgorithm.EqualsLiteral("sha384")) {
65	0	mAlgorithmType = nsICryptoHash::SHA384;
66	0	} else if (mAlgorithm.EqualsLiteral("sha512")) {
67	0	mAlgorithmType = nsICryptoHash::SHA512;
68	0	}
69	0
70	0	SRIMETADATALOG(("SRIMetadata::SRIMetadata, hash='%s'; alg='%s'",
71	0	mHashes[0].get(), mAlgorithm.get()));
72	0	}
73
74		bool
75		SRIMetadata::operator<(const SRIMetadata& aOther) const
76	0	{
77	0	static_assert(nsICryptoHash::SHA256 < nsICryptoHash::SHA384,
78	0	"We rely on the order indicating relative alg strength");
79	0	static_assert(nsICryptoHash::SHA384 < nsICryptoHash::SHA512,
80	0	"We rely on the order indicating relative alg strength");
81	0	MOZ_ASSERT(mAlgorithmType == SRIMetadata::UNKNOWN_ALGORITHM \|\|
82	0	mAlgorithmType == nsICryptoHash::SHA256 \|\|
83	0	mAlgorithmType == nsICryptoHash::SHA384 \|\|
84	0	mAlgorithmType == nsICryptoHash::SHA512);
85	0	MOZ_ASSERT(aOther.mAlgorithmType == SRIMetadata::UNKNOWN_ALGORITHM \|\|
86	0	aOther.mAlgorithmType == nsICryptoHash::SHA256 \|\|
87	0	aOther.mAlgorithmType == nsICryptoHash::SHA384 \|\|
88	0	aOther.mAlgorithmType == nsICryptoHash::SHA512);
89	0
90	0	if (mEmpty) {
91	0	SRIMETADATALOG(("SRIMetadata::operator<, first metadata is empty"));
92	0	return true; // anything beats the empty metadata (incl. invalid ones)
93	0	}
94	0
95	0	SRIMETADATALOG(("SRIMetadata::operator<, alg1='%d'; alg2='%d'",
96	0	mAlgorithmType, aOther.mAlgorithmType));
97	0	return (mAlgorithmType < aOther.mAlgorithmType);
98	0	}
99
100		bool
101		SRIMetadata::operator>(const SRIMetadata& aOther) const
102	0	{
103	0	MOZ_ASSERT(false);
104	0	return false;
105	0	}
106
107		SRIMetadata&
108		SRIMetadata::operator+=(const SRIMetadata& aOther)
109	0	{
110	0	MOZ_ASSERT(!aOther.IsEmpty() && !IsEmpty());
111	0	MOZ_ASSERT(aOther.IsValid() && IsValid());
112	0	MOZ_ASSERT(mAlgorithmType == aOther.mAlgorithmType);
113	0
114	0	// We only pull in the first element of the other metadata
115	0	MOZ_ASSERT(aOther.mHashes.Length() == 1);
116	0	if (mHashes.Length() < SRIMetadata::MAX_ALTERNATE_HASHES) {
117	0	SRIMETADATALOG(("SRIMetadata::operator+=, appending another '%s' hash (new length=%zu)",
118	0	mAlgorithm.get(), mHashes.Length()));
119	0	mHashes.AppendElement(aOther.mHashes[0]);
120	0	}
121	0
122	0	MOZ_ASSERT(mHashes.Length() > 1);
123	0	MOZ_ASSERT(mHashes.Length() <= SRIMetadata::MAX_ALTERNATE_HASHES);
124	0	return *this;
125	0	}
126
127		bool
128		SRIMetadata::operator==(const SRIMetadata& aOther) const
129	0	{
130	0	if (IsEmpty() \|\| !IsValid()) {
131	0	return false;
132	0	}
133	0	return mAlgorithmType == aOther.mAlgorithmType;
134	0	}
135
136		void
137		SRIMetadata::GetHash(uint32_t aIndex, nsCString* outHash) const
138	0	{
139	0	MOZ_ASSERT(aIndex < SRIMetadata::MAX_ALTERNATE_HASHES);
140	0	if (NS_WARN_IF(aIndex >= mHashes.Length())) {
141	0	*outHash = nullptr;
142	0	return;
143	0	}
144	0	*outHash = mHashes[aIndex];
145	0	}
146
147		void
148		SRIMetadata::GetHashType(int8_t* outType, uint32_t* outLength) const
149	0	{
150	0	// these constants are defined in security/nss/lib/util/hasht.h and
151	0	// netwerk/base/public/nsICryptoHash.idl
152	0	switch (mAlgorithmType) {
153	0	case nsICryptoHash::SHA256:
154	0	*outLength = SHA256_LENGTH;
155	0	break;
156	0	case nsICryptoHash::SHA384:
157	0	*outLength = SHA384_LENGTH;
158	0	break;
159	0	case nsICryptoHash::SHA512:
160	0	*outLength = SHA512_LENGTH;
161	0	break;
162	0	default:
163	0	*outLength = 0;
164	0	}
165	0	*outType = mAlgorithmType;
166	0	}
167
168		} // namespace dom
169		} // namespace mozilla

Coverage Report

Created: 2018-09-25 14:53