/work/obj-fuzz/dist/include/mozilla/dom/SRICheck.h

Source (jump to first uncovered line)
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef mozilla_dom_SRICheck_h
#define mozilla_dom_SRICheck_h

#include "nsCOMPtr.h"
#include "nsICryptoHash.h"

class nsIChannel;
class nsIConsoleReportCollector;

namespace mozilla {
namespace dom {

class SRIMetadata;

class SRICheck final
{
public:
  static const uint32_t MAX_METADATA_LENGTH = 24*1024;
  static const uint32_t MAX_METADATA_TOKENS = 512;

  /**
   * Parse the multiple hashes specified in the integrity attribute and
   * return the strongest supported hash.
   */
  static nsresult IntegrityMetadata(const nsAString& aMetadataList,
                                    const nsACString& aSourceFileURI,
                                    nsIConsoleReportCollector* aReporter,
                                    SRIMetadata* outMetadata);
};

// The SRICheckDataVerifier can be used in 2 different mode:
//
// 1. The streaming mode involves reading bytes from an input, and to use
//    the |Update| function to stream new bytes, and to use the |Verify|
//    function to check the hash of the content with the hash provided by
//    the metadata.
//
//    Optionally, one can serialize the verified hash with |ExportDataSummary|,
//    in a buffer in order to rely on the second mode the next time.
//
// 2. The pre-computed mode, involves reading a hash with |ImportDataSummary|,
//    which got exported by the SRICheckDataVerifier and potentially cached, and
//    then use the |Verify| function to check against the hash provided by the
//    metadata.
class SRICheckDataVerifier final
{
  public:
    SRICheckDataVerifier(const SRIMetadata& aMetadata,
                         const nsACString& aSourceFileURI,
                         nsIConsoleReportCollector* aReporter);

    // Append the following bytes to the content used to compute the hash. Once
    // all bytes are streamed, use the Verify function to check the integrity.
    nsresult Update(uint32_t aStringLen, const uint8_t* aString);

    // Verify that the computed hash corresponds to the metadata.
    nsresult Verify(const SRIMetadata& aMetadata, nsIChannel* aChannel,
                    const nsACString& aSourceFileURI,
                    nsIConsoleReportCollector* aReporter);

    bool IsComplete() const {
      return mComplete;
    }

    // Report the length of the computed hash and its type, such that we can
    // reserve the space for encoding it in a vector.
    uint32_t DataSummaryLength();
    static uint32_t EmptyDataSummaryLength();

    // Write the computed hash and its type in a pre-allocated buffer.
    nsresult ExportDataSummary(uint32_t aDataLen, uint8_t* aData);
    static nsresult ExportEmptyDataSummary(uint32_t aDataLen, uint8_t* aData);

    // Report the length of the computed hash and its type, such that we can
    // skip these data while reading a buffer.
    static nsresult DataSummaryLength(uint32_t aDataLen, const uint8_t* aData, uint32_t* length);

    // Extract the computed hash and its type, such that we can |Verify| if it
    // matches the metadata. The buffer should be at least the same size or
    // larger than the value returned by |DataSummaryLength|.
    nsresult ImportDataSummary(uint32_t aDataLen, const uint8_t* aData);

  private:
    nsCOMPtr<nsICryptoHash> mCryptoHash;
    nsAutoCString           mComputedHash;
    size_t                  mBytesHashed;
    uint32_t                mHashLength;
    int8_t                  mHashType;
    bool                    mInvalidMetadata;
    bool                    mComplete;

    nsresult EnsureCryptoHash();
    nsresult Finish();
    nsresult VerifyHash(const SRIMetadata& aMetadata, uint32_t aHashIndex,
                        const nsACString& aSourceFileURI,
                        nsIConsoleReportCollector* aReporter);
};

} // namespace dom
} // namespace mozilla

#endif // mozilla_dom_SRICheck_h

Coverage Report

Created: 2018-09-25 14:53

Line	Count	Source (jump to first uncovered line)
1		/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
2		/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3		/* This Source Code Form is subject to the terms of the Mozilla Public
4		* License, v. 2.0. If a copy of the MPL was not distributed with this
5		* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7		#ifndef mozilla_dom_SRICheck_h
8		#define mozilla_dom_SRICheck_h
9
10		#include "nsCOMPtr.h"
11		#include "nsICryptoHash.h"
12
13		class nsIChannel;
14		class nsIConsoleReportCollector;
15
16		namespace mozilla {
17		namespace dom {
18
19		class SRIMetadata;
20
21		class SRICheck final
22		{
23		public:
24		static const uint32_t MAX_METADATA_LENGTH = 24*1024;
25		static const uint32_t MAX_METADATA_TOKENS = 512;
26
27		/**
28		* Parse the multiple hashes specified in the integrity attribute and
29		* return the strongest supported hash.
30		*/
31		static nsresult IntegrityMetadata(const nsAString& aMetadataList,
32		const nsACString& aSourceFileURI,
33		nsIConsoleReportCollector* aReporter,
34		SRIMetadata* outMetadata);
35		};
36
37		// The SRICheckDataVerifier can be used in 2 different mode:
38		//
39		// 1. The streaming mode involves reading bytes from an input, and to use
40		// the \|Update\| function to stream new bytes, and to use the \|Verify\|
41		// function to check the hash of the content with the hash provided by
42		// the metadata.
43		//
44		// Optionally, one can serialize the verified hash with \|ExportDataSummary\|,
45		// in a buffer in order to rely on the second mode the next time.
46		//
47		// 2. The pre-computed mode, involves reading a hash with \|ImportDataSummary\|,
48		// which got exported by the SRICheckDataVerifier and potentially cached, and
49		// then use the \|Verify\| function to check against the hash provided by the
50		// metadata.
51		class SRICheckDataVerifier final
52		{
53		public:
54		SRICheckDataVerifier(const SRIMetadata& aMetadata,
55		const nsACString& aSourceFileURI,
56		nsIConsoleReportCollector* aReporter);
57
58		// Append the following bytes to the content used to compute the hash. Once
59		// all bytes are streamed, use the Verify function to check the integrity.
60		nsresult Update(uint32_t aStringLen, const uint8_t* aString);
61
62		// Verify that the computed hash corresponds to the metadata.
63		nsresult Verify(const SRIMetadata& aMetadata, nsIChannel* aChannel,
64		const nsACString& aSourceFileURI,
65		nsIConsoleReportCollector* aReporter);
66
67	0	bool IsComplete() const {
68	0	return mComplete;
69	0	}
70
71		// Report the length of the computed hash and its type, such that we can
72		// reserve the space for encoding it in a vector.
73		uint32_t DataSummaryLength();
74		static uint32_t EmptyDataSummaryLength();
75
76		// Write the computed hash and its type in a pre-allocated buffer.
77		nsresult ExportDataSummary(uint32_t aDataLen, uint8_t* aData);
78		static nsresult ExportEmptyDataSummary(uint32_t aDataLen, uint8_t* aData);
79
80		// Report the length of the computed hash and its type, such that we can
81		// skip these data while reading a buffer.
82		static nsresult DataSummaryLength(uint32_t aDataLen, const uint8_t* aData, uint32_t* length);
83
84		// Extract the computed hash and its type, such that we can \|Verify\| if it
85		// matches the metadata. The buffer should be at least the same size or
86		// larger than the value returned by \|DataSummaryLength\|.
87		nsresult ImportDataSummary(uint32_t aDataLen, const uint8_t* aData);
88
89		private:
90		nsCOMPtr<nsICryptoHash> mCryptoHash;
91		nsAutoCString mComputedHash;
92		size_t mBytesHashed;
93		uint32_t mHashLength;
94		int8_t mHashType;
95		bool mInvalidMetadata;
96		bool mComplete;
97
98		nsresult EnsureCryptoHash();
99		nsresult Finish();
100		nsresult VerifyHash(const SRIMetadata& aMetadata, uint32_t aHashIndex,
101		const nsACString& aSourceFileURI,
102		nsIConsoleReportCollector* aReporter);
103		};
104
105		} // namespace dom
106		} // namespace mozilla
107
108		#endif // mozilla_dom_SRICheck_h