Add MerkleIntegritySourceStream

This adds MerkleIntegritySourceStream class which decodes and validates
the "mi-sha256" content encoding [1]. This class will be used by
WebPackageLoader to verify integrity of message body.

[1] https://tools.ietf.org/html/draft-thomson-http-mice-02

Bug: 803774
Change-Id: I62353f594e30e90fa982a68374389267b39c21fe
Reviewed-on: https://chromium-review.googlesource.com/892844
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Cr-Commit-Position: refs/heads/master@{#533203}

content/browser/BUILD.gn

@@ -979,6 +979,8 @@ jumbo_source_set("browser") {
     "loader/loader_delegate.h",
     "loader/loader_io_thread_notifier.cc",
     "loader/loader_io_thread_notifier.h",
+    "loader/merkle_integrity_source_stream.cc",
+    "loader/merkle_integrity_source_stream.h",
     "loader/mime_sniffing_resource_handler.cc",
     "loader/mime_sniffing_resource_handler.h",
     "loader/mojo_async_resource_handler.cc",

content/browser/loader/merkle_integrity_source_stream.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/loader/merkle_integrity_source_stream.h"
+
+#include "base/base64url.h"
+#include "base/big_endian.h"
+#include "crypto/sha2.h"
+#include "net/base/io_buffer.h"
+
+namespace content {
+
+namespace {
+
+// Limit the record size to 5MiB to prevent browser OOM.
+constexpr uint64_t kMaxRecordSize = 5 * 1024 * 1024;
+
+constexpr char kMiSha256Header[] = "mi-sha256=";
+constexpr int kMiSha256HeaderLength = sizeof(kMiSha256Header) - 1;
+
+}  // namespace
+
+MerkleIntegritySourceStream::MerkleIntegritySourceStream(
+    const std::string& mi_header_value,
+    std::unique_ptr<SourceStream> upstream)
+    // TODO(ksakamoto): Use appropriate SourceType.
+    : net::FilterSourceStream(SourceStream::TYPE_NONE, std::move(upstream)),
+      record_size_(0),
+      failed_(false) {
+  // TODO(ksakamoto): Support quoted parameter value.
+  if (mi_header_value.substr(0, kMiSha256HeaderLength) != kMiSha256Header ||
+      !base::Base64UrlDecode(mi_header_value.substr(kMiSha256HeaderLength),
+                             base::Base64UrlDecodePolicy::DISALLOW_PADDING,
+                             &next_proof_) ||
+      next_proof_.size() != crypto::kSHA256Length) {
+    failed_ = true;
+  }
+}
+
+int MerkleIntegritySourceStream::FilterData(net::IOBuffer* output_buffer,
+                                            int output_buffer_size,
+                                            net::IOBuffer* input_buffer,
+                                            int input_buffer_size,
+                                            int* consumed_bytes,
+                                            bool upstream_eof_reached) {
+  if (failed_)
+    return net::ERR_CONTENT_DECODING_FAILED;
+
+  // TODO(ksakamoto): Avoid unnecessary buffer copying.
+  input_.append(input_buffer->data(), input_buffer_size);
+  *consumed_bytes = input_buffer_size;
+
+  if (!ProcessInput(upstream_eof_reached)) {
+    failed_ = true;
+    return net::ERR_CONTENT_DECODING_FAILED;
+  }
+
+  int bytes_out =
+      std::min(output_.size(), static_cast<size_t>(output_buffer_size));
+  output_.copy(output_buffer->data(), bytes_out);
+  output_.erase(0, bytes_out);
+  return bytes_out;
+}
+
+bool MerkleIntegritySourceStream::ProcessInput(bool upstream_eof_reached) {
+  // TODO(ksakamoto): Use shift iterator or StringPiece instead of substr/erase.
+
+  // Read the record size (the first 8 octets of the stream).
+  if (!record_size_) {
+    if (input_.size() < 8)
+      return !upstream_eof_reached;
+
+    base::ReadBigEndian(input_.data(), &record_size_);
+    input_.erase(0, 8);
+    if (record_size_ == 0)
+      return false;
+    if (record_size_ > kMaxRecordSize) {
+      DVLOG(1)
+          << "Rejecting MI content encoding because record size is too big: "
+          << record_size_;
+      return false;
+    }
+  }
+
+  // Process records other than the last.
+  while (input_.size() >= record_size_ + crypto::kSHA256Length) {
+    std::string chunk = input_.substr(0, record_size_ + crypto::kSHA256Length);
+    input_.erase(0, record_size_ + crypto::kSHA256Length);
+    chunk.push_back('\x01');
+    std::string hash = crypto::SHA256HashString(chunk);
+    if (next_proof_ != hash)
+      return false;
+    output_.append(chunk.substr(0, record_size_));
+    next_proof_ = chunk.substr(record_size_, crypto::kSHA256Length);
+  }
+
+  // Process the last record.
+  if (upstream_eof_reached && !next_proof_.empty()) {
+    if (input_.size() > record_size_)
+      return false;
+
+    input_.push_back('\0');
+    std::string hash = crypto::SHA256HashString(input_);
+    if (next_proof_ != hash)
+      return false;
+
+    output_.append(input_.substr(0, input_.size() - 1));
+    input_.clear();
+    next_proof_.clear();
+  }
+  return true;
+}
+
+std::string MerkleIntegritySourceStream::GetTypeAsString() const {
+  return "MI-256";
+}
+
+}  // namespace content

content/browser/loader/merkle_integrity_source_stream.h

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_BROWSER_LOADER_MERKLE_INTEGRITY_SOURCE_STREAM_H_
+#define CONTENT_BROWSER_LOADER_MERKLE_INTEGRITY_SOURCE_STREAM_H_
+
+#include <stdint.h>
+#include <string>
+
+#include "base/macros.h"
+#include "content/common/content_export.h"
+#include "net/filter/filter_source_stream.h"
+
+namespace content {
+
+// MerkleIntegritySourceStream decodes and validates content encoded with the
+// "mi-sha256" content encoding
+// (https://tools.ietf.org/html/draft-thomson-http-mice-02).
+// TODO(ksakamoto): This class should eventually live in src/net/filter/.
+class CONTENT_EXPORT MerkleIntegritySourceStream
+    : public net::FilterSourceStream {
+ public:
+  MerkleIntegritySourceStream(const std::string& mi_header_value,
+                              std::unique_ptr<SourceStream> upstream);
+
+  // net::FilterSourceStream
+  int FilterData(net::IOBuffer* output_buffer,
+                 int output_buffer_size,
+                 net::IOBuffer* input_buffer,
+                 int input_buffer_size,
+                 int* consumed_bytes,
+                 bool upstream_eof_reached) override;
+  std::string GetTypeAsString() const override;
+
+ private:
+  bool ProcessInput(bool upstream_eof_reached);
+
+  std::string input_;
+  std::string output_;
+  // SHA-256 hash for the next record, or empty if validation is completed.
+  std::string next_proof_;
+  uint64_t record_size_;
+  bool failed_;
+
+  DISALLOW_COPY_AND_ASSIGN(MerkleIntegritySourceStream);
+};
+
+}  // namespace content
+
+#endif  // CONTENT_BROWSER_LOADER_MERKLE_INTEGRITY_SOURCE_STREAM_H_

content/test/BUILD.gn

@@ -1303,6 +1303,7 @@ test("content_unittests") {
     "../browser/loader/cross_site_document_resource_handler_unittest.cc",
     "../browser/loader/detachable_resource_handler_unittest.cc",
     "../browser/loader/intercepting_resource_handler_unittest.cc",
+    "../browser/loader/merkle_integrity_source_stream_unittest.cc",
     "../browser/loader/mime_sniffing_resource_handler_unittest.cc",
     "../browser/loader/mock_resource_loader.cc",
     "../browser/loader/mock_resource_loader.h",