Add code to compute the root hash for a hash tree

BUG=369895 Review URL: https://codereview.chromium.org/274243004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@270050 0039d316-1c4b-4281-b951-d872f2087c98

Add code to compute the root hash for a hash tree
BUG=369895 Review URL: https://codereview.chromium.org/274243004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@270050 0039d316-1c4b-4281-b951-d872f2087c98
dca94c76 · asargent@chromium.org · 28c5d0b7 · dca94c76 · dca94c76 · dca94c76
Commit dca94c76 authored May 13, 2014 by asargent@chromium.org
5 changed files
--- a/chrome/chrome_tests_unit.gypi
+++ b/chrome/chrome_tests_unit.gypi
@@ -531,6 +531,7 @@
        '../extensions/browser/api/storage/settings_test_util.h',
        '../extensions/browser/api/storage/storage_api_unittest.cc',
        '../extensions/browser/api/storage/storage_frontend_unittest.cc',
+        '../extensions/browser/content_hash_tree_unittest.cc',
        '../extensions/browser/error_map_unittest.cc',
        '../extensions/browser/event_listener_map_unittest.cc',
        '../extensions/browser/event_router_unittest.cc',

--- a/extensions/browser/content_hash_tree.cc
+++ b/extensions/browser/content_hash_tree.cc
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "extensions/browser/content_hash_tree.h"
+
+#include "base/memory/scoped_ptr.h"
+#include "base/stl_util.h"
+#include "crypto/secure_hash.h"
+#include "crypto/sha2.h"
+
+namespace extensions {
+
+std::string ComputeTreeHashRoot(const std::vector<std::string>& leaf_hashes,
+                                int branch_factor) {
+  if (leaf_hashes.empty() || branch_factor < 2)
+    return std::string();
+
+  // The nodes of the tree we're currently operating on.
+  std::vector<std::string> current_nodes;
+
+  // We avoid having to copy all of the input leaf nodes into |current_nodes|
+  // by using a pointer. So the first iteration of the loop this points at
+  // |leaf_hashes|, but thereafter it points at |current_nodes|.
+  const std::vector<std::string>* current = &leaf_hashes;
+
+  // Where we're inserting new hashes computed from the current level.
+  std::vector<std::string> parent_nodes;
+
+  while (current->size() > 1) {
+    // Iterate over the current level of hashes, computing the hash of up to
+    // |branch_factor| elements to form the hash of each parent node.
+    std::vector<std::string>::const_iterator i = current->begin();
+    while (i != current->end()) {
+      scoped_ptr<crypto::SecureHash> hash(
+          crypto::SecureHash::Create(crypto::SecureHash::SHA256));
+      for (int j = 0; j < branch_factor && i != current->end(); j++) {
+        DCHECK_EQ(i->size(), crypto::kSHA256Length);
+        hash->Update(i->data(), i->size());
+        ++i;
+      }
+      parent_nodes.push_back(std::string(crypto::kSHA256Length, 0));
+      std::string* output = &(parent_nodes.back());
+      hash->Finish(string_as_array(output), output->size());
+    }
+    current_nodes.swap(parent_nodes);
+    parent_nodes.clear();
+    current = &current_nodes;
+  }
+  DCHECK_EQ(1u, current->size());
+  return (*current)[0];
+}
+
+}  // namespace extensions
--- a/extensions/browser/content_hash_tree.h
+++ b/extensions/browser/content_hash_tree.h
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef EXTENSIONS_BROWSER_CONTENT_HASH_TREE_H_
+#define EXTENSIONS_BROWSER_CONTENT_HASH_TREE_H_
+
+#include <string>
+#include <vector>
+
+namespace extensions {
+
+// This takes a list of sha256 hashes, considers them to be leaf nodes of a
+// hash tree (aka Merkle tree), and computes the root node of the tree using
+// the given branching factor to hash lower level nodes together. Tree hash
+// implementations differ in how they handle the case where the number of
+// leaves isn't an integral power of the branch factor. This implementation
+// just hashes together however many are left at a given level, even if that is
+// less than the branching factor (instead of, for instance, directly promoting
+// elements). E.g., imagine we use a branch factor of 3 for a vector of 4 leaf
+// nodes [A,B,C,D]. This implemention will compute the root hash G as follows:
+//
+// |      G      |
+// |     / \     |
+// |    E   F    |
+// |   /|\   \   |
+// |  A B C   D  |
+//
+// where E = Hash(A||B||C), F = Hash(D), and G = Hash(E||F)
+//
+// The one exception to this rule is when there is only one node left. This
+// means that the root hash of any vector with just one leaf is the same as
+// that leaf. Ie RootHash([A]) == A, not Hash(A).
+std::string ComputeTreeHashRoot(const std::vector<std::string>& leaf_hashes,
+                                int branch_factor);
+
+}  // namespace extensions
+
+#endif  // EXTENSIONS_BROWSER_CONTENT_HASH_TREE_H_
--- a/extensions/browser/content_hash_tree_unittest.cc
+++ b/extensions/browser/content_hash_tree_unittest.cc
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/memory/scoped_ptr.h"
+#include "base/stl_util.h"
+#include "crypto/secure_hash.h"
+#include "crypto/sha2.h"
+#include "extensions/browser/content_hash_tree.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+using crypto::kSHA256Length;
+using crypto::SecureHash;
+
+// Helper to return a fake sha256 signature based on a seed.
+static std::string FakeSignatureWithSeed(int seed) {
+  std::string input;
+  for (int i = 0; i < seed * 3; i++) {
+    input.push_back(static_cast<char>(((i + 19) * seed) % 256));
+  }
+  return crypto::SHA256HashString(input);
+}
+
+namespace extensions {
+
+TEST(ContentHashTreeTest, HashTreeBasics) {
+  std::vector<std::string> nodes;
+  // Empty array.
+  EXPECT_EQ(std::string(), ComputeTreeHashRoot(nodes, 16));
+
+  // One node.
+  std::string node1 = FakeSignatureWithSeed(1);
+  nodes.push_back(node1);
+  EXPECT_EQ(node1, ComputeTreeHashRoot(nodes, 16));
+
+  // Two nodes.
+  std::string node2 = FakeSignatureWithSeed(2);
+  nodes.push_back(node2);
+
+  std::string expected(kSHA256Length, 0);
+  scoped_ptr<SecureHash> hash(SecureHash::Create(SecureHash::SHA256));
+  hash->Update(node1.data(), node1.size());
+  hash->Update(node2.data(), node2.size());
+  hash->Finish(string_as_array(&expected), expected.size());
+  EXPECT_EQ(expected, ComputeTreeHashRoot(nodes, 16));
+}
+
+TEST(ContentHashTreeTest, HashTreeMultipleLevels) {
+  std::vector<std::string> nodes;
+  for (int i = 0; i < 3; i++) {
+    std::string node;
+    nodes.push_back(FakeSignatureWithSeed(i));
+  }
+
+  // First try a test where our branch factor is >= 3, so we expect the result
+  // to be the hash of all 3 concatenated together. E.g the expected top hash
+  // should be 4 in the following diagram:
+  //   4
+  // 1 2 3
+  std::string expected =
+      crypto::SHA256HashString(nodes[0] + nodes[1] + nodes[2]);
+  EXPECT_EQ(expected, ComputeTreeHashRoot(nodes, 4));
+
+  // Now try making the branch factor be 2, so that we
+  // should get the following:
+  //   6
+  //  4 5
+  // 1 2 3
+  // where 4 is the hash of 1 and 2, 5 is the hash of 3, and 6 is the
+  // hash of 4 and 5.
+  std::string hash_of_first_2 = crypto::SHA256HashString(nodes[0] + nodes[1]);
+  std::string hash_of_third = crypto::SHA256HashString(nodes[2]);
+  expected = crypto::SHA256HashString(hash_of_first_2 + hash_of_third);
+  EXPECT_EQ(expected, ComputeTreeHashRoot(nodes, 2));
+}
+
+}  // namespace extensions
--- a/extensions/extensions.gyp
+++ b/extensions/extensions.gyp
@@ -316,6 +316,8 @@
        'browser/content_hash_fetcher.h',
        'browser/content_hash_reader.cc',
        'browser/content_hash_reader.h',
+        'browser/content_hash_tree.cc',
+        'browser/content_hash_tree.h',
        'browser/content_verifier.cc',
        'browser/content_verifier.h',
        'browser/content_verifier_delegate.h',