1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
|
'use strict'
const assert = require('node:assert')
const { runtimeFeatures } = require('../../util/runtime-features.js')
/**
* @typedef {object} Metadata
* @property {SRIHashAlgorithm} alg - The algorithm used for the hash.
* @property {string} val - The base64-encoded hash value.
*/
/**
* @typedef {Metadata[]} MetadataList
*/
/**
* @typedef {('sha256' | 'sha384' | 'sha512')} SRIHashAlgorithm
*/
/**
* @type {Map<SRIHashAlgorithm, number>}
*
* The valid SRI hash algorithm token set is the ordered set « "sha256",
* "sha384", "sha512" » (corresponding to SHA-256, SHA-384, and SHA-512
* respectively). The ordering of this set is meaningful, with stronger
* algorithms appearing later in the set.
*
* @see https://w3c.github.io/webappsec-subresource-integrity/#valid-sri-hash-algorithm-token-set
*/
const validSRIHashAlgorithmTokenSet = new Map([['sha256', 0], ['sha384', 1], ['sha512', 2]])
// https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable
/** @type {import('node:crypto')} */
let crypto
if (runtimeFeatures.has('crypto')) {
crypto = require('node:crypto')
const cryptoHashes = crypto.getHashes()
// If no hashes are available, we cannot support SRI.
if (cryptoHashes.length === 0) {
validSRIHashAlgorithmTokenSet.clear()
}
for (const algorithm of validSRIHashAlgorithmTokenSet.keys()) {
// If the algorithm is not supported, remove it from the list.
if (cryptoHashes.includes(algorithm) === false) {
validSRIHashAlgorithmTokenSet.delete(algorithm)
}
}
} else {
// If crypto is not available, we cannot support SRI.
validSRIHashAlgorithmTokenSet.clear()
}
/**
* @typedef GetSRIHashAlgorithmIndex
* @type {(algorithm: SRIHashAlgorithm) => number}
* @param {SRIHashAlgorithm} algorithm
* @returns {number} The index of the algorithm in the valid SRI hash algorithm
* token set.
*/
const getSRIHashAlgorithmIndex = /** @type {GetSRIHashAlgorithmIndex} */ (Map.prototype.get.bind(
validSRIHashAlgorithmTokenSet))
/**
* @typedef IsValidSRIHashAlgorithm
* @type {(algorithm: string) => algorithm is SRIHashAlgorithm}
* @param {*} algorithm
* @returns {algorithm is SRIHashAlgorithm}
*/
const isValidSRIHashAlgorithm = /** @type {IsValidSRIHashAlgorithm} */ (
Map.prototype.has.bind(validSRIHashAlgorithmTokenSet)
)
/**
* @param {Uint8Array} bytes
* @param {string} metadataList
* @returns {boolean}
*
* @see https://w3c.github.io/webappsec-subresource-integrity/#does-response-match-metadatalist
*/
const bytesMatch = runtimeFeatures.has('crypto') === false || validSRIHashAlgorithmTokenSet.size === 0
// If node is not built with OpenSSL support, we cannot check
// a request's integrity, so allow it by default (the spec will
// allow requests if an invalid hash is given, as precedence).
? () => true
: (bytes, metadataList) => {
// 1. Let parsedMetadata be the result of parsing metadataList.
const parsedMetadata = parseMetadata(metadataList)
// 2. If parsedMetadata is empty set, return true.
if (parsedMetadata.length === 0) {
return true
}
// 3. Let metadata be the result of getting the strongest
// metadata from parsedMetadata.
const metadata = getStrongestMetadata(parsedMetadata)
// 4. For each item in metadata:
for (const item of metadata) {
// 1. Let algorithm be the item["alg"].
const algorithm = item.alg
// 2. Let expectedValue be the item["val"].
const expectedValue = item.val
// See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e
// "be liberal with padding". This is annoying, and it's not even in the spec.
// 3. Let actualValue be the result of applying algorithm to bytes .
const actualValue = applyAlgorithmToBytes(algorithm, bytes)
// 4. If actualValue is a case-sensitive match for expectedValue,
// return true.
if (caseSensitiveMatch(actualValue, expectedValue)) {
return true
}
}
// 5. Return false.
return false
}
/**
* @param {MetadataList} metadataList
* @returns {MetadataList} The strongest hash algorithm from the metadata list.
*/
function getStrongestMetadata (metadataList) {
// 1. Let result be the empty set and strongest be the empty string.
const result = []
/** @type {Metadata|null} */
let strongest = null
// 2. For each item in set:
for (const item of metadataList) {
// 1. Assert: item["alg"] is a valid SRI hash algorithm token.
assert(isValidSRIHashAlgorithm(item.alg), 'Invalid SRI hash algorithm token')
// 2. If result is the empty set, then:
if (result.length === 0) {
// 1. Append item to result.
result.push(item)
// 2. Set strongest to item.
strongest = item
// 3. Continue.
continue
}
// 3. Let currentAlgorithm be strongest["alg"], and currentAlgorithmIndex be
// the index of currentAlgorithm in the valid SRI hash algorithm token set.
const currentAlgorithm = /** @type {Metadata} */ (strongest).alg
const currentAlgorithmIndex = getSRIHashAlgorithmIndex(currentAlgorithm)
// 4. Let newAlgorithm be the item["alg"], and newAlgorithmIndex be the
// index of newAlgorithm in the valid SRI hash algorithm token set.
const newAlgorithm = item.alg
const newAlgorithmIndex = getSRIHashAlgorithmIndex(newAlgorithm)
// 5. If newAlgorithmIndex is less than currentAlgorithmIndex, then continue.
if (newAlgorithmIndex < currentAlgorithmIndex) {
continue
// 6. Otherwise, if newAlgorithmIndex is greater than
// currentAlgorithmIndex:
} else if (newAlgorithmIndex > currentAlgorithmIndex) {
// 1. Set strongest to item.
strongest = item
// 2. Set result to « item ».
result[0] = item
result.length = 1
// 7. Otherwise, newAlgorithmIndex and currentAlgorithmIndex are the same
// value. Append item to result.
} else {
result.push(item)
}
}
// 3. Return result.
return result
}
/**
* @param {string} metadata
* @returns {MetadataList}
*
* @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata
*/
function parseMetadata (metadata) {
// 1. Let result be the empty set.
/** @type {MetadataList} */
const result = []
// 2. For each item returned by splitting metadata on spaces:
for (const item of metadata.split(' ')) {
// 1. Let expression-and-options be the result of splitting item on U+003F (?).
const expressionAndOptions = item.split('?', 1)
// 2. Let algorithm-expression be expression-and-options[0].
const algorithmExpression = expressionAndOptions[0]
// 3. Let base64-value be the empty string.
let base64Value = ''
// 4. Let algorithm-and-value be the result of splitting algorithm-expression on U+002D (-).
const algorithmAndValue = [algorithmExpression.slice(0, 6), algorithmExpression.slice(7)]
// 5. Let algorithm be algorithm-and-value[0].
const algorithm = algorithmAndValue[0]
// 6. If algorithm is not a valid SRI hash algorithm token, then continue.
if (!isValidSRIHashAlgorithm(algorithm)) {
continue
}
// 7. If algorithm-and-value[1] exists, set base64-value to
// algorithm-and-value[1].
if (algorithmAndValue[1]) {
base64Value = algorithmAndValue[1]
}
// 8. Let metadata be the ordered map
// «["alg" → algorithm, "val" → base64-value]».
const metadata = {
alg: algorithm,
val: base64Value
}
// 9. Append metadata to result.
result.push(metadata)
}
// 3. Return result.
return result
}
/**
* Applies the specified hash algorithm to the given bytes
*
* @typedef {(algorithm: SRIHashAlgorithm, bytes: Uint8Array) => string} ApplyAlgorithmToBytes
* @param {SRIHashAlgorithm} algorithm
* @param {Uint8Array} bytes
* @returns {string}
*/
const applyAlgorithmToBytes = (algorithm, bytes) => {
return crypto.hash(algorithm, bytes, 'base64')
}
/**
* Compares two base64 strings, allowing for base64url
* in the second string.
*
* @param {string} actualValue base64 encoded string
* @param {string} expectedValue base64 or base64url encoded string
* @returns {boolean}
*/
function caseSensitiveMatch (actualValue, expectedValue) {
// Ignore padding characters from the end of the strings by
// decreasing the length by 1 or 2 if the last characters are `=`.
let actualValueLength = actualValue.length
if (actualValueLength !== 0 && actualValue[actualValueLength - 1] === '=') {
actualValueLength -= 1
}
if (actualValueLength !== 0 && actualValue[actualValueLength - 1] === '=') {
actualValueLength -= 1
}
let expectedValueLength = expectedValue.length
if (expectedValueLength !== 0 && expectedValue[expectedValueLength - 1] === '=') {
expectedValueLength -= 1
}
if (expectedValueLength !== 0 && expectedValue[expectedValueLength - 1] === '=') {
expectedValueLength -= 1
}
if (actualValueLength !== expectedValueLength) {
return false
}
for (let i = 0; i < actualValueLength; ++i) {
if (
actualValue[i] === expectedValue[i] ||
(actualValue[i] === '+' && expectedValue[i] === '-') ||
(actualValue[i] === '/' && expectedValue[i] === '_')
) {
continue
}
return false
}
return true
}
module.exports = {
applyAlgorithmToBytes,
bytesMatch,
caseSensitiveMatch,
isValidSRIHashAlgorithm,
getStrongestMetadata,
parseMetadata
}
|
