refactor: take a uint8_t span in ValidateIntegrityOrDie() (#43592)

refactor: take a uint8_t span in ValidateIntegrityOrDie()

Doing some groundwork for fixing unsafe base::File() APIs:

- Change ValidateIntegrityOrDie() to take a span<const uint8_t> arg.
  We'll need this to migrate asar's base::File API calls away from the
  ones tagged `UNSAFE_BUFFER_USAGE` because the safe counterparts use
  span<uint8_t> too.

- Simplify ValidateIntegrityOrDie()'s implementation by using
  crypto::SHA256Hash() instead of reinventing the wheel.
This commit is contained in:
Charles Kerr 2024-09-06 20:22:44 -05:00 committed by GitHub
parent 18b1b33adc
commit 44a4328ea8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 11 additions and 20 deletions

View file

@ -132,25 +132,17 @@ bool ReadFileToString(const base::FilePath& path, std::string* contents) {
return false;
}
if (info.integrity.has_value()) {
ValidateIntegrityOrDie(contents->data(), contents->size(),
info.integrity.value());
}
if (info.integrity)
ValidateIntegrityOrDie(base::as_byte_span(*contents), *info.integrity);
return true;
}
void ValidateIntegrityOrDie(const char* data,
size_t size,
void ValidateIntegrityOrDie(base::span<const uint8_t> input,
const IntegrityPayload& integrity) {
if (integrity.algorithm == HashAlgorithm::kSHA256) {
uint8_t hash[crypto::kSHA256Length];
auto hasher = crypto::SecureHash::Create(crypto::SecureHash::SHA256);
hasher->Update(data, size);
hasher->Finish(hash, sizeof(hash));
const std::string hex_hash =
base::ToLowerASCII(base::HexEncode(hash, sizeof(hash)));
base::ToLowerASCII(base::HexEncode(crypto::SHA256Hash(input)));
if (integrity.hash != hex_hash) {
LOG(FATAL) << "Integrity check failed for asar archive ("
<< integrity.hash << " vs " << hex_hash << ")";