feat: add support for validating asar archives on macOS (#30667)

* feat: add support for validating asar archives on macOS * chore: fix lint * chore: update as per feedback * feat: switch implementation to asar integrity hash checks * feat: make ranged requests work with the asar file validator DataSourceFilter * chore: fix lint * chore: fix missing log include on non-darwin * fix: do not pull block size out of missing optional * fix: match ValidateOrDie symbol on non-darwin * chore: fix up asar specs by repacking archives * fix: maintain integrity chain, do not load file integrity if header integrity was not loaded * debug test * Update node-spec.ts * fix: initialize header_validated_ * chore: update PR per feedback * chore: update per feedback * build: use final asar module * Update fuses.json5
2021-09-09 14:49:01 -07:00 · 2021-09-09 14:49:01 -07:00 · 57d088517c
commit 57d088517c
parent fcad531f2e
35 changed files with 705 additions and 43 deletions
--- a/shell/browser/net/asar/asar_file_validator.h
+++ b/shell/browser/net/asar/asar_file_validator.h
@ -0,0 +1,60 @@
+// Copyright (c) 2021 Slack Technologies, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#ifndef SHELL_BROWSER_NET_ASAR_ASAR_FILE_VALIDATOR_H_
+#define SHELL_BROWSER_NET_ASAR_ASAR_FILE_VALIDATOR_H_
+
+#include <algorithm>
+#include <memory>
+
+#include "crypto/secure_hash.h"
+#include "mojo/public/cpp/system/file_data_source.h"
+#include "mojo/public/cpp/system/filtered_data_source.h"
+#include "shell/common/asar/archive.h"
+#include "third_party/abseil-cpp/absl/types/optional.h"
+
+namespace asar {
+
+class AsarFileValidator : public mojo::FilteredDataSource::Filter {
+ public:
+  AsarFileValidator(IntegrityPayload integrity, base::File file);
+
+  void OnRead(base::span<char> buffer,
+              mojo::FileDataSource::ReadResult* result);
+
+  void OnDone();
+
+  void SetRange(uint64_t read_start, uint64_t extra_read, uint64_t read_max);
+  void SetCurrentBlock(int current_block);
+
+ protected:
+  bool FinishBlock();
+
+ private:
+  base::File file_;
+  IntegrityPayload integrity_;
+
+  // The offset in the file_ that the underlying file reader is starting at
+  uint64_t read_start_ = 0;
+  // The number of bytes this DataSourceFilter will have seen that aren't used
+  // by the DataProducer.  These extra bytes are exclusively for hash validation
+  // but we need to know how many we've used so we know when we're done.
+  uint64_t extra_read_ = 0;
+  // The maximum offset in the file_ that we should read to, used to determine
+  // which bytes we're missing or if we need to read up to a block boundary in
+  // OnDone
+  uint64_t read_max_ = 0;
+  bool done_reading_ = false;
+  int current_block_;
+  int max_block_;
+  uint64_t current_hash_byte_count_ = 0;
+  uint64_t total_hash_byte_count_ = 0;
+  std::unique_ptr<crypto::SecureHash> current_hash_;
+
+  DISALLOW_COPY_AND_ASSIGN(AsarFileValidator);
+};
+
+}  // namespace asar
+
+#endif  // SHELL_BROWSER_NET_ASAR_ASAR_FILE_VALIDATOR_H_