// Copyright 2022 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef COMPONENTS_WEB_PACKAGE_SIGNED_WEB_BUNDLES_SIGNED_WEB_BUNDLE_INTEGRITY_BLOCK_H_ #define COMPONENTS_WEB_PACKAGE_SIGNED_WEB_BUNDLES_SIGNED_WEB_BUNDLE_INTEGRITY_BLOCK_H_ #include <cstdint> #include <string> #include <vector> #include "base/types/expected.h" #include "components/web_package/mojom/web_bundle_parser.mojom-forward.h" #include "components/web_package/signed_web_bundles/integrity_block_attributes.h" #include "components/web_package/signed_web_bundles/signed_web_bundle_id.h" #include "components/web_package/signed_web_bundles/signed_web_bundle_signature_stack.h" namespace web_package { // This class represents the integrity block of a Signed Web Bundle. It is // guaranteed to have a `size_in_bytes` greater than 0, and at least one // signature stack entry. It is constructed from a // `mojom::BundleIntegrityBlockPtr`, which is the result of // CBOR-parsing the integrity block of the Signed Web Bundle in a separate data // decoder process. Given that the Signed Web Bundle is untrusted user input, // there is a potential for an attacker to compromise the data decoder process // by providing a malicious bundle and exploiting a memory safety bug. // // This class wraps the data received from the data decoder process into // strongly typed classes, and re-verifies the validity of the data where // possible (e.g., by checking that public keys have the correct length). class SignedWebBundleIntegrityBlock { … }; } // namespace web_package #endif // COMPONENTS_WEB_PACKAGE_SIGNED_WEB_BUNDLES_SIGNED_WEB_BUNDLE_INTEGRITY_BLOCK_H_
Codebase Browser
chromium