bool checkDigest(const String& source, uint8_t hashAlgorithmsUsed, const CSPDirectiveListVector& policies)
{
// Any additions or subtractions from this struct should also modify the
// respective entries in the kSupportedPrefixes array in
// CSPSourceList::parseHash().
static const struct {
ContentSecurityPolicyHashAlgorithm cspHashAlgorithm;
HashAlgorithm algorithm;
} kAlgorithmMap[] = {
{ ContentSecurityPolicyHashAlgorithmSha1, HashAlgorithmSha1 },
{ ContentSecurityPolicyHashAlgorithmSha256, HashAlgorithmSha256 },
{ ContentSecurityPolicyHashAlgorithmSha384, HashAlgorithmSha384 },
{ ContentSecurityPolicyHashAlgorithmSha512, HashAlgorithmSha512 }
};
// Only bother normalizing the source/computing digests if there are any checks to be done.
if (hashAlgorithmsUsed == ContentSecurityPolicyHashAlgorithmNone)
return false;
StringUTF8Adaptor utf8Source(source);
for (const auto& algorithmMap : kAlgorithmMap) {
DigestValue digest;
if (algorithmMap.cspHashAlgorithm & hashAlgorithmsUsed) {
bool digestSuccess = computeDigest(algorithmMap.algorithm, utf8Source.data(), utf8Source.length(), digest);
if (digestSuccess && isAllowedByAllWithHash<allowed>(policies, CSPHashValue(algorithmMap.cspHashAlgorithm, digest)))
return true;
}
}
return false;
}
void CSPSourceList::addSourceHash(const ContentSecurityPolicyHashAlgorithm& algorithm, const DigestValue& hash)
{
m_hashes.add(CSPHashValue(algorithm, hash));
m_hashAlgorithmsUsed |= algorithm;
}
