New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 914247 link

Starred by 2 users
Status: Fixed
Owner:
ksakamoto@chromium.org
Closed: Dec 19
Cc:
twif...@chromium.org
kinuko@chromium.org
kouhei@chromium.org
horo@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 2
Type: Bug



Sign in to add a comment

SignedExchangeSignatureVerifier should use unparsed url bytes

Project Member Reported by ksakamoto@chromium.org, Dec 12 
https://sxg-test.appspot.com/sxg/utf8-inner-url.sxg?v=1b2&ot=true

The fallback URL of this sxg is "https://sxg.irorin.org/🌐📦.html" (containing emojis in UTF-8). Currently Chrome fails to validate the signature of this sxg, because it creates signing message with a percent-encoded form of the URL ("https://sxg.irorin.org/%F0%9F%8C%90%F0%9F%93%A6.html").

GenerateSignedMessage() should use original requestUrl and validity-url bytes, instead of URLs canonicalized by GURL.
Project Member

Comment 1 by bugdroid1@chromium.org, Dec 19 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d405c9d3aac25cea717c6401c39041f61893d049

commit d405c9d3aac25cea717c6401c39041f61893d049
Author: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Wed Dec 19 02:59:22 2018

SignedExchange: Use unparsed URL string for signature verification

Before this patch, SignedExchangeSignatureVerifier used GURL::spec()
to stringify URLs when reconstructing the signed message. However,
GURL::spec() may return a string which is differently percent-encoded
from the original URL string, and then verification fails.

This patch introduces URLWithRawString struct which holds original
URL string along with parsed GURL, and use the original string
for signature verification.

Bug:  914247 
Change-Id: I8950bf172391782ebb92338707245694b046052f
Reviewed-on: https://chromium-review.googlesource.com/c/1377959
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#617714}
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/devtools/protocol/network_handler.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_envelope.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_envelope.h
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_envelope_unittest.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_handler.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_prologue.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_prologue.h
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_prologue_unittest.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_signature_header_field.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_signature_header_field.h
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_signature_header_field_unittest.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_signature_verifier.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_signature_verifier_unittest.cc
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/content/browser/web_package/signed_exchange_utils.h
[modify] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/resources/generate-test-sxgs.sh
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/resources/sxg-inner-url-bom.sxg
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/resources/sxg-inner-url-bom.sxg.headers
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/resources/sxg-utf8-inner-url.sxg
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/resources/sxg-utf8-inner-url.sxg.headers
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/sxg-inner-url-bom.tentative.html
[add] https://crrev.com/d405c9d3aac25cea717c6401c39041f61893d049/third_party/blink/web_tests/external/wpt/signed-exchange/sxg-utf8-inner-url.tentative.html

Comment 2 by ksakamoto@chromium.org, Dec 19

Status: Fixed (was: Assigned)

Sign in to add a comment