Content-Digest header - improved interface

Author: yaronf

client.go

@@ -82,17 +82,14 @@ func verifyClientResponse(req *http.Request, conf ClientConfig, res *http.Respon
 			return fmt.Errorf("fetchVerifier returned a nil verifier")
 		}
 	}
-	receivedContentDigest := res.Header.Get("Content-Digest")
+	receivedContentDigest := res.Header.Values("Content-Digest")
 	if conf.computeDigest &&
-		res.Body != nil && receivedContentDigest != "" {
+		res.Body != nil && len(receivedContentDigest) > 0 {
 		// verify the header even if not explicitly required by verifier field list
-		digest, err := GenerateContentDigest(&res.Body, conf.digestScheme)
+		err := ValidateContentDigestHeader(receivedContentDigest, &res.Body, conf.digestSchemesRecv)
 		if err != nil {
 			return err
 		}
-		if receivedContentDigest != digest {
-			return fmt.Errorf("bad Content-Digest received")
-		}
 	}
 	err := VerifyResponse(signatureName, *verifier, res)
 	if err != nil {
@@ -104,11 +101,11 @@ func verifyClientResponse(req *http.Request, conf ClientConfig, res *http.Respon
 func signClientRequest(req *http.Request, conf ClientConfig) error {
 	if conf.computeDigest && conf.signer.fields.hasHeader("Content-Digest") &&
 		req.Body != nil && req.Header.Get("Content-Digest") == "" {
-		digest, err := GenerateContentDigest(&req.Body, conf.digestScheme)
+		header, err := GenerateContentDigestHeader(&req.Body, conf.digestSchemesSend)
 		if err != nil {
 			return err
 		}
-		req.Header.Add("Content-Digest", digest)
+		req.Header.Set("Content-Digest", header)
 	}
 	sigInput, sig, err := SignRequest(conf.signatureName, *conf.signer, req)
 	if err != nil {

client_test.go

@@ -294,7 +294,7 @@ func TestClient_PostForm(t *testing.T) {
 				return
 			}
 			headers := []string{}
-			for k, _ := range gotResp.Header {
+			for k := range gotResp.Header {
 				headers = append(headers, k)
 			}
 			sort.Strings(headers)

config.go

@@ -166,22 +166,25 @@ func NewVerifyConfig() *VerifyConfig {
 type HandlerConfig struct {
 	reqNotVerified func(w http.ResponseWriter,
 		r *http.Request, logger *log.Logger, err error)
-	fetchVerifier func(r *http.Request) (sigName string, verifier *Verifier)
-	fetchSigner   func(res http.Response, r *http.Request) (sigName string, signer *Signer)
-	logger        *log.Logger
-	digestScheme  string
-	computeDigest bool
+	fetchVerifier     func(r *http.Request) (sigName string, verifier *Verifier)
+	fetchSigner       func(res http.Response, r *http.Request) (sigName string, signer *Signer)
+	logger            *log.Logger
+	computeDigest     bool
+	digestSchemesSend []string
+	digestSchemesRecv []string
 }
 
 // NewHandlerConfig generates a default configuration. When verification or respectively,
 // signing is required, the respective "fetch" callback must be supplied.
 func NewHandlerConfig() *HandlerConfig {
 	return &HandlerConfig{
-		reqNotVerified: defaultReqNotVerified,
-		fetchVerifier:  nil,
-		fetchSigner:    nil,
-		logger:         log.New(os.Stderr, "httpsign: ", log.LstdFlags|log.Lmsgprefix),
-		computeDigest:  true,
+		reqNotVerified:    defaultReqNotVerified,
+		fetchVerifier:     nil,
+		fetchSigner:       nil,
+		logger:            log.New(os.Stderr, "httpsign: ", log.LstdFlags|log.Lmsgprefix),
+		computeDigest:     true,
+		digestSchemesSend: []string{DigestSha256},
+		digestSchemesRecv: []string{DigestSha256, DigestSha512},
 	}
 }
 
@@ -243,27 +246,40 @@ func (h *HandlerConfig) SetComputeDigest(b bool) *HandlerConfig {
 	return h
 }
 
-// SetDigestScheme defines the scheme (cryptographic hash algorithm) to be used for the message digest.
-// It only needs to be set if a Content-Digest header is signed.
-func (h *HandlerConfig) SetDigestScheme(s string) *HandlerConfig {
-	h.digestScheme = s
+// SetDigestSchemesSend defines the scheme(s) (cryptographic hash algorithms) to be used to generate the message digest.
+// It only needs to be set if a Content-Digest header is signed. Default: DigestSha256
+func (h *HandlerConfig) SetDigestSchemesSend(s []string) *HandlerConfig {
+	h.digestSchemesSend = s
+	return h
+}
+
+// SetDigestSchemesRecv defines the cryptographic algorithms to accept when receiving the
+// Content-Digest header. Any recognized algorithm's digest must be correct, but the overall header is valid if at least
+// one accepted digest is included. Default: DigestSha256, DigestSha512.
+func (h *HandlerConfig) SetDigestSchemesRecv(s []string) *HandlerConfig {
+	h.digestSchemesRecv = s
 	return h
 }
 
 // ClientConfig contains additional configuration for the HTTP client-side wrapper.
 // Signing and verification may either be skipped, independently.
 type ClientConfig struct {
-	signatureName string
-	signer        *Signer
-	verifier      *Verifier
-	fetchVerifier func(res *http.Response, req *http.Request) (sigName string, verifier *Verifier)
-	computeDigest bool
-	digestScheme  string
+	signatureName     string
+	signer            *Signer
+	verifier          *Verifier
+	fetchVerifier     func(res *http.Response, req *http.Request) (sigName string, verifier *Verifier)
+	computeDigest     bool
+	digestSchemesSend []string
+	digestSchemesRecv []string
 }
 
 // NewClientConfig creates a new, default ClientConfig.
 func NewClientConfig() *ClientConfig {
-	return &ClientConfig{computeDigest: true, digestScheme: DigestSha256}
+	return &ClientConfig{
+		computeDigest:     true,
+		digestSchemesSend: []string{DigestSha256},
+		digestSchemesRecv: []string{DigestSha256, DigestSha512},
+	}
 }
 
 // SetSignatureName sets the signature name to be used for signing or verification.
@@ -300,9 +316,17 @@ func (c *ClientConfig) SetComputeDigest(b bool) *ClientConfig {
 	return c
 }
 
-// SetDigestScheme defines the cryptographic algorithm to use for the
+// SetDigestSchemesSend defines the cryptographic algorithms to use when generating the
 // Content-Digest header. Default: DigestSha256.
-func (c *ClientConfig) SetDigestScheme(s string) *ClientConfig {
-	c.digestScheme = s
+func (c *ClientConfig) SetDigestSchemesSend(s []string) *ClientConfig {
+	c.digestSchemesSend = s
+	return c
+}
+
+// SetDigestSchemesRecv defines the cryptographic algorithms to accept when receiving the
+// Content-Digest header. Any recognized algorithm's digest must be correct, but the overall header is valid if at least
+// one accepted digest is included. Default: DigestSha256, DigestSha512.
+func (c *ClientConfig) SetDigestSchemesRecv(s []string) *ClientConfig {
+	c.digestSchemesRecv = s
 	return c
 }

digest.go

@@ -5,6 +5,7 @@ import (
 	"crypto/sha256"
 	"crypto/sha512"
 	"fmt"
+	"github.com/dunglas/httpsfv"
 	"io"
 	"io/ioutil"
 )
@@ -15,26 +16,47 @@ const (
 	DigestSha512 = "sha-512"
 )
 
-// GenerateContentDigest generates a digest of the message body according to the given scheme (DigestSha256 or
-// DigestSha512). Side effect: the message body is fully read, and replaced by a static buffer
+// GenerateContentDigestHeader generates a digest of the message body according to the given scheme(s)
+// (currently supporting DigestSha256 and DigestSha512).
+// Side effect: the message body is fully read, and replaced by a static buffer
 // containing the body contents.
-func GenerateContentDigest(body *io.ReadCloser, scheme string) (string, error) {
+func GenerateContentDigestHeader(body *io.ReadCloser, schemes []string) (string, error) {
+	if len(schemes) == 0 {
+		return "", fmt.Errorf("received empty list of digest schemes")
+	}
+	err := validateSchemes(schemes)
+	if err != nil {
+		return "", err
+	}
+	buff, err := duplicateBody(body)
+	if err != nil {
+		return "", err
+	}
+	dict := httpsfv.NewDictionary()
+	for _, scheme := range schemes {
+		raw, err := rawDigest(buff.String(), scheme)
+		if err != nil { // When sending, must recognize all schemes
+			return "", err
+		}
+		i := httpsfv.NewItem(raw)
+		dict.Add(scheme, httpsfv.Member(i))
+	}
+	return httpsfv.Marshal(dict)
+}
+
+func duplicateBody(body *io.ReadCloser) (*bytes.Buffer, error) {
 	buff := &bytes.Buffer{}
 	if body != nil {
 		_, err := buff.ReadFrom(*body)
 		if err != nil {
-			return "", err
+			return nil, err
 		}
 
-		defer (*body).Close()
+		_ = (*body).Close()
 
 		*body = ioutil.NopCloser(bytes.NewReader(buff.Bytes()))
 	}
-	raw, err := rawDigest(buff.String(), scheme)
-	if err != nil {
-		return "", err
-	}
-	return scheme + "=" + encodeBytes(raw), nil
+	return buff, nil
 }
 
 func rawDigest(s string, scheme string) ([]byte, error) {
@@ -49,3 +71,64 @@ func rawDigest(s string, scheme string) ([]byte, error) {
 		return nil, fmt.Errorf("unknown digest scheme")
 	}
 }
+
+func validateSchemes(schemes []string) error {
+	valid := map[string]bool{DigestSha256: true, DigestSha512: true}
+	for _, s := range schemes {
+		if !valid[s] {
+			return fmt.Errorf("invalid scheme: s")
+		}
+	}
+	return nil
+}
+
+func ValidateContentDigestHeader(received []string, body *io.ReadCloser, accepted []string) error {
+	if len(accepted) == 0 {
+		return fmt.Errorf("received no digest schemes to accept")
+	}
+	err := validateSchemes(accepted)
+	if err != nil {
+		return err
+	}
+	receivedDict, err := httpsfv.UnmarshalDictionary(received)
+	if err != nil {
+		return fmt.Errorf("received Content-Digest header: %w", err)
+	}
+	buff, err := duplicateBody(body)
+	if err != nil {
+		return err
+	}
+	var ok bool
+found:
+	for _, a := range accepted {
+		for _, r := range receivedDict.Names() {
+			if a == r {
+				ok = true
+				break found
+			}
+		}
+	}
+	if !ok {
+		return fmt.Errorf("no acceptable digest scheme found in Content-Digest header")
+	}
+	// But regardless of the list of accepted schemes, all included digest values (if recognized) must be correct
+	for _, scheme := range receivedDict.Names() {
+		raw, err := rawDigest(buff.String(), scheme)
+		if err != nil {
+			continue // unknown schemes are ignored
+		}
+		m, _ := receivedDict.Get(scheme)
+		i, ok := m.(httpsfv.Item)
+		if !ok {
+			return fmt.Errorf("received Content-Digest header is malformed")
+		}
+		b, ok := i.Value.([]byte)
+		if !ok {
+			return fmt.Errorf("non-byte string in received Content-Digest header")
+		}
+		if !bytes.Equal(raw, b) {
+			return fmt.Errorf("digest mismatch for scheme %s", scheme)
+		}
+	}
+	return nil
+}

digest_test.go

@@ -30,37 +30,69 @@ Content-Digest: sha-256=:Wqdirjg/u3J688ejbUlApbjECpiUUtIwT8lY/z81Tno=:
 var resdigest5 = `HTTP/1.1 206 Partial Content
 Content-Type: application/json
 Content-Range: bytes 1-7/18
-Content-Digest: sha-512=:A8pplr4vsk4xdLkJruCXWp6+i+dy/3pSW5HW5ke1jDWS70Dv6Fstf1jS+XEcLqEVhW3i925IPlf/4tnpnvAQDw==:
+Content-Digest: sha-256=:Wqdirjg/u3J688ejbUlApbjECpiUUtIwT8lY/z81Tno=:, sha-512=:A8pplr4vsk4xdLkJruCXWp6+i+dy/3pSW5HW5ke1jDWS70Dv6Fstf1jS+XEcLqEVhW3i925IPlf/4tnpnvAQDw==:
 
 "hello"`
 
+var resdigest6 = `HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Digest: sha-256=:X47E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=:
+
+{"hello": "world"}`
+
 func TestMessages(t *testing.T) {
 	res1 := readResponse(resdigest1)
-	d, err := GenerateContentDigest(&res1.Body, DigestSha256)
+	d, err := GenerateContentDigestHeader(&res1.Body, []string{DigestSha256})
 	assert.NoError(t, err, "should not fail to generate digest")
 	assert.Equal(t, "sha-256=:X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=:", d)
 	h := res1.Header.Get("Content-Digest")
 	assert.Equal(t, h, d)
 
 	res2 := readResponse(resdigest2)
-	d, err = GenerateContentDigest(&res2.Body, DigestSha256)
+	d, err = GenerateContentDigestHeader(&res2.Body, []string{DigestSha256})
 	assert.NoError(t, err, "should not fail to generate digest")
 	h = res2.Header.Get("Content-Digest")
 	assert.Equal(t, h, d)
 
 	res3 := readResponse(resdigest3)
-	d, err = GenerateContentDigest(&res3.Body, DigestSha256)
+	d, err = GenerateContentDigestHeader(&res3.Body, []string{DigestSha256})
 	assert.NoError(t, err, "should not fail to generate digest")
 	h = res3.Header.Get("Content-Digest")
 	assert.NotEqual(t, h, d)
 
 	res4 := readResponse(resdigest3)
-	d, err = GenerateContentDigest(&res4.Body, "sha-999")
+	d, err = GenerateContentDigestHeader(&res4.Body, []string{DigestSha256, "sha-999"})
 	assert.Error(t, err, "bad digest scheme")
 
 	res5 := readResponse(resdigest5)
-	d, err = GenerateContentDigest(&res5.Body, DigestSha512)
+	d, err = GenerateContentDigestHeader(&res5.Body, []string{DigestSha256, DigestSha512})
 	assert.NoError(t, err, "should not fail to generate digest")
 	h = res5.Header.Get("Content-Digest")
 	assert.Equal(t, h, d)
 }
+
+func TestValidateContentDigestHeader(t *testing.T) {
+	res1 := readResponse(resdigest1)
+	hdr := res1.Header.Values("Content-Digest")
+	err := ValidateContentDigestHeader(hdr, &res1.Body, []string{DigestSha256})
+	assert.NoError(t, err, "should not fail")
+
+	err = ValidateContentDigestHeader(hdr, &res1.Body, []string{})
+	assert.Error(t, err, "empty list of accepted schemes")
+
+	err = ValidateContentDigestHeader(hdr, &res1.Body, []string{"kuku"})
+	assert.Error(t, err, "unknown scheme in list of accepted schemes")
+
+	hdr = []string{"123"}
+	err = ValidateContentDigestHeader(hdr, &res1.Body, []string{DigestSha256})
+	assert.Error(t, err, "bad received header")
+
+	hdr = res1.Header.Values("Content-Digest")
+	err = ValidateContentDigestHeader(hdr, &res1.Body, []string{DigestSha512})
+	assert.Error(t, err, "no acceptable scheme")
+
+	res6 := readResponse(resdigest6)
+	hdr = res6.Header.Values("Content-Digest")
+	err = ValidateContentDigestHeader(hdr, &res6.Body, []string{DigestSha256})
+	assert.Error(t, err, "digest mismatch")
+}