diff --git a/subresource-integrity/signatures/tentative/fetch.any.js b/subresource-integrity/signatures/tentative/fetch.any.js index 4840451b27f17c..2bfb2b4654aa4a 100644 --- a/subresource-integrity/signatures/tentative/fetch.any.js +++ b/subresource-integrity/signatures/tentative/fetch.any.js @@ -13,7 +13,7 @@ // Content-Type: application/json // Identity-Digest: sha-256=:X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=: // Content-Length: 18 -// Signature-Input: signature=("identity-digest";sf);alg="ed25519"; \ +// Signature-Input: signature=("identity-digest";sf); \ // keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs="; \ // tag="sri" // Signature: signature=:TUznBT2ikFq6VrtoZeC5znRtZugu1U8OHJWoBkOLDTJA2FglSR34Q \ @@ -26,8 +26,8 @@ const kRequestWithValidSignature = { body: `{"hello": "world"}`, digest: `sha-256=:X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=:`, - signature: `signature=:TUznBT2ikFq6VrtoZeC5znRtZugu1U8OHJWoBkOLDTJA2FglSR34QY9j+BwN79PT4H0p8aIosnv4rXSKfIZVDA==:`, - signatureInput: `signature=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"` + signature: `signature=:eTKYITprfJYJmsOZlRTmu0szHbt0yLxHYBU0oXDdkx8najLl59IPO0zUofe5T23RGuquHLdZx177tBX45CUcAg==:`, + signatureInput: `signature=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri"` }; // Metadata from the response above, but with an incorrect signature: @@ -35,7 +35,7 @@ const kRequestWithInvalidSignature = { body: `{"hello": "world"}`, digest: `sha-256=:X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=:`, signature: `signature=:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==:`, - signatureInput: `signature=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"` + signatureInput: `signature=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri"` }; generate_fetch_test({}, "", EXPECT_LOADED, diff --git a/subresource-integrity/signatures/tentative/path.window.js b/subresource-integrity/signatures/tentative/path.window.js index 37a6c04046098c..f4d311183e3054 100644 --- a/subresource-integrity/signatures/tentative/path.window.js +++ b/subresource-integrity/signatures/tentative/path.window.js @@ -13,7 +13,7 @@ // Content-Type: application/json // Identity-Digest: sha-256=:X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=: // Content-Length: 18 -// Signature-Input: signature=("identity-digest";sf "@path";req);alg="ed25519"; \ +// Signature-Input: signature=("identity-digest";sf "@path";req); \ // keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs="; \ // tag="sri" // Signature: signature=:oVQ+s/OqXLAVdfvgZ3HaPiyzkpNXZSit9l6e1FB/gOOL3t8FOrIRDV \ @@ -33,26 +33,26 @@ const kRequestsWithValidSignature = [ // ``` // "identity-digest";sf: sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=: // "@path";req: /subresource-integrity/signatures/tentative/resource.py - // "@signature-params": ("identity-digest";sf "@path";req);alg="ed25519";keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" + // "@signature-params": ("identity-digest";sf "@path";req);keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" // ``` { body: "window.hello = `world`;", digest: "sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=:", - signature: `signature=:AEW2XbDmmBK71KBle0Dx1JAWAO7B4QdEH2Tw71c9nntjUmx8xF5t8xbsETRHFwULrvJ4STBFtdMVm5a7QIw5Cw==:`, - signatureInput: `signature=("identity-digest";sf "@path";req);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"` + signature: `signature=:W54PPjO6aWHvhTmDICG4EGLs461FrwYxXE/UkBH7dz9V5lnCtv3N6ZTmOxPRMkmADhRilem6W/Zq5SH9tVoxAg==:`, + signatureInput: `signature=("identity-digest";sf "@path";req);keyid="${kValidKeys['rfc']}";tag="sri"` }, // `@path` then `identity-digest`, with the following signature base: // // ``` // "@path";req: /subresource-integrity/signatures/tentative/resource.py // "identity-digest";sf: sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=: - // "@signature-params": ("@path";req "identity-digest";sf);alg="ed25519";keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" + // "@signature-params": ("@path";req "identity-digest";sf);keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" // ``` { body: "window.hello = `world`;", digest: "sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=:", - signature: `signature=:NEmnhhW1aKxO+ReWQmmSF17i49ZEdtDC4lRI2CJDw2E/rz9j2a8f8kIwVk7W/BIuQ6kejTAQ2FReGmmkREXPDg==:`, - signatureInput: `signature=("@path";req "identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"` + signature: `signature=:qF/RJ9L8bCpRx5cm6QW9qvqw7nU0ziwi6lLD6KkhT/ZgLS2c6O9s4UFXieM9+waU71YtNfTXQAQ4PeMSAVKlDQ==:`, + signatureInput: `signature=("@path";req "identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri"` } ]; diff --git a/subresource-integrity/signatures/tentative/script.window.js b/subresource-integrity/signatures/tentative/script.window.js index c9ccee34f324ef..11355ca694d27a 100644 --- a/subresource-integrity/signatures/tentative/script.window.js +++ b/subresource-integrity/signatures/tentative/script.window.js @@ -13,15 +13,15 @@ const kScriptToExecute = { signatures: { // ``` // "identity-digest";sf: sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=: - // "@signature-params": ("identity-digest";sf);alg="ed25519";keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" + // "@signature-params": ("identity-digest";sf);keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" // ``` - rfc: "pRcIRwdXaZL4XqkAo1a7mXIlzETMgG93JWWgqDlx6XhWe8mC8umiEgbI3afULpzT1Buro4ZJfzEXwy8tC5HaCA==", + rfc: "lDlqBb5/GLDB8GnVt3DqiytUJwFj4OPA7pO9eXBowN0qpqa2uNIHZz5IR+IdwOLKe5tBTLvmiMCsnvku3ecUAQ==", // ``` // "identity-digest";sf: sha-256=:PZJ+9CdAAIacg7wfUe4t/RkDQJVKM0mCZ2K7qiRhHFc=: - // "@signature-params": ("identity-digest";sf);alg="ed25519";keyid="xDnP380zcL4rJ76rXYjeHlfMyPZEOqpJYjsjEppbuXE=";tag="sri" + // "@signature-params": ("identity-digest";sf);keyid="xDnP380zcL4rJ76rXYjeHlfMyPZEOqpJYjsjEppbuXE=";tag="sri" // ``` - arbitrary: "6zUKqibVA3CzFvQj6a+irKnOB9ZY2ky5opG7TMpFF0BtvJ1oAjoVjW3uObPlD/PBOrmkXFNRNwv3PVerE12FDQ==" + arbitrary: "kTzkz6pMEMAOWxI7JPhcNGsPVdIeM1dLEGVIVDdHELY0KDp4TQILxmTElrWGib68KgalaV2oQMz3+XA2sk/ICA==" } }; @@ -32,15 +32,15 @@ const kScriptToBlock = { signatures: { // ``` // "identity-digest";sf: sha-256=:FUSFR1N3vTmSGbI7q9jaMbHq+ogNeBfpznOIufaIfpc=: - // "@signature-params": ("identity-digest";sf);alg="ed25519";keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" + // "@signature-params": ("identity-digest";sf);keyid="JrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs=";tag="sri" // ``` - rfc: "mXbPPr9LIwClnGOoPM/7mlRT3PfgCHnF4E5te6LocGWplqcxS6qKQoUPo/rnU8BxCY56/nI4BuGtgyjPr2lQCg==", + rfc: "IhHp/w0zpKnHvYStc2QuURfHyQBzgOHELlTt6RwspfvL23p/1CUzAnIu2WCKWtAFlZv6aZfggjLmiHJAHiWxAw==", // ``` // "identity-digest";sf: sha-256=:FUSFR1N3vTmSGbI7q9jaMbHq+ogNeBfpznOIufaIfpc=: - // "@signature-params": ("identity-digest";sf);alg="ed25519";keyid="xDnP380zcL4rJ76rXYjeHlfMyPZEOqpJYjsjEppbuXE";tag="sri" + // "@signature-params": ("identity-digest";sf);keyid="xDnP380zcL4rJ76rXYjeHlfMyPZEOqpJYjsjEppbuXE";tag="sri" // ``` - arbitrary: "FGQbZOeQIqXQLbooOWExK2M756WCcT4rcszNsXX6+Z6Wdofh4GKuXoFcFSdiYiGNamFMHEW6/BRMoVVjtnGwAg==" + arbitrary: "ghFEMST5TCy9a+cY7igV/RpdbOt26F9iJGNu7QTGQbJ1bZeaiqnH0WHWcfqRriFuzg1R7YAE3taZ94TA8K4ECg==" } }; @@ -63,13 +63,13 @@ generate_script_test(kUnsigned, `ed25519-${kValidKeys['rfc']}`, EXPECT_BLOCKED, const kSignedShouldExecute = { body: kScriptToExecute['body'], digest: `sha-256=:${kScriptToExecute['hash']}:`, - signatureInput: `signature=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"`, + signatureInput: `signature=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri"`, signature: `signature=:${kScriptToExecute['signatures']['rfc']}:` }; const kSignedShouldBlock = { body: kScriptToBlock['body'], digest: `sha-256=:${kScriptToBlock['hash']}:`, - signatureInput: `signature=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri"`, + signatureInput: `signature=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri"`, signature: `signature=:${kScriptToBlock['signatures']['rfc']}:` }; @@ -91,16 +91,16 @@ generate_script_test(kSignedShouldBlock, `ed25519-${kValidKeys['arbitrary']}`, E const kMultiplySignedShouldExecute = { body: kScriptToExecute['body'], digest: `sha-256=:${kScriptToExecute['hash']}:`, - signatureInput: `signature1=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri", ` + - `signature2=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['arbitrary']}";tag="sri"`, + signatureInput: `signature1=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri", ` + + `signature2=("identity-digest";sf);keyid="${kValidKeys['arbitrary']}";tag="sri"`, signature: `signature1=:${kScriptToExecute['signatures']['rfc']}:, ` + `signature2=:${kScriptToExecute['signatures']['arbitrary']}:` }; const kMultiplySignedShouldBlock = { body: kScriptToBlock['body'], digest: `sha-256=:${kScriptToBlock['hash']}:`, - signatureInput: `signature1=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['rfc']}";tag="sri", ` + - `signature2=("identity-digest";sf);alg="ed25519";keyid="${kValidKeys['arbitrary']}";tag="sri"`, + signatureInput: `signature1=("identity-digest";sf);keyid="${kValidKeys['rfc']}";tag="sri", ` + + `signature2=("identity-digest";sf);keyid="${kValidKeys['arbitrary']}";tag="sri"`, signature: `signature1=:${kScriptToBlock['signatures']['rfc']}:, ` + `signature2=:${kScriptToBlock['signatures']['arbitrary']}:` };