1# Copyright 2022 The Chromium Authors 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4"""Calculates the pervasive payload checksum""" 5 6import hashlib 7 8INCLUDE_HEADERS = frozenset([ 9 "access-control-allow-credentials", "access-control-allow-headers", 10 "access-control-allow-methods", "access-control-allow-origin", 11 "access-control-expose-headers", "access-control-max-age", 12 "access-control-request-headers", "access-control-request-method", 13 "clear-site-data", "content-encoding", "content-security-policy", 14 "content-type", "cross-origin-embedder-policy", 15 "cross-origin-opener-policy", "cross-origin-resource-policy", "location", 16 "sec-websocket-accept", "sec-websocket-extensions", "sec-websocket-key", 17 "sec-websocket-protocol", "sec-websocket-version", "upgrade", "vary" 18]) 19 20 21def calculate_checksum(headers, raw_body): 22 """Calculates the pervasive payload checksum for a given resource 23 24 `headers` should be a list of name, value tuples. 25 `raw_body` should be the response body exactly as returned by the server, 26 without decompression or other filtering applied. 27 Returns the SHA-256 checksum of the resource, calculated per the cache 28 transparency serialization algorithm. 29 """ 30 31 checksum_input = "" 32 33 headers = [(name.lower(), value) for name, value in headers] 34 headers.sort() 35 36 for header in headers: 37 if header[0] in INCLUDE_HEADERS: 38 checksum_input += header[0] + ": " + header[1] + "\n" 39 40 checksum_input += "\n" 41 checksum_input = checksum_input.encode() 42 43 checksum_input += raw_body 44 45 return hashlib.sha256(checksum_input).hexdigest().upper() 46