Revert "BUG=12114"

chrome/browser/extensions/extensions_service.cc

 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/extensions_service.h"
 
 #include "app/l10n_util.h"
 #include "base/command_line.h"
-#include "base/crypto/signature_verifier.h"
 #include "base/file_util.h"
 #include "base/gfx/png_encoder.h"
 #include "base/scoped_handle.h"
 #include "base/scoped_temp_dir.h"
 #include "base/string_util.h"
 #include "base/third_party/nss/blapi.h"
 #include "base/third_party/nss/sha256.h"
 #include "base/thread.h"
 #include "base/values.h"
 #include "net/base/file_stream.h"
 #include "chrome/browser/browser.h"
 #include "chrome/browser/browser_list.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_thread.h"
-#include "chrome/browser/extensions/extension_creator.h"
 #include "chrome/browser/extensions/extension_browser_event_router.h"
 #include "chrome/browser/extensions/extension_process_manager.h"
 #include "chrome/browser/profile.h"
 #include "chrome/browser/utility_process_host.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_error_reporter.h"
 #include "chrome/common/extensions/extension_unpacker.h"
 #include "chrome/common/json_value_serializer.h"
 #include "chrome/common/notification_service.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/pref_service.h"
 #include "chrome/common/zip.h"
 #include "chrome/common/url_constants.h"
 #include "grit/chromium_strings.h"
 #include "grit/generated_resources.h"
-#include "net/base/base64.h"
 #include "third_party/skia/include/core/SkBitmap.h"
 
 #if defined(OS_WIN)
 #include "app/win_util.h"
 #include "base/registry.h"
 #include "base/win_util.h"
 #endif
 
 // ExtensionsService.
 
-const char ExtensionsService::kExtensionHeaderMagic[] = "Cr24";
-
 const char* ExtensionsService::kInstallDirectoryName = "Extensions";
 const char* ExtensionsService::kCurrentVersionFileName = "Current Version";
 const char* ExtensionsServiceBackend::kTempExtensionName = "TEMP_INSTALL";
 
 namespace {
 
 // A preference that keeps track of extension settings. This is a dictionary
 // object read from the Preferences file, keyed off of extension id's.
 const wchar_t kExternalExtensionsPref[] = L"extensions.settings";
 
@@ skipping 16 matching lines @@
 
 #endif
 
 // A marker file to indicate that an extension was installed from an external
 // source.
 const char kExternalInstallFile[] = "EXTERNAL_INSTALL";
 
 // A temporary subdirectory where we unpack extensions.
 const char* kUnpackExtensionDir = "TEMP_UNPACK";
 
-// Unpacking errors
-const char* kBadMagicNumberError = "Bad magic number";
-const char* kBadHeaderSizeError = "Excessively large key or signature";
-const char* kBadVersionNumberError = "Bad version number";
-const char* kInvalidExtensionHeaderError = "Invalid extension header";
-const char* kInvalidPublicKeyError = "Invalid public key";
-const char* kInvalidSignatureError = "Invalid signature";
-const char* kSignatureVerificationFailed = "Signature verification failed";
-const char* kSignatureVerificationInitFailed =
-    "Signature verification initialization failed. This is most likely "
-    "caused by a public key in the wrong format (should encode algorithm).";
+// The version of the extension package that this code understands.
+const uint32 kExpectedVersion = 1;
 }
 
 // This class coordinates an extension unpack task which is run in a separate
 // process.  Results are sent back to this class, which we route to the
 // ExtensionServiceBackend.
 class ExtensionsServiceBackend::UnpackerClient
     : public UtilityProcessHost::Client {
  public:
   UnpackerClient(ExtensionsServiceBackend* backend,
                  const FilePath& extension_path,
-                 const std::string& public_key,
                  const std::string& expected_id,
                  bool from_external)
     : backend_(backend), extension_path_(extension_path),
-      public_key_(public_key), expected_id_(expected_id),
-      from_external_(from_external), got_response_(false) {
+      expected_id_(expected_id), from_external_(from_external),
+      got_response_(false) {
   }
 
   // Starts the unpack task.  We call back to the backend when the task is done,
   // or a problem occurs.
   void Start() {
     AddRef();  // balanced in OnUnpackExtensionReply()
 
     // TODO(mpcomplete): handle multiple installs
     FilePath temp_dir = backend_->install_directory_.AppendASCII(
         kUnpackExtensionDir);
@@ skipping 44 matching lines @@
                                                 &images)) {
        OnUnpackExtensionFailed("Couldn't read image data from disk.");
      } else {
        OnUnpackExtensionSucceededImpl(manifest, images);
      }
   }
 
   void OnUnpackExtensionSucceededImpl(
       const DictionaryValue& manifest,
       const ExtensionUnpacker::DecodedImages& images) {
-    // Add our public key into the parsed manifest. We want it to be saved so
-    // that we can later refer to it (eg for generating ids, validating
-    // signatures, etc).
-    // The const_cast is hacky, but seems like the right thing here, rather than
-    // making a full copy just to make this change.
-    const_cast<DictionaryValue*>(&manifest)->SetString(
-        Extension::kPublicKeyKey, public_key_);
-
     // The extension was unpacked to the temp dir inside our unpacking dir.
     FilePath extension_dir = temp_extension_path_.DirName().AppendASCII(
         ExtensionsServiceBackend::kTempExtensionName);
     backend_->OnExtensionUnpacked(extension_path_, extension_dir,
                                   expected_id_, from_external_,
                                   manifest, images);
     Cleanup();
   }
 
   virtual void OnUnpackExtensionFailed(const std::string& error_message) {
@@ skipping 16 matching lines @@
                               MessageLoop* file_loop) {
     UtilityProcessHost* host = new UtilityProcessHost(rdh, this, file_loop);
     host->StartExtensionUnpacker(temp_extension_path_);
   }
 
   scoped_refptr<ExtensionsServiceBackend> backend_;
 
   // The path to the crx file that we're installing.
   FilePath extension_path_;
 
-  // The public key of the extension we're installing.
-  std::string public_key_;
-
   // The path to the copy of the crx file in the temporary directory where we're
   // unpacking it.
   FilePath temp_extension_path_;
 
   // The ID we expect this extension to have, if any.
   std::string expected_id_;
 
   // True if this is being installed from an external source.
   bool from_external_;
 
@@ skipping 152 matching lines @@
 
   NotificationService::current()->Notify(
       NotificationType::EXTENSIONS_LOADED,
       NotificationService::AllSources(),
       Details<ExtensionList>(&enabled_extensions));
 
   delete new_extensions;
 }
 
 void ExtensionsService::OnExtensionInstalled(Extension* extension,
-    Extension::InstallType install_type) {
+                                             bool update) {
   UpdateExtensionPref(ASCIIToWide(extension->id()), kState,
                       Value::CreateIntegerValue(Extension::ENABLED), false);
   UpdateExtensionPref(ASCIIToWide(extension->id()), kLocation,
                       Value::CreateIntegerValue(Extension::INTERNAL), true);
 
   // If the extension is a theme, tell the profile (and therefore ThemeProvider)
   // to apply it.
   if (extension->IsTheme()) {
     NotificationService::current()->Notify(
         NotificationType::THEME_INSTALLED,
         NotificationService::AllSources(),
         Details<Extension>(extension));
   } else {
     NotificationService::current()->Notify(
         NotificationType::EXTENSION_INSTALLED,
         NotificationService::AllSources(),
         Details<Extension>(extension));
   }
 }
 
 void ExtensionsService::OnExternalExtensionInstalled(
     const std::string& id, Extension::Location location) {
   DCHECK(Extension::IsExternalLocation(location));
   UpdateExtensionPref(ASCIIToWide(id), kState,
                       Value::CreateIntegerValue(Extension::ENABLED), false);
   UpdateExtensionPref(ASCIIToWide(id), kLocation,
                       Value::CreateIntegerValue(location), true);
 }
 
-void ExtensionsService::OnExtensionOverinstallAttempted(const std::string& id) {
+void ExtensionsService::OnExtensionVersionReinstalled(const std::string& id) {
   Extension* extension = GetExtensionByID(id);
   if (extension && extension->IsTheme()) {
     NotificationService::current()->Notify(
         NotificationType::THEME_INSTALLED,
         NotificationService::AllSources(),
         Details<Extension>(extension));
   }
 }
 
 Extension* ExtensionsService::GetExtensionByID(std::string id) {
@@ skipping 200 matching lines @@
   Extension* extension = LoadExtension(extension_path,
                                        false);  // don't require ID
   if (extension) {
     extension->set_location(Extension::LOAD);
     ExtensionList* extensions = new ExtensionList;
     extensions->push_back(extension);
     ReportExtensionsLoaded(extensions);
   }
 }
 
-DictionaryValue* ExtensionsServiceBackend::ReadManifest(FilePath manifest_path,
-                                                        std::string* error) {
-  JSONFileValueSerializer serializer(manifest_path);
-  scoped_ptr<Value> root(serializer.Deserialize(error));
-  if (!root.get())
-    return NULL;
-
-  if (!root->IsType(Value::TYPE_DICTIONARY)) {
-    *error = Extension::kInvalidManifestError;
-    return NULL;
-  }
-
-  return static_cast<DictionaryValue*>(root.release());
-}
-
 Extension* ExtensionsServiceBackend::LoadExtension(
     const FilePath& extension_path, bool require_id) {
   FilePath manifest_path =
       extension_path.AppendASCII(Extension::kManifestFilename);
   if (!file_util::PathExists(manifest_path)) {
     ReportExtensionLoadError(extension_path, Extension::kInvalidManifestError);
     return NULL;
   }
 
+  JSONFileValueSerializer serializer(manifest_path);
   std::string error;
-  scoped_ptr<DictionaryValue> root(ReadManifest(manifest_path, &error));
+  scoped_ptr<Value> root(serializer.Deserialize(&error));
   if (!root.get()) {
     ReportExtensionLoadError(extension_path, error);
     return NULL;
   }
 
+  if (!root->IsType(Value::TYPE_DICTIONARY)) {
+    ReportExtensionLoadError(extension_path, Extension::kInvalidManifestError);
+    return NULL;
+  }
+
   scoped_ptr<Extension> extension(new Extension(extension_path));
-  if (!extension->InitFromValue(*root.get(), require_id, &error)) {
+  if (!extension->InitFromValue(*static_cast<DictionaryValue*>(root.get()),
+                                require_id, &error)) {
     ReportExtensionLoadError(extension_path, error);
     return NULL;
   }
 
   FilePath external_marker = extension_path.AppendASCII(kExternalInstallFile);
   if (file_util::PathExists(external_marker)) {
     extension->set_location(
       extension->ExternalExtensionInstallType(registry_path_));
   } else {
     extension->set_location(Extension::INTERNAL);
@@ skipping 94 matching lines @@
       dir.AppendASCII(ExtensionsService::kCurrentVersionFileName);
   if (file_util::PathExists(current_version)) {
     if (file_util::ReadFileToString(current_version, version_string)) {
       TrimWhitespace(*version_string, TRIM_ALL, version_string);
       return true;
     }
   }
   return false;
 }
 
-Extension::InstallType ExtensionsServiceBackend::CompareToInstalledVersion(
-    const std::string& id,
+bool ExtensionsServiceBackend::CheckCurrentVersion(
     const std::string& new_version_str,
-    std::string *current_version_str) {
-  CHECK(current_version_str);
-  FilePath dir(install_directory_.AppendASCII(id.c_str()));
-  if (!ReadCurrentVersion(dir, current_version_str))
-    return Extension::NEW_INSTALL;
-
+    const std::string& current_version_str,
+    const FilePath& dest_dir) {
   scoped_ptr<Version> current_version(
-    Version::GetVersionFromString(*current_version_str));
+      Version::GetVersionFromString(current_version_str));
   scoped_ptr<Version> new_version(
-    Version::GetVersionFromString(new_version_str));
-  int comp = new_version->CompareTo(*current_version);
-  if (comp > 0)
-    return Extension::UPGRADE;
-  else if (comp == 0)
-    return Extension::REINSTALL;
-  else
-    return Extension::DOWNGRADE;
-}
-
-bool ExtensionsServiceBackend::NeedsReinstall(const std::string& id,
-    const std::string& current_version) {
-  // Verify that the directory actually exists.
-  // TODO(erikkay): A further step would be to verify that the extension
-  // has actually loaded successfully.
-  FilePath dir(install_directory_.AppendASCII(id.c_str()));
-  FilePath version_dir(dir.AppendASCII(current_version));
-  return !file_util::PathExists(version_dir);
+      Version::GetVersionFromString(new_version_str));
+  if (current_version->CompareTo(*new_version) >= 0) {
+    // Verify that the directory actually exists.  If it doesn't we'll return
+    // true so that the install code will repair the broken installation.
+    // TODO(erikkay): A further step would be to verify that the extension
+    // has actually loaded successfully.
+    FilePath version_dir = dest_dir.AppendASCII(current_version_str);
+    if (file_util::PathExists(version_dir)) {
+      std::string id = WideToASCII(dest_dir.BaseName().ToWStringHack());
+      StringToLowerASCII(&id);
+      ReportExtensionVersionReinstalled(id);
+      return false;
+    }
+  }
+  return true;
 }
 
 bool ExtensionsServiceBackend::InstallDirSafely(const FilePath& source_dir,
                                                 const FilePath& dest_dir) {
   if (file_util::PathExists(dest_dir)) {
     // By the time we get here, it should be safe to assume that this directory
     // is not currently in use (it's not the current active version).
     if (!file_util::Delete(dest_dir, true)) {
       ReportExtensionInstallError(source_dir,
           "Can't delete existing version directory.");
@@ skipping 66 matching lines @@
   LOG(INFO) << "Installing extension " << extension_path.value();
 
   frontend_ = frontend;
   alert_on_error_ = true;
 
   bool from_external = false;
   InstallOrUpdateExtension(extension_path, std::string(), from_external);
 }
 
 void ExtensionsServiceBackend::InstallOrUpdateExtension(
-    const FilePath& extension_path,
-    const std::string& expected_id,
+    const FilePath& extension_path, const std::string& expected_id,
     bool from_external) {
-  std::string actual_public_key;
-  if (!ValidateSignature(extension_path, &actual_public_key))
-    return;  // Failures reported within ValidateSignature().
-
-  UnpackerClient* client = new UnpackerClient(
-      this, extension_path, actual_public_key, expected_id, from_external);
+  UnpackerClient* client =
+      new UnpackerClient(this, extension_path, expected_id, from_external);
   client->Start();
 }
 
-bool ExtensionsServiceBackend::ValidateSignature(const FilePath& extension_path,
-                                                 std::string* key_out) {
-  ScopedStdioHandle file(file_util::OpenFile(extension_path, "rb"));
-  if (!file.get()) {
-    ReportExtensionInstallError(extension_path, "Could not open file.");
-    return NULL;
-  }
-
-  // Read and verify the header.
-  ExtensionsService::ExtensionHeader header;
-  size_t len;
-
-  // TODO(erikkay): Yuck.  I'm not a big fan of this kind of code, but it
-  // appears that we don't have any endian/alignment aware serialization
-  // code in the code base.  So for now, this assumes that we're running
-  // on a little endian machine with 4 byte alignment.
-  len = fread(&header, 1, sizeof(ExtensionsService::ExtensionHeader),
-      file.get());
-  if (len < sizeof(ExtensionsService::ExtensionHeader)) {
-    ReportExtensionInstallError(extension_path, kInvalidExtensionHeaderError);
-    return false;
-  }
-  if (strncmp(ExtensionsService::kExtensionHeaderMagic, header.magic,
-      sizeof(header.magic))) {
-    ReportExtensionInstallError(extension_path, kBadMagicNumberError);
-    return false;
-  }
-  if (header.version != ExtensionsService::kCurrentVersion) {
-    ReportExtensionInstallError(extension_path, kBadVersionNumberError);
-    return false;
-  }
-  if (header.key_size > ExtensionsService::kMaxPublicKeySize ||
-      header.signature_size > ExtensionsService::kMaxSignatureSize) {
-    ReportExtensionInstallError(extension_path, kBadHeaderSizeError);
-    return false;
-  }
-
-  std::vector<uint8> key;
-  key.resize(header.key_size);
-  len = fread(&key.front(), sizeof(uint8), header.key_size, file.get());
-  if (len < header.key_size) {
-    ReportExtensionInstallError(extension_path, kInvalidPublicKeyError);
-    return false;
-  }
-
-  std::vector<uint8> signature;
-  signature.resize(header.signature_size);
-  len = fread(&signature.front(), sizeof(uint8), header.signature_size,
-      file.get());
-  if (len < header.signature_size) {
-    ReportExtensionInstallError(extension_path, kInvalidSignatureError);
-    return false;
-  }
-
-  // Note: this structure is an ASN.1 which encodes the algorithm used
-  // with its parameters. This is defined in PKCS #1 v2.1 (RFC 3447).
-  // It is encoding: { OID sha1WithRSAEncryption      PARAMETERS NULL }
-  // TODO(aa): This needs to be factored away someplace common.
-  const uint8 signature_algorithm[15] = {
-    0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
-    0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00
-  };
-
-  base::SignatureVerifier verifier;
-  if (!verifier.VerifyInit(signature_algorithm,
-                           sizeof(signature_algorithm),
-                           &signature.front(),
-                           signature.size(),
-                           &key.front(),
-                           key.size())) {
-    ReportExtensionInstallError(extension_path,
-        kSignatureVerificationInitFailed);
-    return false;
-  }
-
-  unsigned char buf[1 << 12];
-  while ((len = fread(buf, 1, sizeof(buf), file.get())) > 0)
-    verifier.VerifyUpdate(buf, len);
-
-  if (!verifier.VerifyFinal()) {
-    ReportExtensionInstallError(extension_path, kSignatureVerificationFailed);
-    return false;
-  }
-
-  net::Base64Encode(std::string(reinterpret_cast<char*>(&key.front()),
-      key.size()), key_out);
-  return true;
-}
-
 void ExtensionsServiceBackend::OnExtensionUnpacked(
     const FilePath& extension_path,
     const FilePath& temp_extension_dir,
     const std::string expected_id,
     bool from_external,
     const DictionaryValue& manifest,
     const std::vector< Tuple2<SkBitmap, FilePath> >& images) {
   Extension extension;
   std::string error;
   if (!extension.InitFromValue(manifest,
@@ skipping 42 matching lines @@
     error_msg += expected_id;
     error_msg += ")";
     ReportExtensionInstallError(extension_path, error_msg);
     return;
   }
 
   // <profile>/Extensions/<id>
   FilePath dest_dir = install_directory_.AppendASCII(extension.id());
   std::string version = extension.VersionString();
   std::string current_version;
-  Extension::InstallType install_type =
-      CompareToInstalledVersion(extension.id(), version, &current_version);
-
-  // Do not allow downgrade.
-  if (install_type == Extension::DOWNGRADE) {
-    ReportExtensionInstallError(extension_path,
-        "Error: Attempt to downgrade extension from more recent version.");
-    return;
-  }
-
-  if (install_type == Extension::REINSTALL) {
-    if (NeedsReinstall(extension.id(), current_version)) {
-      // Treat corrupted existing installation as new install case.
-      install_type = Extension::NEW_INSTALL;
-    } else {
-      // The client may use this as a signal (to switch themes, for instance).
-      ReportExtensionOverinstallAttempted(extension.id());
+  bool was_update = false;
+  if (ReadCurrentVersion(dest_dir, &current_version)) {
+    if (!CheckCurrentVersion(version, current_version, dest_dir))
       return;
-    }
+    was_update = true;
   }
 
   // Write our parsed manifest back to disk, to ensure it doesn't contain an
   // exploitable bug that can be used to compromise the browser.
   std::string manifest_json;
   JSONStringValueSerializer serializer(&manifest_json);
   serializer.set_pretty_print(true);
   if (!serializer.Serialize(manifest)) {
     ReportExtensionInstallError(extension_path,
                                 "Error serializing manifest.json.");
@@ skipping 78 matching lines @@
   // occurs before the normal startup so we just let startup pick them up. We
   // notify on installation of external extensions because we need to update
   // the preferences for these extensions to reflect that they've just been
   // installed.
   if (!from_external) {
     Extension* extension = LoadExtension(version_dir, true);  // require id
     CHECK(extension);
 
     frontend_loop_->PostTask(FROM_HERE, NewRunnableMethod(
         frontend_, &ExtensionsService::OnExtensionInstalled, extension,
-        install_type));
+        was_update));
 
     // Only one extension, but ReportExtensionsLoaded can handle multiple,
     // so we need to construct a list.
     scoped_ptr<ExtensionList> extensions(new ExtensionList);
     extensions->push_back(extension);
     LOG(INFO) << "Done.";
     // Hand off ownership of the loaded extensions to the frontend.
     ReportExtensionsLoaded(extensions.release());
   } else {
     frontend_loop_->PostTask(FROM_HERE, NewRunnableMethod(
         frontend_, &ExtensionsService::OnExternalExtensionInstalled,
         extension.id(),
         extension.ExternalExtensionInstallType(registry_path_)));
   }
 
   scoped_version_dir.Take();
 }
 
 void ExtensionsServiceBackend::ReportExtensionInstallError(
     const FilePath& extension_path,  const std::string &error) {
 
   // TODO(erikkay): note that this isn't guaranteed to work properly on Linux.
   std::string path_str = WideToASCII(extension_path.ToWStringHack());
   std::string message =
       StringPrintf("Could not install extension from '%s'. %s",
                    path_str.c_str(), error.c_str());
   ExtensionErrorReporter::GetInstance()->ReportError(message, alert_on_error_);
 }
 
-void ExtensionsServiceBackend::ReportExtensionOverinstallAttempted(
+void ExtensionsServiceBackend::ReportExtensionVersionReinstalled(
     const std::string& id) {
   frontend_loop_->PostTask(FROM_HERE, NewRunnableMethod(
-      frontend_, &ExtensionsService::OnExtensionOverinstallAttempted, id));
+      frontend_, &ExtensionsService::OnExtensionVersionReinstalled, id));
 }
 
 bool ExtensionsServiceBackend::ShouldSkipInstallingExtension(
     const std::set<std::string>& ids_to_ignore,
     const std::string& id) {
   if (ids_to_ignore.find(id) != ids_to_ignore.end()) {
     LOG(INFO) << "Skipping uninstalled external extension " << id;
     return true;
   }
   return false;
@@ skipping 165 matching lines @@
   // not a big deal though, because we'll notice next time we startup that the
   // Current Version file is gone and finish the delete then.
   if (!file_util::Delete(extension_directory, true)) {
     LOG(WARNING) << "Could not delete directory for extension "
                  << extension_id;
   }
 }
 
 bool ExtensionsServiceBackend::ShouldInstall(const std::string& id,
                                              const std::string& version) {
+  FilePath dir(install_directory_.AppendASCII(id.c_str()));
   std::string current_version;
-  Extension::InstallType install_type = CompareToInstalledVersion(id, version,
-      &current_version);
-
-  if (install_type == Extension::DOWNGRADE)
-    return false;
-
-  return (install_type == Extension::UPGRADE ||
-          install_type == Extension::NEW_INSTALL ||
-          NeedsReinstall(id, current_version));
+  if (ReadCurrentVersion(dir, &current_version)) {
+    return CheckCurrentVersion(version, current_version, dir);
+  }
+  return true;
 }