OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/common/component_flash_hint_file.h" | |
Bernhard Bauer
2015/08/13 12:40:26
So, if someone on non-Linux calls a method from th
Greg K
2015/08/13 22:00:45
I'm going to make the header Linux-only, because I
Bernhard Bauer
2015/08/14 07:55:12
In that case, consider renaming the header to ..._
| |
6 | |
7 #include <fcntl.h> | |
8 #include <sys/mman.h> | |
9 | |
10 #include "base/base64.h" | |
11 #include "base/files/file_path.h" | |
12 #include "base/files/file_util.h" | |
13 #include "base/files/important_file_writer.h" | |
14 #include "base/files/memory_mapped_file.h" | |
15 #include "base/files/scoped_file.h" | |
16 #include "base/json/json_string_value_serializer.h" | |
17 #include "base/path_service.h" | |
18 #include "base/posix/eintr_wrapper.h" | |
19 #include "base/stl_util.h" | |
20 #include "base/values.h" | |
21 #include "chrome/common/chrome_paths.h" | |
22 #include "crypto/secure_hash.h" | |
23 #include "crypto/secure_util.h" | |
24 #include "crypto/sha2.h" | |
25 | |
26 namespace chrome { | |
27 | |
28 namespace ComponentFlashHintFile { | |
29 | |
30 namespace { | |
31 // The current version of the hints file. | |
32 const int kCurrentHintFileVersion = 0x10; | |
33 // The earliest version of the hints file. | |
34 const int kEarliestHintFileVersion = 0x10; | |
35 // The Version field in the JSON encoded file. | |
36 const char kVersionField[] = "Version"; | |
37 // The HashAlgorithm field in the JSON encoded file. | |
38 const char kHashAlgoField[] = "HashAlgorithm"; | |
39 // The Hash field in the JSON encoded file. | |
40 const char kHashField[] = "Hash"; | |
41 // The PluginPath field in the JSON encoded file. | |
42 const char kPluginPath[] = "PluginPath"; | |
43 // The PluginVersion field in the JSON encoded file. | |
44 const char kPluginVersion[] = "PluginVersion"; | |
45 // For use with the scoped_ptr of an mmap-ed buffer | |
46 struct MmapDeleter { | |
47 size_t map_size; | |
48 inline void operator()(uint8_t* ptr) const { | |
49 if (ptr != MAP_FAILED) | |
50 munmap(ptr, map_size); | |
51 } | |
52 }; | |
53 | |
54 // Hashes the plugin file and returns the result in the out params. | |
55 // |mapped_file| is the file to be hashed. | |
56 // |result| is the buffer, which must be of size crypto::kSHA256Length, which | |
57 // will contain the hash. | |
58 // |len| is the size of the buffer, which must be crypto::kSHA256Length. | |
59 void SHA256Hash(const base::MemoryMappedFile& mapped_file, | |
60 void* result, | |
61 size_t len) { | |
62 CHECK_EQ(crypto::kSHA256Length, len); | |
63 scoped_ptr<crypto::SecureHash> secure_hash( | |
64 crypto::SecureHash::Create(crypto::SecureHash::SHA256)); | |
65 secure_hash->Update(mapped_file.data(), mapped_file.length()); | |
66 secure_hash->Finish(result, len); | |
67 } | |
68 | |
69 // This will serialize the file to disk as JSON. The format is: | |
70 // { | |
71 // "Version": 0x10, | |
72 // "HashAlgorithm": SecureHash::SHA256, | |
73 // "Hash": <Base64 Encoded Hash>, | |
74 // "PluginPath": /path/to/component/updated/flash.so, | |
75 // "PluginVersion": "1.0.0.1" | |
76 // } | |
77 bool WriteToDisk(const int version, | |
78 const crypto::SecureHash::Algorithm algorithm, | |
79 const std::string& hash, | |
80 const base::FilePath& plugin_path, | |
81 const std::string& flash_version) { | |
82 base::FilePath hint_file_path; | |
83 if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) | |
84 return false; | |
85 | |
86 std::string encoded_hash; | |
87 base::Base64Encode(hash, &encoded_hash); | |
88 | |
89 // Now construct a Value object to convert to JSON. | |
90 base::DictionaryValue dict; | |
91 dict.SetInteger(kVersionField, version); | |
92 dict.SetInteger(kHashAlgoField, crypto::SecureHash::SHA256); | |
93 dict.SetString(kHashField, encoded_hash); | |
94 dict.SetString(kPluginPath, plugin_path.value()); | |
95 dict.SetString(kPluginVersion, flash_version); | |
96 // Do the serialization of the DictionaryValue to JSON. | |
97 std::string json_string; | |
98 JSONStringValueSerializer serializer(&json_string); | |
99 if (!serializer.Serialize(dict)) | |
100 return false; | |
101 | |
102 return base::ImportantFileWriter::WriteFileAtomically(hint_file_path, | |
103 json_string); | |
104 } | |
105 | |
106 } // namespace | |
107 | |
108 bool TestExecutableMapping(const base::FilePath& path) { | |
109 const base::ScopedFD fd( | |
110 HANDLE_EINTR(open(path.value().c_str(), O_RDONLY | O_CLOEXEC))); | |
111 if (!fd.is_valid()) | |
112 return false; | |
113 const MmapDeleter deleter = {sizeof(uint8_t)}; | |
Bernhard Bauer
2015/08/13 12:40:26
Is this ({sizeof(uint8_t)}) the |map_size|? Any re
Greg K
2015/08/13 22:00:45
Done.
| |
114 scoped_ptr<uint8_t, MmapDeleter> buf_ptr( | |
115 reinterpret_cast<uint8_t*>(mmap(NULL, deleter.map_size, | |
Bernhard Bauer
2015/08/13 12:40:26
Use nullptr rather than NULL.
Greg K
2015/08/13 22:00:45
Done.
| |
116 PROT_READ | PROT_EXEC, MAP_PRIVATE, | |
117 fd.get(), 0)), | |
118 deleter); | |
119 return buf_ptr.get() != MAP_FAILED; | |
120 } | |
121 | |
122 bool RecordFlashUpdate(const base::FilePath& unpacked_plugin, | |
123 const base::FilePath& moved_plugin, | |
124 const std::string& version) { | |
125 base::MemoryMappedFile mapped_file; | |
126 if (!mapped_file.Initialize(unpacked_plugin)) | |
127 return false; | |
128 | |
129 std::string hash(crypto::kSHA256Length, 0); | |
130 SHA256Hash(mapped_file, string_as_array(&hash), hash.size()); | |
131 | |
132 return WriteToDisk(kCurrentHintFileVersion, | |
133 crypto::SecureHash::Algorithm::SHA256, hash, moved_plugin, | |
134 version); | |
135 } | |
136 | |
137 bool DoesHintFileExist() { | |
138 base::FilePath hint_file_path; | |
139 if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) | |
140 return false; | |
141 return base::PathExists(hint_file_path); | |
142 } | |
143 | |
144 bool VerifyAndReturnFlashLocation(base::FilePath* path, | |
145 std::string* flash_version) { | |
146 base::FilePath hint_file_path; | |
147 if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) | |
148 return false; | |
149 | |
150 std::string json_string; | |
151 if (!base::ReadFileToString(hint_file_path, &json_string)) | |
152 return false; | |
153 | |
154 int error_code; | |
155 std::string error_message; | |
156 JSONStringValueDeserializer deserializer(json_string); | |
157 const scoped_ptr<base::Value> value( | |
158 deserializer.Deserialize(&error_code, &error_message)); | |
159 | |
160 if (value == nullptr) { | |
Bernhard Bauer
2015/08/13 12:40:26
I would just do !value.
Greg K
2015/08/13 22:00:45
Done.
| |
161 LOG(ERROR) | |
162 << "Could not deserialize the component updated flash hint file. Error " | |
163 << error_code << ": " << error_message; | |
164 return false; | |
165 } | |
166 | |
167 base::DictionaryValue* dict = nullptr; | |
168 if (!value->GetAsDictionary(&dict)) | |
169 return false; | |
170 | |
171 int version; | |
172 if (!dict->GetInteger(kVersionField, &version)) | |
173 return false; | |
174 if (version < kEarliestHintFileVersion || version > kCurrentHintFileVersion) | |
175 return false; | |
176 | |
177 int hash_algorithm; | |
178 if (!dict->GetInteger(kHashAlgoField, &hash_algorithm)) | |
179 return false; | |
180 if (hash_algorithm != crypto::SecureHash::SHA256) | |
181 return false; | |
182 | |
183 std::string hash; | |
184 if (!dict->GetString(kHashField, &hash)) | |
185 return false; | |
186 | |
187 std::string plugin_path_str; | |
188 if (!dict->GetString(kPluginPath, &plugin_path_str)) | |
189 return false; | |
190 | |
191 std::string plugin_version_str; | |
192 if (!dict->GetString(kPluginVersion, &plugin_version_str)) | |
193 return false; | |
194 | |
195 std::string decoded_hash; | |
196 if (!base::Base64Decode(hash, &decoded_hash)) | |
197 return false; | |
198 | |
199 const base::FilePath plugin_path(plugin_path_str); | |
200 base::MemoryMappedFile plugin_file; | |
201 if (!plugin_file.Initialize(plugin_path)) | |
202 return false; | |
203 | |
204 std::vector<uint8_t> file_hash(crypto::kSHA256Length, 0); | |
205 SHA256Hash(plugin_file, &file_hash[0], file_hash.size()); | |
206 if (!crypto::SecureMemEqual(&file_hash[0], string_as_array(&decoded_hash), | |
Bernhard Bauer
2015/08/13 12:40:26
Is it actually important not to leak side-channel
Greg K
2015/08/13 22:00:44
It's not a huge concern, but to be thorough and ca
Bernhard Bauer
2015/08/14 07:55:12
Ok... although I would hope that if the use case o
| |
207 crypto::kSHA256Length)) { | |
208 LOG(ERROR) | |
209 << "The hash recorded in the component flash hint file does not " | |
210 "match the actual hash of the flash plugin found on disk. The " | |
211 "component flash plugin will not be loaded."; | |
212 return false; | |
213 } | |
214 | |
215 *path = plugin_path; | |
216 flash_version->assign(plugin_version_str); | |
217 return true; | |
218 } | |
219 | |
220 } // namespace ComponentFlashHintFile | |
221 | |
222 } // namespace chrome | |
OLD | NEW |