| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/crx_file/crx_file.h" | 5 #include "components/crx_file/crx_file.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/files/file_util.h" | 9 #include "base/files/file_util.h" |
| 10 #include "base/files/scoped_file.h" | 10 #include "base/files/scoped_file.h" |
| 11 #include "base/macros.h" |
| 11 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/numerics/safe_math.h" | 13 #include "base/numerics/safe_math.h" |
| 13 #include "base/strings/string_number_conversions.h" | 14 #include "base/strings/string_number_conversions.h" |
| 14 #include "base/strings/string_util.h" | 15 #include "base/strings/string_util.h" |
| 15 #include "components/crx_file/constants.h" | 16 #include "components/crx_file/constants.h" |
| 16 #include "components/crx_file/id_util.h" | 17 #include "components/crx_file/id_util.h" |
| 17 #include "crypto/secure_hash.h" | 18 #include "crypto/secure_hash.h" |
| 18 #include "crypto/sha2.h" | 19 #include "crypto/sha2.h" |
| 19 #include "crypto/signature_verifier.h" | 20 #include "crypto/signature_verifier.h" |
| 20 | 21 |
| 21 namespace crx_file { | 22 namespace crx_file { |
| 22 | 23 |
| 23 namespace { | 24 namespace { |
| 24 | 25 |
| 25 // The current version of the crx format. | 26 // The current version of the crx format. |
| 26 static const uint32 kCurrentVersion = 2; | 27 static const uint32_t kCurrentVersion = 2; |
| 27 | 28 |
| 28 // The current version of the crx diff format. | 29 // The current version of the crx diff format. |
| 29 static const uint32 kCurrentDiffVersion = 0; | 30 static const uint32_t kCurrentDiffVersion = 0; |
| 30 | 31 |
| 31 // The maximum size the crx parser will tolerate for a public key. | 32 // The maximum size the crx parser will tolerate for a public key. |
| 32 static const uint32 kMaxPublicKeySize = 1 << 16; | 33 static const uint32_t kMaxPublicKeySize = 1 << 16; |
| 33 | 34 |
| 34 // The maximum size the crx parser will tolerate for a signature. | 35 // The maximum size the crx parser will tolerate for a signature. |
| 35 static const uint32 kMaxSignatureSize = 1 << 16; | 36 static const uint32_t kMaxSignatureSize = 1 << 16; |
| 36 | 37 |
| 37 // Helper function to read bytes into a buffer while also updating a hash with | 38 // Helper function to read bytes into a buffer while also updating a hash with |
| 38 // those bytes. Returns the number of bytes read. | 39 // those bytes. Returns the number of bytes read. |
| 39 size_t ReadAndHash(void* ptr, | 40 size_t ReadAndHash(void* ptr, |
| 40 size_t size, | 41 size_t size, |
| 41 size_t nmemb, | 42 size_t nmemb, |
| 42 FILE* stream, | 43 FILE* stream, |
| 43 crypto::SecureHash* hash) { | 44 crypto::SecureHash* hash) { |
| 44 size_t item_count = fread(ptr, size, nmemb, stream); | 45 size_t item_count = fread(ptr, size, nmemb, stream); |
| 45 base::CheckedNumeric<size_t> byte_count(item_count); | 46 base::CheckedNumeric<size_t> byte_count(item_count); |
| 46 byte_count *= size; | 47 byte_count *= size; |
| 47 if (!byte_count.IsValid()) | 48 if (!byte_count.IsValid()) |
| 48 return 0; | 49 return 0; |
| 49 if (item_count > 0 && hash) { | 50 if (item_count > 0 && hash) { |
| 50 hash->Update(ptr, byte_count.ValueOrDie()); | 51 hash->Update(ptr, byte_count.ValueOrDie()); |
| 51 } | 52 } |
| 52 return byte_count.ValueOrDie(); | 53 return byte_count.ValueOrDie(); |
| 53 } | 54 } |
| 54 | 55 |
| 55 // Helper function to finish computing a hash and return an error if the | 56 // Helper function to finish computing a hash and return an error if the |
| 56 // result of the hash didn't meet an expected base64-encoded value. | 57 // result of the hash didn't meet an expected base64-encoded value. |
| 57 CrxFile::ValidateError FinalizeHash(const std::string& extension_id, | 58 CrxFile::ValidateError FinalizeHash(const std::string& extension_id, |
| 58 crypto::SecureHash* hash, | 59 crypto::SecureHash* hash, |
| 59 const std::string& expected_hash) { | 60 const std::string& expected_hash) { |
| 60 CHECK(hash != nullptr); | 61 CHECK(hash != nullptr); |
| 61 uint8 output[crypto::kSHA256Length] = {}; | 62 uint8_t output[crypto::kSHA256Length] = {}; |
| 62 hash->Finish(output, sizeof(output)); | 63 hash->Finish(output, sizeof(output)); |
| 63 std::string hash_base64 = | 64 std::string hash_base64 = |
| 64 base::ToLowerASCII(base::HexEncode(output, sizeof(output))); | 65 base::ToLowerASCII(base::HexEncode(output, sizeof(output))); |
| 65 if (hash_base64 != expected_hash) { | 66 if (hash_base64 != expected_hash) { |
| 66 LOG(ERROR) << "Hash check failed for extension: " << extension_id | 67 LOG(ERROR) << "Hash check failed for extension: " << extension_id |
| 67 << ", expected " << expected_hash << ", got " << hash_base64; | 68 << ", expected " << expected_hash << ", got " << hash_base64; |
| 68 return CrxFile::ValidateError::CRX_HASH_VERIFICATION_FAILED; | 69 return CrxFile::ValidateError::CRX_HASH_VERIFICATION_FAILED; |
| 69 } else { | 70 } else { |
| 70 return CrxFile::ValidateError::NONE; | 71 return CrxFile::ValidateError::NONE; |
| 71 } | 72 } |
| 72 } | 73 } |
| 73 | 74 |
| 74 } // namespace | 75 } // namespace |
| 75 | 76 |
| 76 // The magic string embedded in the header. | 77 // The magic string embedded in the header. |
| 77 const char kCrxFileHeaderMagic[] = "Cr24"; | 78 const char kCrxFileHeaderMagic[] = "Cr24"; |
| 78 const char kCrxDiffFileHeaderMagic[] = "CrOD"; | 79 const char kCrxDiffFileHeaderMagic[] = "CrOD"; |
| 79 | 80 |
| 80 scoped_ptr<CrxFile> CrxFile::Parse(const CrxFile::Header& header, | 81 scoped_ptr<CrxFile> CrxFile::Parse(const CrxFile::Header& header, |
| 81 CrxFile::Error* error) { | 82 CrxFile::Error* error) { |
| 82 if (HeaderIsValid(header, error)) | 83 if (HeaderIsValid(header, error)) |
| 83 return scoped_ptr<CrxFile>(new CrxFile(header)); | 84 return scoped_ptr<CrxFile>(new CrxFile(header)); |
| 84 return scoped_ptr<CrxFile>(); | 85 return scoped_ptr<CrxFile>(); |
| 85 } | 86 } |
| 86 | 87 |
| 87 scoped_ptr<CrxFile> CrxFile::Create(const uint32 key_size, | 88 scoped_ptr<CrxFile> CrxFile::Create(const uint32_t key_size, |
| 88 const uint32 signature_size, | 89 const uint32_t signature_size, |
| 89 CrxFile::Error* error) { | 90 CrxFile::Error* error) { |
| 90 CrxFile::Header header; | 91 CrxFile::Header header; |
| 91 memcpy(&header.magic, kCrxFileHeaderMagic, kCrxFileHeaderMagicSize); | 92 memcpy(&header.magic, kCrxFileHeaderMagic, kCrxFileHeaderMagicSize); |
| 92 header.version = kCurrentVersion; | 93 header.version = kCurrentVersion; |
| 93 header.key_size = key_size; | 94 header.key_size = key_size; |
| 94 header.signature_size = signature_size; | 95 header.signature_size = signature_size; |
| 95 if (HeaderIsValid(header, error)) | 96 if (HeaderIsValid(header, error)) |
| 96 return scoped_ptr<CrxFile>(new CrxFile(header)); | 97 return scoped_ptr<CrxFile>(new CrxFile(header)); |
| 97 return scoped_ptr<CrxFile>(); | 98 return scoped_ptr<CrxFile>(); |
| 98 } | 99 } |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 139 case CrxFile::kInvalidKeyTooSmall: | 140 case CrxFile::kInvalidKeyTooSmall: |
| 140 return ValidateError::CRX_ZERO_KEY_LENGTH; | 141 return ValidateError::CRX_ZERO_KEY_LENGTH; |
| 141 case CrxFile::kInvalidSignatureTooSmall: | 142 case CrxFile::kInvalidSignatureTooSmall: |
| 142 return ValidateError::CRX_ZERO_SIGNATURE_LENGTH; | 143 return ValidateError::CRX_ZERO_SIGNATURE_LENGTH; |
| 143 | 144 |
| 144 default: | 145 default: |
| 145 return ValidateError::CRX_HEADER_INVALID; | 146 return ValidateError::CRX_HEADER_INVALID; |
| 146 } | 147 } |
| 147 } | 148 } |
| 148 | 149 |
| 149 std::vector<uint8> key(header.key_size); | 150 std::vector<uint8_t> key(header.key_size); |
| 150 len = ReadAndHash(&key.front(), sizeof(uint8), header.key_size, file.get(), | 151 len = ReadAndHash(&key.front(), sizeof(uint8_t), header.key_size, file.get(), |
| 151 hash.get()); | 152 hash.get()); |
| 152 if (len != header.key_size) | 153 if (len != header.key_size) |
| 153 return ValidateError::CRX_PUBLIC_KEY_INVALID; | 154 return ValidateError::CRX_PUBLIC_KEY_INVALID; |
| 154 | 155 |
| 155 std::vector<uint8> signature(header.signature_size); | 156 std::vector<uint8_t> signature(header.signature_size); |
| 156 len = ReadAndHash(&signature.front(), sizeof(uint8), header.signature_size, | 157 len = ReadAndHash(&signature.front(), sizeof(uint8_t), header.signature_size, |
| 157 file.get(), hash.get()); | 158 file.get(), hash.get()); |
| 158 if (len < header.signature_size) | 159 if (len < header.signature_size) |
| 159 return ValidateError::CRX_SIGNATURE_INVALID; | 160 return ValidateError::CRX_SIGNATURE_INVALID; |
| 160 | 161 |
| 161 crypto::SignatureVerifier verifier; | 162 crypto::SignatureVerifier verifier; |
| 162 if (!verifier.VerifyInit( | 163 if (!verifier.VerifyInit( |
| 163 crx_file::kSignatureAlgorithm, sizeof(crx_file::kSignatureAlgorithm), | 164 crx_file::kSignatureAlgorithm, sizeof(crx_file::kSignatureAlgorithm), |
| 164 &signature.front(), static_cast<int>(signature.size()), &key.front(), | 165 &signature.front(), static_cast<int>(signature.size()), &key.front(), |
| 165 static_cast<int>(key.size()))) { | 166 static_cast<int>(key.size()))) { |
| 166 // Signature verification initialization failed. This is most likely | 167 // Signature verification initialization failed. This is most likely |
| 167 // caused by a public key in the wrong format (should encode algorithm). | 168 // caused by a public key in the wrong format (should encode algorithm). |
| 168 return ValidateError::CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED; | 169 return ValidateError::CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED; |
| 169 } | 170 } |
| 170 | 171 |
| 171 uint8 buf[1 << 12] = {}; | 172 uint8_t buf[1 << 12] = {}; |
| 172 while ((len = ReadAndHash(buf, sizeof(buf[0]), arraysize(buf), file.get(), | 173 while ((len = ReadAndHash(buf, sizeof(buf[0]), arraysize(buf), file.get(), |
| 173 hash.get())) > 0) | 174 hash.get())) > 0) |
| 174 verifier.VerifyUpdate(buf, static_cast<int>(len)); | 175 verifier.VerifyUpdate(buf, static_cast<int>(len)); |
| 175 | 176 |
| 176 if (!verifier.VerifyFinal()) | 177 if (!verifier.VerifyFinal()) |
| 177 return ValidateError::CRX_SIGNATURE_VERIFICATION_FAILED; | 178 return ValidateError::CRX_SIGNATURE_VERIFICATION_FAILED; |
| 178 | 179 |
| 179 std::string public_key_bytes = | 180 std::string public_key_bytes = |
| 180 std::string(reinterpret_cast<char*>(&key.front()), key.size()); | 181 std::string(reinterpret_cast<char*>(&key.front()), key.size()); |
| 181 if (public_key) | 182 if (public_key) |
| (...skipping 30 matching lines...) Expand all Loading... |
| 212 else if (header.signature_size > kMaxSignatureSize) | 213 else if (header.signature_size > kMaxSignatureSize) |
| 213 *error = kInvalidSignatureTooLarge; | 214 *error = kInvalidSignatureTooLarge; |
| 214 else if (header.signature_size == 0) | 215 else if (header.signature_size == 0) |
| 215 *error = kInvalidSignatureTooSmall; | 216 *error = kInvalidSignatureTooSmall; |
| 216 else | 217 else |
| 217 valid = true; | 218 valid = true; |
| 218 return valid; | 219 return valid; |
| 219 } | 220 } |
| 220 | 221 |
| 221 } // namespace crx_file | 222 } // namespace crx_file |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1546143002:
Switch to standard integer types in components/, part 1 of 4. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master