OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/crx_file/crx_file.h" | 5 #include "components/crx_file/crx_file.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/files/file_util.h" | 9 #include "base/files/file_util.h" |
10 #include "base/files/scoped_file.h" | 10 #include "base/files/scoped_file.h" |
| 11 #include "base/macros.h" |
11 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
12 #include "base/numerics/safe_math.h" | 13 #include "base/numerics/safe_math.h" |
13 #include "base/strings/string_number_conversions.h" | 14 #include "base/strings/string_number_conversions.h" |
14 #include "base/strings/string_util.h" | 15 #include "base/strings/string_util.h" |
15 #include "components/crx_file/constants.h" | 16 #include "components/crx_file/constants.h" |
16 #include "components/crx_file/id_util.h" | 17 #include "components/crx_file/id_util.h" |
17 #include "crypto/secure_hash.h" | 18 #include "crypto/secure_hash.h" |
18 #include "crypto/sha2.h" | 19 #include "crypto/sha2.h" |
19 #include "crypto/signature_verifier.h" | 20 #include "crypto/signature_verifier.h" |
20 | 21 |
21 namespace crx_file { | 22 namespace crx_file { |
22 | 23 |
23 namespace { | 24 namespace { |
24 | 25 |
25 // The current version of the crx format. | 26 // The current version of the crx format. |
26 static const uint32 kCurrentVersion = 2; | 27 static const uint32_t kCurrentVersion = 2; |
27 | 28 |
28 // The current version of the crx diff format. | 29 // The current version of the crx diff format. |
29 static const uint32 kCurrentDiffVersion = 0; | 30 static const uint32_t kCurrentDiffVersion = 0; |
30 | 31 |
31 // The maximum size the crx parser will tolerate for a public key. | 32 // The maximum size the crx parser will tolerate for a public key. |
32 static const uint32 kMaxPublicKeySize = 1 << 16; | 33 static const uint32_t kMaxPublicKeySize = 1 << 16; |
33 | 34 |
34 // The maximum size the crx parser will tolerate for a signature. | 35 // The maximum size the crx parser will tolerate for a signature. |
35 static const uint32 kMaxSignatureSize = 1 << 16; | 36 static const uint32_t kMaxSignatureSize = 1 << 16; |
36 | 37 |
37 // Helper function to read bytes into a buffer while also updating a hash with | 38 // Helper function to read bytes into a buffer while also updating a hash with |
38 // those bytes. Returns the number of bytes read. | 39 // those bytes. Returns the number of bytes read. |
39 size_t ReadAndHash(void* ptr, | 40 size_t ReadAndHash(void* ptr, |
40 size_t size, | 41 size_t size, |
41 size_t nmemb, | 42 size_t nmemb, |
42 FILE* stream, | 43 FILE* stream, |
43 crypto::SecureHash* hash) { | 44 crypto::SecureHash* hash) { |
44 size_t item_count = fread(ptr, size, nmemb, stream); | 45 size_t item_count = fread(ptr, size, nmemb, stream); |
45 base::CheckedNumeric<size_t> byte_count(item_count); | 46 base::CheckedNumeric<size_t> byte_count(item_count); |
46 byte_count *= size; | 47 byte_count *= size; |
47 if (!byte_count.IsValid()) | 48 if (!byte_count.IsValid()) |
48 return 0; | 49 return 0; |
49 if (item_count > 0 && hash) { | 50 if (item_count > 0 && hash) { |
50 hash->Update(ptr, byte_count.ValueOrDie()); | 51 hash->Update(ptr, byte_count.ValueOrDie()); |
51 } | 52 } |
52 return byte_count.ValueOrDie(); | 53 return byte_count.ValueOrDie(); |
53 } | 54 } |
54 | 55 |
55 // Helper function to finish computing a hash and return an error if the | 56 // Helper function to finish computing a hash and return an error if the |
56 // result of the hash didn't meet an expected base64-encoded value. | 57 // result of the hash didn't meet an expected base64-encoded value. |
57 CrxFile::ValidateError FinalizeHash(const std::string& extension_id, | 58 CrxFile::ValidateError FinalizeHash(const std::string& extension_id, |
58 crypto::SecureHash* hash, | 59 crypto::SecureHash* hash, |
59 const std::string& expected_hash) { | 60 const std::string& expected_hash) { |
60 CHECK(hash != nullptr); | 61 CHECK(hash != nullptr); |
61 uint8 output[crypto::kSHA256Length] = {}; | 62 uint8_t output[crypto::kSHA256Length] = {}; |
62 hash->Finish(output, sizeof(output)); | 63 hash->Finish(output, sizeof(output)); |
63 std::string hash_base64 = | 64 std::string hash_base64 = |
64 base::ToLowerASCII(base::HexEncode(output, sizeof(output))); | 65 base::ToLowerASCII(base::HexEncode(output, sizeof(output))); |
65 if (hash_base64 != expected_hash) { | 66 if (hash_base64 != expected_hash) { |
66 LOG(ERROR) << "Hash check failed for extension: " << extension_id | 67 LOG(ERROR) << "Hash check failed for extension: " << extension_id |
67 << ", expected " << expected_hash << ", got " << hash_base64; | 68 << ", expected " << expected_hash << ", got " << hash_base64; |
68 return CrxFile::ValidateError::CRX_HASH_VERIFICATION_FAILED; | 69 return CrxFile::ValidateError::CRX_HASH_VERIFICATION_FAILED; |
69 } else { | 70 } else { |
70 return CrxFile::ValidateError::NONE; | 71 return CrxFile::ValidateError::NONE; |
71 } | 72 } |
72 } | 73 } |
73 | 74 |
74 } // namespace | 75 } // namespace |
75 | 76 |
76 // The magic string embedded in the header. | 77 // The magic string embedded in the header. |
77 const char kCrxFileHeaderMagic[] = "Cr24"; | 78 const char kCrxFileHeaderMagic[] = "Cr24"; |
78 const char kCrxDiffFileHeaderMagic[] = "CrOD"; | 79 const char kCrxDiffFileHeaderMagic[] = "CrOD"; |
79 | 80 |
80 scoped_ptr<CrxFile> CrxFile::Parse(const CrxFile::Header& header, | 81 scoped_ptr<CrxFile> CrxFile::Parse(const CrxFile::Header& header, |
81 CrxFile::Error* error) { | 82 CrxFile::Error* error) { |
82 if (HeaderIsValid(header, error)) | 83 if (HeaderIsValid(header, error)) |
83 return scoped_ptr<CrxFile>(new CrxFile(header)); | 84 return scoped_ptr<CrxFile>(new CrxFile(header)); |
84 return scoped_ptr<CrxFile>(); | 85 return scoped_ptr<CrxFile>(); |
85 } | 86 } |
86 | 87 |
87 scoped_ptr<CrxFile> CrxFile::Create(const uint32 key_size, | 88 scoped_ptr<CrxFile> CrxFile::Create(const uint32_t key_size, |
88 const uint32 signature_size, | 89 const uint32_t signature_size, |
89 CrxFile::Error* error) { | 90 CrxFile::Error* error) { |
90 CrxFile::Header header; | 91 CrxFile::Header header; |
91 memcpy(&header.magic, kCrxFileHeaderMagic, kCrxFileHeaderMagicSize); | 92 memcpy(&header.magic, kCrxFileHeaderMagic, kCrxFileHeaderMagicSize); |
92 header.version = kCurrentVersion; | 93 header.version = kCurrentVersion; |
93 header.key_size = key_size; | 94 header.key_size = key_size; |
94 header.signature_size = signature_size; | 95 header.signature_size = signature_size; |
95 if (HeaderIsValid(header, error)) | 96 if (HeaderIsValid(header, error)) |
96 return scoped_ptr<CrxFile>(new CrxFile(header)); | 97 return scoped_ptr<CrxFile>(new CrxFile(header)); |
97 return scoped_ptr<CrxFile>(); | 98 return scoped_ptr<CrxFile>(); |
98 } | 99 } |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
139 case CrxFile::kInvalidKeyTooSmall: | 140 case CrxFile::kInvalidKeyTooSmall: |
140 return ValidateError::CRX_ZERO_KEY_LENGTH; | 141 return ValidateError::CRX_ZERO_KEY_LENGTH; |
141 case CrxFile::kInvalidSignatureTooSmall: | 142 case CrxFile::kInvalidSignatureTooSmall: |
142 return ValidateError::CRX_ZERO_SIGNATURE_LENGTH; | 143 return ValidateError::CRX_ZERO_SIGNATURE_LENGTH; |
143 | 144 |
144 default: | 145 default: |
145 return ValidateError::CRX_HEADER_INVALID; | 146 return ValidateError::CRX_HEADER_INVALID; |
146 } | 147 } |
147 } | 148 } |
148 | 149 |
149 std::vector<uint8> key(header.key_size); | 150 std::vector<uint8_t> key(header.key_size); |
150 len = ReadAndHash(&key.front(), sizeof(uint8), header.key_size, file.get(), | 151 len = ReadAndHash(&key.front(), sizeof(uint8_t), header.key_size, file.get(), |
151 hash.get()); | 152 hash.get()); |
152 if (len != header.key_size) | 153 if (len != header.key_size) |
153 return ValidateError::CRX_PUBLIC_KEY_INVALID; | 154 return ValidateError::CRX_PUBLIC_KEY_INVALID; |
154 | 155 |
155 std::vector<uint8> signature(header.signature_size); | 156 std::vector<uint8_t> signature(header.signature_size); |
156 len = ReadAndHash(&signature.front(), sizeof(uint8), header.signature_size, | 157 len = ReadAndHash(&signature.front(), sizeof(uint8_t), header.signature_size, |
157 file.get(), hash.get()); | 158 file.get(), hash.get()); |
158 if (len < header.signature_size) | 159 if (len < header.signature_size) |
159 return ValidateError::CRX_SIGNATURE_INVALID; | 160 return ValidateError::CRX_SIGNATURE_INVALID; |
160 | 161 |
161 crypto::SignatureVerifier verifier; | 162 crypto::SignatureVerifier verifier; |
162 if (!verifier.VerifyInit( | 163 if (!verifier.VerifyInit( |
163 crx_file::kSignatureAlgorithm, sizeof(crx_file::kSignatureAlgorithm), | 164 crx_file::kSignatureAlgorithm, sizeof(crx_file::kSignatureAlgorithm), |
164 &signature.front(), static_cast<int>(signature.size()), &key.front(), | 165 &signature.front(), static_cast<int>(signature.size()), &key.front(), |
165 static_cast<int>(key.size()))) { | 166 static_cast<int>(key.size()))) { |
166 // Signature verification initialization failed. This is most likely | 167 // Signature verification initialization failed. This is most likely |
167 // caused by a public key in the wrong format (should encode algorithm). | 168 // caused by a public key in the wrong format (should encode algorithm). |
168 return ValidateError::CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED; | 169 return ValidateError::CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED; |
169 } | 170 } |
170 | 171 |
171 uint8 buf[1 << 12] = {}; | 172 uint8_t buf[1 << 12] = {}; |
172 while ((len = ReadAndHash(buf, sizeof(buf[0]), arraysize(buf), file.get(), | 173 while ((len = ReadAndHash(buf, sizeof(buf[0]), arraysize(buf), file.get(), |
173 hash.get())) > 0) | 174 hash.get())) > 0) |
174 verifier.VerifyUpdate(buf, static_cast<int>(len)); | 175 verifier.VerifyUpdate(buf, static_cast<int>(len)); |
175 | 176 |
176 if (!verifier.VerifyFinal()) | 177 if (!verifier.VerifyFinal()) |
177 return ValidateError::CRX_SIGNATURE_VERIFICATION_FAILED; | 178 return ValidateError::CRX_SIGNATURE_VERIFICATION_FAILED; |
178 | 179 |
179 std::string public_key_bytes = | 180 std::string public_key_bytes = |
180 std::string(reinterpret_cast<char*>(&key.front()), key.size()); | 181 std::string(reinterpret_cast<char*>(&key.front()), key.size()); |
181 if (public_key) | 182 if (public_key) |
(...skipping 30 matching lines...) Expand all Loading... |
212 else if (header.signature_size > kMaxSignatureSize) | 213 else if (header.signature_size > kMaxSignatureSize) |
213 *error = kInvalidSignatureTooLarge; | 214 *error = kInvalidSignatureTooLarge; |
214 else if (header.signature_size == 0) | 215 else if (header.signature_size == 0) |
215 *error = kInvalidSignatureTooSmall; | 216 *error = kInvalidSignatureTooSmall; |
216 else | 217 else |
217 valid = true; | 218 valid = true; |
218 return valid; | 219 return valid; |
219 } | 220 } |
220 | 221 |
221 } // namespace crx_file | 222 } // namespace crx_file |
OLD | NEW |