Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(79)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/verified_contents.cc

Issue 1549643002: Switch to standard integer types in extensions/browser/. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@clean
Patch Set: Created 4 years, 12 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/verified_contents.h ('k') | extensions/browser/verified_contents_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/verified_contents.h" 5 #include "extensions/browser/verified_contents.h"
6 6
7 #include <stddef.h>
8
7 #include "base/base64url.h" 9 #include "base/base64url.h"
8 #include "base/files/file_util.h" 10 #include "base/files/file_util.h"
9 #include "base/json/json_reader.h" 11 #include "base/json/json_reader.h"
10 #include "base/strings/string_util.h" 12 #include "base/strings/string_util.h"
11 #include "base/values.h" 13 #include "base/values.h"
12 #include "components/crx_file/id_util.h" 14 #include "components/crx_file/id_util.h"
13 #include "crypto/signature_verifier.h" 15 #include "crypto/signature_verifier.h"
14 #include "extensions/common/extension.h" 16 #include "extensions/common/extension.h"
15 17
16 using base::DictionaryValue; 18 using base::DictionaryValue;
17 using base::ListValue; 19 using base::ListValue;
18 using base::Value; 20 using base::Value;
19 21
20 namespace { 22 namespace {
21 23
22 // Note: this structure is an ASN.1 which encodes the algorithm used with its 24 // Note: this structure is an ASN.1 which encodes the algorithm used with its
23 // parameters. The signature algorithm is "RSA256" aka "RSASSA-PKCS-v1_5 using 25 // parameters. The signature algorithm is "RSA256" aka "RSASSA-PKCS-v1_5 using
24 // SHA-256 hash algorithm". This is defined in PKCS #1 (RFC 3447). 26 // SHA-256 hash algorithm". This is defined in PKCS #1 (RFC 3447).
25 // It is encoding: { OID sha256WithRSAEncryption PARAMETERS NULL } 27 // It is encoding: { OID sha256WithRSAEncryption PARAMETERS NULL }
26 const uint8 kSignatureAlgorithm[15] = {0x30, 0x0d, 0x06, 0x09, 0x2a, 28 const uint8_t kSignatureAlgorithm[15] = {0x30, 0x0d, 0x06, 0x09, 0x2a,
27 0x86, 0x48, 0x86, 0xf7, 0x0d, 29 0x86, 0x48, 0x86, 0xf7, 0x0d,
28 0x01, 0x01, 0x0b, 0x05, 0x00}; 30 0x01, 0x01, 0x0b, 0x05, 0x00};
29 31
30 const char kBlockSizeKey[] = "block_size"; 32 const char kBlockSizeKey[] = "block_size";
31 const char kContentHashesKey[] = "content_hashes"; 33 const char kContentHashesKey[] = "content_hashes";
32 const char kDescriptionKey[] = "description"; 34 const char kDescriptionKey[] = "description";
33 const char kFilesKey[] = "files"; 35 const char kFilesKey[] = "files";
34 const char kFormatKey[] = "format"; 36 const char kFormatKey[] = "format";
35 const char kHashBlockSizeKey[] = "hash_block_size"; 37 const char kHashBlockSizeKey[] = "hash_block_size";
36 const char kHeaderKidKey[] = "header.kid"; 38 const char kHeaderKidKey[] = "header.kid";
37 const char kItemIdKey[] = "item_id"; 39 const char kItemIdKey[] = "item_id";
38 const char kItemVersionKey[] = "item_version"; 40 const char kItemVersionKey[] = "item_version";
(...skipping 21 matching lines...) Expand all
60 if (dictionary->GetString(key, &found_value) && found_value == value) 62 if (dictionary->GetString(key, &found_value) && found_value == value)
61 return dictionary; 63 return dictionary;
62 } 64 }
63 return NULL; 65 return NULL;
64 } 66 }
65 67
66 } // namespace 68 } // namespace
67 69
68 namespace extensions { 70 namespace extensions {
69 71
70 VerifiedContents::VerifiedContents(const uint8* public_key, int public_key_size) 72 VerifiedContents::VerifiedContents(const uint8_t* public_key,
73 int public_key_size)
71 : public_key_(public_key), 74 : public_key_(public_key),
72 public_key_size_(public_key_size), 75 public_key_size_(public_key_size),
73 valid_signature_(false), // Guilty until proven innocent. 76 valid_signature_(false), // Guilty until proven innocent.
74 block_size_(0) { 77 block_size_(0) {}
75 }
76 78
77 VerifiedContents::~VerifiedContents() { 79 VerifiedContents::~VerifiedContents() {
78 } 80 }
79 81
80 // The format of the payload json is: 82 // The format of the payload json is:
81 // { 83 // {
82 // "item_id": "<extension id>", 84 // "item_id": "<extension id>",
83 // "item_version": "<extension version>", 85 // "item_version": "<extension version>",
84 // "content_hashes": [ 86 // "content_hashes": [
85 // { 87 // {
(...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after
299 return false; 301 return false;
300 302
301 return true; 303 return true;
302 } 304 }
303 305
304 bool VerifiedContents::VerifySignature(const std::string& protected_value, 306 bool VerifiedContents::VerifySignature(const std::string& protected_value,
305 const std::string& payload, 307 const std::string& payload,
306 const std::string& signature_bytes) { 308 const std::string& signature_bytes) {
307 crypto::SignatureVerifier signature_verifier; 309 crypto::SignatureVerifier signature_verifier;
308 if (!signature_verifier.VerifyInit( 310 if (!signature_verifier.VerifyInit(
309 kSignatureAlgorithm, 311 kSignatureAlgorithm, sizeof(kSignatureAlgorithm),
310 sizeof(kSignatureAlgorithm), 312 reinterpret_cast<const uint8_t*>(signature_bytes.data()),
311 reinterpret_cast<const uint8*>(signature_bytes.data()), 313 signature_bytes.size(), public_key_, public_key_size_)) {
312 signature_bytes.size(),
313 public_key_,
314 public_key_size_)) {
315 VLOG(1) << "Could not verify signature - VerifyInit failure"; 314 VLOG(1) << "Could not verify signature - VerifyInit failure";
316 return false; 315 return false;
317 } 316 }
318 317
319 signature_verifier.VerifyUpdate( 318 signature_verifier.VerifyUpdate(
320 reinterpret_cast<const uint8*>(protected_value.data()), 319 reinterpret_cast<const uint8_t*>(protected_value.data()),
321 protected_value.size()); 320 protected_value.size());
322 321
323 std::string dot("."); 322 std::string dot(".");
324 signature_verifier.VerifyUpdate(reinterpret_cast<const uint8*>(dot.data()), 323 signature_verifier.VerifyUpdate(reinterpret_cast<const uint8_t*>(dot.data()),
325 dot.size()); 324 dot.size());
326 325
327 signature_verifier.VerifyUpdate( 326 signature_verifier.VerifyUpdate(
328 reinterpret_cast<const uint8*>(payload.data()), payload.size()); 327 reinterpret_cast<const uint8_t*>(payload.data()), payload.size());
329 328
330 if (!signature_verifier.VerifyFinal()) { 329 if (!signature_verifier.VerifyFinal()) {
331 VLOG(1) << "Could not verify signature - VerifyFinal failure"; 330 VLOG(1) << "Could not verify signature - VerifyFinal failure";
332 return false; 331 return false;
333 } 332 }
334 return true; 333 return true;
335 } 334 }
336 335
337 } // namespace extensions 336 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/browser/verified_contents.h ('k') | extensions/browser/verified_contents_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698