| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/install_signer.h" | 5 #include "chrome/browser/extensions/install_signer.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/json/json_reader.h" | 10 #include "base/json/json_reader.h" |
| (...skipping 30 matching lines...) Expand all Loading... |
| 41 using extensions::ExtensionIdSet; | 41 using extensions::ExtensionIdSet; |
| 42 | 42 |
| 43 const char kExpireDateKey[] = "expire_date"; | 43 const char kExpireDateKey[] = "expire_date"; |
| 44 const char kExpiryKey[] = "expiry"; | 44 const char kExpiryKey[] = "expiry"; |
| 45 const char kHashKey[] = "hash"; | 45 const char kHashKey[] = "hash"; |
| 46 const char kIdsKey[] = "ids"; | 46 const char kIdsKey[] = "ids"; |
| 47 const char kInvalidIdsKey[] = "invalid_ids"; | 47 const char kInvalidIdsKey[] = "invalid_ids"; |
| 48 const char kProtocolVersionKey[] = "protocol_version"; | 48 const char kProtocolVersionKey[] = "protocol_version"; |
| 49 const char kSaltKey[] = "salt"; | 49 const char kSaltKey[] = "salt"; |
| 50 const char kSignatureKey[] = "signature"; | 50 const char kSignatureKey[] = "signature"; |
| 51 const char kTimestampKey[] = "timestamp"; |
| 51 | 52 |
| 52 const size_t kSaltBytes = 32; | 53 const size_t kSaltBytes = 32; |
| 53 | 54 |
| 54 const char kBackendUrl[] = | 55 const char kBackendUrl[] = |
| 55 "https://www.googleapis.com/chromewebstore/v1.1/items/verify"; | 56 "https://www.googleapis.com/chromewebstore/v1.1/items/verify"; |
| 56 | 57 |
| 57 const char kPublicKeyPEM[] = \ | 58 const char kPublicKeyPEM[] = \ |
| 58 "-----BEGIN PUBLIC KEY-----" \ | 59 "-----BEGIN PUBLIC KEY-----" \ |
| 59 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/u/XDdjlDyw7gHEtaaa" \ | 60 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/u/XDdjlDyw7gHEtaaa" \ |
| 60 "sZ9GdG8WOKAyJzXd8HFrDtz2Jcuy7er7MtWvHgNDA0bwpznbI5YdZeV4UfCEsA4S" \ | 61 "sZ9GdG8WOKAyJzXd8HFrDtz2Jcuy7er7MtWvHgNDA0bwpznbI5YdZeV4UfCEsA4S" \ |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 126 id_list->AppendString(*i); | 127 id_list->AppendString(*i); |
| 127 | 128 |
| 128 value->Set(kIdsKey, id_list); | 129 value->Set(kIdsKey, id_list); |
| 129 value->SetString(kExpireDateKey, expire_date); | 130 value->SetString(kExpireDateKey, expire_date); |
| 130 std::string salt_base64; | 131 std::string salt_base64; |
| 131 std::string signature_base64; | 132 std::string signature_base64; |
| 132 base::Base64Encode(salt, &salt_base64); | 133 base::Base64Encode(salt, &salt_base64); |
| 133 base::Base64Encode(signature, &signature_base64); | 134 base::Base64Encode(signature, &signature_base64); |
| 134 value->SetString(kSaltKey, salt_base64); | 135 value->SetString(kSaltKey, salt_base64); |
| 135 value->SetString(kSignatureKey, signature_base64); | 136 value->SetString(kSignatureKey, signature_base64); |
| 137 value->SetString(kTimestampKey, |
| 138 base::Int64ToString(timestamp.ToInternalValue())); |
| 136 } | 139 } |
| 137 | 140 |
| 138 // static | 141 // static |
| 139 scoped_ptr<InstallSignature> InstallSignature::FromValue( | 142 scoped_ptr<InstallSignature> InstallSignature::FromValue( |
| 140 const base::DictionaryValue& value) { | 143 const base::DictionaryValue& value) { |
| 141 | 144 |
| 142 scoped_ptr<InstallSignature> result(new InstallSignature); | 145 scoped_ptr<InstallSignature> result(new InstallSignature); |
| 143 | 146 |
| 144 std::string salt_base64; | 147 std::string salt_base64; |
| 145 std::string signature_base64; | 148 std::string signature_base64; |
| 146 if (!value.GetString(kExpireDateKey, &result->expire_date) || | 149 if (!value.GetString(kExpireDateKey, &result->expire_date) || |
| 147 !value.GetString(kSaltKey, &salt_base64) || | 150 !value.GetString(kSaltKey, &salt_base64) || |
| 148 !value.GetString(kSignatureKey, &signature_base64) || | 151 !value.GetString(kSignatureKey, &signature_base64) || |
| 149 !base::Base64Decode(salt_base64, &result->salt) || | 152 !base::Base64Decode(salt_base64, &result->salt) || |
| 150 !base::Base64Decode(signature_base64, &result->signature)) { | 153 !base::Base64Decode(signature_base64, &result->signature)) { |
| 151 result.reset(); | 154 result.reset(); |
| 152 return result.Pass(); | 155 return result.Pass(); |
| 153 } | 156 } |
| 154 | 157 |
| 158 // Note: earlier versions of the code did not write out a timestamp value |
| 159 // so older entries will not necessarily have this. |
| 160 if (value.HasKey(kTimestampKey)) { |
| 161 std::string timestamp; |
| 162 int64 timestamp_value = 0; |
| 163 if (!value.GetString(kTimestampKey, ×tamp) || |
| 164 !base::StringToInt64(timestamp, ×tamp_value)) { |
| 165 result.reset(); |
| 166 return result.Pass(); |
| 167 } |
| 168 result->timestamp = base::Time::FromInternalValue(timestamp_value); |
| 169 } |
| 170 |
| 155 const base::ListValue* ids = NULL; | 171 const base::ListValue* ids = NULL; |
| 156 if (!value.GetList(kIdsKey, &ids)) { | 172 if (!value.GetList(kIdsKey, &ids)) { |
| 157 result.reset(); | 173 result.reset(); |
| 158 return result.Pass(); | 174 return result.Pass(); |
| 159 } | 175 } |
| 160 | 176 |
| 161 for (base::ListValue::const_iterator i = ids->begin(); i != ids->end(); ++i) { | 177 for (base::ListValue::const_iterator i = ids->begin(); i != ids->end(); ++i) { |
| 162 std::string id; | 178 std::string id; |
| 163 if (!(*i)->GetAsString(&id)) { | 179 if (!(*i)->GetAsString(&id)) { |
| 164 result.reset(); | 180 result.reset(); |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 336 } | 352 } |
| 337 dictionary.Set(kIdsKey, id_list.release()); | 353 dictionary.Set(kIdsKey, id_list.release()); |
| 338 std::string json; | 354 std::string json; |
| 339 base::JSONWriter::Write(&dictionary, &json); | 355 base::JSONWriter::Write(&dictionary, &json); |
| 340 if (json.empty()) { | 356 if (json.empty()) { |
| 341 ReportErrorViaCallback(); | 357 ReportErrorViaCallback(); |
| 342 return; | 358 return; |
| 343 } | 359 } |
| 344 url_fetcher_->SetUploadData("application/json", json); | 360 url_fetcher_->SetUploadData("application/json", json); |
| 345 LogRequestStartHistograms(); | 361 LogRequestStartHistograms(); |
| 362 request_start_time_ = base::Time::Now(); |
| 346 url_fetcher_->Start(); | 363 url_fetcher_->Start(); |
| 347 } | 364 } |
| 348 | 365 |
| 349 void InstallSigner::ReportErrorViaCallback() { | 366 void InstallSigner::ReportErrorViaCallback() { |
| 350 InstallSignature* null_signature = NULL; | 367 InstallSignature* null_signature = NULL; |
| 351 if (!callback_.is_null()) | 368 if (!callback_.is_null()) |
| 352 callback_.Run(scoped_ptr<InstallSignature>(null_signature)); | 369 callback_.Run(scoped_ptr<InstallSignature>(null_signature)); |
| 353 } | 370 } |
| 354 | 371 |
| 355 void InstallSigner::ParseFetchResponse() { | 372 void InstallSigner::ParseFetchResponse() { |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 430 ExtensionIdSet valid_ids = | 447 ExtensionIdSet valid_ids = |
| 431 base::STLSetDifference<ExtensionIdSet>(ids_, invalid_ids); | 448 base::STLSetDifference<ExtensionIdSet>(ids_, invalid_ids); |
| 432 | 449 |
| 433 scoped_ptr<InstallSignature> result; | 450 scoped_ptr<InstallSignature> result; |
| 434 if (!signature.empty()) { | 451 if (!signature.empty()) { |
| 435 result.reset(new InstallSignature); | 452 result.reset(new InstallSignature); |
| 436 result->ids = valid_ids; | 453 result->ids = valid_ids; |
| 437 result->salt = salt_; | 454 result->salt = salt_; |
| 438 result->signature = signature; | 455 result->signature = signature; |
| 439 result->expire_date = expire_date; | 456 result->expire_date = expire_date; |
| 457 result->timestamp = request_start_time_; |
| 440 bool verified = VerifySignature(*result); | 458 bool verified = VerifySignature(*result); |
| 441 UMA_HISTOGRAM_BOOLEAN("ExtensionInstallSigner.ResultWasValid", verified); | 459 UMA_HISTOGRAM_BOOLEAN("ExtensionInstallSigner.ResultWasValid", verified); |
| 442 UMA_HISTOGRAM_COUNTS_100("ExtensionInstallSigner.InvalidCount", | 460 UMA_HISTOGRAM_COUNTS_100("ExtensionInstallSigner.InvalidCount", |
| 443 invalid_ids.size()); | 461 invalid_ids.size()); |
| 444 if (!verified) | 462 if (!verified) |
| 445 result.reset(); | 463 result.reset(); |
| 446 } | 464 } |
| 447 | 465 |
| 448 if (!callback_.is_null()) | 466 if (!callback_.is_null()) |
| 449 callback_.Run(result.Pass()); | 467 callback_.Run(result.Pass()); |
| 450 } | 468 } |
| 451 | 469 |
| 452 | 470 |
| 453 } // namespace extensions | 471 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 160313002:
Don't disable extensions immediately if verification is out of date (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src