| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef EXTENSIONS_BROWSER_VERIFIED_CONTENTS_H_ |
| 6 #define EXTENSIONS_BROWSER_VERIFIED_CONTENTS_H_ |
| 7 |
| 8 #include <map> |
| 9 #include <string> |
| 10 #include <vector> |
| 11 |
| 12 #include "base/files/file_path.h" |
| 13 #include "base/version.h" |
| 14 |
| 15 namespace extensions { |
| 16 |
| 17 // This class encapsulates the data in a "verified_contents.json" file |
| 18 // generated by the webstore for a .crx file. That data includes a set of |
| 19 // signed expected hashes of file content which can be used to check for |
| 20 // corruption of extension files on local disk. |
| 21 class VerifiedContents { |
| 22 public: |
| 23 // Note: the public_key must remain valid for the lifetime of this object. |
| 24 VerifiedContents(const uint8* public_key, int public_key_size); |
| 25 ~VerifiedContents(); |
| 26 |
| 27 // Returns true if we successfully parsed the verified_contents.json file at |
| 28 // |path| and validated the enclosed signature. The |
| 29 // |ignore_invalid_signature| argument can be set to make this still succeed |
| 30 // if the contents of the file were parsed successfully but the signature did |
| 31 // not validate. (Use with caution!) |
| 32 bool InitFrom(const base::FilePath& path, bool ignore_invalid_signature); |
| 33 |
| 34 int block_size() const { return block_size_; } |
| 35 const std::string& extension_id() const { return extension_id_; } |
| 36 const base::Version& version() const { return version_; } |
| 37 |
| 38 // This returns a pointer to the binary form of an expected sha256 root hash |
| 39 // for |relative_path| computing using a tree hash algorithm. |
| 40 const std::string* GetTreeHashRoot(const base::FilePath& relative_path); |
| 41 |
| 42 // If InitFrom has not been called yet, or was used in "ignore invalid |
| 43 // signature" mode, this can return false. |
| 44 bool valid_signature() { return valid_signature_; } |
| 45 |
| 46 private: |
| 47 DISALLOW_COPY_AND_ASSIGN(VerifiedContents); |
| 48 |
| 49 // Returns the base64url-decoded "payload" field from the json at |path|, if |
| 50 // the signature was valid (or ignore_invalid_signature was set to true). |
| 51 bool GetPayload(const base::FilePath& path, |
| 52 std::string* payload, |
| 53 bool ignore_invalid_signature); |
| 54 |
| 55 // The |protected_value| and |payload| arguments should be base64url encoded |
| 56 // strings, and |signature_bytes| should be a byte array. See comments in the |
| 57 // .cc file on GetPayload for where these come from in the overall input |
| 58 // file. |
| 59 bool VerifySignature(const std::string& protected_value, |
| 60 const std::string& payload, |
| 61 const std::string& signature_bytes); |
| 62 |
| 63 // The public key we should use for signature verification. |
| 64 const uint8* public_key_; |
| 65 const int public_key_size_; |
| 66 |
| 67 // Indicates whether the signature was successfully validated or not. |
| 68 bool valid_signature_; |
| 69 |
| 70 // The block size used for computing the treehash root hashes. |
| 71 int block_size_; |
| 72 |
| 73 // Information about which extension these signed hashes are for. |
| 74 std::string extension_id_; |
| 75 base::Version version_; |
| 76 |
| 77 // The expected treehash root hashes for each file. |
| 78 std::map<base::FilePath, std::string> root_hashes_; |
| 79 }; |
| 80 |
| 81 } // namespace extensions |
| 82 |
| 83 #endif // EXTENSIONS_BROWSER_VERIFIED_CONTENTS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 278593005:
Extension content verification: new class for parsing data from store (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src