OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/install_signer.h" | 5 #include "chrome/browser/extensions/install_signer.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
(...skipping 13 matching lines...) Expand all Loading... | |
24 #include "base/strings/string_split.h" | 24 #include "base/strings/string_split.h" |
25 #include "base/strings/string_util.h" | 25 #include "base/strings/string_util.h" |
26 #include "base/time/time.h" | 26 #include "base/time/time.h" |
27 #include "base/values.h" | 27 #include "base/values.h" |
28 #include "build/build_config.h" | 28 #include "build/build_config.h" |
29 #include "chrome/common/chrome_switches.h" | 29 #include "chrome/common/chrome_switches.h" |
30 #include "crypto/random.h" | 30 #include "crypto/random.h" |
31 #include "crypto/secure_hash.h" | 31 #include "crypto/secure_hash.h" |
32 #include "crypto/sha2.h" | 32 #include "crypto/sha2.h" |
33 #include "crypto/signature_verifier.h" | 33 #include "crypto/signature_verifier.h" |
34 #include "net/traffic_annotation/network_traffic_annotation.h" | |
34 #include "net/url_request/url_fetcher.h" | 35 #include "net/url_request/url_fetcher.h" |
35 #include "net/url_request/url_fetcher_delegate.h" | 36 #include "net/url_request/url_fetcher_delegate.h" |
36 #include "net/url_request/url_request_context_getter.h" | 37 #include "net/url_request/url_request_context_getter.h" |
37 #include "net/url_request/url_request_status.h" | 38 #include "net/url_request/url_request_status.h" |
38 #include "rlz/features/features.h" | 39 #include "rlz/features/features.h" |
39 #include "url/gurl.h" | 40 #include "url/gurl.h" |
40 | 41 |
41 #if BUILDFLAG(ENABLE_RLZ) | 42 #if BUILDFLAG(ENABLE_RLZ) |
42 #include "rlz/lib/machine_id.h" | 43 #include "rlz/lib/machine_id.h" |
43 #endif | 44 #endif |
(...skipping 323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
367 | 368 |
368 if (!context_getter_) { | 369 if (!context_getter_) { |
369 ReportErrorViaCallback(); | 370 ReportErrorViaCallback(); |
370 return; | 371 return; |
371 } | 372 } |
372 | 373 |
373 base::Closure closure = base::Bind(&InstallSigner::ParseFetchResponse, | 374 base::Closure closure = base::Bind(&InstallSigner::ParseFetchResponse, |
374 base::Unretained(this)); | 375 base::Unretained(this)); |
375 | 376 |
376 delegate_.reset(new FetcherDelegate(closure)); | 377 delegate_.reset(new FetcherDelegate(closure)); |
378 net::NetworkTrafficAnnotationTag traffic_annotation = | |
379 net::DefineNetworkTrafficAnnotation("extension_install_signer", R"( | |
380 semantics { | |
381 sender: "Extension Install Signer" | |
382 description: "Fetches the signatures for installed extensions." | |
383 trigger: | |
384 "Chrome detects an extension that requires installation " | |
385 "verification." | |
386 data: | |
387 "The ids of the extensions that need to be verified, as well as a " | |
388 "salted hash of the user's machine id." | |
msramek
2017/05/03 16:08:27
If I'm reading the code correctly, we send RLZ if
Devlin
2017/05/08 15:19:02
Yeah, the machine id comes from RLZ. We don't sen
msramek
2017/05/17 22:22:04
Thanks, Devlin!
Ramin, then I would perhaps add t
Ramin Halavati
2017/05/18 05:01:14
Done.
| |
389 destination: GOOGLE_OWNED_SERVICE | |
390 } | |
391 policy { | |
392 cookies_allowed: true | |
393 cookies_store: "user" | |
394 setting: | |
395 "This feature cannot be disabled, but it is only activated if " | |
396 "extensions are installed." | |
397 chrome_policy { | |
398 ExtensionInstallBlacklist { | |
399 policy_options {mode: MANDATORY/RECOMMENDED/UNSET} | |
400 ExtensionInstallBlacklist: '*' | |
401 } | |
402 } | |
403 })"); | |
377 url_fetcher_ = net::URLFetcher::Create(GetBackendUrl(), net::URLFetcher::POST, | 404 url_fetcher_ = net::URLFetcher::Create(GetBackendUrl(), net::URLFetcher::POST, |
378 delegate_.get()); | 405 delegate_.get(), traffic_annotation); |
379 url_fetcher_->SetRequestContext(context_getter_); | 406 url_fetcher_->SetRequestContext(context_getter_); |
380 | 407 |
381 // The request protocol is JSON of the form: | 408 // The request protocol is JSON of the form: |
382 // { | 409 // { |
383 // "protocol_version": "1", | 410 // "protocol_version": "1", |
384 // "hash": "<base64-encoded hash value here>", | 411 // "hash": "<base64-encoded hash value here>", |
385 // "ids": [ "<id1>", "id2" ] | 412 // "ids": [ "<id1>", "id2" ] |
386 // } | 413 // } |
387 base::DictionaryValue dictionary; | 414 base::DictionaryValue dictionary; |
388 dictionary.SetInteger(kProtocolVersionKey, 1); | 415 dictionary.SetInteger(kProtocolVersionKey, 1); |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
506 if (!verified) | 533 if (!verified) |
507 result.reset(); | 534 result.reset(); |
508 } | 535 } |
509 | 536 |
510 if (!callback_.is_null()) | 537 if (!callback_.is_null()) |
511 callback_.Run(std::move(result)); | 538 callback_.Run(std::move(result)); |
512 } | 539 } |
513 | 540 |
514 | 541 |
515 } // namespace extensions | 542 } // namespace extensions |
OLD | NEW |