| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/verified_contents.h" | 5 #include "extensions/browser/verified_contents.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include "base/base64url.h" | 9 #include "base/base64url.h" |
| 10 #include "base/files/file_util.h" | 10 #include "base/files/file_util.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 const char kRootHashKey[] = "root_hash"; | 36 const char kRootHashKey[] = "root_hash"; |
| 37 const char kSignatureKey[] = "signature"; | 37 const char kSignatureKey[] = "signature"; |
| 38 const char kSignaturesKey[] = "signatures"; | 38 const char kSignaturesKey[] = "signatures"; |
| 39 const char kSignedContentKey[] = "signed_content"; | 39 const char kSignedContentKey[] = "signed_content"; |
| 40 const char kTreeHashPerFile[] = "treehash per file"; | 40 const char kTreeHashPerFile[] = "treehash per file"; |
| 41 const char kTreeHash[] = "treehash"; | 41 const char kTreeHash[] = "treehash"; |
| 42 const char kWebstoreKId[] = "webstore"; | 42 const char kWebstoreKId[] = "webstore"; |
| 43 | 43 |
| 44 // Helper function to iterate over a list of dictionaries, returning the | 44 // Helper function to iterate over a list of dictionaries, returning the |
| 45 // dictionary that has |key| -> |value| in it, if any, or NULL. | 45 // dictionary that has |key| -> |value| in it, if any, or NULL. |
| 46 const DictionaryValue* FindDictionaryWithValue(const ListValue* list, | 46 DictionaryValue* FindDictionaryWithValue(const ListValue* list, |
| 47 const std::string& key, | 47 const std::string& key, |
| 48 const std::string& value) { | 48 const std::string& value) { |
| 49 for (const auto& i : *list) { | 49 for (const auto& i : *list) { |
| 50 const DictionaryValue* dictionary; | 50 DictionaryValue* dictionary; |
| 51 if (!i.GetAsDictionary(&dictionary)) | 51 if (!i->GetAsDictionary(&dictionary)) |
| 52 continue; | 52 continue; |
| 53 std::string found_value; | 53 std::string found_value; |
| 54 if (dictionary->GetString(key, &found_value) && found_value == value) | 54 if (dictionary->GetString(key, &found_value) && found_value == value) |
| 55 return dictionary; | 55 return dictionary; |
| 56 } | 56 } |
| 57 return NULL; | 57 return NULL; |
| 58 } | 58 } |
| 59 | 59 |
| 60 } // namespace | 60 } // namespace |
| 61 | 61 |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 241 // Find the "treehash per file" signed content, e.g. | 241 // Find the "treehash per file" signed content, e.g. |
| 242 // [ | 242 // [ |
| 243 // { | 243 // { |
| 244 // "description": "treehash per file", | 244 // "description": "treehash per file", |
| 245 // "signed_content": { | 245 // "signed_content": { |
| 246 // "signatures": [ ... ], | 246 // "signatures": [ ... ], |
| 247 // "payload": "..." | 247 // "payload": "..." |
| 248 // } | 248 // } |
| 249 // } | 249 // } |
| 250 // ] | 250 // ] |
| 251 const DictionaryValue* dictionary = | 251 DictionaryValue* dictionary = |
| 252 FindDictionaryWithValue(top_list, kDescriptionKey, kTreeHashPerFile); | 252 FindDictionaryWithValue(top_list, kDescriptionKey, kTreeHashPerFile); |
| 253 const DictionaryValue* signed_content = NULL; | 253 DictionaryValue* signed_content = NULL; |
| 254 if (!dictionary || | 254 if (!dictionary || |
| 255 !dictionary->GetDictionaryWithoutPathExpansion(kSignedContentKey, | 255 !dictionary->GetDictionaryWithoutPathExpansion(kSignedContentKey, |
| 256 &signed_content)) { | 256 &signed_content)) { |
| 257 return false; | 257 return false; |
| 258 } | 258 } |
| 259 | 259 |
| 260 const ListValue* signatures = NULL; | 260 ListValue* signatures = NULL; |
| 261 if (!signed_content->GetList(kSignaturesKey, &signatures)) | 261 if (!signed_content->GetList(kSignaturesKey, &signatures)) |
| 262 return false; | 262 return false; |
| 263 | 263 |
| 264 const DictionaryValue* signature_dict = | 264 DictionaryValue* signature_dict = |
| 265 FindDictionaryWithValue(signatures, kHeaderKidKey, kWebstoreKId); | 265 FindDictionaryWithValue(signatures, kHeaderKidKey, kWebstoreKId); |
| 266 if (!signature_dict) | 266 if (!signature_dict) |
| 267 return false; | 267 return false; |
| 268 | 268 |
| 269 std::string protected_value; | 269 std::string protected_value; |
| 270 std::string encoded_signature; | 270 std::string encoded_signature; |
| 271 std::string decoded_signature; | 271 std::string decoded_signature; |
| 272 if (!signature_dict->GetString(kProtectedKey, &protected_value) || | 272 if (!signature_dict->GetString(kProtectedKey, &protected_value) || |
| 273 !signature_dict->GetString(kSignatureKey, &encoded_signature) || | 273 !signature_dict->GetString(kSignatureKey, &encoded_signature) || |
| 274 !base::Base64UrlDecode(encoded_signature, | 274 !base::Base64UrlDecode(encoded_signature, |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 317 reinterpret_cast<const uint8_t*>(payload.data()), payload.size()); | 317 reinterpret_cast<const uint8_t*>(payload.data()), payload.size()); |
| 318 | 318 |
| 319 if (!signature_verifier.VerifyFinal()) { | 319 if (!signature_verifier.VerifyFinal()) { |
| 320 VLOG(1) << "Could not verify signature - VerifyFinal failure"; | 320 VLOG(1) << "Could not verify signature - VerifyFinal failure"; |
| 321 return false; | 321 return false; |
| 322 } | 322 } |
| 323 return true; | 323 return true; |
| 324 } | 324 } |
| 325 | 325 |
| 326 } // namespace extensions | 326 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2816513002:
Revert of Change base::Value::ListStorage to std::vector<base::Value> (Closed)
