components/crx_file/crx_verifier.h - Issue 2874503002: Refactor CRX verification in preparation to support CRX₃ files.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/crx_file/crx_verifier.h

Issue 2874503002: Refactor CRX verification in preparation to support CRX₃ files. (Closed)

Patch Set: through #51 Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/crx_file/crx_verifier.h

diff --git a/components/crx_file/crx_verifier.h b/components/crx_file/crx_verifier.h

new file mode 100644

index 0000000000000000000000000000000000000000..35cf1956a24cb83b2e9764ced0fab422635a7a26

--- /dev/null

+++ b/components/crx_file/crx_verifier.h

@@ -0,0 +1,53 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#ifndef COMPONENTS_CRX_FILE_CRX_VERIFIER_H_

+#define COMPONENTS_CRX_FILE_CRX_VERIFIER_H_

+#include <stdint.h>

+#include <string>

+#include <vector>

+namespace base {

+class FilePath;

+} // namespace base

+namespace crx_file {

+enum class VerifierFormat {

+ CRX2_OR_CRX3, // Accept Crx2 or Crx3.

+ CRX3, // Accept only Crx3.

+ CRX3_WITH_PUBLISHER_PROOF, // Accept only Crx3 with a publisher proof.

+};

+enum class VerifierResult {

+ OK_FULL, // The file verifies as a correct full CRX file.

+ OK_DELTA, // The file verifies as a correct differential CRX file.

+ ERROR_FILE_NOT_READABLE, // Cannot open the CRX file.

+ ERROR_HEADER_INVALID, // Failed to parse or understand CRX header.

+ ERROR_EXPECTED_HASH_INVALID, // Expected hash is not well-formed.

+ ERROR_FILE_HASH_FAILED, // The file's actual hash != the expected hash.

+ ERROR_SIGNATURE_INITIALIZATION_FAILED, // A signature or key is malformed.

+ ERROR_SIGNATURE_VERIFICATION_FAILED, // A signature doesn't match.

+ ERROR_REQUIRED_PROOF_MISSING, // RequireKeyProof was unsatisfied.

+};

+// Verify the file at |crx_path| as a valid Crx of |format|. The Crx must be

+// well-formed, contain no invalid proofs, match the |required_file_hash| (if

+// non-empty), and contain a proof with each of the |required_key_hashes|.

+// If and only if this function returns OK_FULL or OK_DELTA, and only if

+// |public_key| / |crx_id| are non-null, they will be updated to contain the

+// public key (PEM format, without the header/footer) and crx id (encoded in

+// base16 using the characters [a-p]).

+VerifierResult Verify(

+ const base::FilePath& crx_path,

+ const VerifierFormat& format,

+ const std::vector<std::vector<uint8_t>>& required_key_hashes,

+ const std::vector<uint8_t>& required_file_hash,

+ std::string* public_key,

+ std::string* crx_id);

+} // namespace crx_file

+#endif // COMPONENTS_CRX_FILE_CRX_VERIFIER_H_

« no previous file with comments | « components/crx_file/crx_file.cc ('k') | components/crx_file/crx_verifier.cc » ('j') | no next file with comments »