Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(600)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/verified_contents.cc

Issue 585583003: Fix case-sensitivity problems in extension content verification (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove old code Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/verified_contents.h ('k') | extensions/browser/verified_contents_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/verified_contents.h" 5 #include "extensions/browser/verified_contents.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/files/file_util.h" 8 #include "base/files/file_util.h"
9 #include "base/json/json_reader.h" 9 #include "base/json/json_reader.h"
10 #include "base/strings/string_util.h" 10 #include "base/strings/string_util.h"
(...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after
179 std::string encoded_root_hash; 179 std::string encoded_root_hash;
180 std::string root_hash; 180 std::string root_hash;
181 if (!data->GetString(kPathKey, &file_path_string) || 181 if (!data->GetString(kPathKey, &file_path_string) ||
182 !base::IsStringUTF8(file_path_string) || 182 !base::IsStringUTF8(file_path_string) ||
183 !data->GetString(kRootHashKey, &encoded_root_hash) || 183 !data->GetString(kRootHashKey, &encoded_root_hash) ||
184 !FixupBase64Encoding(&encoded_root_hash) || 184 !FixupBase64Encoding(&encoded_root_hash) ||
185 !base::Base64Decode(encoded_root_hash, &root_hash)) 185 !base::Base64Decode(encoded_root_hash, &root_hash))
186 return false; 186 return false;
187 base::FilePath file_path = 187 base::FilePath file_path =
188 base::FilePath::FromUTF8Unsafe(file_path_string); 188 base::FilePath::FromUTF8Unsafe(file_path_string);
189 root_hashes_[file_path] = std::string(); 189 RootHashes::iterator i = root_hashes_.insert(std::make_pair(
190 root_hashes_[file_path].swap(root_hash); 190 base::StringToLowerASCII(file_path.value()), std::string()));
191 i->second.swap(root_hash);
191 } 192 }
192 193
193 break; 194 break;
194 } 195 }
195 return true; 196 return true;
196 } 197 }
197 198
198 const std::string* VerifiedContents::GetTreeHashRoot( 199 bool VerifiedContents::HasTreeHashRoot(
199 const base::FilePath& relative_path) { 200 const base::FilePath& relative_path) const {
200 std::map<base::FilePath, std::string>::const_iterator i = 201 base::FilePath::StringType path = base::StringToLowerASCII(
201 root_hashes_.find(relative_path.NormalizePathSeparatorsTo('/')); 202 relative_path.NormalizePathSeparatorsTo('/').value());
202 if (i == root_hashes_.end()) 203 return root_hashes_.find(path) != root_hashes_.end();
203 return NULL; 204 }
204 return &i->second; 205
206 bool VerifiedContents::TreeHashRootEquals(const base::FilePath& relative_path,
207 const std::string& expected) const {
208 base::FilePath::StringType path = base::StringToLowerASCII(
209 relative_path.NormalizePathSeparatorsTo('/').value());
210 for (RootHashes::const_iterator i = root_hashes_.find(path);
211 i != root_hashes_.end();
212 ++i) {
213 if (expected == i->second)
214 return true;
215 }
216 return false;
205 } 217 }
206 218
207 // We're loosely following the "JSON Web Signature" draft spec for signing 219 // We're loosely following the "JSON Web Signature" draft spec for signing
208 // a JSON payload: 220 // a JSON payload:
209 // 221 //
210 // http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-26 222 // http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-26
211 // 223 //
212 // The idea is that you have some JSON that you want to sign, so you 224 // The idea is that you have some JSON that you want to sign, so you
213 // base64-encode that and put it as the "payload" field in a containing 225 // base64-encode that and put it as the "payload" field in a containing
214 // dictionary. There might be signatures of it done with multiple 226 // dictionary. There might be signatures of it done with multiple
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
336 reinterpret_cast<const uint8*>(payload.data()), payload.size()); 348 reinterpret_cast<const uint8*>(payload.data()), payload.size());
337 349
338 if (!signature_verifier.VerifyFinal()) { 350 if (!signature_verifier.VerifyFinal()) {
339 VLOG(1) << "Could not verify signature - VerifyFinal failure"; 351 VLOG(1) << "Could not verify signature - VerifyFinal failure";
340 return false; 352 return false;
341 } 353 }
342 return true; 354 return true;
343 } 355 }
344 356
345 } // namespace extensions 357 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/browser/verified_contents.h ('k') | extensions/browser/verified_contents_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698