| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" | 5 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 | 23 |
| 24 namespace { | 24 namespace { |
| 25 const base::FilePath::CharType kCompressedEVWhitelistFileName[] = | 25 const base::FilePath::CharType kCompressedEVWhitelistFileName[] = |
| 26 FILE_PATH_LITERAL("ev_hashes_whitelist.bin"); | 26 FILE_PATH_LITERAL("ev_hashes_whitelist.bin"); |
| 27 | 27 |
| 28 base::FilePath GetEVWhitelistFilePath(const base::FilePath& base_path) { | 28 base::FilePath GetEVWhitelistFilePath(const base::FilePath& base_path) { |
| 29 return base_path.Append(kCompressedEVWhitelistFileName); | 29 return base_path.Append(kCompressedEVWhitelistFileName); |
| 30 } | 30 } |
| 31 | 31 |
| 32 void UpdateNewWhitelistData(const base::FilePath& new_whitelist_file, | 32 void UpdateNewWhitelistData(const base::FilePath& new_whitelist_file, |
| 33 const base::FilePath& stored_whitelist_path) { | 33 const base::FilePath& stored_whitelist_path, |
| 34 const base::Version& version) { |
| 34 VLOG(1) << "Reading new EV whitelist from file: " | 35 VLOG(1) << "Reading new EV whitelist from file: " |
| 35 << new_whitelist_file.value(); | 36 << new_whitelist_file.value(); |
| 36 std::string compressed_list; | 37 std::string compressed_list; |
| 37 if (!base::ReadFileToString(new_whitelist_file, &compressed_list)) { | 38 if (!base::ReadFileToString(new_whitelist_file, &compressed_list)) { |
| 38 VLOG(1) << "Failed reading from " << new_whitelist_file.value(); | 39 VLOG(1) << "Failed reading from " << new_whitelist_file.value(); |
| 39 return; | 40 return; |
| 40 } | 41 } |
| 41 | 42 |
| 42 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( | 43 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( |
| 43 new PackedEVCertsWhitelist(compressed_list)); | 44 new PackedEVCertsWhitelist(compressed_list, version)); |
| 44 if (!new_whitelist->IsValid()) { | 45 if (!new_whitelist->IsValid()) { |
| 45 VLOG(1) << "Failed uncompressing EV certs whitelist."; | 46 VLOG(1) << "Failed uncompressing EV certs whitelist."; |
| 46 return; | 47 return; |
| 47 } | 48 } |
| 48 | 49 |
| 49 if (base::IsValueInRangeForNumericType<int>(compressed_list.size())) { | 50 if (base::IsValueInRangeForNumericType<int>(compressed_list.size())) { |
| 50 const int list_size = base::checked_cast<int>(compressed_list.size()); | 51 const int list_size = base::checked_cast<int>(compressed_list.size()); |
| 51 if (base::WriteFile(stored_whitelist_path, compressed_list.data(), | 52 if (base::WriteFile(stored_whitelist_path, compressed_list.data(), |
| 52 list_size) != list_size) { | 53 list_size) != list_size) { |
| 53 LOG(WARNING) << "Failed to save new EV whitelist to file."; | 54 LOG(WARNING) << "Failed to save new EV whitelist to file."; |
| 54 } | 55 } |
| 55 } | 56 } |
| 56 | 57 |
| 57 SetEVCertsWhitelist(new_whitelist); | 58 SetEVCertsWhitelist(new_whitelist); |
| 58 } | 59 } |
| 59 | 60 |
| 60 void DoInitialLoadFromDisk(const base::FilePath& stored_whitelist_path) { | 61 void DoInitialLoadFromDisk(const base::FilePath& stored_whitelist_path) { |
| 61 if (stored_whitelist_path.empty()) { | 62 if (stored_whitelist_path.empty()) { |
| 62 return; | 63 return; |
| 63 } | 64 } |
| 64 | 65 |
| 65 VLOG(1) << "Initial load: reading EV whitelist from file: " | 66 VLOG(1) << "Initial load: reading EV whitelist from file: " |
| 66 << stored_whitelist_path.value(); | 67 << stored_whitelist_path.value(); |
| 67 std::string compressed_list; | 68 std::string compressed_list; |
| 68 if (!base::ReadFileToString(stored_whitelist_path, &compressed_list)) { | 69 if (!base::ReadFileToString(stored_whitelist_path, &compressed_list)) { |
| 69 VLOG(1) << "Failed reading from " << stored_whitelist_path.value(); | 70 VLOG(1) << "Failed reading from " << stored_whitelist_path.value(); |
| 70 return; | 71 return; |
| 71 } | 72 } |
| 72 | 73 |
| 74 // The version number is unknown as the list is loaded from disk, not |
| 75 // the component. |
| 76 // In practice very quickly the component updater will call ComponentReady |
| 77 // which will have a valid version. |
| 73 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( | 78 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( |
| 74 new PackedEVCertsWhitelist(compressed_list)); | 79 new PackedEVCertsWhitelist(compressed_list, Version())); |
| 75 if (!new_whitelist->IsValid()) { | 80 if (!new_whitelist->IsValid()) { |
| 76 VLOG(1) << "Failed uncompressing EV certs whitelist."; | 81 VLOG(1) << "Failed uncompressing EV certs whitelist."; |
| 77 return; | 82 return; |
| 78 } | 83 } |
| 79 | 84 |
| 80 VLOG(1) << "EV whitelist: Sucessfully loaded initial data."; | 85 VLOG(1) << "EV whitelist: Sucessfully loaded initial data."; |
| 81 SetEVCertsWhitelist(new_whitelist); | 86 SetEVCertsWhitelist(new_whitelist); |
| 82 } | 87 } |
| 83 | 88 |
| 84 } // namespace | 89 } // namespace |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 | 126 |
| 122 void EVWhitelistComponentInstallerTraits::ComponentReady( | 127 void EVWhitelistComponentInstallerTraits::ComponentReady( |
| 123 const base::Version& version, | 128 const base::Version& version, |
| 124 const base::FilePath& path, | 129 const base::FilePath& path, |
| 125 scoped_ptr<base::DictionaryValue> manifest) { | 130 scoped_ptr<base::DictionaryValue> manifest) { |
| 126 VLOG(1) << "Component ready, version " << version.GetString() << " in " | 131 VLOG(1) << "Component ready, version " << version.GetString() << " in " |
| 127 << path.value(); | 132 << path.value(); |
| 128 | 133 |
| 129 const base::FilePath whitelist_file = GetInstalledPath(path); | 134 const base::FilePath whitelist_file = GetInstalledPath(path); |
| 130 content::BrowserThread::PostBlockingPoolTask( | 135 content::BrowserThread::PostBlockingPoolTask( |
| 131 FROM_HERE, | 136 FROM_HERE, base::Bind(&UpdateNewWhitelistData, whitelist_file, |
| 132 base::Bind(&UpdateNewWhitelistData, whitelist_file, ev_whitelist_path_)); | 137 ev_whitelist_path_, version)); |
| 133 } | 138 } |
| 134 | 139 |
| 135 bool EVWhitelistComponentInstallerTraits::VerifyInstallation( | 140 bool EVWhitelistComponentInstallerTraits::VerifyInstallation( |
| 136 const base::DictionaryValue& manifest, | 141 const base::DictionaryValue& manifest, |
| 137 const base::FilePath& install_dir) const { | 142 const base::FilePath& install_dir) const { |
| 138 const base::FilePath expected_file = GetInstalledPath(install_dir); | 143 const base::FilePath expected_file = GetInstalledPath(install_dir); |
| 139 VLOG(1) << "Verifying install: " << expected_file.value(); | 144 VLOG(1) << "Verifying install: " << expected_file.value(); |
| 140 if (!base::PathExists(expected_file)) { | 145 if (!base::PathExists(expected_file)) { |
| 141 VLOG(1) << "File missing."; | 146 VLOG(1) << "File missing."; |
| 142 return false; | 147 return false; |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 181 installer->Register(cus); | 186 installer->Register(cus); |
| 182 | 187 |
| 183 if (!content::BrowserThread::PostBlockingPoolTask( | 188 if (!content::BrowserThread::PostBlockingPoolTask( |
| 184 FROM_HERE, | 189 FROM_HERE, |
| 185 base::Bind(&DoInitialLoadFromDisk, GetEVWhitelistFilePath(path)))) { | 190 base::Bind(&DoInitialLoadFromDisk, GetEVWhitelistFilePath(path)))) { |
| 186 NOTREACHED(); | 191 NOTREACHED(); |
| 187 } | 192 } |
| 188 } | 193 } |
| 189 | 194 |
| 190 } // namespace component_updater | 195 } // namespace component_updater |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 782333002:
Certificate Transparency: Adding finch and NetLog logging for EV certs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master