| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/component_updater/component_unpacker.h" | 5 #include "components/update_client/component_unpacker.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
| 14 #include "base/files/scoped_file.h" | 14 #include "base/files/scoped_file.h" |
| 15 #include "base/json/json_file_value_serializer.h" | 15 #include "base/json/json_file_value_serializer.h" |
| 16 #include "base/location.h" | 16 #include "base/location.h" |
| 17 #include "base/logging.h" | 17 #include "base/logging.h" |
| 18 #include "base/numerics/safe_conversions.h" | 18 #include "base/numerics/safe_conversions.h" |
| 19 #include "base/strings/string_number_conversions.h" | 19 #include "base/strings/string_number_conversions.h" |
| 20 #include "base/strings/stringprintf.h" | 20 #include "base/strings/stringprintf.h" |
| 21 #include "base/values.h" | 21 #include "base/values.h" |
| 22 #include "components/component_updater/component_patcher.h" | |
| 23 #include "components/component_updater/component_patcher_operation.h" | |
| 24 #include "components/component_updater/component_updater_service.h" | |
| 25 #include "components/crx_file/constants.h" | 22 #include "components/crx_file/constants.h" |
| 26 #include "components/crx_file/crx_file.h" | 23 #include "components/crx_file/crx_file.h" |
| 24 #include "components/update_client/component_patcher.h" |
| 25 #include "components/update_client/component_patcher_operation.h" |
| 26 #include "components/update_client/update_client.h" |
| 27 #include "crypto/secure_hash.h" | 27 #include "crypto/secure_hash.h" |
| 28 #include "crypto/signature_verifier.h" | 28 #include "crypto/signature_verifier.h" |
| 29 #include "third_party/zlib/google/zip.h" | 29 #include "third_party/zlib/google/zip.h" |
| 30 | 30 |
| 31 using crypto::SecureHash; | 31 using crypto::SecureHash; |
| 32 | 32 |
| 33 namespace component_updater { | 33 namespace update_client { |
| 34 | 34 |
| 35 namespace { | 35 namespace { |
| 36 | 36 |
| 37 // This class makes sure that the CRX digital signature is valid | 37 // This class makes sure that the CRX digital signature is valid |
| 38 // and well formed. | 38 // and well formed. |
| 39 class CRXValidator { | 39 class CRXValidator { |
| 40 public: | 40 public: |
| 41 explicit CRXValidator(FILE* crx_file) : valid_(false), is_delta_(false) { | 41 explicit CRXValidator(FILE* crx_file) : valid_(false), is_delta_(false) { |
| 42 crx_file::CrxFile::Header header; | 42 crx_file::CrxFile::Header header; |
| 43 size_t len = fread(&header, 1, sizeof(header), crx_file); | 43 size_t len = fread(&header, 1, sizeof(header), crx_file); |
| 44 if (len < sizeof(header)) | 44 if (len < sizeof(header)) |
| 45 return; | 45 return; |
| 46 | 46 |
| 47 crx_file::CrxFile::Error error; | 47 crx_file::CrxFile::Error error; |
| 48 scoped_ptr<crx_file::CrxFile> crx( | 48 scoped_ptr<crx_file::CrxFile> crx(crx_file::CrxFile::Parse(header, &error)); |
| 49 crx_file::CrxFile::Parse(header, &error)); | |
| 50 if (!crx.get()) | 49 if (!crx.get()) |
| 51 return; | 50 return; |
| 52 is_delta_ = crx_file::CrxFile::HeaderIsDelta(header); | 51 is_delta_ = crx_file::CrxFile::HeaderIsDelta(header); |
| 53 | 52 |
| 54 std::vector<uint8_t> key(header.key_size); | 53 std::vector<uint8_t> key(header.key_size); |
| 55 len = fread(&key[0], sizeof(uint8_t), header.key_size, crx_file); | 54 len = fread(&key[0], sizeof(uint8_t), header.key_size, crx_file); |
| 56 if (len < header.key_size) | 55 if (len < header.key_size) |
| 57 return; | 56 return; |
| 58 | 57 |
| 59 std::vector<uint8_t> signature(header.signature_size); | 58 std::vector<uint8_t> signature(header.signature_size); |
| 60 len = | 59 len = |
| 61 fread(&signature[0], sizeof(uint8_t), header.signature_size, crx_file); | 60 fread(&signature[0], sizeof(uint8_t), header.signature_size, crx_file); |
| 62 if (len < header.signature_size) | 61 if (len < header.signature_size) |
| 63 return; | 62 return; |
| 64 | 63 |
| 65 crypto::SignatureVerifier verifier; | 64 crypto::SignatureVerifier verifier; |
| 66 if (!verifier.VerifyInit(crx_file::kSignatureAlgorithm, | 65 if (!verifier.VerifyInit( |
| 67 base::checked_cast<int>( | 66 crx_file::kSignatureAlgorithm, |
| 68 sizeof(crx_file::kSignatureAlgorithm)), | 67 base::checked_cast<int>(sizeof(crx_file::kSignatureAlgorithm)), |
| 69 &signature[0], | 68 &signature[0], base::checked_cast<int>(signature.size()), &key[0], |
| 70 base::checked_cast<int>(signature.size()), | 69 base::checked_cast<int>(key.size()))) { |
| 71 &key[0], | |
| 72 base::checked_cast<int>(key.size()))) { | |
| 73 // Signature verification initialization failed. This is most likely | 70 // Signature verification initialization failed. This is most likely |
| 74 // caused by a public key in the wrong format (should encode algorithm). | 71 // caused by a public key in the wrong format (should encode algorithm). |
| 75 return; | 72 return; |
| 76 } | 73 } |
| 77 | 74 |
| 78 const size_t kBufSize = 8 * 1024; | 75 const size_t kBufSize = 8 * 1024; |
| 79 scoped_ptr<uint8_t[]> buf(new uint8_t[kBufSize]); | 76 scoped_ptr<uint8_t[]> buf(new uint8_t[kBufSize]); |
| 80 while ((len = fread(buf.get(), 1, kBufSize, crx_file)) > 0) | 77 while ((len = fread(buf.get(), 1, kBufSize, crx_file)) > 0) |
| 81 verifier.VerifyUpdate(buf.get(), base::checked_cast<int>(len)); | 78 verifier.VerifyUpdate(buf.get(), base::checked_cast<int>(len)); |
| 82 | 79 |
| (...skipping 16 matching lines...) Expand all Loading... |
| 99 std::vector<uint8_t> public_key_; | 96 std::vector<uint8_t> public_key_; |
| 100 }; | 97 }; |
| 101 | 98 |
| 102 } // namespace | 99 } // namespace |
| 103 | 100 |
| 104 ComponentUnpacker::ComponentUnpacker( | 101 ComponentUnpacker::ComponentUnpacker( |
| 105 const std::vector<uint8_t>& pk_hash, | 102 const std::vector<uint8_t>& pk_hash, |
| 106 const base::FilePath& path, | 103 const base::FilePath& path, |
| 107 const std::string& fingerprint, | 104 const std::string& fingerprint, |
| 108 ComponentInstaller* installer, | 105 ComponentInstaller* installer, |
| 109 scoped_refptr<OutOfProcessPatcher> out_of_process_patcher, | 106 scoped_refptr<OutOfProcessPatcher> oop_patcher, |
| 110 scoped_refptr<base::SequencedTaskRunner> task_runner) | 107 scoped_refptr<base::SequencedTaskRunner> task_runner) |
| 111 : pk_hash_(pk_hash), | 108 : pk_hash_(pk_hash), |
| 112 path_(path), | 109 path_(path), |
| 113 is_delta_(false), | 110 is_delta_(false), |
| 114 fingerprint_(fingerprint), | 111 fingerprint_(fingerprint), |
| 115 installer_(installer), | 112 installer_(installer), |
| 116 out_of_process_patcher_(out_of_process_patcher), | 113 oop_patcher_(oop_patcher), |
| 117 error_(kNone), | 114 error_(kNone), |
| 118 extended_error_(0), | 115 extended_error_(0), |
| 119 task_runner_(task_runner) { | 116 task_runner_(task_runner) { |
| 120 } | 117 } |
| 121 | 118 |
| 122 // TODO(cpu): add a specific attribute check to a component json that the | 119 // TODO(cpu): add a specific attribute check to a component json that the |
| 123 // extension unpacker will reject, so that a component cannot be installed | 120 // extension unpacker will reject, so that a component cannot be installed |
| 124 // as an extension. | 121 // as an extension. |
| 125 scoped_ptr<base::DictionaryValue> ReadManifest( | 122 scoped_ptr<base::DictionaryValue> ReadManifest( |
| 126 const base::FilePath& unpack_path) { | 123 const base::FilePath& unpack_path) { |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 206 } | 203 } |
| 207 | 204 |
| 208 bool ComponentUnpacker::BeginPatching() { | 205 bool ComponentUnpacker::BeginPatching() { |
| 209 if (is_delta_) { // Package is a diff package. | 206 if (is_delta_) { // Package is a diff package. |
| 210 // Use a different temp directory for the patch output files. | 207 // Use a different temp directory for the patch output files. |
| 211 if (!base::CreateNewTempDirectory(base::FilePath::StringType(), | 208 if (!base::CreateNewTempDirectory(base::FilePath::StringType(), |
| 212 &unpack_path_)) { | 209 &unpack_path_)) { |
| 213 error_ = kUnzipPathError; | 210 error_ = kUnzipPathError; |
| 214 return false; | 211 return false; |
| 215 } | 212 } |
| 216 patcher_ = new ComponentPatcher(unpack_diff_path_, | 213 patcher_ = new ComponentPatcher(unpack_diff_path_, unpack_path_, installer_, |
| 217 unpack_path_, | 214 oop_patcher_, task_runner_); |
| 218 installer_, | |
| 219 out_of_process_patcher_, | |
| 220 task_runner_); | |
| 221 task_runner_->PostTask( | 215 task_runner_->PostTask( |
| 222 FROM_HERE, | 216 FROM_HERE, |
| 223 base::Bind(&ComponentPatcher::Start, | 217 base::Bind(&ComponentPatcher::Start, patcher_, |
| 224 patcher_, | |
| 225 base::Bind(&ComponentUnpacker::EndPatching, | 218 base::Bind(&ComponentUnpacker::EndPatching, |
| 226 scoped_refptr<ComponentUnpacker>(this)))); | 219 scoped_refptr<ComponentUnpacker>(this)))); |
| 227 } else { | 220 } else { |
| 228 task_runner_->PostTask(FROM_HERE, | 221 task_runner_->PostTask( |
| 229 base::Bind(&ComponentUnpacker::EndPatching, | 222 FROM_HERE, |
| 230 scoped_refptr<ComponentUnpacker>(this), | 223 base::Bind(&ComponentUnpacker::EndPatching, |
| 231 kNone, | 224 scoped_refptr<ComponentUnpacker>(this), kNone, 0)); |
| 232 0)); | |
| 233 } | 225 } |
| 234 return true; | 226 return true; |
| 235 } | 227 } |
| 236 | 228 |
| 237 void ComponentUnpacker::EndPatching(Error error, int extended_error) { | 229 void ComponentUnpacker::EndPatching(Error error, int extended_error) { |
| 238 error_ = error; | 230 error_ = error; |
| 239 extended_error_ = extended_error; | 231 extended_error_ = extended_error; |
| 240 patcher_ = NULL; | 232 patcher_ = NULL; |
| 241 if (error_ != kNone) { | 233 if (error_ != kNone) { |
| 242 Finish(); | 234 Finish(); |
| 243 return; | 235 return; |
| 244 } | 236 } |
| 245 // Optimization: clean up patch files early, in case disk space is too low to | 237 // Optimization: clean up patch files early, in case disk space is too low to |
| 246 // install otherwise. | 238 // install otherwise. |
| 247 if (!unpack_diff_path_.empty()) { | 239 if (!unpack_diff_path_.empty()) { |
| 248 base::DeleteFile(unpack_diff_path_, true); | 240 base::DeleteFile(unpack_diff_path_, true); |
| 249 unpack_diff_path_.clear(); | 241 unpack_diff_path_.clear(); |
| 250 } | 242 } |
| 251 Install(); | 243 Install(); |
| 252 Finish(); | 244 Finish(); |
| 253 } | 245 } |
| 254 | 246 |
| 255 void ComponentUnpacker::Install() { | 247 void ComponentUnpacker::Install() { |
| 256 // Write the fingerprint to disk. | 248 // Write the fingerprint to disk. |
| 257 if (static_cast<int>(fingerprint_.size()) != | 249 if (static_cast<int>(fingerprint_.size()) != |
| 258 base::WriteFile( | 250 base::WriteFile( |
| 259 unpack_path_.Append(FILE_PATH_LITERAL("manifest.fingerprint")), | 251 unpack_path_.Append(FILE_PATH_LITERAL("manifest.fingerprint")), |
| 260 fingerprint_.c_str(), | 252 fingerprint_.c_str(), base::checked_cast<int>(fingerprint_.size()))) { |
| 261 base::checked_cast<int>(fingerprint_.size()))) { | |
| 262 error_ = kFingerprintWriteFailed; | 253 error_ = kFingerprintWriteFailed; |
| 263 return; | 254 return; |
| 264 } | 255 } |
| 265 scoped_ptr<base::DictionaryValue> manifest(ReadManifest(unpack_path_)); | 256 scoped_ptr<base::DictionaryValue> manifest(ReadManifest(unpack_path_)); |
| 266 if (!manifest.get()) { | 257 if (!manifest.get()) { |
| 267 error_ = kBadManifest; | 258 error_ = kBadManifest; |
| 268 return; | 259 return; |
| 269 } | 260 } |
| 270 DCHECK(error_ == kNone); | 261 DCHECK(error_ == kNone); |
| 271 if (!installer_->Install(*manifest, unpack_path_)) { | 262 if (!installer_->Install(*manifest, unpack_path_)) { |
| 272 error_ = kInstallerError; | 263 error_ = kInstallerError; |
| 273 return; | 264 return; |
| 274 } | 265 } |
| 275 } | 266 } |
| 276 | 267 |
| 277 void ComponentUnpacker::Finish() { | 268 void ComponentUnpacker::Finish() { |
| 278 if (!unpack_diff_path_.empty()) | 269 if (!unpack_diff_path_.empty()) |
| 279 base::DeleteFile(unpack_diff_path_, true); | 270 base::DeleteFile(unpack_diff_path_, true); |
| 280 if (!unpack_path_.empty()) | 271 if (!unpack_path_.empty()) |
| 281 base::DeleteFile(unpack_path_, true); | 272 base::DeleteFile(unpack_path_, true); |
| 282 callback_.Run(error_, extended_error_); | 273 callback_.Run(error_, extended_error_); |
| 283 } | 274 } |
| 284 | 275 |
| 285 ComponentUnpacker::~ComponentUnpacker() { | 276 ComponentUnpacker::~ComponentUnpacker() { |
| 286 } | 277 } |
| 287 | 278 |
| 288 } // namespace component_updater | 279 } // namespace update_client |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 808773005:
Move most of the component updater artifacts to update_client. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master