components/component_updater/component_unpacker.cc - Issue 808773005: Move most of the component updater artifacts to update_client.

Side by Side Diff: components/component_updater/component_unpacker.cc

Issue 808773005: Move most of the component updater artifacts to update_client. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "components/component_updater/component_unpacker.h"

6

7 #include <stdint.h>

8 #include <string>

9 #include <vector>

10

11 #include "base/bind.h"

12 #include "base/files/file_path.h"

13 #include "base/files/file_util.h"

14 #include "base/files/scoped_file.h"

15 #include "base/json/json_file_value_serializer.h"

16 #include "base/location.h"

17 #include "base/logging.h"

18 #include "base/numerics/safe_conversions.h"

19 #include "base/strings/string_number_conversions.h"

20 #include "base/strings/stringprintf.h"

21 #include "base/values.h"

22 #include "components/component_updater/component_patcher.h"

23 #include "components/component_updater/component_patcher_operation.h"

24 #include "components/component_updater/component_updater_service.h"

25 #include "components/crx_file/constants.h"

26 #include "components/crx_file/crx_file.h"

27 #include "crypto/secure_hash.h"

28 #include "crypto/signature_verifier.h"

29 #include "third_party/zlib/google/zip.h"

30

31 using crypto::SecureHash;

32

33 namespace component_updater {

34

35 namespace {

36

37 // This class makes sure that the CRX digital signature is valid

38 // and well formed.

39 class CRXValidator {

40 public:

41 explicit CRXValidator(FILE* crx_file) : valid_(false), is_delta_(false) {

42 crx_file::CrxFile::Header header;

43 size_t len = fread(&header, 1, sizeof(header), crx_file);

44 if (len < sizeof(header))

45 return;

46

47 crx_file::CrxFile::Error error;

48 scoped_ptr<crx_file::CrxFile> crx(

49 crx_file::CrxFile::Parse(header, &error));

50 if (!crx.get())

51 return;

52 is_delta_ = crx_file::CrxFile::HeaderIsDelta(header);

53

54 std::vector<uint8_t> key(header.key_size);

55 len = fread(&key[0], sizeof(uint8_t), header.key_size, crx_file);

56 if (len < header.key_size)

57 return;

58

59 std::vector<uint8_t> signature(header.signature_size);

60 len =

61 fread(&signature[0], sizeof(uint8_t), header.signature_size, crx_file);

62 if (len < header.signature_size)

63 return;

64

65 crypto::SignatureVerifier verifier;

66 if (!verifier.VerifyInit(crx_file::kSignatureAlgorithm,

67 base::checked_cast<int>(

68 sizeof(crx_file::kSignatureAlgorithm)),

69 &signature[0],

70 base::checked_cast<int>(signature.size()),

71 &key[0],

72 base::checked_cast<int>(key.size()))) {

73 // Signature verification initialization failed. This is most likely

74 // caused by a public key in the wrong format (should encode algorithm).

75 return;

76 }

77

78 const size_t kBufSize = 8 * 1024;

79 scoped_ptr<uint8_t[]> buf(new uint8_t[kBufSize]);

80 while ((len = fread(buf.get(), 1, kBufSize, crx_file)) > 0)

81 verifier.VerifyUpdate(buf.get(), base::checked_cast<int>(len));

82

83 if (!verifier.VerifyFinal())

84 return;

85

86 public_key_.swap(key);

87 valid_ = true;

88 }

89

90 bool valid() const { return valid_; }

91

92 bool is_delta() const { return is_delta_; }

93

94 const std::vector<uint8_t>& public_key() const { return public_key_; }

95

96 private:

97 bool valid_;

98 bool is_delta_;

99 std::vector<uint8_t> public_key_;

100 };

101

102 } // namespace

103

104 ComponentUnpacker::ComponentUnpacker(

105 const std::vector<uint8_t>& pk_hash,

106 const base::FilePath& path,

107 const std::string& fingerprint,

108 ComponentInstaller* installer,

109 scoped_refptr<OutOfProcessPatcher> out_of_process_patcher,

110 scoped_refptr<base::SequencedTaskRunner> task_runner)

111 : pk_hash_(pk_hash),

112 path_(path),

113 is_delta_(false),

114 fingerprint_(fingerprint),

115 installer_(installer),

116 out_of_process_patcher_(out_of_process_patcher),

117 error_(kNone),

118 extended_error_(0),

119 task_runner_(task_runner) {

120 }

121

122 // TODO(cpu): add a specific attribute check to a component json that the

123 // extension unpacker will reject, so that a component cannot be installed

124 // as an extension.

125 scoped_ptr<base::DictionaryValue> ReadManifest(

126 const base::FilePath& unpack_path) {

127 base::FilePath manifest =

128 unpack_path.Append(FILE_PATH_LITERAL("manifest.json"));

129 if (!base::PathExists(manifest))

130 return scoped_ptr<base::DictionaryValue>();

131 JSONFileValueSerializer serializer(manifest);

132 std::string error;

133 scoped_ptr<base::Value> root(serializer.Deserialize(NULL, &error));

134 if (!root.get())

135 return scoped_ptr<base::DictionaryValue>();

136 if (!root->IsType(base::Value::TYPE_DICTIONARY))

137 return scoped_ptr<base::DictionaryValue>();

138 return scoped_ptr<base::DictionaryValue>(

139 static_cast<base::DictionaryValue*>(root.release())).Pass();

140 }

141

142 bool ComponentUnpacker::UnpackInternal() {

143 return Verify() && Unzip() && BeginPatching();

144 }

145

146 void ComponentUnpacker::Unpack(const Callback& callback) {

147 callback_ = callback;

148 if (!UnpackInternal())

149 Finish();

150 }

151

152 bool ComponentUnpacker::Verify() {

153 VLOG(1) << "Verifying component: " << path_.value();

154 if (pk_hash_.empty() \|\| path_.empty()) {

155 error_ = kInvalidParams;

156 return false;

157 }

158 // First, validate the CRX header and signature. As of today

159 // this is SHA1 with RSA 1024.

160 base::ScopedFILE file(base::OpenFile(path_, "rb"));

161 if (!file.get()) {

162 error_ = kInvalidFile;

163 return false;

164 }

165 CRXValidator validator(file.get());

166 file.reset();

167 if (!validator.valid()) {

168 error_ = kInvalidFile;

169 return false;

170 }

171 is_delta_ = validator.is_delta();

172

173 // File is valid and the digital signature matches. Now make sure

174 // the public key hash matches the expected hash. If they do we fully

175 // trust this CRX.

176 uint8_t hash[32] = {};

177 scoped_ptr<SecureHash> sha256(SecureHash::Create(SecureHash::SHA256));

178 sha256->Update(&(validator.public_key()[0]), validator.public_key().size());

179 sha256->Finish(hash, arraysize(hash));

180

181 if (!std::equal(pk_hash_.begin(), pk_hash_.end(), hash)) {

182 VLOG(1) << "Hash mismatch: " << path_.value();

183 error_ = kInvalidId;

184 return false;

185 }

186 VLOG(1) << "Verification successful: " << path_.value();

187 return true;

188 }

189

190 bool ComponentUnpacker::Unzip() {

191 base::FilePath& destination = is_delta_ ? unpack_diff_path_ : unpack_path_;

192 VLOG(1) << "Unpacking in: " << destination.value();

193 if (!base::CreateNewTempDirectory(base::FilePath::StringType(),

194 &destination)) {

195 VLOG(1) << "Unable to create temporary directory for unpacking.";

196 error_ = kUnzipPathError;

197 return false;

198 }

199 if (!zip::Unzip(path_, destination)) {

200 VLOG(1) << "Unzipping failed.";

201 error_ = kUnzipFailed;

202 return false;

203 }

204 VLOG(1) << "Unpacked successfully";

205 return true;

206 }

207

208 bool ComponentUnpacker::BeginPatching() {

209 if (is_delta_) { // Package is a diff package.

210 // Use a different temp directory for the patch output files.

211 if (!base::CreateNewTempDirectory(base::FilePath::StringType(),

212 &unpack_path_)) {

213 error_ = kUnzipPathError;

214 return false;

215 }

216 patcher_ = new ComponentPatcher(unpack_diff_path_,

217 unpack_path_,

218 installer_,

219 out_of_process_patcher_,

220 task_runner_);

221 task_runner_->PostTask(

222 FROM_HERE,

223 base::Bind(&ComponentPatcher::Start,

224 patcher_,

225 base::Bind(&ComponentUnpacker::EndPatching,

226 scoped_refptr<ComponentUnpacker>(this))));

227 } else {

228 task_runner_->PostTask(FROM_HERE,

229 base::Bind(&ComponentUnpacker::EndPatching,

230 scoped_refptr<ComponentUnpacker>(this),

231 kNone,

232 0));

233 }

234 return true;

235 }

236

237 void ComponentUnpacker::EndPatching(Error error, int extended_error) {

238 error_ = error;

239 extended_error_ = extended_error;

240 patcher_ = NULL;

241 if (error_ != kNone) {

242 Finish();

243 return;

244 }

245 // Optimization: clean up patch files early, in case disk space is too low to

246 // install otherwise.

247 if (!unpack_diff_path_.empty()) {

248 base::DeleteFile(unpack_diff_path_, true);

249 unpack_diff_path_.clear();

250 }

251 Install();

252 Finish();

253 }

254

255 void ComponentUnpacker::Install() {

256 // Write the fingerprint to disk.

257 if (static_cast<int>(fingerprint_.size()) !=

258 base::WriteFile(

259 unpack_path_.Append(FILE_PATH_LITERAL("manifest.fingerprint")),

260 fingerprint_.c_str(),

261 base::checked_cast<int>(fingerprint_.size()))) {

262 error_ = kFingerprintWriteFailed;

263 return;

264 }

265 scoped_ptr<base::DictionaryValue> manifest(ReadManifest(unpack_path_));

266 if (!manifest.get()) {

267 error_ = kBadManifest;

268 return;

269 }

270 DCHECK(error_ == kNone);

271 if (!installer_->Install(*manifest, unpack_path_)) {

272 error_ = kInstallerError;

273 return;

274 }

275 }

276

277 void ComponentUnpacker::Finish() {

278 if (!unpack_diff_path_.empty())

279 base::DeleteFile(unpack_diff_path_, true);

280 if (!unpack_path_.empty())

281 base::DeleteFile(unpack_path_, true);

282 callback_.Run(error_, extended_error_);

283 }

284

285 ComponentUnpacker::~ComponentUnpacker() {

286 }

287

288 } // namespace component_updater

OLD	NEW

« no previous file with comments | « components/component_updater/component_unpacker.h ('k') | components/component_updater/component_updater_configurator.h » ('j') | no next file with comments »