OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" | 5 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
13 #include "base/lazy_instance.h" | 13 #include "base/lazy_instance.h" |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/numerics/safe_conversions.h" | 15 #include "base/numerics/safe_conversions.h" |
16 #include "base/path_service.h" | 16 #include "base/path_service.h" |
17 #include "base/version.h" | 17 #include "base/version.h" |
18 #include "chrome/browser/net/packed_ct_ev_whitelist.h" | |
19 #include "components/component_updater/component_updater_paths.h" | 18 #include "components/component_updater/component_updater_paths.h" |
| 19 #include "components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.h" |
20 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
21 #include "net/ssl/ssl_config_service.h" | 21 #include "net/ssl/ssl_config_service.h" |
22 | 22 |
23 using component_updater::ComponentUpdateService; | 23 using component_updater::ComponentUpdateService; |
24 | 24 |
25 namespace { | 25 namespace { |
26 const base::FilePath::CharType kCompressedEVWhitelistFileName[] = | 26 const base::FilePath::CharType kCompressedEVWhitelistFileName[] = |
27 FILE_PATH_LITERAL("ev_hashes_whitelist.bin"); | 27 FILE_PATH_LITERAL("ev_hashes_whitelist.bin"); |
28 | 28 |
29 base::FilePath GetEVWhitelistFilePath(const base::FilePath& base_path) { | 29 base::FilePath GetEVWhitelistFilePath(const base::FilePath& base_path) { |
30 return base_path.Append(kCompressedEVWhitelistFileName); | 30 return base_path.Append(kCompressedEVWhitelistFileName); |
31 } | 31 } |
32 | 32 |
33 void UpdateNewWhitelistData(const base::FilePath& new_whitelist_file, | 33 void UpdateNewWhitelistData(const base::FilePath& new_whitelist_file, |
34 const base::FilePath& stored_whitelist_path, | 34 const base::FilePath& stored_whitelist_path, |
35 const base::Version& version) { | 35 const base::Version& version) { |
36 VLOG(1) << "Reading new EV whitelist from file: " | 36 VLOG(1) << "Reading new EV whitelist from file: " |
37 << new_whitelist_file.value(); | 37 << new_whitelist_file.value(); |
38 std::string compressed_list; | 38 std::string compressed_list; |
39 if (!base::ReadFileToString(new_whitelist_file, &compressed_list)) { | 39 if (!base::ReadFileToString(new_whitelist_file, &compressed_list)) { |
40 VLOG(1) << "Failed reading from " << new_whitelist_file.value(); | 40 VLOG(1) << "Failed reading from " << new_whitelist_file.value(); |
41 return; | 41 return; |
42 } | 42 } |
43 | 43 |
44 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( | 44 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( |
45 new PackedEVCertsWhitelist(compressed_list, version)); | 45 new packed_ct_ev_whitelist::PackedEVCertsWhitelist(compressed_list, |
| 46 version)); |
46 if (!new_whitelist->IsValid()) { | 47 if (!new_whitelist->IsValid()) { |
47 VLOG(1) << "Failed uncompressing EV certs whitelist."; | 48 VLOG(1) << "Failed uncompressing EV certs whitelist."; |
48 return; | 49 return; |
49 } | 50 } |
50 | 51 |
51 if (base::IsValueInRangeForNumericType<int>(compressed_list.size())) { | 52 if (base::IsValueInRangeForNumericType<int>(compressed_list.size())) { |
52 const int list_size = base::checked_cast<int>(compressed_list.size()); | 53 const int list_size = base::checked_cast<int>(compressed_list.size()); |
53 if (base::WriteFile(stored_whitelist_path, compressed_list.data(), | 54 if (base::WriteFile(stored_whitelist_path, compressed_list.data(), |
54 list_size) != list_size) { | 55 list_size) != list_size) { |
55 LOG(WARNING) << "Failed to save new EV whitelist to file."; | 56 LOG(WARNING) << "Failed to save new EV whitelist to file."; |
56 } | 57 } |
57 } | 58 } |
58 | 59 |
59 SetEVCertsWhitelist(new_whitelist); | 60 packed_ct_ev_whitelist::SetEVCertsWhitelist(new_whitelist); |
60 } | 61 } |
61 | 62 |
62 void DoInitialLoadFromDisk(const base::FilePath& stored_whitelist_path) { | 63 void DoInitialLoadFromDisk(const base::FilePath& stored_whitelist_path) { |
63 if (stored_whitelist_path.empty()) { | 64 if (stored_whitelist_path.empty()) { |
64 return; | 65 return; |
65 } | 66 } |
66 | 67 |
67 VLOG(1) << "Initial load: reading EV whitelist from file: " | 68 VLOG(1) << "Initial load: reading EV whitelist from file: " |
68 << stored_whitelist_path.value(); | 69 << stored_whitelist_path.value(); |
69 std::string compressed_list; | 70 std::string compressed_list; |
70 if (!base::ReadFileToString(stored_whitelist_path, &compressed_list)) { | 71 if (!base::ReadFileToString(stored_whitelist_path, &compressed_list)) { |
71 VLOG(1) << "Failed reading from " << stored_whitelist_path.value(); | 72 VLOG(1) << "Failed reading from " << stored_whitelist_path.value(); |
72 return; | 73 return; |
73 } | 74 } |
74 | 75 |
75 // The version number is unknown as the list is loaded from disk, not | 76 // The version number is unknown as the list is loaded from disk, not |
76 // the component. | 77 // the component. |
77 // In practice very quickly the component updater will call ComponentReady | 78 // In practice very quickly the component updater will call ComponentReady |
78 // which will have a valid version. | 79 // which will have a valid version. |
79 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( | 80 scoped_refptr<net::ct::EVCertsWhitelist> new_whitelist( |
80 new PackedEVCertsWhitelist(compressed_list, Version())); | 81 new packed_ct_ev_whitelist::PackedEVCertsWhitelist(compressed_list, |
| 82 Version())); |
81 if (!new_whitelist->IsValid()) { | 83 if (!new_whitelist->IsValid()) { |
82 VLOG(1) << "Failed uncompressing EV certs whitelist."; | 84 VLOG(1) << "Failed uncompressing EV certs whitelist."; |
83 return; | 85 return; |
84 } | 86 } |
85 | 87 |
86 VLOG(1) << "EV whitelist: Sucessfully loaded initial data."; | 88 VLOG(1) << "EV whitelist: Sucessfully loaded initial data."; |
87 SetEVCertsWhitelist(new_whitelist); | 89 packed_ct_ev_whitelist::SetEVCertsWhitelist(new_whitelist); |
88 } | 90 } |
89 | 91 |
90 } // namespace | 92 } // namespace |
91 | 93 |
92 namespace component_updater { | 94 namespace component_updater { |
93 | 95 |
94 // The SHA256 of the SubjectPublicKeyInfo used to sign the extension. | 96 // The SHA256 of the SubjectPublicKeyInfo used to sign the extension. |
95 // The extension id is: oafdbfcohdcjandcenmccfopbeklnicp | 97 // The extension id is: oafdbfcohdcjandcenmccfopbeklnicp |
96 const uint8_t kPublicKeySHA256[32] = { | 98 const uint8_t kPublicKeySHA256[32] = { |
97 0xe0, 0x53, 0x15, 0x2e, 0x73, 0x29, 0x0d, 0x32, 0x4d, 0xc2, 0x25, | 99 0xe0, 0x53, 0x15, 0x2e, 0x73, 0x29, 0x0d, 0x32, 0x4d, 0xc2, 0x25, |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 installer->Register(cus); | 189 installer->Register(cus); |
188 | 190 |
189 if (!content::BrowserThread::PostBlockingPoolTask( | 191 if (!content::BrowserThread::PostBlockingPoolTask( |
190 FROM_HERE, | 192 FROM_HERE, |
191 base::Bind(&DoInitialLoadFromDisk, GetEVWhitelistFilePath(path)))) { | 193 base::Bind(&DoInitialLoadFromDisk, GetEVWhitelistFilePath(path)))) { |
192 NOTREACHED(); | 194 NOTREACHED(); |
193 } | 195 } |
194 } | 196 } |
195 | 197 |
196 } // namespace component_updater | 198 } // namespace component_updater |
OLD | NEW |