blob: d0c49f2c860ecc3cd5395c36f0a7505f12404c1b [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/update_client/utils.h"
#include <stddef.h>
#include <algorithm>
#include <cmath>
#include <cstring>
#include "base/callback.h"
#include "base/files/file_path.h"
#include "base/files/file_util.h"
#include "base/files/memory_mapped_file.h"
#include "base/json/json_file_value_serializer.h"
#include "base/stl_util.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_piece.h"
#include "base/strings/string_util.h"
#include "base/values.h"
#include "components/crx_file/id_util.h"
#include "components/update_client/component.h"
#include "components/update_client/configurator.h"
#include "components/update_client/network.h"
#include "components/update_client/update_client.h"
#include "components/update_client/update_client_errors.h"
#include "crypto/secure_hash.h"
#include "crypto/sha2.h"
#include "url/gurl.h"
namespace update_client {
bool HasDiffUpdate(const Component& component) {
return !component.crx_diffurls().empty();
}
bool IsHttpServerError(int status_code) {
return 500 <= status_code && status_code < 600;
}
bool DeleteFileAndEmptyParentDirectory(const base::FilePath& filepath) {
if (!base::DeleteFile(filepath, false))
return false;
const base::FilePath dirname(filepath.DirName());
if (!base::IsDirectoryEmpty(dirname))
return true;
return base::DeleteFile(dirname, false);
}
std::string GetCrxComponentID(const CrxComponent& component) {
return component.app_id.empty() ? GetCrxIdFromPublicKeyHash(component.pk_hash)
: component.app_id;
}
std::string GetCrxIdFromPublicKeyHash(const std::vector<uint8_t>& pk_hash) {
const std::string result =
crx_file::id_util::GenerateIdFromHash(&pk_hash[0], pk_hash.size());
DCHECK(crx_file::id_util::IdIsValid(result));
return result;
}
#if defined(STARBOARD)
#if defined(IN_MEMORY_UPDATES)
bool VerifyHash256(const std::string* content,
const std::string& expected_hash_str) {
std::vector<uint8_t> expected_hash;
if (!base::HexStringToBytes(expected_hash_str, &expected_hash) ||
expected_hash.size() != crypto::kSHA256Length) {
return false;
}
uint8_t actual_hash[crypto::kSHA256Length] = {0};
std::unique_ptr<crypto::SecureHash> hasher(
crypto::SecureHash::Create(crypto::SecureHash::SHA256));
hasher->Update(content->c_str(), content->size());
hasher->Finish(actual_hash, sizeof(actual_hash));
return memcmp(actual_hash, &expected_hash[0], sizeof(actual_hash)) == 0;
}
#else // defined(IN_MEMORY_UPDATES)
bool VerifyFileHash256(const base::FilePath& filepath,
const std::string& expected_hash_str) {
std::vector<uint8_t> expected_hash;
if (!base::HexStringToBytes(expected_hash_str, &expected_hash) ||
expected_hash.size() != crypto::kSHA256Length) {
return false;
}
base::File source_file(filepath,
base::File::FLAG_OPEN | base::File::FLAG_READ);
if (!source_file.IsValid()) {
DPLOG(ERROR) << "VerifyFileHash256(): Unable to open source file: "
<< filepath.value();
return false;
}
const size_t kBufferSize = 32768;
std::vector<char> buffer(kBufferSize);
uint8_t actual_hash[crypto::kSHA256Length] = {0};
std::unique_ptr<crypto::SecureHash> hasher(
crypto::SecureHash::Create(crypto::SecureHash::SHA256));
while (true) {
int bytes_read = source_file.ReadAtCurrentPos(&buffer[0], buffer.size());
if (bytes_read < 0) {
DPLOG(ERROR) << "VerifyFileHash256(): error reading from source file: "
<< filepath.value();
return false;
}
if (bytes_read == 0) {
break;
}
hasher->Update(&buffer[0], bytes_read);
}
hasher->Finish(actual_hash, sizeof(actual_hash));
return memcmp(actual_hash, &expected_hash[0], sizeof(actual_hash)) == 0;
}
#endif // defined(IN_MEMORY_UPDATES)
#else // defined(STARBOARD)
bool VerifyFileHash256(const base::FilePath& filepath,
const std::string& expected_hash_str) {
std::vector<uint8_t> expected_hash;
if (!base::HexStringToBytes(expected_hash_str, &expected_hash) ||
expected_hash.size() != crypto::kSHA256Length) {
return false;
}
base::MemoryMappedFile mmfile;
if (!mmfile.Initialize(filepath))
return false;
uint8_t actual_hash[crypto::kSHA256Length] = {0};
std::unique_ptr<crypto::SecureHash> hasher(
crypto::SecureHash::Create(crypto::SecureHash::SHA256));
hasher->Update(mmfile.data(), mmfile.length());
hasher->Finish(actual_hash, sizeof(actual_hash));
return memcmp(actual_hash, &expected_hash[0], sizeof(actual_hash)) == 0;
}
#endif
bool IsValidBrand(const std::string& brand) {
const size_t kMaxBrandSize = 4;
if (!brand.empty() && brand.size() != kMaxBrandSize)
return false;
return std::find_if_not(brand.begin(), brand.end(), [](char ch) {
return base::IsAsciiAlpha(ch);
}) == brand.end();
}
// Helper function.
// Returns true if |part| matches the expression
// ^[<special_chars>a-zA-Z0-9]{min_length,max_length}$
bool IsValidInstallerAttributePart(const std::string& part,
const std::string& special_chars,
size_t min_length,
size_t max_length) {
if (part.size() < min_length || part.size() > max_length)
return false;
return std::find_if_not(part.begin(), part.end(), [&special_chars](char ch) {
if (base::IsAsciiAlpha(ch) || base::IsAsciiDigit(ch))
return true;
for (auto c : special_chars) {
if (c == ch)
return true;
}
return false;
}) == part.end();
}
// Returns true if the |name| parameter matches ^[-_a-zA-Z0-9]{1,256}$ .
bool IsValidInstallerAttributeName(const std::string& name) {
return IsValidInstallerAttributePart(name, "-_", 1, 256);
}
// Returns true if the |value| parameter matches ^[-.,;+_=a-zA-Z0-9]{0,256}$ .
bool IsValidInstallerAttributeValue(const std::string& value) {
return IsValidInstallerAttributePart(value, "-.,;+_=", 0, 256);
}
bool IsValidInstallerAttribute(const InstallerAttribute& attr) {
return IsValidInstallerAttributeName(attr.first) &&
IsValidInstallerAttributeValue(attr.second);
}
void RemoveUnsecureUrls(std::vector<GURL>* urls) {
DCHECK(urls);
base::EraseIf(*urls,
[](const GURL& url) { return !url.SchemeIsCryptographic(); });
}
CrxInstaller::Result InstallFunctionWrapper(
base::OnceCallback<bool()> callback) {
return CrxInstaller::Result(std::move(callback).Run()
? InstallError::NONE
: InstallError::GENERIC_ERROR);
}
// TODO(cpu): add a specific attribute check to a component json that the
// extension unpacker will reject, so that a component cannot be installed
// as an extension.
std::unique_ptr<base::DictionaryValue> ReadManifest(
const base::FilePath& unpack_path) {
base::FilePath manifest =
unpack_path.Append(FILE_PATH_LITERAL("manifest.json"));
if (!base::PathExists(manifest))
return std::unique_ptr<base::DictionaryValue>();
JSONFileValueDeserializer deserializer(manifest);
std::string error;
std::unique_ptr<base::Value> root = deserializer.Deserialize(nullptr, &error);
if (!root)
return std::unique_ptr<base::DictionaryValue>();
if (!root->is_dict())
return std::unique_ptr<base::DictionaryValue>();
return std::unique_ptr<base::DictionaryValue>(
static_cast<base::DictionaryValue*>(root.release()));
}
} // namespace update_client