172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#ifndef CHROME_BROWSER_EXTENSIONS_SANDBOXED_EXTENSION_UNPACKER_H_ 6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define CHROME_BROWSER_EXTENSIONS_SANDBOXED_EXTENSION_UNPACKER_H_ 73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once 8c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 9c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include <string> 10c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/file_path.h" 12ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/ref_counted.h" 13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/scoped_temp_dir.h" 14c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/browser/utility_process_host.h" 15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass DictionaryValue; 17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochclass Extension; 18c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochclass ResourceDispatcherHost; 19c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 20c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochclass SandboxedExtensionUnpackerClient 21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch : public base::RefCountedThreadSafe<SandboxedExtensionUnpackerClient> { 22c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public: 23c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // temp_dir - A temporary directory containing the results of the extension 24c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // unpacking. The client is responsible for deleting this directory. 25c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // 26c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // extension_root - The path to the extension root inside of temp_dir. 27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // 28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // extension - The extension that was unpacked. The client is responsible 29c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // for deleting this memory. 30c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch virtual void OnUnpackSuccess(const FilePath& temp_dir, 31c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const FilePath& extension_root, 32513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch const Extension* extension) = 0; 33c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch virtual void OnUnpackFailure(const std::string& error) = 0; 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch protected: 36c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch friend class base::RefCountedThreadSafe<SandboxedExtensionUnpackerClient>; 37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch virtual ~SandboxedExtensionUnpackerClient() {} 39c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch}; 40c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 41c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// SandboxedExtensionUnpacker unpacks extensions from the CRX format into a 42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// directory. This is done in a sandboxed subprocess to protect the browser 43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// process from parsing complex formats like JPEG or JSON from untrusted 44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// sources. 45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Unpacking an extension using this class makes minor changes to its source, 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// such as transcoding all images to PNG, parsing all message catalogs 48c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// and rewriting the manifest JSON. As such, it should not be used when the 49c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// output is not intended to be given back to the author. 50c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 51c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 52c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Lifetime management: 53c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 54c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// This class is ref-counted by each call it makes to itself on another thread, 55c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// and by UtilityProcessHost. 56c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 57c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Additionally, we hold a reference to our own client so that it lives at least 58c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// long enough to receive the result of unpacking. 59c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 60c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 61c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// NOTE: This class should only be used on the file thread. 62c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochclass SandboxedExtensionUnpacker : public UtilityProcessHost::Client { 63c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public: 64c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The size of the magic character sequence at the beginning of each crx 65c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // file, in bytes. This should be a multiple of 4. 66c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static const size_t kExtensionHeaderMagicSize = 4; 67c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 68c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // This header is the first data at the beginning of an extension. Its 69c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // contents are purposely 32-bit aligned so that it can just be slurped into 70c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // a struct without manual parsing. 71c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch struct ExtensionHeader { 72c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch char magic[kExtensionHeaderMagicSize]; 73c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch uint32 version; 74c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch uint32 key_size; // The size of the public key, in bytes. 75c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch uint32 signature_size; // The size of the signature, in bytes. 76c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // An ASN.1-encoded PublicKeyInfo structure follows. 77c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The signature follows. 78c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch }; 79c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 80c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The maximum size the crx parser will tolerate for a public key. 81c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static const uint32 kMaxPublicKeySize = 1 << 16; 82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 83c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The maximum size the crx parser will tolerate for a signature. 84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static const uint32 kMaxSignatureSize = 1 << 16; 85c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 86c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The magic character sequence at the beginning of each crx file. 87c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static const char kExtensionHeaderMagic[]; 88c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 89c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The current version of the crx format. 90c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static const uint32 kCurrentVersion = 2; 91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 92c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Unpacks the extension in |crx_path| into a temporary directory and calls 93c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // |client| with the result. If |rdh| is provided, unpacking is done in a 94c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // sandboxed subprocess. Otherwise, it is done in-process. 95c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SandboxedExtensionUnpacker(const FilePath& crx_path, 96c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ResourceDispatcherHost* rdh, 97c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SandboxedExtensionUnpackerClient* cilent); 98c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 99c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Start unpacking the extension. The client is called with the results. 100c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void Start(); 101c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 102c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch private: 103c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch class ProcessHostClient; 10472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 10572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // Enumerate all the ways unpacking can fail. Calls to ReportFailure() 10672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // take a failure reason as an argument, and put it in histogram 10772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // Extensions.SandboxUnpackFailureReason. 10872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen enum FailureReason { 10972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::CreateTempDirectory() 11072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_GET_TEMP_DIRECTORY, 11172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_CREATE_TEMP_DIRECTORY, 11272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 11372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::Start() 11472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen FAILED_TO_COPY_EXTENSION_FILE_TO_TEMP_DIRECTORY, 11572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_GET_SANDBOX_FRIENDLY_PATH, 11672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 11772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::OnUnpackExtensionSucceeded() 11872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_LOCALIZE_EXTENSION, 11972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen INVALID_MANIFEST, 12072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 12172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen //SandboxedExtensionUnpacker::OnUnpackExtensionFailed() 12272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen UNPACKER_CLIENT_FAILED, 12372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 12472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::OnProcessCrashed() 12572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen UTILITY_PROCESS_CRASHED_WHILE_TRYING_TO_INSTALL, 12672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 12772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::ValidateSignature() 12872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_FILE_NOT_READABLE, 12972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_HEADER_INVALID, 13072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_MAGIC_NUMBER_INVALID, 13172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_VERSION_NUMBER_INVALID, 13272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_EXCESSIVELY_LARGE_KEY_OR_SIGNATURE, 13372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_ZERO_KEY_LENGTH, 13472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_ZERO_SIGNATURE_LENGTH, 13572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_PUBLIC_KEY_INVALID, 13672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_SIGNATURE_INVALID, 13772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_SIGNATURE_VERIFICATION_INITIALIZATION_FAILED, 13872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen CRX_SIGNATURE_VERIFICATION_FAILED, 13972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 14072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::RewriteManifestFile() 14172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_SERIALIZING_MANIFEST_JSON, 14272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_SAVING_MANIFEST_JSON, 14372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 14472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::RewriteImageFiles() 14572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_READ_IMAGE_DATA_FROM_DISK, 14672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen DECODED_IMAGES_DO_NOT_MATCH_THE_MANIFEST, 14772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen INVALID_PATH_FOR_BROWSER_IMAGE, 14872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_REMOVING_OLD_IMAGE_FILE, 14972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen INVALID_PATH_FOR_BITMAP_IMAGE, 15072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_RE_ENCODING_THEME_IMAGE, 15172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_SAVING_THEME_IMAGE, 15272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 15372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // SandboxedExtensionUnpacker::RewriteCatalogFiles() 15472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen COULD_NOT_READ_CATALOG_DATA_FROM_DISK, 15572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen INVALID_CATALOG_DATA, 15672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen INVALID_PATH_FOR_CATALOG, 15772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_SERIALIZING_CATALOG, 15872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen ERROR_SAVING_CATALOG, 15972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 16072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen NUM_FAILURE_REASONS 16172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen }; 16272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 163c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch friend class ProcessHostClient; 164c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch friend class SandboxedExtensionUnpackerTest; 165c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 166731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick virtual ~SandboxedExtensionUnpacker(); 167c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 16872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // Set |temp_dir_| as a temporary directory to unpack the extension in. 16972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // Return true on success. 17072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen virtual bool CreateTempDirectory(); 17172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 172c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Validates the signature of the extension and extract the key to 173c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // |public_key_|. Returns true if the signature validates, false otherwise. 174c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // 175c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // NOTE: Having this method here is a bit ugly. This code should really live 176c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // in ExtensionUnpacker as it is not specific to sandboxed unpacking. It was 177c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // put here because we cannot run windows crypto code in the sandbox. But we 178c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // could still have this method statically on ExtensionUnpacker so that code 179c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // just for unpacking is there and code just for sandboxing of unpacking is 180c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // here. 181c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool ValidateSignature(); 182c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 183c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Starts the utility process that unpacks our extension. 184c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void StartProcessOnIOThread(const FilePath& temp_crx_path); 185c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 186c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // SandboxedExtensionUnpacker 18721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen virtual void OnUnpackExtensionSucceeded(const DictionaryValue& manifest); 18821d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen virtual void OnUnpackExtensionFailed(const std::string& error_message); 18921d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen virtual void OnProcessCrashed(int exit_code); 190c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 19172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen void ReportFailure(FailureReason reason, const std::string& message); 192c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void ReportSuccess(); 193c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 194c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Overwrites original manifest with safe result from utility process. 195c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Returns NULL on error. Caller owns the returned object. 196c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DictionaryValue* RewriteManifestFile(const DictionaryValue& manifest); 197c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 198c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Overwrites original files with safe results from utility process. 199c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Reports error and returns false if it fails. 200c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool RewriteImageFiles(); 201c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool RewriteCatalogFiles(); 202c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 203c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The path to the CRX to unpack. 204c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch FilePath crx_path_; 205c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 206c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Our client's thread. This is the thread we respond on. 207731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick BrowserThread::ID thread_identifier_; 208c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 209c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // ResourceDispatcherHost to pass to the utility process. 210c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ResourceDispatcherHost* rdh_; 211c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 212c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Our client. 213c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch scoped_refptr<SandboxedExtensionUnpackerClient> client_; 214c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 215c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // A temporary directory to use for unpacking. 216c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ScopedTempDir temp_dir_; 217c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 218c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The root directory of the unpacked extension. This is a child of temp_dir_. 219c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch FilePath extension_root_; 220c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 221c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Represents the extension we're unpacking. 222513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch scoped_refptr<Extension> extension_; 223c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 224c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Whether we've received a response from the utility process yet. 225c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool got_response_; 226c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 227c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The public key that was extracted from the CRX header. 228c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::string public_key_; 229c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch}; 230c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 231c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif // CHROME_BROWSER_EXTENSIONS_SANDBOXED_EXTENSION_UNPACKER_H_ 232