1f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// found in the LICENSE file. 4f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#ifndef CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_ 6f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#define CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_ 7f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 8f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <set> 9f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <string> 10f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <vector> 11f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 12f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/basictypes.h" 13f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/callback.h" 14f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 15f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "extensions/common/extension.h" 16f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 17f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace base { 18f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class DictionaryValue; 19f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 20f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 21f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace net { 22f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class URLFetcher; 23f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class URLRequestContextGetter; 24f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 25f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 26f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace extensions { 27f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 28f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// This represents a list of ids signed with a private key using an algorithm 29f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// that includes some salt bytes. 30f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)struct InstallSignature { 31f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // The set of ids that have been signed. 32f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ExtensionIdSet ids; 33f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 34f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Both of these are just arrays of bytes, NOT base64-encoded. 35f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string salt; 36f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string signature; 37f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 38f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // The date that the signature should expire, in YYYY-MM-DD format. 39f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string expire_date; 40f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 4133bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch // The time this signature was obtained from the server. 4233bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch base::Time timestamp; 4333bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch 44f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) InstallSignature(); 45f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ~InstallSignature(); 46f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 47f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Helper methods for serialization to/from a base::DictionaryValue. 48f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void ToValue(base::DictionaryValue* value) const; 49f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 50f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) static scoped_ptr<InstallSignature> FromValue( 51f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const base::DictionaryValue& value); 52f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}; 53f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 54f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Objects of this class encapsulate an operation to get a signature proving 55f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// that a set of ids are hosted in the webstore. 56f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class InstallSigner { 57f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) public: 58f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) typedef base::Callback<void(scoped_ptr<InstallSignature>)> SignatureCallback; 59f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 60f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // IMPORTANT NOTE: It is possible that only some, but not all, of the entries 61f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // in |ids| will be successfully signed by the backend. Callers should always 62f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // check the set of ids in the InstallSignature passed to their callback, as 63f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // it may contain only a subset of the ids they passed in. 64f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) InstallSigner(net::URLRequestContextGetter* context_getter, 65f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const ExtensionIdSet& ids); 66f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ~InstallSigner(); 67f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 68f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Returns a set of ids that are forced to be considered not from webstore, 69f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // e.g. by a command line flag used for testing. 70f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) static ExtensionIdSet GetForcedNotFromWebstore(); 71f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 72f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Begins the process of fetching a signature from the backend. This should 73f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // only be called once! If you want to get another signature, make another 74f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // instance of this class. 75f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void GetSignature(const SignatureCallback& callback); 76f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 77f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Returns whether the signature in InstallSignature is properly signed with a 78f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // known public key. 79f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) static bool VerifySignature(const InstallSignature& signature); 80f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 81f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) private: 82f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // A very simple delegate just used to call ourself back when a url fetch is 83f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // complete. 84f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) class FetcherDelegate; 85f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 86d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) // A helper function that calls |callback_| with an indication that an error 87d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) // happened (currently done by passing an empty pointer). 88d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) void ReportErrorViaCallback(); 89d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) 90d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) // Called when |url_fetcher_| has returned a result to parse the response, 91d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) // and then call HandleSignatureResult with structured data. 92d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) void ParseFetchResponse(); 93d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) 94f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Handles the result from a backend fetch. 95f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void HandleSignatureResult(const std::string& signature, 96f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const std::string& expire_date, 97f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const ExtensionIdSet& invalid_ids); 98f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 99f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // The final callback for when we're done. 100f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) SignatureCallback callback_; 101f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 102f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // The current set of ids we're trying to verify. This may contain fewer ids 103f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // than we started with. 104f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ExtensionIdSet ids_; 105f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 106f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // An array of random bytes used as an input to hash with the machine id, 107f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // which will need to be persisted in the eventual InstallSignature we get. 108f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string salt_; 109f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 110f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // These are used to make the call to a backend server for a signature. 111f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::URLRequestContextGetter* context_getter_; 112f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) scoped_ptr<net::URLFetcher> url_fetcher_; 113f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) scoped_ptr<FetcherDelegate> delegate_; 114f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 11533bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch // The time the request to the server was started. 11633bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch base::Time request_start_time_; 11733bff6d6e5e82ca5f2abf842074e33f4944cc250Ben Murdoch 118f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(InstallSigner); 119f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}; 120f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 121f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} // namespace extensions 122f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 123f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#endif // CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_ 124