chrome/browser/extensions/install_signer.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_
   6 #define CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_
   7
   8 #include <set>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/callback.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "extensions/common/extension.h"
  16
  17 namespace base {
  18 class DictionaryValue;
  19 }
  20
  21 namespace net {
  22 class URLFetcher;
  23 class URLRequestContextGetter;
  24 }
  25
  26 namespace extensions {
  27
  28 // This represents a list of ids signed with a private key using an algorithm
  29 // that includes some salt bytes.
  30 struct InstallSignature {
  31   // The set of ids that have been signed.
  32   ExtensionIdSet ids;
  33
  34   // Both of these are just arrays of bytes, NOT base64-encoded.
  35   std::string salt;
  36   std::string signature;
  37
  38   // The date that the signature should expire, in YYYY-MM-DD format.
  39   std::string expire_date;
  40
  41   // The time this signature was obtained from the server.
  42   base::Time timestamp;
  43
  44   InstallSignature();
  45   ~InstallSignature();
  46
  47   // Helper methods for serialization to/from a base::DictionaryValue.
  48   void ToValue(base::DictionaryValue* value) const;
  49
  50   static scoped_ptr<InstallSignature> FromValue(
  51       const base::DictionaryValue& value);
  52 };
  53
  54 // Objects of this class encapsulate an operation to get a signature proving
  55 // that a set of ids are hosted in the webstore.
  56 class InstallSigner {
  57  public:
  58   typedef base::Callback<void(scoped_ptr<InstallSignature>)> SignatureCallback;
  59
  60   // IMPORTANT NOTE: It is possible that only some, but not all, of the entries
  61   // in |ids| will be successfully signed by the backend. Callers should always
  62   // check the set of ids in the InstallSignature passed to their callback, as
  63   // it may contain only a subset of the ids they passed in.
  64   InstallSigner(net::URLRequestContextGetter* context_getter,
  65                 const ExtensionIdSet& ids);
  66   ~InstallSigner();
  67
  68   // Returns a set of ids that are forced to be considered not from webstore,
  69   // e.g. by a command line flag used for testing.
  70   static ExtensionIdSet GetForcedNotFromWebstore();
  71
  72   // Begins the process of fetching a signature from the backend. This should
  73   // only be called once! If you want to get another signature, make another
  74   // instance of this class.
  75   void GetSignature(const SignatureCallback& callback);
  76
  77   // Returns whether the signature in InstallSignature is properly signed with a
  78   // known public key.
  79   static bool VerifySignature(const InstallSignature& signature);
  80
  81  private:
  82   // A very simple delegate just used to call ourself back when a url fetch is
  83   // complete.
  84   class FetcherDelegate;
  85
  86   // A helper function that calls |callback_| with an indication that an error
  87   // happened (currently done by passing an empty pointer).
  88   void ReportErrorViaCallback();
  89
  90   // Called when |url_fetcher_| has returned a result to parse the response,
  91   // and then call HandleSignatureResult with structured data.
  92   void ParseFetchResponse();
  93
  94   // Handles the result from a backend fetch.
  95   void HandleSignatureResult(const std::string& signature,
  96                              const std::string& expire_date,
  97                              const ExtensionIdSet& invalid_ids);
  98
  99   // The final callback for when we're done.
 100   SignatureCallback callback_;
 101
 102   // The current set of ids we're trying to verify. This may contain fewer ids
 103   // than we started with.
 104   ExtensionIdSet ids_;
 105
 106   // An array of random bytes used as an input to hash with the machine id,
 107   // which will need to be persisted in the eventual InstallSignature we get.
 108   std::string salt_;
 109
 110   // These are used to make the call to a backend server for a signature.
 111   net::URLRequestContextGetter* context_getter_;
 112   scoped_ptr<net::URLFetcher> url_fetcher_;
 113   scoped_ptr<FetcherDelegate> delegate_;
 114
 115   // The time the request to the server was started.
 116   base::Time request_start_time_;
 117
 118   DISALLOW_COPY_AND_ASSIGN(InstallSigner);
 119 };
 120
 121 }  // namespace extensions
 122
 123 #endif  // CHROME_BROWSER_EXTENSIONS_INSTALL_SIGNER_H_