1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h"
10 #include "base/bind.h"
11 #include "base/files/file_path.h"
12 #include "base/files/file_util.h"
13 #include "base/lazy_instance.h"
14 #include "base/logging.h"
15 #include "base/path_service.h"
16 #include "components/component_updater/component_updater_paths.h"
17 #include "content/public/browser/browser_thread.h"
18 #include "net/ssl/ssl_config_service.h"
20 using component_updater::ComponentUpdateService
;
23 const base::FilePath::CharType kCompressedEVWhitelistFileName
[] =
24 FILE_PATH_LITERAL("ev_hashes_whitelist.bin");
27 namespace component_updater
{
29 // The SHA256 of the SubjectPublicKeyInfo used to sign the extension.
30 // The extension id is: oafdbfcohdcjandcenmccfopbeklnicp
31 const uint8 kPublicKeySHA256
[32] = {
32 0xe0, 0x53, 0x15, 0x2e, 0x73, 0x29, 0x0d, 0x32, 0x4d, 0xc2, 0x25,
33 0xef, 0x14, 0xab, 0xd8, 0x2f, 0x84, 0xf5, 0x85, 0x9e, 0xc0, 0xfa,
34 0x94, 0xbc, 0x99, 0xc9, 0x5a, 0x27, 0x55, 0x19, 0x83, 0xef};
36 const char kEVWhitelistManifestName
[] = "EV Certs CT whitelist";
38 EVWhitelistComponentInstallerTraits::EVWhitelistComponentInstallerTraits() {
41 bool EVWhitelistComponentInstallerTraits::CanAutoUpdate() const {
45 bool EVWhitelistComponentInstallerTraits::OnCustomInstall(
46 const base::DictionaryValue
& manifest
,
47 const base::FilePath
& install_dir
) {
48 VLOG(1) << "Entering EVWhitelistComponentInstallerTraits::OnCustomInstall.";
50 return true; // Nothing custom here.
53 base::FilePath
EVWhitelistComponentInstallerTraits::GetInstalledPath(
54 const base::FilePath
& base
) {
55 // EV whitelist is encoded the same way for all platforms
56 return base
.Append(FILE_PATH_LITERAL("_platform_specific"))
57 .Append(FILE_PATH_LITERAL("all"))
58 .Append(kCompressedEVWhitelistFileName
);
61 void EVWhitelistComponentInstallerTraits::ComponentReady(
62 const base::Version
& version
,
63 const base::FilePath
& path
,
64 scoped_ptr
<base::DictionaryValue
> manifest
) {
65 VLOG(1) << "Component ready, version " << version
.GetString() << " in "
68 // TODO(eranm): Uncomment once https://codereview.chromium.org/462543002/
71 const base::FilePath whitelist_file = GetInstalledPath(path);
72 base::Callback<void(void)> set_cb =
73 base::Bind(&net::ct::SetEVWhitelistFromFile, whitelist_file);
74 content::BrowserThread::PostBlockingPoolTask(
80 bool EVWhitelistComponentInstallerTraits::VerifyInstallation(
81 const base::FilePath
& install_dir
) const {
82 const base::FilePath expected_file
= GetInstalledPath(install_dir
);
83 VLOG(1) << "Verifying install: " << expected_file
.value();
84 if (!base::PathExists(expected_file
)) {
85 VLOG(1) << "File missing.";
89 std::string compressed_whitelist
;
90 if (!base::ReadFileToString(expected_file
, &compressed_whitelist
)) {
91 VLOG(1) << "Failed reading the compressed EV hashes whitelist.";
95 VLOG(1) << "Whitelist size: " << compressed_whitelist
.size();
97 return !compressed_whitelist
.empty();
100 base::FilePath
EVWhitelistComponentInstallerTraits::GetBaseDirectory() const {
101 base::FilePath result
;
102 PathService::Get(DIR_COMPONENT_EV_WHITELIST
, &result
);
106 void EVWhitelistComponentInstallerTraits::GetHash(
107 std::vector
<uint8
>* hash
) const {
108 hash
->assign(kPublicKeySHA256
,
109 kPublicKeySHA256
+ arraysize(kPublicKeySHA256
));
112 std::string
EVWhitelistComponentInstallerTraits::GetName() const {
113 return kEVWhitelistManifestName
;
116 void RegisterEVWhitelistComponent(ComponentUpdateService
* cus
) {
117 VLOG(1) << "Registering EV whitelist component.";
119 scoped_ptr
<ComponentInstallerTraits
> traits(
120 new EVWhitelistComponentInstallerTraits());
121 // |cus| will take ownership of |installer| during installer->Register(cus).
122 DefaultComponentInstaller
* installer
=
123 new DefaultComponentInstaller(traits
.Pass());
124 installer
->Register(cus
);
127 } // namespace component_updater
