waffles | 5918d5f | 2017-05-23 01:45:28 | [diff] [blame] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef COMPONENTS_CRX_FILE_CRX_VERIFIER_H_ |
| 6 | #define COMPONENTS_CRX_FILE_CRX_VERIFIER_H_ |
| 7 | |
| 8 | #include <stdint.h> |
| 9 | #include <string> |
| 10 | #include <vector> |
| 11 | |
| 12 | namespace base { |
| 13 | class FilePath; |
| 14 | } // namespace base |
| 15 | |
| 16 | namespace crx_file { |
| 17 | |
| 18 | enum class VerifierFormat { |
Joshua Pawlicki | fca4af6 | 2019-08-15 13:53:13 | [diff] [blame] | 19 | CRX3, // Accept only Crx3. |
| 20 | CRX3_WITH_TEST_PUBLISHER_PROOF, // Accept only Crx3 with a test or production |
| 21 | // publisher proof. |
| 22 | CRX3_WITH_PUBLISHER_PROOF, // Accept only Crx3 with a production |
| 23 | // publisher proof. |
waffles | 5918d5f | 2017-05-23 01:45:28 | [diff] [blame] | 24 | }; |
| 25 | |
| 26 | enum class VerifierResult { |
| 27 | OK_FULL, // The file verifies as a correct full CRX file. |
| 28 | OK_DELTA, // The file verifies as a correct differential CRX file. |
| 29 | ERROR_FILE_NOT_READABLE, // Cannot open the CRX file. |
| 30 | ERROR_HEADER_INVALID, // Failed to parse or understand CRX header. |
| 31 | ERROR_EXPECTED_HASH_INVALID, // Expected hash is not well-formed. |
| 32 | ERROR_FILE_HASH_FAILED, // The file's actual hash != the expected hash. |
| 33 | ERROR_SIGNATURE_INITIALIZATION_FAILED, // A signature or key is malformed. |
| 34 | ERROR_SIGNATURE_VERIFICATION_FAILED, // A signature doesn't match. |
| 35 | ERROR_REQUIRED_PROOF_MISSING, // RequireKeyProof was unsatisfied. |
| 36 | }; |
| 37 | |
| 38 | // Verify the file at |crx_path| as a valid Crx of |format|. The Crx must be |
| 39 | // well-formed, contain no invalid proofs, match the |required_file_hash| (if |
| 40 | // non-empty), and contain a proof with each of the |required_key_hashes|. |
| 41 | // If and only if this function returns OK_FULL or OK_DELTA, and only if |
| 42 | // |public_key| / |crx_id| are non-null, they will be updated to contain the |
| 43 | // public key (PEM format, without the header/footer) and crx id (encoded in |
| 44 | // base16 using the characters [a-p]). |
| 45 | VerifierResult Verify( |
| 46 | const base::FilePath& crx_path, |
| 47 | const VerifierFormat& format, |
| 48 | const std::vector<std::vector<uint8_t>>& required_key_hashes, |
| 49 | const std::vector<uint8_t>& required_file_hash, |
| 50 | std::string* public_key, |
| 51 | std::string* crx_id); |
| 52 | |
| 53 | } // namespace crx_file |
| 54 | |
| 55 | #endif // COMPONENTS_CRX_FILE_CRX_VERIFIER_H_ |