blob: a20644280266e6a7263613280a8deaec807e055c [file] [log] [blame]
waffles5918d5f2017-05-23 01:45:281// Copyright 2017 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_CRX_FILE_CRX_VERIFIER_H_
6#define COMPONENTS_CRX_FILE_CRX_VERIFIER_H_
7
8#include <stdint.h>
9#include <string>
10#include <vector>
11
12namespace base {
13class FilePath;
14} // namespace base
15
16namespace crx_file {
17
18enum class VerifierFormat {
Joshua Pawlickifca4af62019-08-15 13:53:1319 CRX3, // Accept only Crx3.
20 CRX3_WITH_TEST_PUBLISHER_PROOF, // Accept only Crx3 with a test or production
21 // publisher proof.
22 CRX3_WITH_PUBLISHER_PROOF, // Accept only Crx3 with a production
23 // publisher proof.
waffles5918d5f2017-05-23 01:45:2824};
25
26enum class VerifierResult {
27 OK_FULL, // The file verifies as a correct full CRX file.
28 OK_DELTA, // The file verifies as a correct differential CRX file.
29 ERROR_FILE_NOT_READABLE, // Cannot open the CRX file.
30 ERROR_HEADER_INVALID, // Failed to parse or understand CRX header.
31 ERROR_EXPECTED_HASH_INVALID, // Expected hash is not well-formed.
32 ERROR_FILE_HASH_FAILED, // The file's actual hash != the expected hash.
33 ERROR_SIGNATURE_INITIALIZATION_FAILED, // A signature or key is malformed.
34 ERROR_SIGNATURE_VERIFICATION_FAILED, // A signature doesn't match.
35 ERROR_REQUIRED_PROOF_MISSING, // RequireKeyProof was unsatisfied.
36};
37
38// Verify the file at |crx_path| as a valid Crx of |format|. The Crx must be
39// well-formed, contain no invalid proofs, match the |required_file_hash| (if
40// non-empty), and contain a proof with each of the |required_key_hashes|.
41// If and only if this function returns OK_FULL or OK_DELTA, and only if
42// |public_key| / |crx_id| are non-null, they will be updated to contain the
43// public key (PEM format, without the header/footer) and crx id (encoded in
44// base16 using the characters [a-p]).
45VerifierResult Verify(
46 const base::FilePath& crx_path,
47 const VerifierFormat& format,
48 const std::vector<std::vector<uint8_t>>& required_key_hashes,
49 const std::vector<uint8_t>& required_file_hash,
50 std::string* public_key,
51 std::string* crx_id);
52
53} // namespace crx_file
54
55#endif // COMPONENTS_CRX_FILE_CRX_VERIFIER_H_