From 620f3e50bdbb11cf69dd239b5a976fcdf0d2dade Mon Sep 17 00:00:00 2001 From: "asargent@chromium.org" Date: Thu, 15 May 2014 17:00:52 +0000 Subject: A bunch of remaining parts of extension content verification -The real guts of content_hash_fetcher.cc, which fetches the verified_contents.json file from the webstore if needed and also runs tasks to compute and cache the block-level hashes of all files in an extension. -The real guts of content_hash_reader.cc, which uses the work done by the content_hash_fetcher during validation of extension file content as it's read off of disk at time of use. -Code to avoid verifying transcoded files (images used in browser process, and message catalogs). -Don't allow downgrade of mode via kForceFieldTrials command line switch -Various bits of plumbing to support all of the above BUG=369895 R=rockot@chromium.org Review URL: https://codereview.chromium.org/289533003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@270694 0039d316-1c4b-4281-b951-d872f2087c98 --- extensions/browser/computed_hashes.h | 64 ++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 extensions/browser/computed_hashes.h (limited to 'extensions/browser/computed_hashes.h') diff --git a/extensions/browser/computed_hashes.h b/extensions/browser/computed_hashes.h new file mode 100644 index 0000000..c68175c --- /dev/null +++ b/extensions/browser/computed_hashes.h @@ -0,0 +1,64 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef EXTENSIONS_BROWSER_COMPUTED_HASHES_H_ +#define EXTENSIONS_BROWSER_COMPUTED_HASHES_H_ + +#include +#include +#include + +#include "base/values.h" + +namespace base { +class FilePath; +} + +namespace extensions { + +// A pair of classes for serialization of a set of SHA256 block hashes computed +// over the files inside an extension. +class ComputedHashes { + public: + class Reader { + public: + Reader(); + ~Reader(); + bool InitFromFile(const base::FilePath& path); + + // The block size and hashes for |relative_path| will be copied into the + // out parameters. + bool GetHashes(const base::FilePath& relative_path, + int* block_size, + std::vector* hashes); + + private: + typedef std::pair > HashInfo; + + // This maps a relative path to a pair of (block size, hashes) + std::map data_; + }; + + class Writer { + public: + Writer(); + ~Writer(); + + // Adds hashes for |relative_path|. Should not be called more than once + // for a given |relative_path|. + void AddHashes(const base::FilePath& relative_path, + int block_size, + const std::vector& hashes); + + bool WriteToFile(const base::FilePath& path); + + private: + // The top-level object that will be serialized as JSON. + base::ListValue file_list_; + }; +}; + +} // namespace extensions + +#endif // EXTENSIONS_BROWSER_COMPUTED_HASHES_H_ -- cgit v1.1