Home | History | Annotate | Download | only in extensions 
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_
      6 #define CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_
      7 
      8 #include <queue>
      9 #include <set>
     10 #include <string>
     11 
     12 #include "base/basictypes.h"
     13 #include "base/callback.h"
     14 #include "base/memory/linked_ptr.h"
     15 #include "base/memory/scoped_ptr.h"
     16 #include "base/memory/weak_ptr.h"
     17 #include "extensions/browser/management_policy.h"
     18 #include "extensions/common/extension.h"
     19 
     20 namespace content {
     21 class BrowserContext;
     22 }
     23 
     24 namespace net {
     25 class URLRequestContextGetter;
     26 }
     27 
     28 namespace extensions {
     29 
     30 class ExtensionPrefs;
     31 class InstallSigner;
     32 struct InstallSignature;
     33 
     34 // This class implements verification that a set of extensions are either from
     35 // the webstore or are whitelisted by enterprise policy.  The webstore
     36 // verification process works by sending a request to a backend server to get a
     37 // signature proving that a set of extensions are verified. This signature is
     38 // written into the extension preferences and is checked for validity when
     39 // being read back again.
     40 //
     41 // This class should be kept notified of runtime changes to the set of
     42 // extensions installed from the webstore.
     43 class InstallVerifier : public ManagementPolicy::Provider {
     44  public:
     45   InstallVerifier(ExtensionPrefs* prefs, content::BrowserContext* context);
     46   virtual ~InstallVerifier();
     47 
     48   // Returns whether |extension| is of a type that needs verification.
     49   static bool NeedsVerification(const Extension& extension);
     50 
     51   // Initializes this object for use, including reading preferences and
     52   // validating the stored signature.
     53   void Init();
     54 
     55   // Returns the timestamp of our InstallSignature, if we have one.
     56   base::Time SignatureTimestamp();
     57 
     58   // Returns true if |id| is either verified or our stored signature explicitly
     59   // tells us that it was invalid when we asked the server about it.
     60   bool IsKnownId(const std::string& id);
     61 
     62   // Attempts to verify a single extension and add it to the verified list.
     63   void VerifyExtension(const std::string& extension_id);
     64 
     65   // Attempts to verify all extensions.
     66   void VerifyAllExtensions();
     67 
     68   // Call this to add a set of ids that will immediately be considered allowed,
     69   // and kick off an aysnchronous request to Add.
     70   void AddProvisional(const ExtensionIdSet& ids);
     71 
     72   // Removes an id or set of ids from the verified list.
     73   void Remove(const std::string& id);
     74   void RemoveMany(const ExtensionIdSet& ids);
     75 
     76   // ManagementPolicy::Provider interface.
     77   virtual std::string GetDebugPolicyProviderName() const OVERRIDE;
     78   virtual bool MustRemainDisabled(const Extension* extension,
     79                                   Extension::DisableReason* reason,
     80                                   base::string16* error) const OVERRIDE;
     81 
     82  private:
     83   // We keep a list of operations to the current set of extensions.
     84   enum OperationType {
     85     ADD_SINGLE,         // Adding a single extension to be verified.
     86     ADD_ALL,            // Adding all extensions to be verified.
     87     ADD_ALL_BOOTSTRAP,  // Adding all extensions because of a bootstrapping.
     88     ADD_PROVISIONAL,    // Adding one or more provisionally-allowed extensions.
     89     REMOVE              // Remove one or more extensions.
     90   };
     91 
     92   // This is an operation we want to apply to the current set of verified ids.
     93   struct PendingOperation {
     94     OperationType type;
     95 
     96     // This is the set of ids being either added or removed.
     97     ExtensionIdSet ids;
     98 
     99     explicit PendingOperation(OperationType type);
    100     ~PendingOperation();
    101   };
    102 
    103   // Returns the set of IDs for all extensions that potentially need to be
    104   // verified.
    105   ExtensionIdSet GetExtensionsToVerify() const;
    106 
    107   // Bootstrap the InstallVerifier if we do not already have a signature, or if
    108   // there are unknown extensions which need to be verified.
    109   void MaybeBootstrapSelf();
    110 
    111   // Try adding a new set of |ids| to the list of verified ids.
    112   void AddMany(const ExtensionIdSet& ids, OperationType type);
    113 
    114   // Record the result of the verification for the histograms, and notify the
    115   // ExtensionPrefs if we verified all extensions.
    116   void OnVerificationComplete(bool success, OperationType type);
    117 
    118   // Removes any no-longer-installed ids, requesting a new signature if needed.
    119   void GarbageCollect();
    120 
    121   // Returns whether an extension id is allowed by policy.
    122   bool AllowedByEnterprisePolicy(const std::string& id) const;
    123 
    124   // Returns whether the given |id| is included in our verified signature.
    125   bool IsVerified(const std::string& id) const;
    126 
    127   // Returns true if the extension with |id| was installed later than the
    128   // timestamp of our signature.
    129   bool WasInstalledAfterSignature(const std::string& id) const;
    130 
    131   // Begins the process of fetching a new signature, based on applying the
    132   // operation at the head of the queue to the current set of ids in
    133   // |signature_| (if any) and then sending a request to sign that.
    134   void BeginFetch();
    135 
    136   // Saves the current value of |signature_| to the prefs;
    137   void SaveToPrefs();
    138 
    139   // Called with the result of a signature request, or NULL on failure.
    140   void SignatureCallback(scoped_ptr<InstallSignature> signature);
    141 
    142   ExtensionPrefs* prefs_;
    143 
    144   // The context with which the InstallVerifier is associated.
    145   content::BrowserContext* context_;
    146 
    147   // Have we finished our bootstrap check yet?
    148   bool bootstrap_check_complete_;
    149 
    150   // This is the most up-to-date signature, read out of |prefs_| during
    151   // initialization and updated anytime we get new id's added.
    152   scoped_ptr<InstallSignature> signature_;
    153 
    154   // The current InstallSigner, if we have a signature request running.
    155   scoped_ptr<InstallSigner> signer_;
    156 
    157   // A queue of operations to apply to the current set of allowed ids.
    158   std::queue<linked_ptr<PendingOperation> > operation_queue_;
    159 
    160   // A set of ids that have been provisionally added, which we're willing to
    161   // consider allowed until we hear back from the server signature request.
    162   ExtensionIdSet provisional_;
    163 
    164   base::WeakPtrFactory<InstallVerifier> weak_factory_;
    165 
    166   DISALLOW_COPY_AND_ASSIGN(InstallVerifier);
    167 };
    168 
    169 }  // namespace extensions
    170 
    171 #endif  // CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_
    172