1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
|
// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/web_applications/os_integration/mac/app_shim_registry.h"
#include <memory>
#include <optional>
#include <utility>
#include "base/base64.h"
#include "base/debug/dump_without_crashing.h"
#include "base/logging.h"
#include "base/no_destructor.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "components/os_crypt/sync/os_crypt.h"
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/pref_service.h"
#include "components/prefs/scoped_user_pref_update.h"
#include "crypto/hmac.h"
#include "crypto/random.h"
namespace {
const char kAppShims[] = "app_shims";
const char kAppShimsCdHashHmacKey[] = "app_shims_cdhash_hmac_key";
const char kInstalledProfiles[] = "installed_profiles";
const char kLastActiveProfiles[] = "last_active_profiles";
const char kHandlers[] = "handlers";
const char kFileHandlerExtensions[] = "extensions";
const char kFileHandlerMimeTypes[] = "mime_types";
const char kProtocolHandlers[] = "protocols";
const char kCdHashHmac[] = "cdhash_hmac";
const char kNotificationPermissionStatus[] = "notification_permission";
base::Value::List SetToValueList(const std::set<std::string>& values) {
base::Value::List result;
for (const auto& s : values) {
result.Append(s);
}
return result;
}
std::set<std::string> ValueListToSet(const base::Value::List* list) {
std::set<std::string> result;
if (list) {
for (const auto& v : *list) {
if (!v.is_string())
continue;
result.insert(v.GetString());
}
}
return result;
}
} // namespace
AppShimRegistry::HandlerInfo::HandlerInfo() = default;
AppShimRegistry::HandlerInfo::~HandlerInfo() = default;
AppShimRegistry::HandlerInfo::HandlerInfo(HandlerInfo&&) = default;
AppShimRegistry::HandlerInfo::HandlerInfo(const HandlerInfo&) = default;
AppShimRegistry::HandlerInfo& AppShimRegistry::HandlerInfo::operator=(
HandlerInfo&&) = default;
AppShimRegistry::HandlerInfo& AppShimRegistry::HandlerInfo::operator=(
const HandlerInfo&) = default;
// static
AppShimRegistry* AppShimRegistry::Get() {
static base::NoDestructor<AppShimRegistry> instance;
return instance.get();
}
void AppShimRegistry::RegisterLocalPrefs(PrefRegistrySimple* registry) {
registry->RegisterDictionaryPref(kAppShims);
registry->RegisterStringPref(kAppShimsCdHashHmacKey, "");
}
std::set<base::FilePath> AppShimRegistry::GetInstalledProfilesForApp(
const std::string& app_id) const {
std::set<base::FilePath> installed_profiles;
GetProfilesSetForApp(app_id, kInstalledProfiles, &installed_profiles);
return installed_profiles;
}
bool AppShimRegistry::IsAppInstalledInProfile(
const std::string& app_id,
const base::FilePath& profile) const {
return GetInstalledProfilesForApp(app_id).contains(profile);
}
std::set<base::FilePath> AppShimRegistry::GetLastActiveProfilesForApp(
const std::string& app_id) const {
std::set<base::FilePath> last_active_profiles;
GetProfilesSetForApp(app_id, kLastActiveProfiles, &last_active_profiles);
// Cull out any profiles that are not installed.
std::set<base::FilePath> installed_profiles;
GetProfilesSetForApp(app_id, kInstalledProfiles, &installed_profiles);
for (auto it = last_active_profiles.begin();
it != last_active_profiles.end();) {
if (installed_profiles.count(*it))
it++;
else
last_active_profiles.erase(it++);
}
return last_active_profiles;
}
void AppShimRegistry::GetProfilesSetForApp(
const std::string& app_id,
const std::string& profiles_key,
std::set<base::FilePath>* profiles) const {
PrefService* pref_service = GetPrefService();
CHECK(pref_service);
const base::Value::Dict& cache = pref_service->GetDict(kAppShims);
const base::Value::Dict* app_info = cache.FindDict(app_id);
if (!app_info)
return;
const base::Value::List* profile_values = app_info->FindList(profiles_key);
if (!profile_values)
return;
for (const auto& profile_path_value : *profile_values) {
if (profile_path_value.is_string())
profiles->insert(GetFullProfilePath(profile_path_value.GetString()));
}
}
void AppShimRegistry::OnAppInstalledForProfile(const std::string& app_id,
const base::FilePath& profile) {
std::set<base::FilePath> installed_profiles =
GetInstalledProfilesForApp(app_id);
if (installed_profiles.count(profile))
return;
installed_profiles.insert(profile);
// Also add the profile to the last active profiles. This way the next time
// the app is launched, it will at least launch in the most recently
// installed profile.
std::set<base::FilePath> last_active_profiles =
GetLastActiveProfilesForApp(app_id);
last_active_profiles.insert(profile);
SetAppInfo(app_id, &installed_profiles, &last_active_profiles,
/*handlers=*/nullptr, /*cd_hash_hmac_base64=*/nullptr,
/*notification_permission_status=*/nullptr);
}
bool AppShimRegistry::OnAppUninstalledForProfile(
const std::string& app_id,
const base::FilePath& profile) {
auto installed_profiles = GetInstalledProfilesForApp(app_id);
auto found = installed_profiles.find(profile);
if (found != installed_profiles.end()) {
installed_profiles.erase(profile);
SetAppInfo(app_id, &installed_profiles, /*last_active_profiles=*/nullptr,
/*handlers=*/nullptr, /*cd_hash_hmac_base64=*/nullptr,
/*notification_permission_status=*/nullptr);
}
return installed_profiles.empty();
}
void AppShimRegistry::SaveLastActiveProfilesForApp(
const std::string& app_id,
std::set<base::FilePath> last_active_profiles) {
SetAppInfo(app_id, /*installed_profiles=*/nullptr, &last_active_profiles,
/*handlers=*/nullptr, /*cd_hash_hmac_base64=*/nullptr,
/*notification_permission_status=*/nullptr);
}
std::set<std::string> AppShimRegistry::GetInstalledAppsForProfile(
const base::FilePath& profile) const {
std::set<std::string> result;
const base::Value::Dict& app_shims = GetPrefService()->GetDict(kAppShims);
for (const auto iter_app : app_shims) {
const base::Value::List* installed_profiles_list =
iter_app.second.GetDict().FindList(kInstalledProfiles);
if (!installed_profiles_list)
continue;
for (const auto& profile_path_value : *installed_profiles_list) {
if (!profile_path_value.is_string())
continue;
if (profile == GetFullProfilePath(profile_path_value.GetString())) {
result.insert(iter_app.first);
break;
}
}
}
return result;
}
std::set<std::string> AppShimRegistry::GetAppsInstalledInMultipleProfiles()
const {
std::set<std::string> result;
if (!GetPrefService()) {
return result;
}
const base::Value::Dict& app_shims = GetPrefService()->GetDict(kAppShims);
for (const auto iter_app : app_shims) {
const base::Value::List* installed_profiles_list =
iter_app.second.GetDict().FindList(kInstalledProfiles);
if (!installed_profiles_list || installed_profiles_list->size() <= 1) {
continue;
}
result.insert(iter_app.first);
}
return result;
}
void AppShimRegistry::SaveFileHandlersForAppAndProfile(
const std::string& app_id,
const base::FilePath& profile,
std::set<std::string> file_handler_extensions,
std::set<std::string> file_handler_mime_types) {
std::map<base::FilePath, HandlerInfo> handlers = GetHandlersForApp(app_id);
auto it = handlers.emplace(profile, HandlerInfo()).first;
it->second.file_handler_extensions = std::move(file_handler_extensions);
it->second.file_handler_mime_types = std::move(file_handler_mime_types);
if (it->second.IsEmpty())
handlers.erase(it);
SetAppInfo(app_id, /*installed_profiles=*/nullptr,
/*last_active_profiles=*/nullptr, &handlers,
/*cd_hash_hmac_base64=*/nullptr,
/*notification_permission_status=*/nullptr);
}
void AppShimRegistry::SaveProtocolHandlersForAppAndProfile(
const std::string& app_id,
const base::FilePath& profile,
std::set<std::string> protocol_handlers) {
std::map<base::FilePath, HandlerInfo> handlers = GetHandlersForApp(app_id);
auto it = handlers.emplace(profile, HandlerInfo()).first;
it->second.protocol_handlers = std::move(protocol_handlers);
if (it->second.IsEmpty())
handlers.erase(it);
SetAppInfo(app_id, /*installed_profiles=*/nullptr,
/*last_active_profiles=*/nullptr, &handlers,
/*cd_hash_hmac_base64=*/nullptr,
/*notification_permission_status=*/nullptr);
}
std::map<base::FilePath, AppShimRegistry::HandlerInfo>
AppShimRegistry::GetHandlersForApp(const std::string& app_id) {
const base::Value::Dict& cache = GetPrefService()->GetDict(kAppShims);
const base::Value::Dict* app_info = cache.FindDict(app_id);
if (!app_info)
return {};
const base::Value::Dict* handlers = app_info->FindDict(kHandlers);
if (!handlers)
return {};
std::map<base::FilePath, HandlerInfo> result;
for (auto profile_handler : *handlers) {
const base::Value::Dict* dict = profile_handler.second.GetIfDict();
if (!dict)
continue;
HandlerInfo info;
info.file_handler_extensions =
ValueListToSet(dict->FindList(kFileHandlerExtensions));
info.file_handler_mime_types =
ValueListToSet(dict->FindList(kFileHandlerMimeTypes));
info.protocol_handlers = ValueListToSet(dict->FindList(kProtocolHandlers));
result.emplace(GetFullProfilePath(profile_handler.first), std::move(info));
}
return result;
}
bool AppShimRegistry::HasSavedAnyCdHashes() const {
return GetPrefService()->HasPrefPath(kAppShimsCdHashHmacKey);
}
std::optional<AppShimRegistry::HmacKey>
AppShimRegistry::GetExistingCdHashHmacKey() {
std::string key_base64 = GetPrefService()->GetString(kAppShimsCdHashHmacKey);
if (key_base64.empty()) {
return std::nullopt;
}
// The key used for the HMACs of code directory hash values is encrypted then
// base64-encoded before being stored in prefs. Do the inverse operations here
// to load the key.
std::string encrypted_key;
if (base::Base64Decode(key_base64, &encrypted_key)) {
std::string key;
if (OSCrypt::DecryptString(encrypted_key, &key)) {
if (key.length() == kHmacKeySize) {
return std::make_optional<HmacKey>(key.begin(), key.end());
}
}
}
// The stored key was either invalid base64, could not be decrypted by
// OSCrypt, or the wrong length. We rely on the caller to generate a new key
// and re-create the app shims.
LOG(WARNING) << "Key retrieved from preferences was not valid. Discarding.";
return std::nullopt;
}
// Encrypt the key using OSCrypt and base64-encode the encrypted data before
// storing it in prefs.
void AppShimRegistry::SaveCdHashHmacKey(const HmacKey& key) {
std::string key_str(key.begin(), key.end());
std::string encrypted_key_str;
bool result = OSCrypt::EncryptString(key_str, &encrypted_key_str);
if (!result) {
base::debug::DumpWithoutCrashing();
return;
}
HmacKey encrypted_key(encrypted_key_str.begin(), encrypted_key_str.end());
GetPrefService()->SetString(kAppShimsCdHashHmacKey,
base::Base64Encode(encrypted_key));
}
AppShimRegistry::HmacKey AppShimRegistry::GetCdHashHmacKey() {
if (auto key = GetExistingCdHashHmacKey(); key.has_value()) {
return *key;
}
// Either no key was stored in prefs, or the key that was stored could not be
// decoded or decrypted. Generate and store a new random key. This will
// invalidate any HMACs that were created with a previous key. The caller is
// expected to handle this by re-creating the affected app shims and storing
// the new code directory hash.
HmacKey key(kHmacKeySize);
crypto::RandBytes(key);
SaveCdHashHmacKey(key);
return key;
}
void AppShimRegistry::SaveCdHashForApp(const std::string& app_id,
base::span<const uint8_t> cd_hash) {
HmacKey hmac_key = GetCdHashHmacKey();
crypto::HMAC hmac(crypto::HMAC::SHA256);
CHECK(hmac.Init(hmac_key));
std::array<uint8_t, 32> cd_hash_hmac;
CHECK(hmac.Sign(cd_hash, cd_hash_hmac));
std::string cd_hash_hmac_base64 = base::Base64Encode(cd_hash_hmac);
SetAppInfo(app_id, /*installed_profiles=*/nullptr,
/*last_active_profiles=*/nullptr, /*handlers=*/nullptr,
&cd_hash_hmac_base64,
/*notification_permission_status=*/nullptr);
}
bool AppShimRegistry::VerifyCdHashForApp(const std::string& app_id,
base::span<const uint8_t> cd_hash) {
const base::Value::Dict& cache = GetPrefService()->GetDict(kAppShims);
const base::Value::Dict* app_info = cache.FindDict(app_id);
if (!app_info) {
LOG(WARNING) << "No info found for app_id";
return false;
}
const std::string* cd_hash_hmac_base64 = app_info->FindString(kCdHashHmac);
if (!cd_hash_hmac_base64 || cd_hash_hmac_base64->empty()) {
LOG(WARNING) << "App shim has no associated code directory hash";
return false;
}
auto cd_hash_hmac = base::Base64Decode(*cd_hash_hmac_base64);
if (!cd_hash_hmac) {
LOG(WARNING) << "App shim's code directory hash could not be decoded";
return false;
}
HmacKey hmac_key = GetCdHashHmacKey();
crypto::HMAC hmac(crypto::HMAC::SHA256);
CHECK(hmac.Init(hmac_key));
return hmac.Verify(cd_hash, *cd_hash_hmac);
}
void AppShimRegistry::SaveNotificationPermissionStatusForApp(
const std::string& app_id,
mac_notifications::mojom::PermissionStatus status) {
SetAppInfo(app_id, /*installed_profiles=*/nullptr,
/*last_active_profiles=*/nullptr, /*handlers=*/nullptr,
/*cd_hash_hmac_base64=*/nullptr, &status);
}
mac_notifications::mojom::PermissionStatus
AppShimRegistry::GetNotificationPermissionStatusForApp(
const std::string& app_id) {
using PermissionStatus = mac_notifications::mojom::PermissionStatus;
const base::Value::Dict& cache = GetPrefService()->GetDict(kAppShims);
const base::Value::Dict* app_info = cache.FindDict(app_id);
if (!app_info) {
return PermissionStatus::kNotDetermined;
}
std::optional<int> status_as_int =
app_info->FindInt(kNotificationPermissionStatus);
if (!status_as_int.has_value()) {
return PermissionStatus::kNotDetermined;
}
switch (*status_as_int) {
case static_cast<int>(PermissionStatus::kNotDetermined):
case static_cast<int>(PermissionStatus::kPromptPending):
case static_cast<int>(PermissionStatus::kDenied):
case static_cast<int>(PermissionStatus::kGranted):
return static_cast<PermissionStatus>(*status_as_int);
}
return PermissionStatus::kNotDetermined;
}
base::CallbackListSubscription AppShimRegistry::RegisterAppChangedCallback(
base::RepeatingCallback<void(const std::string&)> callback) {
return app_changed_callbacks_.Add(std::move(callback));
}
void AppShimRegistry::SetPrefServiceAndUserDataDirForTesting(
PrefService* pref_service,
const base::FilePath& user_data_dir) {
override_pref_service_ = pref_service;
override_user_data_dir_ = user_data_dir;
}
base::Value::Dict AppShimRegistry::AsDebugDict() const {
const base::Value::Dict& app_shims = GetPrefService()->GetDict(kAppShims);
return app_shims.Clone();
}
AppShimRegistry::AppShimRegistry() = default;
AppShimRegistry::~AppShimRegistry() = default;
PrefService* AppShimRegistry::GetPrefService() const {
if (override_pref_service_)
return override_pref_service_;
return g_browser_process->local_state();
}
base::FilePath AppShimRegistry::GetFullProfilePath(
const std::string& profile_path) const {
base::FilePath relative_profile_path(profile_path);
if (!override_user_data_dir_.empty())
return override_user_data_dir_.Append(relative_profile_path);
ProfileManager* profile_manager = g_browser_process->profile_manager();
return profile_manager->user_data_dir().Append(relative_profile_path);
}
void AppShimRegistry::SetAppInfo(
const std::string& app_id,
const std::set<base::FilePath>* installed_profiles,
const std::set<base::FilePath>* last_active_profiles,
const std::map<base::FilePath, HandlerInfo>* handlers,
const std::string* cd_hash_hmac_base64,
const mac_notifications::mojom::PermissionStatus*
notification_permission_status) {
ScopedDictPrefUpdate update(GetPrefService(), kAppShims);
// If there are no installed profiles, clear the app's key.
if (installed_profiles && installed_profiles->empty()) {
update->Remove(app_id);
return;
}
// Look up dictionary for the app.
base::Value::Dict* app_info = update->FindDict(app_id);
if (!app_info) {
// If the key for the app doesn't exist, don't add it unless we are
// specifying a new |installed_profiles| (e.g, for when the app exits
// during uninstall and tells us its last-used profile after we just
// removed the entry for the app).
if (!installed_profiles)
return;
app_info = update->EnsureDict(app_id);
}
if (installed_profiles) {
base::Value::List values;
for (const auto& profile : *installed_profiles)
values.Append(profile.BaseName().value());
app_info->Set(kInstalledProfiles, std::move(values));
}
if (last_active_profiles) {
base::Value::List values;
for (const auto& profile : *last_active_profiles)
values.Append(profile.BaseName().value());
app_info->Set(kLastActiveProfiles, std::move(values));
}
if (handlers) {
base::Value::Dict values;
for (const auto& profile_handlers : *handlers) {
base::Value::Dict value;
value.Set(
kFileHandlerExtensions,
SetToValueList(profile_handlers.second.file_handler_extensions));
value.Set(
kFileHandlerMimeTypes,
SetToValueList(profile_handlers.second.file_handler_mime_types));
value.Set(kProtocolHandlers,
SetToValueList(profile_handlers.second.protocol_handlers));
values.Set(profile_handlers.first.BaseName().value(), std::move(value));
}
app_info->Set(kHandlers, std::move(values));
}
if (cd_hash_hmac_base64) {
app_info->Set(kCdHashHmac, *cd_hash_hmac_base64);
}
if (notification_permission_status) {
app_info->Set(kNotificationPermissionStatus,
static_cast<int>(*notification_permission_status));
}
app_changed_callbacks_.Notify(app_id);
}
|
