发表新帖
发表新帖

Google Chrome - Alphanumeric hashes to identify extensions

后端 未结
关注
8 672
别那么骄傲
别那么骄傲 2020-11-29 02:17

Google Chrome is using alpha numeric hashes as identifiers for the Chrome extensions. For eg. \"ajpgkpeckebdhofmmjfgcjjiiejpodla\" is the identifier for XMarks Bookmark Sync

相关标签:
8条回答
  • 刺人心
    2020-11-29 02:27

    I made crx_appid gem to calculate appid easily.

    https://rubygems.org/gems/crx_appid

    $ gem install crx_appid
$ crx_appid extension.pem
    0 讨论(0)
  • 长情又很酷
    2020-11-29 02:31

    Chromium generates the id via public key. If you use the extension gallery, they handle all that for you.

    From the source:

    bool Extension::GenerateId(const std::string& input, std::string* output) {
  CHECK(output);
  if (input.length() == 0)
    return false;

  const uint8* ubuf = reinterpret_cast<const unsigned char*>(input.data());
  SHA256Context ctx;
  SHA256_Begin(&ctx);
  SHA256_Update(&ctx, ubuf, input.length());
  uint8 hash[Extension::kIdSize];
  SHA256_End(&ctx, hash, NULL, sizeof(hash));
  *output = StringToLowerASCII(HexEncode(hash, sizeof(hash)));
  ConvertHexadecimalToIDAlphabet(output);

  return true;
}

    Take a look at extension.cc file it has more detailed information such as generating the .pem file exncoding/decoding, etc.

    0 讨论(0)
  • 执笔经年
    2020-11-29 02:37

    Here is the easy way in bash (and openssl) to get the X.509 SubjectPublicKeyInfo block, DER-encoded:

    openssl rsa -pubout -outform DER < "$pem" > "$pub" 2>/dev/null

    Where $pem is the private key file, RSA encoded.

    To get the SHA256 Digest you need to run the following on the file resulting from the previous line:

    openssl dgst -sha256 $pub | awk '{print $2}' | cut -c 0-32

    All that remains is to take the resulting 32 char string and change it from regular hex ([0-9][a-f]) to ([a-p]) where a matches 0 and p matches f.

    With a bit of effort, I'm pretty sure these two steps could be made into a one-liner. I hope you find it helpful and if so, please let me know.

    0 讨论(0)
  • 我寻月下人不归
    2020-11-29 02:39

    To be even more precise, the input to the SHA256 hash is the X.509 SubjectPublicKeyInfo block, DER-encoded. This is the 5th field in the crx header as described in CRX Package Format. It is also the byte sequence you get if you take the value of "key" in the manifest and base-64 decode it.

    0 讨论(0)
  • 感动是毒
    2020-11-29 02:40

    A nice little bash script for a "idiot proof" way to find out your extensions id. Thanks to A-Tuin for the oneliner command.

    #!/bin/bash
txtred=$(tput setaf 1) # Red

echo "Script to generate extension id from your extensions .pem file"
sleep 2
while true; do
read -e -p "Enter local file path for your pem file " PEMFILE
if [[ $PEMFILE != *.pem ]]; then
        echo "That is not a .pem file. Please enter a correct .pem file"
        sleep 2
else
        break
fi
done
PEMFILEGEN=`cat $PEMFILE | openssl rsa -pubout -outform DER | openssl dgst -sha256 | awk '{print $2}' | cut -c 1-32 | tr '0-9a-f' 'a-p'`
echo "Your extension id is:${txtred} $PEMFILEGEN${textred}"
tput sgr0
exit 0
    0 讨论(0)
  • 遥遥无期
    2020-11-29 02:42

    Here's a linux one liner:

    cat FILE.PEM | openssl rsa -pubout -outform DER | openssl dgst -sha256 | awk '{print $2}' | cut -c 1-32 | tr '0-9a-f' 'a-p'

    nicely formatted for readability

    cat FILE.PEM | \
openssl rsa -pubout -outform DER | \
openssl dgst -sha256 | \
awk '{print $2}' | \
cut -c 1-32 | \
tr '0-9a-f' 'a-p'
    0 讨论(0)
 看不清?
提交回复
热议问题