Replace SafeBrowsing MAC with downloads over SSL.

chrome/browser/safe_browsing/protocol_manager.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_
 #define CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_
 #pragma once
 
 // A class that implements Chrome's interface with the SafeBrowsing protocol.
 // The SafeBrowsingProtocolManager handles formatting and making requests of,
@@ skipping 31 matching lines @@
 
 class SafeBrowsingProtocolManager;
 // Interface of a factory to create ProtocolManager.  Useful for tests.
 class SBProtocolManagerFactory {
  public:
   SBProtocolManagerFactory() {}
   virtual ~SBProtocolManagerFactory() {}
   virtual SafeBrowsingProtocolManager* CreateProtocolManager(
       SafeBrowsingService* sb_service,
       const std::string& client_name,
-      const std::string& client_key,
-      const std::string& wrapped_key,
       net::URLRequestContextGetter* request_context_getter,
-      const std::string& info_url_prefix,
-      const std::string& mackey_url_prefix,
+      const std::string& url_prefix,
       bool disable_auto_update) = 0;
  private:
   DISALLOW_COPY_AND_ASSIGN(SBProtocolManagerFactory);
 };
 
 class SafeBrowsingProtocolManager : public content::URLFetcherDelegate {
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestBackOffTimes);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestChunkStrings);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestGetHashUrl);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest,
                            TestGetHashBackOffTimes);
-  FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestMacKeyUrl);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest,
                            TestSafeBrowsingHitUrl);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest,
                            TestMalwareDetailsUrl);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestNextChunkUrl);
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestUpdateUrl);
   friend class SafeBrowsingServiceTest;
 
  public:
   virtual ~SafeBrowsingProtocolManager();
 
   // Makes the passed |factory| the factory used to instantiate
   // a SafeBrowsingService. Useful for tests.
   static void RegisterFactory(SBProtocolManagerFactory* factory) {
     factory_ = factory;
   }
 
   // Create an instance of the safe browsing service.
   static SafeBrowsingProtocolManager* Create(
       SafeBrowsingService* sb_service,
       const std::string& client_name,
-      const std::string& client_key,
-      const std::string& wrapped_key,
       net::URLRequestContextGetter* request_context_getter,
-      const std::string& info_url_prefix,
-      const std::string& mackey_url_prefix,
+      const std::string& url_prefix,
       bool disable_auto_update);
 
   // Sets up the update schedule and internal state for making periodic requests
   // of the SafeBrowsing service.
   virtual void Initialize();
 
   // content::URLFetcherDelegate interface.
   virtual void OnURLFetchComplete(const content::URLFetcher* source) OVERRIDE;
 
   // API used by the SafeBrowsingService for issuing queries. When the results
@@ skipping 24 matching lines @@
                              const GURL& page_url,
                              const GURL& referrer_url,
                              bool is_subresource,
                              SafeBrowsingService::UrlCheckResult threat_type,
                              const std::string& post_data);
 
   // Users can opt-in on the SafeBrowsing interstitial to send detailed
   // malware reports. |report| is the serialized report.
   void ReportMalwareDetails(const std::string& report);
 
-  bool is_initial_request() const { return initial_request_; }
-
   // The last time we received an update.
   base::Time last_update() const { return last_update_; }
 
   // Setter for additional_query_. To make sure the additional_query_ won't
   // be changed in the middle of an update, caller (e.g.: SafeBrowsingService)
   // should call this after callbacks triggered in UpdateFinished() or before
   // IssueUpdateRequest().
   void set_additional_query(const std::string& query) {
     additional_query_ = query;
   }
@@ skipping 35 matching lines @@
                                   ResultType result_type);
 
  protected:
   // Constructs a SafeBrowsingProtocolManager for |sb_service| that issues
   // network requests using |request_context_getter|. When |disable_auto_update|
   // is true, protocol manager won't schedule next update until
   // ForceScheduleNextUpdate is called.
   SafeBrowsingProtocolManager(
       SafeBrowsingService* sb_service,
       const std::string& client_name,
-      const std::string& client_key,
-      const std::string& wrapped_key,
       net::URLRequestContextGetter* request_context_getter,
-      const std::string& http_url_prefix,
-      const std::string& https_url_prefix,
+      const std::string& url_prefix,
       bool disable_auto_update);
 
  private:
   friend class SBProtocolManagerFactoryImpl;
 
   // Internal API for fetching information from the SafeBrowsing servers. The
   // GetHash requests are higher priority since they can block user requests
   // so are handled separately.
   enum SafeBrowsingRequestType {
     NO_REQUEST = 0,     // No requests in progress
     UPDATE_REQUEST,     // Request for redirect URLs
     CHUNK_REQUEST,      // Request for a specific chunk
-    GETKEY_REQUEST      // Update the client's MAC key
   };
 
-  // Composes a URL using |prefix|, |method| (e.g.: gethash, download,
-  // newkey, report), |client_name| and |version|. When not empty,
-  // |additional_query| is appended to the URL with an additional "&"
-  // in the front.
+  // Composes a URL using |prefix|, |method| (e.g.: gethash, download, report).
+  // |client_name| and |version|. When not empty, |additional_query| is
+  // appended to the URL with an additional "&" in the front.
   static std::string ComposeUrl(const std::string& prefix,
                                 const std::string& method,
                                 const std::string& client_name,
                                 const std::string& version,
                                 const std::string& additional_query);
 
   // Generates Update URL for querying about the latest set of chunk updates.
-  // Append "wrkey=xxx" to the URL when |use_mac| is true.
-  GURL UpdateUrl(bool use_mac) const;
+  GURL UpdateUrl() const;
   // Generates GetHash request URL for retrieving full hashes.
-  // Append "wrkey=xxx" to the URL when |use_mac| is true.
-  GURL GetHashUrl(bool use_mac) const;
-  // Generates new MAC client key request URL.
-  GURL MacKeyUrl() const;
+  GURL GetHashUrl() const;
   // Generates URL for reporting safe browsing hits for UMA users.
   GURL SafeBrowsingHitUrl(
       const GURL& malicious_url, const GURL& page_url, const GURL& referrer_url,
       bool is_subresource,
       SafeBrowsingService::UrlCheckResult threat_type) const;
   // Generates URL for reporting malware details for users who opt-in.
   GURL MalwareDetailsUrl() const;
 
   // Composes a ChunkUrl based on input string.
   GURL NextChunkUrl(const std::string& input) const;
@@ skipping 18 matching lines @@
   // Sends a request for a list of chunks we should download to the SafeBrowsing
   // servers. In order to format this request, we need to send all the chunk
   // numbers for each list that we have to the server. Getting the chunk numbers
   // requires a database query (run on the database thread), and the request
   // is sent upon completion of that query in OnGetChunksComplete.
   void IssueUpdateRequest();
 
   // Sends a request for a chunk to the SafeBrowsing servers.
   void IssueChunkRequest();
 
-  // Gets a key from the SafeBrowsing servers for use with MAC. This should only
-  // be called once per client unless the server directly tells us to update.
-  void IssueKeyRequest();
-
   // Formats a string returned from the database into:
-  //   "list_name;a:<add_chunk_ranges>:s:<sub_chunk_ranges>:mac\n"
-  static std::string FormatList(const SBListChunkRanges& list, bool use_mac);
+  //   "list_name;a:<add_chunk_ranges>:s:<sub_chunk_ranges>\n"
+  static std::string FormatList(const SBListChunkRanges& list);
 
   // Runs the protocol parser on received data and update the
   // SafeBrowsingService with the new content. Returns 'true' on successful
   // parse, 'false' on error.
   bool HandleServiceResponse(const GURL& url, const char* data, int length);
 
-  // If the SafeBrowsing service wants us to re-key, we clear our key state and
-  // issue the request.
-  void HandleReKey();
-
   // Updates internal state for each GetHash response error, assuming that the
   // current time is |now|.
   void HandleGetHashError(const base::Time& now);
 
   // Helper function for update completion.
   void UpdateFinished(bool success);
 
   // A callback that runs if we timeout waiting for a response to an update
   // request. We use this to properly set our update state.
   void UpdateResponseTimeout();
@@ skipping 26 matching lines @@
   float back_off_fuzz_;
 
   // The list for which we are make a request.
   std::string list_name_;
 
   // For managing the next earliest time to query the SafeBrowsing servers for
   // updates.
   int next_update_sec_;
   base::OneShotTimer<SafeBrowsingProtocolManager> update_timer_;
 
-  // All chunk requests that need to be made, along with their MAC.
+  // All chunk requests that need to be made.
   std::deque<ChunkUrl> chunk_request_urls_;
 
   // Map of GetHash requests.
   typedef base::hash_map<const content::URLFetcher*,
                          SafeBrowsingService::SafeBrowsingCheck*> HashRequests;
   HashRequests hash_requests_;
 
   // The next scheduled update has special behavior for the first 2 requests.
   enum UpdateRequestState {
     FIRST_REQUEST = 0,
     SECOND_REQUEST,
     NORMAL_REQUEST
   };
   UpdateRequestState update_state_;
 
-  // We'll attempt to get keys once per browser session if we don't already have
-  // them. They are not essential to operation, but provide a layer of
-  // verification.
-  bool initial_request_;
-
   // True if the service has been given an add/sub chunk but it hasn't been
   // added to the database yet.
   bool chunk_pending_to_write_;
 
-  // The keys used for MAC. Empty keys mean we aren't using MAC.
-  std::string client_key_;
-  std::string wrapped_key_;
-
   // The last time we successfully received an update.
   base::Time last_update_;
 
   // While in GetHash backoff, we can't make another GetHash until this time.
   base::Time next_gethash_time_;
 
   // Current product version sent in each request.
   std::string version_;
 
   // Used for measuring chunk request latency.
   base::Time chunk_request_start_;
 
   // Tracks the size of each update (in bytes).
   int update_size_;
 
   // Track outstanding SafeBrowsing report fetchers for clean up.
   // We add both "hit" and "detail" fetchers in this set.
   std::set<const content::URLFetcher*> safebrowsing_reports_;
 
   // The safe browsing client name sent in each request.
   std::string client_name_;
 
   // A string that is appended to the end of URLs for download, gethash,
-  // newkey, safebrowsing hits and chunk update requests.
+  // safebrowsing hits and chunk update requests.
   std::string additional_query_;
 
   // The context we use to issue network requests.
   scoped_refptr<net::URLRequestContextGetter> request_context_getter_;
 
   // URL prefix where browser fetches safebrowsing chunk updates, hashes, and
-  // reports hits to the safebrowsing list for UMA users.
-  std::string http_url_prefix_;
-
-  // URL prefix where browser fetches MAC client key, and reports detailed
-  // malware reports for users who opt-in.
-  std::string https_url_prefix_;
+  // reports hits to the safebrowsing list and sends detaild malware reports
+  // for UMA users.
+  std::string url_prefix_;
 
   // When true, protocol manager will not start an update unless
   // ForceScheduleNextUpdate() is called. This is set for testing purpose.
   bool disable_auto_update_;
 
   DISALLOW_COPY_AND_ASSIGN(SafeBrowsingProtocolManager);
 };
 
 #endif  // CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_