chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h - Issue 1363613004: Implement anonymous, opt-in, collection of OS X binary integrity incidents.

Side by Side Diff: chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h

Issue 1363613004: Implement anonymous, opt-in, collection of OS X binary integrity incidents. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.cc » ('j') | chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_	5 #ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_

6 #define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_	6 #define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_

7	7

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/memory/scoped_ptr.h"	10 #include "base/memory/scoped_ptr.h"

11	11

12 namespace base {	12 namespace base {

13 class FilePath;	13 class FilePath;

	14 class TimeDelta;

14 } // namespace base	15 } // namespace base

15	16

16 namespace safe_browsing {	17 namespace safe_browsing {

17	18

18 class IncidentReceiver;	19 class IncidentReceiver;

19	20

20 // Registers a process-wide analysis with the incident reporting service that	21 // Registers a process-wide analysis with the incident reporting service that

21 // will verify the signature of the most critical binaries used by Chrome. It	22 // will verify the signature of the most critical binaries used by Chrome. It

22 // will send an incident report every time a signature verification fails.	23 // will send an incident report every time a signature verification fails.

23 void RegisterBinaryIntegrityAnalysis();	24 void RegisterBinaryIntegrityAnalysis();

24	25

25 // Callback to pass to the incident reporting service. The incident reporting	26 // Callback to pass to the incident reporting service. The incident reporting

26 // service will decide when to start the analysis.	27 // service will decide when to start the analysis.

27 void VerifyBinaryIntegrity(scoped_ptr<IncidentReceiver> incident_receiver);	28 void VerifyBinaryIntegrity(scoped_ptr<IncidentReceiver> incident_receiver);

28	29

29 // Returns a vector containing the paths to all the binaries to verify.	30 // Returns a vector containing the paths to all the binaries to verify.

30 std::vector<base::FilePath> GetCriticalBinariesPath();	31 std::vector<base::FilePath> GetCriticalBinariesPath();

31	32

	33 // Record how long the signature verification took.

	34 void RecordSignatureVerificationTime(size_t file_index,

	35 const base::TimeDelta& verification_time);

	36

	37 #if defined(OS_MACOSX)

	38 // Returns a vector of pairs, each of which contains the paths to the binaries

	39 // to verify, and the codesign requirement to use when verifying.

	40 std::vector<std::pair<base::FilePath, std::string>>
	grt (UTC plus 2) 2015/10/03 20:02:59 #include <string> for std::string #include <utilit #include <string> for std::string #include <utility> for std::pair Greg K 2015/10/07 22:54:28 Done. Show quoted text On 2015/10/03 20:02:59, grt (very slow until Oct 12) wrote: > #include <string> for std::string > #include <utility> for std::pair Done.
	41 GetCriticalPathsAndRequirements();

	42 // This is a helper stub to allow us to test this mechanism with
	Robert Sesek 2015/10/05 22:19:07 Rather than exposing the helper directly, you shou Rather than exposing the helper directly, you should create a function VerifyBinaryIntegrityForTesting() that calls the internal version. ForTesting is forbidden by presubmit from being called in non-test files. Greg K* 2015/10/07 22:54:28 Done. Show quoted text On 2015/10/05 22:19:07, Robert Sesek wrote: > Rather than exposing the helper directly, you should create a function > VerifyBinaryIntegrityForTesting() that calls the internal version. *ForTesting > is forbidden by presubmit from being called in non-test files. Done.
	43 // alternatively signed code.
	Mark Mentovai 2015/10/05 15:02:11 What does “alternatively signed” mean? What does “alternatively signed” mean? Greg K 2015/10/07 22:54:28 Clarified the comment. Show quoted text On 2015/10/05 15:02:11, Mark Mentovai wrote: > What does “alternatively signed” mean? Clarified the comment.
	44 void VerifyBinaryIntegrityHelper(scoped_ptr<IncidentReceiver> incident_receiver,

	45 const base::FilePath& path,

	46 const std::string& requirement);

	47 #endif // defined(OS_MACOSX)

	48

32 } // namespace safe_browsing	49 } // namespace safe_browsing

33	50

34 #endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANAL YZER_H_	51 #endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANAL YZER_H_

OLD	NEW