| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Client side phishing and malware detection request and response | 5 // Client side phishing and malware detection request and response |
| 6 // protocol buffers. Those protocol messages should be kept in sync | 6 // protocol buffers. Those protocol messages should be kept in sync |
| 7 // with the server implementation. | 7 // with the server implementation. |
| 8 // | 8 // |
| 9 // If you want to change this protocol definition or you have questions | 9 // If you want to change this protocol definition or you have questions |
| 10 // regarding its format please contact chrome-anti-phishing@googlegroups.com. | 10 // regarding its format please contact chrome-anti-phishing@googlegroups.com. |
| (...skipping 190 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 201 message CertificateChain { | 201 message CertificateChain { |
| 202 // A single link in the chain. | 202 // A single link in the chain. |
| 203 message Element { | 203 message Element { |
| 204 // DER-encoded X.509 representation of the certificate. | 204 // DER-encoded X.509 representation of the certificate. |
| 205 optional bytes certificate = 1; | 205 optional bytes certificate = 1; |
| 206 // Fields 2 - 7 are only used on the server. | 206 // Fields 2 - 7 are only used on the server. |
| 207 } | 207 } |
| 208 repeated Element element = 1; | 208 repeated Element element = 1; |
| 209 } | 209 } |
| 210 | 210 |
| 211 message ExtendedAttr { |
| 212 // This is the name of the extended attribute. |
| 213 required string key = 1; |
| 214 // This is the value of the extended attribute. |
| 215 optional bytes value = 2; |
| 216 } |
| 217 |
| 211 message SignatureInfo { | 218 message SignatureInfo { |
| 212 // All certificate chains for each of the binary's signers. Multiple chains | 219 // All certificate chains for each of the binary's signers. Multiple chains |
| 213 // may be present if the binary or any certificate has multiple signers. | 220 // may be present if the binary or any certificate has multiple signers. |
| 214 // Absence of certificate chains does not imply that the binary is not | 221 // Absence of certificate chains does not imply that the binary is not |
| 215 // signed (in that case, SignedData blobs extracted from the binary may be | 222 // signed (in that case, SignedData blobs extracted from the binary may be |
| 216 // preset), but does mean that trust has not been verified. | 223 // preset), but does mean that trust has not been verified. |
| 217 repeated CertificateChain certificate_chain = 1; | 224 repeated CertificateChain certificate_chain = 1; |
| 218 | 225 |
| 219 // True if the signature was trusted on the client. | 226 // True if the signature was trusted on the client. |
| 220 optional bool trusted = 2; | 227 optional bool trusted = 2; |
| 221 | 228 |
| 222 // On Windows, PKCS#7 SignedData blobs extracted from a portable executable | 229 // On Windows, PKCS#7 SignedData blobs extracted from a portable executable |
| 223 // image's attribute certificate table. The presence of these does not imply | 230 // image's attribute certificate table. The presence of these does not imply |
| 224 // that the signatures were deemed trusted by the client. | 231 // that the signatures were deemed trusted by the client. |
| 225 // On Mac, this is the code signature blob referenced by the | 232 // On Mac, this is the code signature blob referenced by the |
| 226 // LC_CODE_SIGNATURE load command. | 233 // LC_CODE_SIGNATURE load command. |
| 227 repeated bytes signed_data = 3; | 234 repeated bytes signed_data = 3; |
| 235 |
| 236 // On OS X, code signing data can be contained in the extended attributes of |
| 237 // a file. As GateKeeper respects this signature, we look for it and collect |
| 238 // it. |
| 239 repeated ExtendedAttr xattr = 4; |
| 228 } | 240 } |
| 229 | 241 |
| 230 // This field will only be set if the binary is signed. | 242 // This field will only be set if the binary is signed. |
| 231 optional SignatureInfo signature = 5; | 243 optional SignatureInfo signature = 5; |
| 232 | 244 |
| 233 // True if the download was user initiated. | 245 // True if the download was user initiated. |
| 234 optional bool user_initiated = 6; | 246 optional bool user_initiated = 6; |
| 235 | 247 |
| 236 // Fields 7 and 8 are only used on the server. | 248 // Fields 7 and 8 are only used on the server. |
| 237 | 249 |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 414 WEAK_LEGACY_OBSOLETE = 2; | 426 WEAK_LEGACY_OBSOLETE = 2; |
| 415 CHANGED = 3; | 427 CHANGED = 3; |
| 416 UNTRUSTED_UNKNOWN_VALUE = 4; | 428 UNTRUSTED_UNKNOWN_VALUE = 4; |
| 417 } | 429 } |
| 418 | 430 |
| 419 optional string path = 1; | 431 optional string path = 1; |
| 420 optional string atomic_value = 2; | 432 optional string atomic_value = 2; |
| 421 repeated string split_key = 3; | 433 repeated string split_key = 3; |
| 422 optional ValueState value_state = 4; | 434 optional ValueState value_state = 4; |
| 423 } | 435 } |
| 436 |
| 424 message BinaryIntegrityIncident { | 437 message BinaryIntegrityIncident { |
| 425 optional string file_basename = 1; | 438 optional string file_basename = 1; |
| 426 optional ClientDownloadRequest.SignatureInfo signature = 2; | 439 optional ClientDownloadRequest.SignatureInfo signature = 2; |
| 440 optional ClientDownloadRequest.ImageHeaders image_headers = 3; |
| 427 } | 441 } |
| 442 |
| 443 message OSXBinaryIntegrityIncident { |
| 444 optional string file_basename = 1; |
| 445 optional int32 sec_error = 2; |
| 446 repeated BinaryIntegrityIncident sub_incident = 3; |
| 447 } |
| 448 |
| 428 message BlacklistLoadIncident { | 449 message BlacklistLoadIncident { |
| 429 optional string path = 1; | 450 optional string path = 1; |
| 430 optional ClientDownloadRequest.Digests digest = 2; | 451 optional ClientDownloadRequest.Digests digest = 2; |
| 431 optional string version = 3; | 452 optional string version = 3; |
| 432 optional bool blacklist_initialized = 4; | 453 optional bool blacklist_initialized = 4; |
| 433 optional ClientDownloadRequest.SignatureInfo signature = 5; | 454 optional ClientDownloadRequest.SignatureInfo signature = 5; |
| 434 optional ClientDownloadRequest.ImageHeaders image_headers = 6; | 455 optional ClientDownloadRequest.ImageHeaders image_headers = 6; |
| 435 } | 456 } |
| 436 message VariationsSeedSignatureIncident { | 457 message VariationsSeedSignatureIncident { |
| 437 optional string variations_seed_signature = 1; | 458 optional string variations_seed_signature = 1; |
| 438 } | 459 } |
| 439 message ResourceRequestIncident { | 460 message ResourceRequestIncident { |
| 440 enum Type { | 461 enum Type { |
| 441 UNKNOWN = 0; | 462 UNKNOWN = 0; |
| 442 TYPE_SCRIPT = 1; | 463 TYPE_SCRIPT = 1; |
| 443 TYPE_DOMAIN = 2; | 464 TYPE_DOMAIN = 2; |
| 444 } | 465 } |
| 445 optional bytes digest = 1; | 466 optional bytes digest = 1; |
| 446 optional string origin = 2; | 467 optional string origin = 2; |
| 447 optional Type type = 3 [default = UNKNOWN]; | 468 optional Type type = 3 [default = UNKNOWN]; |
| 448 } | 469 } |
| 449 optional int64 incident_time_msec = 1; | 470 optional int64 incident_time_msec = 1; |
| 450 optional TrackedPreferenceIncident tracked_preference = 2; | 471 optional TrackedPreferenceIncident tracked_preference = 2; |
| 451 optional BinaryIntegrityIncident binary_integrity = 3; | 472 optional BinaryIntegrityIncident binary_integrity = 3; |
| 452 optional BlacklistLoadIncident blacklist_load = 4; | 473 optional BlacklistLoadIncident blacklist_load = 4; |
| 453 // Note: skip tag 5 because it was previously used. | 474 // Note: skip tag 5 because it was previously used. |
| 454 optional VariationsSeedSignatureIncident variations_seed_signature = 6; | 475 optional VariationsSeedSignatureIncident variations_seed_signature = 6; |
| 455 optional ResourceRequestIncident resource_request = 7; | 476 optional ResourceRequestIncident resource_request = 7; |
| 477 optional OSXBinaryIntegrityIncident osx_incident = 8; |
| 456 } | 478 } |
| 457 | 479 |
| 458 repeated IncidentData incident = 1; | 480 repeated IncidentData incident = 1; |
| 459 | 481 |
| 460 message DownloadDetails { | 482 message DownloadDetails { |
| 461 optional bytes token = 1; | 483 optional bytes token = 1; |
| 462 optional ClientDownloadRequest download = 2; | 484 optional ClientDownloadRequest download = 2; |
| 463 optional int64 download_time_msec = 3; | 485 optional int64 download_time_msec = 3; |
| 464 optional int64 open_time_msec = 4; | 486 optional int64 open_time_msec = 4; |
| 465 } | 487 } |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 563 message EnvironmentRequest { optional int32 dll_index = 1; } | 585 message EnvironmentRequest { optional int32 dll_index = 1; } |
| 564 | 586 |
| 565 repeated EnvironmentRequest environment_requests = 3; | 587 repeated EnvironmentRequest environment_requests = 3; |
| 566 } | 588 } |
| 567 | 589 |
| 568 message DownloadMetadata { | 590 message DownloadMetadata { |
| 569 optional uint32 download_id = 1; | 591 optional uint32 download_id = 1; |
| 570 | 592 |
| 571 optional ClientIncidentReport.DownloadDetails download = 2; | 593 optional ClientIncidentReport.DownloadDetails download = 2; |
| 572 } | 594 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1363613004:
Implement anonymous, opt-in, collection of OS X binary integrity incidents. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master