Chromium Code Reviews Chromium Code Reviews
Issue 1363613004:
Implement anonymous, opt-in, collection of OS X binary integrity incidents. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_ | 5 #ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_ |
| 6 #define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_ | 6 #define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANALYZE R_H_ |
| 7 | 7 |
| 8 #include <string> | |
| 9 #include <utility> | |
| 8 #include <vector> | 10 #include <vector> |
| 9 | 11 |
| 10 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 11 | 13 |
| 12 namespace base { | 14 namespace base { |
| 13 class FilePath; | 15 class FilePath; |
| 16 class TimeDelta; | |
| 14 } // namespace base | 17 } // namespace base |
| 15 | 18 |
| 16 namespace safe_browsing { | 19 namespace safe_browsing { |
| 17 | 20 |
| 18 class IncidentReceiver; | 21 class IncidentReceiver; |
| 19 | 22 |
| 20 // Registers a process-wide analysis with the incident reporting service that | 23 // Registers a process-wide analysis with the incident reporting service that |
| 21 // will verify the signature of the most critical binaries used by Chrome. It | 24 // will verify the signature of the most critical binaries used by Chrome. It |
| 22 // will send an incident report every time a signature verification fails. | 25 // will send an incident report every time a signature verification fails. |
| 23 void RegisterBinaryIntegrityAnalysis(); | 26 void RegisterBinaryIntegrityAnalysis(); |
| 24 | 27 |
| 25 // Callback to pass to the incident reporting service. The incident reporting | 28 // Callback to pass to the incident reporting service. The incident reporting |
| 26 // service will decide when to start the analysis. | 29 // service will decide when to start the analysis. |
| 27 void VerifyBinaryIntegrity(scoped_ptr<IncidentReceiver> incident_receiver); | 30 void VerifyBinaryIntegrity(scoped_ptr<IncidentReceiver> incident_receiver); |
| 28 | 31 |
| 29 // Returns a vector containing the paths to all the binaries to verify. | 32 // Returns a vector containing the paths to all the binaries to verify. |
| 30 std::vector<base::FilePath> GetCriticalBinariesPath(); | 33 std::vector<base::FilePath> GetCriticalBinariesPath(); |
| 31 | 34 |
| 35 // Record how long the signature verification took. | |
| 36 void RecordSignatureVerificationTime(size_t file_index, | |
| 37 const base::TimeDelta& verification_time); | |
| 38 | |
| 39 #if defined(OS_MACOSX) | |
| 40 // Returns a vector of pairs, each of which contains the paths to the binaries | |
| 41 // to verify, and the codesign requirement to use when verifying. | |
| 42 std::vector<std::pair<base::FilePath, std::string>> | |
|
Mark Mentovai
2015/10/16 22:46:40
The pair interface isn’t the most lovely because w
Greg K
2015/10/19 20:42:58
Done.
| |
| 43 GetCriticalPathsAndRequirements(); | |
| 44 | |
| 45 // This is a helper stub to allow the signature checking code to be tested with | |
| 46 // custom requirements and files. | |
| 47 void VerifyBinaryIntegrityForTesting(IncidentReceiver* incident_receiver, | |
| 48 const base::FilePath& path, | |
| 49 const std::string& requirement); | |
| 50 #endif // defined(OS_MACOSX) | |
| 51 | |
| 32 } // namespace safe_browsing | 52 } // namespace safe_browsing |
| 33 | 53 |
| 34 #endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANAL YZER_H_ | 54 #endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_BINARY_INTEGRITY_ANAL YZER_H_ |
| OLD | NEW |
