Implement anonymous, opt-in, collection of OS X binary integrity incidents.

chrome/browser/safe_browsing/signature_evaluator_mac.h

Index: chrome/browser/safe_browsing/signature_evaluator_mac.h
diff --git a/chrome/browser/safe_browsing/signature_evaluator_mac.h b/chrome/browser/safe_browsing/signature_evaluator_mac.h
new file mode 100644
index 0000000000000000000000000000000000000000..5e06e3859f51bd7c964c72c932676c5bd9505bc8
--- /dev/null
+++ b/chrome/browser/safe_browsing/signature_evaluator_mac.h
@@ -0,0 +1,76 @@
+// Copyright (c) 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_COMMON_SAFE_BROWSING_SIGNATURE_EVALUATOR_MAC_H_
+#define CHROME_COMMON_SAFE_BROWSING_SIGNATURE_EVALUATOR_MAC_H_
+
+#include <Security/Security.h>
+
+#include <string>
+#include <vector>
+
+#include "base/files/file_path.h"
+#include "base/mac/scoped_cftyperef.h"
+#include "base/memory/ref_counted.h"
+#include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_incident.h"
+
+#if !defined(__OBJC__)
+using id = void*;
+#endif
+
+namespace safe_browsing {
+
+// Wraps the OS X SecStaticCode API, to evaluate a given file object
+// with a given code requirement, and produce a list of incident reports
+// for files that fail code signature validity checks.
+class MacSignatureEvaluator {
+ public:
+  explicit MacSignatureEvaluator(const base::FilePath& signed_object_path);
+
+  // The requirement string must be a valid "Code Signing Requirement Language"
+  // string, which describes the identity of the signer.
+  MacSignatureEvaluator(const base::FilePath& signed_object_path,
+                        const std::string& requirement);
+
+  ~MacSignatureEvaluator();
+
+  // Creates the static code object and requirement string, and returns
+  // true if the object creation succeeds, else false.
+  bool Initialize();
+
+  // Evaluate the signature and return a list of any binary integrity incident
+  // reports. Returns true if and only if the signed code object is valid.
+  bool PerformEvaluation(
+      std::vector<ClientIncidentReport_IncidentData_BinaryIntegrityIncident>&

[Robert Sesek, 2015/10/08 19:20:06]

Non-constant references are forbidden by the styleguide:
http://google-styleguide.googlecode.com/svn/trunk/cppguide.html#Reference_Arg...

Change this to a pointer.

[Greg K, 2015/10/09 17:12:01]

Done.

+          results);
+
+ private:
+  // Process the NSError information about any files that were altered.
+  void ReportAlteredFiles(
+      id detail,
+      int32_t err_code,
+      std::vector<ClientIncidentReport_IncidentData_BinaryIntegrityIncident>&
+          results);
+
+  // The path to the code object on disk.
+  base::FilePath path_;
+
+  // A Code Signing Requirement string.
+  std::string requirement_str_;
+
+  // Records whether or not a requirement string was specified.
+  bool has_requirement_;
+
+  // The static code object constructed from the code object on disk.
+  base::ScopedCFTypeRef<SecStaticCodeRef> code_;
+
+  // The requirement object constructed from the requirement string.
+  base::ScopedCFTypeRef<SecRequirementRef> requirement_;
+
+  DISALLOW_COPY_AND_ASSIGN(MacSignatureEvaluator);
+};
+
+}  // namespace safe_browsing
+
+#endif  // CHROME_COMMON_SAFE_BROWSING_SIGNATURE_EVALUATOR_MAC_H_