PVer4: Test checksum on startup outside the hotpath of DB load

components/safe_browsing_db/v4_store.h

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef COMPONENTS_SAFE_BROWSING_DB_V4_STORE_H_
 #define COMPONENTS_SAFE_BROWSING_DB_V4_STORE_H_
 
 #include "base/files/file_path.h"
 #include "base/memory/ref_counted.h"
 #include "base/sequenced_task_runner.h"
@@ skipping 228 matching lines @@
                            TestHashPrefixExistsInMapWithSingleSize);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest,
                            TestHashPrefixExistsInMapWithDifferentSizes);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest,
                            TestHashPrefixDoesNotExistInMapWithDifferentSizes);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest,
                            TestAdditionsWithRiceEncodingFailsWithInvalidInput);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest, TestAdditionsWithRiceEncodingSucceeds);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest, TestRemovalsWithRiceEncodingSucceeds);
   FRIEND_TEST_ALL_PREFIXES(V4StoreTest, TestMergeUpdatesFailsChecksum);
+  FRIEND_TEST_ALL_PREFIXES(V4StoreTest, TestChecksumErrorOnStartup);
   friend class V4StoreTest;
 
   // If |prefix_size| is within expected range, and |raw_hashes_length| is a
   // multiple of prefix_size, then it sets the string of length
   // |raw_hashes_length| starting at |raw_hashes_begin| as the value at key
   // |prefix_size| in |additions_map|
   static ApplyUpdateResult AddUnlumpedHashes(PrefixSize prefix_size,
                                              const char* raw_hashes_begin,
                                              const size_t raw_hashes_length,
                                              HashPrefixMap* additions_map);
@@ skipping 33 matching lines @@
 
   // Updates the |additions_map| with the additions received in the partial
   // update from the server.
   static ApplyUpdateResult UpdateHashPrefixMapFromAdditions(
       const ::google::protobuf::RepeatedPtrField<ThreatEntrySet>& additions,
       HashPrefixMap* additions_map);
 
   // Merges the prefix map from the old store (|old_hash_prefix_map|) and the
   // update (additions_map) to populate the prefix map for the current store.
   // The indices in the |raw_removals| list, which may be NULL, are not merged.
-  // The SHA256 checksum of the final list of hash prefixes, in lexographically
-  // sorted order, must match |expected_checksum| (if it's not empty).
+  // The SHA256 checksum of the final list of hash prefixes, in
+  // lexicographically sorted order, must match |expected_checksum| (if it's not
+  // empty).
   ApplyUpdateResult MergeUpdate(const HashPrefixMap& old_hash_prefix_map,
                                 const HashPrefixMap& additions_map,
                                 const ::google::protobuf::RepeatedField<
                                     ::google::protobuf::int32>* raw_removals,
                                 const std::string& expected_checksum);
 
   // Processes the FULL_UPDATE |response| from the server, and writes the
   // merged V4Store to disk. If processing the |response| succeeds, it returns
   // APPLY_UPDATE_SUCCESS.
   // This method is only called when we receive a FULL_UPDATE from the server.
@@ skipping 20 matching lines @@
   // updates the |hash_prefix_map_| and |state_| in the V4Store. If processing
   // succeeds, it returns APPLY_UPDATE_SUCCESS.
   ApplyUpdateResult ProcessUpdate(
       const HashPrefixMap& hash_prefix_map_old,
       const std::unique_ptr<ListUpdateResponse>& response);
 
   // Reads the state of the store from the file on disk and returns the reason
   // for the failure or reports success.
   StoreReadResult ReadFromDisk();
 
+  // Scheduled when reading the store file from disk on startup. When run, it
+  // ensures that the checksum of the hash prefixes in lexicographical sorted
+  // order matches the expected value. If not, it clears out the contents of
+  // the store.
+  void VerifyChecksum(const std::string& expected_checksum);
+
   // Writes the FULL_UPDATE |response| to disk as a V4StoreFileFormat proto.
   StoreWriteResult WriteToDisk(
       std::unique_ptr<ListUpdateResponse> response) const;
 
   // The state of the store as returned by the PVer4 server in the last applied
   // update response.
   std::string state_;
   const base::FilePath store_path_;
   HashPrefixMap hash_prefix_map_;
   const scoped_refptr<base::SequencedTaskRunner> task_runner_;
 };
 
 std::ostream& operator<<(std::ostream& os, const V4Store& store);
 
 }  // namespace safe_browsing
 
 #endif  // COMPONENTS_SAFE_BROWSING_DB_V4_STORE_H_