Chromium Code Reviews Chromium Code Reviews
Issue 646733002:
Added incident report for variations seed signature mismatch. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/metrics/variations/variations_seed_store.h" | 5 #include "chrome/browser/metrics/variations/variations_seed_store.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
| 9 #include "base/prefs/pref_registry_simple.h" | 9 #include "base/prefs/pref_registry_simple.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| 11 #include "base/sha1.h" | 11 #include "base/sha1.h" |
| 12 #include "base/strings/string_number_conversions.h" | 12 #include "base/strings/string_number_conversions.h" |
| 13 #include "chrome/browser/browser_process.h" | |
|
grt (UTC plus 2)
2014/10/10 17:45:42
remove these
Georges Khalil
2014/10/10 20:19:31
Done.
| |
| 14 #include "chrome/browser/safe_browsing/incident_reporting/add_incident_callback. h" | |
| 15 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | |
| 13 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 17 #include "chrome/common/safe_browsing/csd.pb.h" | |
| 14 #include "components/variations/proto/variations_seed.pb.h" | 18 #include "components/variations/proto/variations_seed.pb.h" |
| 15 #include "crypto/signature_verifier.h" | 19 #include "crypto/signature_verifier.h" |
| 16 | 20 |
| 17 namespace chrome_variations { | 21 namespace chrome_variations { |
| 18 | 22 |
| 19 namespace { | 23 namespace { |
| 20 | 24 |
| 21 // Signature verification is disabled on mobile platforms for now, since it | 25 // Signature verification is disabled on mobile platforms for now, since it |
| 22 // adds about ~15ms to the startup time on mobile (vs. a couple ms on desktop). | 26 // adds about ~15ms to the startup time on mobile (vs. a couple ms on desktop). |
| 23 bool SignatureVerificationEnabled() { | 27 bool SignatureVerificationEnabled() { |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 113 } // namespace | 117 } // namespace |
| 114 | 118 |
| 115 VariationsSeedStore::VariationsSeedStore(PrefService* local_state) | 119 VariationsSeedStore::VariationsSeedStore(PrefService* local_state) |
| 116 : local_state_(local_state) { | 120 : local_state_(local_state) { |
| 117 } | 121 } |
| 118 | 122 |
| 119 VariationsSeedStore::~VariationsSeedStore() { | 123 VariationsSeedStore::~VariationsSeedStore() { |
| 120 } | 124 } |
| 121 | 125 |
| 122 bool VariationsSeedStore::LoadSeed(variations::VariationsSeed* seed) { | 126 bool VariationsSeedStore::LoadSeed(variations::VariationsSeed* seed) { |
| 127 bad_signature_ = std::string(); | |
|
grt (UTC plus 2)
2014/10/10 17:45:42
bad_signature_.clear();
Georges Khalil
2014/10/10 20:19:31
Done.
| |
| 123 const std::string base64_seed_data = | 128 const std::string base64_seed_data = |
| 124 local_state_->GetString(prefs::kVariationsSeed); | 129 local_state_->GetString(prefs::kVariationsSeed); |
| 125 if (base64_seed_data.empty()) { | 130 if (base64_seed_data.empty()) { |
| 126 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_EMPTY); | 131 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_EMPTY); |
| 127 return false; | 132 return false; |
| 128 } | 133 } |
| 129 | 134 |
| 130 // If the decode process fails, assume the pref value is corrupt and clear it. | 135 // If the decode process fails, assume the pref value is corrupt and clear it. |
| 131 std::string seed_data; | 136 std::string seed_data; |
| 132 if (!base::Base64Decode(base64_seed_data, &seed_data) || | 137 if (!base::Base64Decode(base64_seed_data, &seed_data) || |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 143 const VerifySignatureResult result = | 148 const VerifySignatureResult result = |
| 144 VerifySeedSignature(seed_data, base64_seed_signature); | 149 VerifySeedSignature(seed_data, base64_seed_signature); |
| 145 if (result != VARIATIONS_SEED_SIGNATURE_ENUM_SIZE) { | 150 if (result != VARIATIONS_SEED_SIGNATURE_ENUM_SIZE) { |
| 146 UMA_HISTOGRAM_ENUMERATION("Variations.LoadSeedSignature", result, | 151 UMA_HISTOGRAM_ENUMERATION("Variations.LoadSeedSignature", result, |
| 147 VARIATIONS_SEED_SIGNATURE_ENUM_SIZE); | 152 VARIATIONS_SEED_SIGNATURE_ENUM_SIZE); |
| 148 if (result != VARIATIONS_SEED_SIGNATURE_VALID) { | 153 if (result != VARIATIONS_SEED_SIGNATURE_VALID) { |
| 149 VLOG(1) << "Variations seed signature in local pref missing or invalid " | 154 VLOG(1) << "Variations seed signature in local pref missing or invalid " |
| 150 << "with result: " << result << ". Clearing the pref."; | 155 << "with result: " << result << ". Clearing the pref."; |
| 151 ClearPrefs(); | 156 ClearPrefs(); |
| 152 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_INVALID_SIGNATURE); | 157 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_INVALID_SIGNATURE); |
| 158 // Record the bad signature, to be used later for sending an incident | |
|
grt (UTC plus 2)
2014/10/10 17:45:42
same comment about documenting the current consume
Georges Khalil
2014/10/10 20:19:31
Done.
| |
| 159 // report. | |
| 160 bad_signature_ = base64_seed_signature; | |
| 153 return false; | 161 return false; |
| 154 } | 162 } |
| 155 } | 163 } |
| 156 | 164 |
| 157 variations_serial_number_ = seed->serial_number(); | 165 variations_serial_number_ = seed->serial_number(); |
| 158 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_NOT_EMPTY); | 166 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_NOT_EMPTY); |
| 159 return true; | 167 return true; |
| 160 } | 168 } |
| 161 | 169 |
| 162 bool VariationsSeedStore::StoreSeedData( | 170 bool VariationsSeedStore::StoreSeedData( |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 266 } | 274 } |
| 267 | 275 |
| 268 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(seed_bytes.data()), | 276 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(seed_bytes.data()), |
| 269 seed_bytes.size()); | 277 seed_bytes.size()); |
| 270 if (verifier.VerifyFinal()) | 278 if (verifier.VerifyFinal()) |
| 271 return VARIATIONS_SEED_SIGNATURE_VALID; | 279 return VARIATIONS_SEED_SIGNATURE_VALID; |
| 272 return VARIATIONS_SEED_SIGNATURE_INVALID_SEED; | 280 return VARIATIONS_SEED_SIGNATURE_INVALID_SEED; |
| 273 } | 281 } |
| 274 | 282 |
| 275 } // namespace chrome_variations | 283 } // namespace chrome_variations |
| OLD | NEW |
