Chromium Code Reviews Chromium Code Reviews
Issue 646733002:
Added incident report for variations seed signature mismatch. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/metrics/variations/variations_seed_store.h" | 5 #include "chrome/browser/metrics/variations/variations_seed_store.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
| 9 #include "base/prefs/pref_registry_simple.h" | 9 #include "base/prefs/pref_registry_simple.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| 11 #include "base/sha1.h" | 11 #include "base/sha1.h" |
| 12 #include "base/strings/string_number_conversions.h" | 12 #include "base/strings/string_number_conversions.h" |
| 13 #include "chrome/browser/browser_process.h" | |
|
grt (UTC plus 2)
2014/10/14 01:28:30
unused
Georges Khalil
2014/10/14 13:51:09
Done.
| |
| 13 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
| 14 #include "components/variations/proto/variations_seed.pb.h" | 15 #include "components/variations/proto/variations_seed.pb.h" |
| 15 #include "crypto/signature_verifier.h" | 16 #include "crypto/signature_verifier.h" |
| 16 | 17 |
| 17 namespace chrome_variations { | 18 namespace chrome_variations { |
| 18 | 19 |
| 19 namespace { | 20 namespace { |
| 20 | 21 |
| 21 // Signature verification is disabled on mobile platforms for now, since it | 22 // Signature verification is disabled on mobile platforms for now, since it |
| 22 // adds about ~15ms to the startup time on mobile (vs. a couple ms on desktop). | 23 // adds about ~15ms to the startup time on mobile (vs. a couple ms on desktop). |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 106 // The server date is earlier than the stored date, and they are from | 107 // The server date is earlier than the stored date, and they are from |
| 107 // different UTC days, so |server_seed_date| is a valid new day. | 108 // different UTC days, so |server_seed_date| is a valid new day. |
| 108 return SEED_DATE_NEW_DAY; | 109 return SEED_DATE_NEW_DAY; |
| 109 } | 110 } |
| 110 return SEED_DATE_SAME_DAY; | 111 return SEED_DATE_SAME_DAY; |
| 111 } | 112 } |
| 112 | 113 |
| 113 } // namespace | 114 } // namespace |
| 114 | 115 |
| 115 VariationsSeedStore::VariationsSeedStore(PrefService* local_state) | 116 VariationsSeedStore::VariationsSeedStore(PrefService* local_state) |
| 116 : local_state_(local_state) { | 117 : local_state_(local_state) { |
|
grt (UTC plus 2)
2014/10/14 01:28:30
the new bool must be initialized:
: is_invalid
Georges Khalil
2014/10/14 13:51:09
Done.
| |
| 117 } | 118 } |
| 118 | 119 |
| 119 VariationsSeedStore::~VariationsSeedStore() { | 120 VariationsSeedStore::~VariationsSeedStore() { |
| 120 } | 121 } |
| 121 | 122 |
| 122 bool VariationsSeedStore::LoadSeed(variations::VariationsSeed* seed) { | 123 bool VariationsSeedStore::LoadSeed(variations::VariationsSeed* seed) { |
| 124 invalid_signature_.clear(); | |
| 125 is_invalid_signature_ = false; | |
| 123 const std::string base64_seed_data = | 126 const std::string base64_seed_data = |
| 124 local_state_->GetString(prefs::kVariationsSeed); | 127 local_state_->GetString(prefs::kVariationsSeed); |
| 125 if (base64_seed_data.empty()) { | 128 if (base64_seed_data.empty()) { |
| 126 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_EMPTY); | 129 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_EMPTY); |
| 127 return false; | 130 return false; |
| 128 } | 131 } |
| 129 | 132 |
| 130 // If the decode process fails, assume the pref value is corrupt and clear it. | 133 // If the decode process fails, assume the pref value is corrupt and clear it. |
| 131 std::string seed_data; | 134 std::string seed_data; |
| 132 if (!base::Base64Decode(base64_seed_data, &seed_data) || | 135 if (!base::Base64Decode(base64_seed_data, &seed_data) || |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 143 const VerifySignatureResult result = | 146 const VerifySignatureResult result = |
| 144 VerifySeedSignature(seed_data, base64_seed_signature); | 147 VerifySeedSignature(seed_data, base64_seed_signature); |
| 145 if (result != VARIATIONS_SEED_SIGNATURE_ENUM_SIZE) { | 148 if (result != VARIATIONS_SEED_SIGNATURE_ENUM_SIZE) { |
| 146 UMA_HISTOGRAM_ENUMERATION("Variations.LoadSeedSignature", result, | 149 UMA_HISTOGRAM_ENUMERATION("Variations.LoadSeedSignature", result, |
| 147 VARIATIONS_SEED_SIGNATURE_ENUM_SIZE); | 150 VARIATIONS_SEED_SIGNATURE_ENUM_SIZE); |
| 148 if (result != VARIATIONS_SEED_SIGNATURE_VALID) { | 151 if (result != VARIATIONS_SEED_SIGNATURE_VALID) { |
| 149 VLOG(1) << "Variations seed signature in local pref missing or invalid " | 152 VLOG(1) << "Variations seed signature in local pref missing or invalid " |
| 150 << "with result: " << result << ". Clearing the pref."; | 153 << "with result: " << result << ". Clearing the pref."; |
| 151 ClearPrefs(); | 154 ClearPrefs(); |
| 152 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_INVALID_SIGNATURE); | 155 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_INVALID_SIGNATURE); |
| 156 // Record the invalid signature. | |
| 157 is_invalid_signature_ = true; | |
| 158 invalid_signature_ = base64_seed_signature; | |
| 153 return false; | 159 return false; |
| 154 } | 160 } |
| 155 } | 161 } |
| 156 | 162 |
| 157 variations_serial_number_ = seed->serial_number(); | 163 variations_serial_number_ = seed->serial_number(); |
| 158 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_NOT_EMPTY); | 164 RecordVariationSeedEmptyHistogram(VARIATIONS_SEED_NOT_EMPTY); |
| 159 return true; | 165 return true; |
| 160 } | 166 } |
| 161 | 167 |
| 162 bool VariationsSeedStore::StoreSeedData( | 168 bool VariationsSeedStore::StoreSeedData( |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 265 return VARIATIONS_SEED_SIGNATURE_INVALID_SIGNATURE; | 271 return VARIATIONS_SEED_SIGNATURE_INVALID_SIGNATURE; |
| 266 } | 272 } |
| 267 | 273 |
| 268 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(seed_bytes.data()), | 274 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(seed_bytes.data()), |
| 269 seed_bytes.size()); | 275 seed_bytes.size()); |
| 270 if (verifier.VerifyFinal()) | 276 if (verifier.VerifyFinal()) |
| 271 return VARIATIONS_SEED_SIGNATURE_VALID; | 277 return VARIATIONS_SEED_SIGNATURE_VALID; |
| 272 return VARIATIONS_SEED_SIGNATURE_INVALID_SEED; | 278 return VARIATIONS_SEED_SIGNATURE_INVALID_SEED; |
| 273 } | 279 } |
| 274 | 280 |
| 281 bool VariationsSeedStore::GetInvalidSignature( | |
| 282 std::string* invalid_signature) const { | |
| 283 if (!is_invalid_signature_) { | |
| 284 return false; | |
| 285 } | |
| 286 *invalid_signature = invalid_signature_; | |
| 287 return true; | |
| 288 } | |
| 289 | |
| 275 } // namespace chrome_variations | 290 } // namespace chrome_variations |
| OLD | NEW |
