summaryrefslogtreecommitdiff
path: root/chromium/extensions/browser/content_verifier_delegate.h
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/extensions/browser/content_verifier_delegate.h')
-rw-r--r--chromium/extensions/browser/content_verifier_delegate.h88
1 files changed, 88 insertions, 0 deletions
diff --git a/chromium/extensions/browser/content_verifier_delegate.h b/chromium/extensions/browser/content_verifier_delegate.h
new file mode 100644
index 00000000000..5fb72a2617c
--- /dev/null
+++ b/chromium/extensions/browser/content_verifier_delegate.h
@@ -0,0 +1,88 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_
+#define EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_
+
+#include <stdint.h>
+
+#include <set>
+
+#include "extensions/browser/content_verify_job.h"
+#include "url/gurl.h"
+
+namespace base {
+class FilePath;
+class Version;
+}
+
+namespace extensions {
+
+class Extension;
+
+// A pointer to the bytes of a public key, and the number of bytes.
+struct ContentVerifierKey {
+ const uint8_t* data;
+ int size;
+
+ ContentVerifierKey() : data(NULL), size(0) {}
+
+ ContentVerifierKey(const uint8_t* data, int size) {
+ this->data = data;
+ this->size = size;
+ }
+};
+
+// This is an interface for clients that want to use a ContentVerifier.
+class ContentVerifierDelegate {
+ public:
+ // Note that it is important for these to appear in increasing "severity"
+ // order, because we use this to let command line flags increase, but not
+ // decrease, the mode you're running in compared to the experiment group.
+ enum Mode {
+ // Do not try to fetch content hashes if they are missing, and do not
+ // enforce them if they are present.
+ NONE = 0,
+
+ // If content hashes are missing, try to fetch them, but do not enforce.
+ BOOTSTRAP,
+
+ // If hashes are present, enforce them. If they are missing, try to fetch
+ // them.
+ ENFORCE,
+
+ // Treat the absence of hashes the same as a verification failure.
+ ENFORCE_STRICT
+ };
+
+ virtual ~ContentVerifierDelegate() {}
+
+ // This should return what verification mode is appropriate for the given
+ // extension, if any.
+ virtual Mode ShouldBeVerified(const Extension& extension) = 0;
+
+ // Should return the public key to use for validating signatures via the two
+ // out parameters.
+ virtual ContentVerifierKey GetPublicKey() = 0;
+
+ // This should return a URL that can be used to fetch the
+ // verified_contents.json containing signatures for the given extension
+ // id/version pair.
+ virtual GURL GetSignatureFetchUrl(const std::string& extension_id,
+ const base::Version& version) = 0;
+
+ // This should return the set of file paths for images used within the
+ // browser process. (These may get transcoded during the install process).
+ virtual std::set<base::FilePath> GetBrowserImagePaths(
+ const extensions::Extension* extension) = 0;
+
+ // Called when the content verifier detects that a read of a file inside
+ // an extension did not match its expected hash.
+ virtual void VerifyFailed(const std::string& extension_id,
+ ContentVerifyJob::FailureReason reason) = 0;
+};
+
+} // namespace extensions
+
+#endif // EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_
View Lorry Controller Status