blob: e719e002a735977db10f0c84f2c26b442c69022a [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <stdint.h>
#include <set>
#include "extensions/browser/content_verify_job.h"
#include "url/gurl.h"
namespace base {
class FilePath;
class Version;
namespace extensions {
class Extension;
// A pointer to the bytes of a public key, and the number of bytes.
struct ContentVerifierKey {
const uint8_t* data;
size_t size;
ContentVerifierKey(const uint8_t* data, size_t size)
: data(data), size(size) {}
// This is an interface for clients that want to use a ContentVerifier.
class ContentVerifierDelegate {
// Note that it is important for these to appear in increasing "severity"
// order, because we use this to let command line flags increase, but not
// decrease, the mode you're running in compared to the experiment group.
enum Mode {
// Do not try to fetch content hashes if they are missing, and do not
// enforce them if they are present.
NONE = 0,
// If content hashes are missing, try to fetch them, but do not enforce.
// If hashes are present, enforce them. If they are missing, try to fetch
// them.
// Treat the absence of hashes the same as a verification failure.
virtual ~ContentVerifierDelegate() {}
// This should return what verification mode is appropriate for the given
// extension, if any.
virtual Mode ShouldBeVerified(const Extension& extension) = 0;
// Should return the public key to use for validating signatures via the two
// out parameters.
virtual ContentVerifierKey GetPublicKey() = 0;
// This should return a URL that can be used to fetch the
// verified_contents.json containing signatures for the given extension
// id/version pair.
virtual GURL GetSignatureFetchUrl(const std::string& extension_id,
const base::Version& version) = 0;
// This should return the set of file paths for images used within the
// browser process. (These may get transcoded during the install process).
virtual std::set<base::FilePath> GetBrowserImagePaths(
const extensions::Extension* extension) = 0;
// Called when the content verifier detects that a read of a file inside
// an extension did not match its expected hash.
virtual void VerifyFailed(const std::string& extension_id,
ContentVerifyJob::FailureReason reason) = 0;
// Called when ExtensionSystem is shutting down.
virtual void Shutdown() = 0;
} // namespace extensions