Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / common / safe_browsing / binary_feature_extractor.h
blob02a40917e8d1352a091080e7134a741c221a2824
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Utility functions to extract file features for malicious binary detection.
6 // Each platform has its own implementation of this class.
8 #ifndef CHROME_COMMON_SAFE_BROWSING_BINARY_FEATURE_EXTRACTOR_H_
9 #define CHROME_COMMON_SAFE_BROWSING_BINARY_FEATURE_EXTRACTOR_H_
11 #include <string>
13 #include "base/basictypes.h"
14 #include "base/files/file.h"
15 #include "base/memory/ref_counted.h"
16 #include "third_party/protobuf/src/google/protobuf/repeated_field.h"
18 namespace base {
19 class FilePath;
22 namespace safe_browsing {
23 class ClientDownloadRequest_Digests;
24 class ClientDownloadRequest_ImageHeaders;
25 class ClientDownloadRequest_SignatureInfo;
27 class BinaryFeatureExtractor
28 : public base::RefCountedThreadSafe<BinaryFeatureExtractor> {
29 public:
30 // The type and defined values for a bitfield that controls aspects of image
31 // header extraction.
32 typedef uint32_t ExtractHeadersOption;
33 static const ExtractHeadersOption kDefaultOptions = 0;
34 static const ExtractHeadersOption kOmitExports = 1U << 0;
36 BinaryFeatureExtractor();
38 // Fills in the DownloadRequest_SignatureInfo for the given file path.
39 // This method may be called on any thread.
40 virtual void CheckSignature(
41 const base::FilePath& file_path,
42 ClientDownloadRequest_SignatureInfo* signature_info);
44 // Populates |image_headers| with the PE image headers of |file_path| and, if
45 // non-null, |signed_data| with any PKCS#7 SignedData blobs found in the
46 // image's attribute certificate table. |options| is a bitfield controlling
47 // aspects of extraction. Returns true if |image_headers| is populated with
48 // any information.
49 virtual bool ExtractImageFeatures(
50 const base::FilePath& file_path,
51 ExtractHeadersOption options,
52 ClientDownloadRequest_ImageHeaders* image_headers,
53 google::protobuf::RepeatedPtrField<std::string>* signed_data);
55 // As above, but works with an already-opened file. BinaryFeatureExtractor
56 // takes ownership of |file| and closes it when done.
57 virtual bool ExtractImageFeaturesFromFile(
58 base::File file,
59 ExtractHeadersOption options,
60 ClientDownloadRequest_ImageHeaders* image_headers,
61 google::protobuf::RepeatedPtrField<std::string>* signed_data);
63 // As above, but works on a byte array containing image data. This does not
64 // take ownership of the data.
65 virtual bool ExtractImageFeaturesFromData(
66 const uint8_t* data, size_t data_size,
67 ExtractHeadersOption options,
68 ClientDownloadRequest_ImageHeaders* image_headers,
69 google::protobuf::RepeatedPtrField<std::string>* signed_data);
71 // Populates |digests.sha256| with the SHA256 digest of |file_path|.
72 virtual void ExtractDigest(const base::FilePath& file_path,
73 ClientDownloadRequest_Digests* digests);
75 protected:
76 friend class base::RefCountedThreadSafe<BinaryFeatureExtractor>;
77 virtual ~BinaryFeatureExtractor();
79 private:
80 DISALLOW_COPY_AND_ASSIGN(BinaryFeatureExtractor);
82 } // namespace safe_browsing
84 #endif // CHROME_COMMON_SAFE_BROWSING_BINARY_FEATURE_EXTRACTOR_H_