Roll src/third_party/WebKit a3b4a2e:7441784 (svn 202551:202552)
[chromium-blink-merge.git] / extensions / browser / content_verifier_delegate.h
blob2feb7b794d6aa80532c106673b38ccd42b1cbca8
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_
6 #define EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_
8 #include <set>
10 #include "extensions/browser/content_verify_job.h"
11 #include "url/gurl.h"
13 namespace base {
14 class FilePath;
15 class Version;
18 namespace extensions {
20 class Extension;
22 // A pointer to the bytes of a public key, and the number of bytes.
23 struct ContentVerifierKey {
24 const uint8* data;
25 int size;
27 ContentVerifierKey() : data(NULL), size(0) {}
29 ContentVerifierKey(const uint8* data, int size) {
30 this->data = data;
31 this->size = size;
35 // This is an interface for clients that want to use a ContentVerifier.
36 class ContentVerifierDelegate {
37 public:
38 // Note that it is important for these to appear in increasing "severity"
39 // order, because we use this to let command line flags increase, but not
40 // decrease, the mode you're running in compared to the experiment group.
41 enum Mode {
42 // Do not try to fetch content hashes if they are missing, and do not
43 // enforce them if they are present.
44 NONE = 0,
46 // If content hashes are missing, try to fetch them, but do not enforce.
47 BOOTSTRAP,
49 // If hashes are present, enforce them. If they are missing, try to fetch
50 // them.
51 ENFORCE,
53 // Treat the absence of hashes the same as a verification failure.
54 ENFORCE_STRICT
57 virtual ~ContentVerifierDelegate() {}
59 // This should return what verification mode is appropriate for the given
60 // extension, if any.
61 virtual Mode ShouldBeVerified(const Extension& extension) = 0;
63 // Should return the public key to use for validating signatures via the two
64 // out parameters.
65 virtual ContentVerifierKey GetPublicKey() = 0;
67 // This should return a URL that can be used to fetch the
68 // verified_contents.json containing signatures for the given extension
69 // id/version pair.
70 virtual GURL GetSignatureFetchUrl(const std::string& extension_id,
71 const base::Version& version) = 0;
73 // This should return the set of file paths for images used within the
74 // browser process. (These may get transcoded during the install process).
75 virtual std::set<base::FilePath> GetBrowserImagePaths(
76 const extensions::Extension* extension) = 0;
78 // Called when the content verifier detects that a read of a file inside
79 // an extension did not match its expected hash.
80 virtual void VerifyFailed(const std::string& extension_id,
81 ContentVerifyJob::FailureReason reason) = 0;
84 } // namespace extensions
86 #endif // EXTENSIONS_BROWSER_CONTENT_VERIFIER_DELEGATE_H_