| blob | b45deea57d65dccd68a3e16d30322888c58bb8fc |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Client side phishing and malware detection request and response
6 // protocol buffers. Those protocol messages should be kept in sync
7 // with the server implementation.
8 //
9 // If you want to change this protocol definition or you have questions
10 // regarding its format please contact chrome-anti-phishing@googlegroups.com.
12 syntax = "proto2";
14 option optimize_for = LITE_RUNTIME;
16 package safe_browsing;
18 message ClientPhishingRequest {
19 // URL that the client visited. The CGI parameters are stripped by the
20 // client.
21 optional string url = 1;
23 // A 5-byte SHA-256 hash prefix of the URL. Before hashing the URL is
24 // canonicalized, converted to a suffix-prefix expression and broadened
25 // (www prefix is removed and everything past the last '/' is stripped).
26 //
27 // Marked OBSOLETE because the URL is sent for all users, making the hash
28 // prefix unnecessary.
29 optional bytes OBSOLETE_hash_prefix = 10;
31 // Score that was computed on the client. Value is between 0.0 and 1.0.
32 // The larger the value the more likely the url is phishing.
33 required float client_score = 2;
35 // Note: we're skipping tag 3 because it was previously used.
37 // Is true if the features for this URL were classified as phishing.
38 // Currently, this will always be true for all client-phishing requests
39 // that are sent to the server.
40 optional bool is_phishing = 4;
42 message Feature {
43 // Feature name. E.g., 'PageHasForms'.
44 required string name = 1;
46 // Feature value is always in the range [0.0, 1.0]. Boolean features
47 // have value 1.0.
48 required double value = 2;
49 }
51 // List of features that were extracted. Those are the features that were
52 // sent to the scorer and which resulted in client_score being computed.
53 repeated Feature feature_map = 5;
55 // The version number of the model that was used to compute the client-score.
56 // Copied from ClientSideModel.version().
57 optional int32 model_version = 6;
59 // Field 7 is only used on the server.
61 // List of features that are extracted in the client but are not used in the
62 // machine learning model.
63 repeated Feature non_model_feature_map = 8;
65 // The referrer URL. This field might not be set, for example, in the case
66 // where the referrer uses HTTPs.
67 // OBSOLETE: Use feature 'Referrer=<referrer>' instead.
68 optional string OBSOLETE_referrer_url = 9;
70 // Field 11 is only used on the server.
72 // List of shingle hashes we extracted.
73 repeated uint32 shingle_hashes = 12 [packed = true];
74 }
76 message ClientPhishingResponse {
77 required bool phishy = 1;
79 // A list of SafeBrowsing host-suffix / path-prefix expressions that
80 // are whitelisted. The client must match the current top-level URL
81 // against these whitelisted expressions and only apply a positive
82 // phishing verdict above if the URL does not match any expression
83 // on this whitelist. The client must not cache these whitelisted
84 // expressions. This whitelist will be empty for the vast majority
85 // of the responses but might contain up to 100 entries in emergency
86 // situations.
87 //
88 // Marked OBSOLETE because the URL is sent for all users, so the server
89 // can do whitelist matching.
90 repeated string OBSOLETE_whitelist_expression = 2;
91 }
93 message ClientMalwareRequest {
94 // URL that the client visited. The CGI parameters are stripped by the
95 // client.
96 required string url = 1;
98 // Field 2 is deleted and no longer in use.
100 // Field 3 is only used on the server.
102 // The referrer URL. This field might not be set, for example, in the case
103 // where the referrer uses HTTPS.
104 optional string referrer_url = 4;
106 // Field 5 and 6 are only used on the server.
108 message UrlInfo {
109 required string ip = 1;
110 required string url = 2;
111 optional string method = 3;
112 optional string referrer = 4;
113 // Resource type, the int value is a direct cast from the Type enum
114 // of ResourceType class defined in //src/webkit/commom/resource_type.h
115 optional int32 resource_type = 5;
116 }
118 // List of resource urls that match the malware IP list.
119 repeated UrlInfo bad_ip_url_info = 7;
120 }
122 message ClientMalwareResponse {
123 required bool blacklist = 1;
124 // The confirmed blacklisted bad IP and its url, which will be shown in
125 // malware warning, if the blacklist verdict is true.
126 // This IP string could be either in IPv4 or IPv6 format, which is the same
127 // as the ones client sent to server.
128 optional string bad_ip = 2;
129 optional string bad_url = 3;
130 }
132 message ClientDownloadRequest {
133 // The final URL of the download (after all redirects).
134 required string url = 1;
136 // This message contains various binary digests of the download payload.
137 message Digests {
138 optional bytes sha256 = 1;
139 optional bytes sha1 = 2;
140 optional bytes md5 = 3;
141 }
142 required Digests digests = 2;
144 // This is the length in bytes of the download payload.
145 required int64 length = 3;
147 // Type of the resources stored below.
148 enum ResourceType {
149 // The final URL of the download payload. The resource URL should
150 // correspond to the URL field above.
151 DOWNLOAD_URL = 0;
152 // A redirect URL that was fetched before hitting the final DOWNLOAD_URL.
153 DOWNLOAD_REDIRECT = 1;
154 // The final top-level URL of the tab that triggered the download.
155 TAB_URL = 2;
156 // A redirect URL thas was fetched before hitting the final TAB_URL.
157 TAB_REDIRECT = 3;
158 }
160 message Resource {
161 required string url = 1;
162 required ResourceType type = 2;
163 optional bytes remote_ip = 3;
164 // This will only be set if the referrer is available and if the
165 // resource type is either TAB_URL or DOWNLOAD_URL.
166 optional string referrer = 4;
168 // TODO(noelutz): add the transition type?
169 }
171 // This repeated field will store all the redirects as well as the
172 // final URLs for the top-level tab URL (i.e., the URL that
173 // triggered the download) as well as for the download URL itself.
174 repeated Resource resources = 4;
176 // A trust chain of certificates. Each chain begins with the signing
177 // certificate of the binary, and ends with a self-signed certificate,
178 // typically from a trusted root CA. This structure is analogous to
179 // CERT_CHAIN_CONTEXT on Windows.
180 message CertificateChain {
181 // A single link in the chain.
182 message Element {
183 // DER-encoded X.509 representation of the certificate.
184 optional bytes certificate = 1;
185 // Fields 2 - 7 are only used on the server.
186 }
187 repeated Element element = 1;
188 }
190 message SignatureInfo {
191 // All certificate chains for each of the binary's signers. Multiple chains
192 // may be present if the binary or any certificate has multiple signers.
193 // Absence of certificate chains does not imply that the binary is not
194 // signed (in that case, SignedData blobs extracted from the binary may be
195 // preset), but does mean that trust has not been verified.
196 repeated CertificateChain certificate_chain = 1;
198 // True if the signature was trusted on the client.
199 optional bool trusted = 2;
201 // PKCS#7 SignedData blobs extracted from a portable executable image's
202 // attribute certificate table. The presence of these does not imply that
203 // the signatures were deemed trusted by the client.
204 repeated bytes signed_data = 3;
205 }
207 // This field will only be set if the binary is signed.
208 optional SignatureInfo signature = 5;
210 // True if the download was user initiated.
211 optional bool user_initiated = 6;
213 // Fields 7 and 8 are only used on the server.
215 // Name of the file where the download would be stored if the
216 // download completes. E.g., "bla.exe".
217 optional string file_basename = 9;
219 // Starting with Chrome M19 we're also sending back pings for Chrome
220 // extensions that get downloaded by users.
221 enum DownloadType {
222 WIN_EXECUTABLE = 0; // Currently all .exe, .cab and .msi files.
223 CHROME_EXTENSION = 1; // .crx files.
224 ANDROID_APK = 2; // .apk files.
225 // .zip files containing one of the other executable types.
226 ZIPPED_EXECUTABLE = 3;
227 MAC_EXECUTABLE = 4; // .dmg, .pkg, etc.
228 }
229 optional DownloadType download_type = 10 [default = WIN_EXECUTABLE];
231 // Locale of the device, eg en, en_US.
232 optional string locale = 11;
234 message PEImageHeaders {
235 // IMAGE_DOS_HEADER.
236 optional bytes dos_header = 1;
237 // IMAGE_FILE_HEADER.
238 optional bytes file_header = 2;
239 // IMAGE_OPTIONAL_HEADER32. Present only for 32-bit PE images.
240 optional bytes optional_headers32 = 3;
241 // IMAGE_OPTIONAL_HEADER64. Present only for 64-bit PE images.
242 optional bytes optional_headers64 = 4;
243 // IMAGE_SECTION_HEADER.
244 repeated bytes section_header = 5;
245 // Contents of the .edata section.
246 optional bytes export_section_data = 6;
248 message DebugData {
249 // IMAGE_DEBUG_DIRECTORY.
250 optional bytes directory_entry = 1;
251 optional bytes raw_data = 2;
252 }
254 repeated DebugData debug_data = 7;
255 }
257 message ImageHeaders {
258 // Windows Portable Executable image headers.
259 optional PEImageHeaders pe_headers = 1;
260 };
262 // Fields 12-17 are reserved for server-side use and are never sent by the
263 // client.
265 optional ImageHeaders image_headers = 18;
267 // Fields 19-21 are reserved for server-side use and are never sent by the
268 // client.
270 // A binary contained in an archive (e.g., a .zip archive).
271 message ArchivedBinary {
272 optional string file_basename = 1;
273 optional DownloadType download_type = 2;
274 optional Digests digests = 3;
275 optional int64 length = 4;
276 optional SignatureInfo signature = 5;
277 optional ImageHeaders image_headers = 6;
278 }
280 repeated ArchivedBinary archived_binary = 22;
281 }
283 message ClientDownloadResponse {
284 enum Verdict {
285 // Download is considered safe.
286 SAFE = 0;
287 // Download is considered dangerous. Chrome should show a warning to the
288 // user.
289 DANGEROUS = 1;
290 // Download is unknown. Chrome should display a less severe warning.
291 UNCOMMON = 2;
292 // The download is potentially unwanted.
293 POTENTIALLY_UNWANTED = 3;
294 // The download is from a dangerous host.
295 DANGEROUS_HOST = 4;
296 }
297 required Verdict verdict = 1;
299 message MoreInfo {
300 // A human-readable string describing the nature of the warning.
301 // Only if verdict != SAFE. Localized based on request.locale.
302 optional string description = 1;
304 // A URL to get more information about this warning, if available.
305 optional string url = 2;
306 }
307 optional MoreInfo more_info = 2;
309 // An arbitrary token that should be sent along for further server requests.
310 optional bytes token = 3;
311 }
313 // The following protocol buffer holds the feedback report gathered
314 // from the user regarding the download.
315 message ClientDownloadReport {
316 // The information of user who provided the feedback.
317 // This is going to be useful for handling appeals.
318 message UserInformation {
319 optional string email = 1;
320 }
322 enum Reason {
323 SHARE = 0;
324 FALSE_POSITIVE = 1;
325 APPEAL = 2;
326 }
328 // The type of feedback for this report.
329 optional Reason reason = 1;
331 // The original download ping
332 optional ClientDownloadRequest download_request = 2;
334 // Stores the information of the user who provided the feedback.
335 optional UserInformation user_information = 3;
337 // Unstructed comments provided by the user.
338 optional bytes comment = 4;
340 // The original download response sent from the verdict server.
341 optional ClientDownloadResponse download_response = 5;
342 }
344 // This is used to send back upload status to the client after upload completion
345 message ClientUploadResponse {
346 enum UploadStatus {
347 // The upload was successful and a complete response can be expected
348 SUCCESS = 0;
350 // The upload was unsuccessful and the response is incomplete.
351 UPLOAD_FAILURE = 1;
352 }
354 // Holds the upload status
355 optional UploadStatus status = 1;
357 // Holds the permalink where the results of scanning the binary are available
358 optional string permalink = 2;
359 }
361 message ClientIncidentReport {
362 message IncidentData {
363 message TrackedPreferenceIncident {
364 enum ValueState {
365 UNKNOWN = 0;
366 CLEARED = 1;
367 WEAK_LEGACY_OBSOLETE = 2;
368 CHANGED = 3;
369 UNTRUSTED_UNKNOWN_VALUE = 4;
370 }
372 optional string path = 1;
373 optional string atomic_value = 2;
374 repeated string split_key = 3;
375 optional ValueState value_state = 4;
376 }
377 message BinaryIntegrityIncident {
378 optional string file_basename = 1;
379 optional ClientDownloadRequest.SignatureInfo signature = 2;
380 }
381 message BlacklistLoadIncident {
382 optional string path = 1;
383 optional ClientDownloadRequest.Digests digest = 2;
384 optional string version = 3;
385 optional bool blacklist_initialized = 4;
386 optional ClientDownloadRequest.SignatureInfo signature = 5;
387 optional ClientDownloadRequest.ImageHeaders image_headers = 6;
388 }
389 message VariationsSeedSignatureIncident {
390 optional string variations_seed_signature = 1;
391 }
392 message ResourceRequestIncident {
393 enum Type {
394 UNKNOWN = 0;
395 TYPE_SCRIPT = 1;
396 TYPE_DOMAIN = 2;
397 }
398 optional bytes digest = 1;
399 optional string origin = 2;
400 optional Type type = 3 [default = UNKNOWN];
401 }
402 optional int64 incident_time_msec = 1;
403 optional TrackedPreferenceIncident tracked_preference = 2;
404 optional BinaryIntegrityIncident binary_integrity = 3;
405 optional BlacklistLoadIncident blacklist_load = 4;
406 // Note: skip tag 5 because it was previously used.
407 optional VariationsSeedSignatureIncident variations_seed_signature = 6;
408 optional ResourceRequestIncident resource_request = 7;
409 }
411 repeated IncidentData incident = 1;
413 message DownloadDetails {
414 optional bytes token = 1;
415 optional ClientDownloadRequest download = 2;
416 optional int64 download_time_msec = 3;
417 optional int64 open_time_msec = 4;
418 }
420 optional DownloadDetails download = 2;
422 message EnvironmentData {
423 message OS {
424 optional string os_name = 1;
425 optional string os_version = 2;
426 }
427 optional OS os = 1;
428 message Machine {
429 optional string cpu_architecture = 1;
430 optional string cpu_vendor = 2;
431 optional uint32 cpuid = 3;
432 }
433 optional Machine machine = 2;
434 message Process {
435 optional string version = 1;
436 repeated string OBSOLETE_dlls = 2;
437 message Patch {
438 optional string function = 1;
439 optional string target_dll = 2;
440 }
441 repeated Patch patches = 3;
442 message NetworkProvider {}
443 repeated NetworkProvider network_providers = 4;
444 enum Channel {
445 CHANNEL_UNKNOWN = 0;
446 CHANNEL_CANARY = 1;
447 CHANNEL_DEV = 2;
448 CHANNEL_BETA = 3;
449 CHANNEL_STABLE = 4;
450 }
451 optional Channel chrome_update_channel = 5;
452 optional int64 uptime_msec = 6;
453 optional bool metrics_consent = 7;
454 optional bool extended_consent = 8;
455 message Dll {
456 enum Feature {
457 UNKNOWN = 0;
458 LSP = 1;
459 }
460 optional string path = 1;
461 optional uint64 base_address = 2;
462 optional uint32 length = 3;
463 repeated Feature feature = 4;
464 optional ClientDownloadRequest.ImageHeaders image_headers = 5;
465 }
466 repeated Dll dll = 9;
467 repeated string blacklisted_dll = 10;
468 message ModuleState {
469 enum ModifiedState {
470 UNKNOWN = 0;
471 MODULE_STATE_UNKNOWN = 1;
472 MODULE_STATE_UNMODIFIED = 2;
473 MODULE_STATE_MODIFIED = 3;
474 }
475 optional string name = 1;
476 optional ModifiedState modified_state = 2;
477 repeated string modified_export = 3;
479 message Modification {
480 optional uint32 file_offset = 1;
481 optional int32 byte_count = 2;
482 optional bytes modified_bytes = 3;
483 optional string export_name = 4;
484 }
485 repeated Modification modification = 4;
486 }
487 repeated ModuleState module_state = 11;
488 }
489 optional Process process = 3;
490 }
492 optional EnvironmentData environment = 3;
493 }
495 message ClientIncidentResponse {
496 optional bytes token = 1;
497 optional bool download_requested = 2;
499 message EnvironmentRequest { optional int32 dll_index = 1; }
501 repeated EnvironmentRequest environment_requests = 3;
502 }
504 message DownloadMetadata {
505 optional uint32 download_id = 1;
507 optional ClientIncidentReport.DownloadDetails download = 2;
508 }