1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Utilities for the SafeBrowsing code.
#ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UTIL_H_
#define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UTIL_H_
#include <cstring>
#include <set>
#include <string>
#include <vector>
#include "base/basictypes.h"
#include "base/memory/scoped_ptr.h"
#include "base/strings/string_piece.h"
#include "base/time/time.h"
#include "chrome/browser/safe_browsing/chunk_range.h"
namespace safe_browsing {
class ChunkData;
};
class GURL;
// A truncated hash's type.
typedef uint32 SBPrefix;
// Container for holding a chunk URL and the list it belongs to.
struct ChunkUrl {
std::string url;
std::string list_name;
};
// A full hash.
union SBFullHash {
char full_hash[32];
SBPrefix prefix;
};
inline bool SBFullHashEqual(const SBFullHash& a, const SBFullHash& b) {
return !memcmp(a.full_hash, b.full_hash, sizeof(a.full_hash));
}
inline bool SBFullHashLess(const SBFullHash& a, const SBFullHash& b) {
return memcmp(a.full_hash, b.full_hash, sizeof(a.full_hash)) < 0;
}
// Generate full hash for the given string.
SBFullHash SBFullHashForString(const base::StringPiece& str);
// Data for an individual chunk sent from the server.
class SBChunkData {
public:
SBChunkData();
~SBChunkData();
// Create with manufactured data, for testing only.
// TODO(shess): Right now the test code calling this is in an anonymous
// namespace. Figure out how to shift this into private:.
explicit SBChunkData(safe_browsing::ChunkData* chunk_data);
// Read serialized ChunkData, returning true if the parse suceeded.
bool ParseFrom(const unsigned char* data, size_t length);
// Access the chunk data. |AddChunkNumberAt()| can only be called if
// |IsSub()| returns true. |Prefix*()| and |FullHash*()| can only be called
// if the corrosponding |Is*()| returned true.
int ChunkNumber() const;
bool IsAdd() const;
bool IsSub() const;
int AddChunkNumberAt(size_t i) const;
bool IsPrefix() const;
size_t PrefixCount() const;
SBPrefix PrefixAt(size_t i) const;
bool IsFullHash() const;
size_t FullHashCount() const;
SBFullHash FullHashAt(size_t i) const;
private:
// Protocol buffer sent from server.
scoped_ptr<safe_browsing::ChunkData> chunk_data_;
DISALLOW_COPY_AND_ASSIGN(SBChunkData);
};
// Used when we get a gethash response.
struct SBFullHashResult {
SBFullHash hash;
// TODO(shess): Refactor to allow ListType here.
int list_id;
std::string metadata;
};
// Caches individual response from GETHASH request.
struct SBCachedFullHashResult {
SBCachedFullHashResult();
explicit SBCachedFullHashResult(const base::Time& in_expire_after);
~SBCachedFullHashResult();
base::Time expire_after;
std::vector<SBFullHashResult> full_hashes;
};
// Contains information about a list in the database.
struct SBListChunkRanges {
explicit SBListChunkRanges(const std::string& n);
std::string name; // The list name.
std::string adds; // The ranges for add chunks.
std::string subs; // The ranges for sub chunks.
};
// Container for deleting chunks from the database.
struct SBChunkDelete {
SBChunkDelete();
~SBChunkDelete();
std::string list_name;
bool is_sub_del;
std::vector<ChunkRange> chunk_del;
};
// Different types of threats that SafeBrowsing protects against.
enum SBThreatType {
// No threat at all.
SB_THREAT_TYPE_SAFE,
// The URL is being used for phishing.
SB_THREAT_TYPE_URL_PHISHING,
// The URL hosts malware.
SB_THREAT_TYPE_URL_MALWARE,
// The URL hosts unwanted programs.
SB_THREAT_TYPE_URL_UNWANTED,
// The download URL is malware.
SB_THREAT_TYPE_BINARY_MALWARE_URL,
// Url detected by the client-side phishing model. Note that unlike the
// above values, this does not correspond to a downloaded list.
SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL,
// The Chrome extension or app (given by its ID) is malware.
SB_THREAT_TYPE_EXTENSION,
// Url detected by the client-side malware IP list. This IP list is part
// of the client side detection model.
SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL,
};
// Utility functions -----------------------------------------------------------
namespace safe_browsing_util {
// SafeBrowsing list names.
extern const char kMalwareList[];
extern const char kPhishingList[];
// Binary Download list name.
extern const char kBinUrlList[];
// SafeBrowsing client-side detection whitelist list name.
extern const char kCsdWhiteList[];
// SafeBrowsing download whitelist list name.
extern const char kDownloadWhiteList[];
// SafeBrowsing extension list name.
extern const char kExtensionBlacklist[];
// SafeBrowsing side-effect free whitelist name.
extern const char kSideEffectFreeWhitelist[];
// SafeBrowsing csd malware IP blacklist name.
extern const char kIPBlacklist[];
// SafeBrowsing unwanted URL list.
extern const char kUnwantedUrlList[];
// This array must contain all Safe Browsing lists.
extern const char* kAllLists[9];
enum ListType {
INVALID = -1,
MALWARE = 0,
PHISH = 1,
BINURL = 2,
// Obsolete BINHASH = 3,
CSDWHITELIST = 4,
// SafeBrowsing lists are stored in pairs. Keep ListType 5
// available for a potential second list that we would store in the
// csd-whitelist store file.
DOWNLOADWHITELIST = 6,
// See above comment. Leave 7 available.
EXTENSIONBLACKLIST = 8,
// See above comment. Leave 9 available.
SIDEEFFECTFREEWHITELIST = 10,
// See above comment. Leave 11 available.
IPBLACKLIST = 12,
// See above comment. Leave 13 available.
UNWANTEDURL = 14,
// See above comment. Leave 15 available.
};
// M40 experimental flag controls rollout of the UwS warning.
enum UnwantedStatus {
UWS_OFF,
UWS_ON_INVISIBLE,
UWS_ON
};
// Maps a list name to ListType.
ListType GetListId(const base::StringPiece& name);
// Maps a ListId to list name. Return false if fails.
bool GetListName(ListType list_id, std::string* list);
// Canonicalizes url as per Google Safe Browsing Specification.
// See section 6.1 in
// http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec.
void CanonicalizeUrl(const GURL& url, std::string* canonicalized_hostname,
std::string* canonicalized_path,
std::string* canonicalized_query);
// Given a URL, returns all the hosts we need to check. They are returned
// in order of size (i.e. b.c is first, then a.b.c).
void GenerateHostsToCheck(const GURL& url, std::vector<std::string>* hosts);
// Given a URL, returns all the paths we need to check.
void GeneratePathsToCheck(const GURL& url, std::vector<std::string>* paths);
// Given a URL, returns all the patterns we need to check.
void GeneratePatternsToCheck(const GURL& url, std::vector<std::string>* urls);
GURL GeneratePhishingReportUrl(const std::string& report_page,
const std::string& url_to_report,
bool is_client_side_detection);
SBFullHash StringToSBFullHash(const std::string& hash_in);
std::string SBFullHashToString(const SBFullHash& hash_out);
// Look up the status of the UwS warning. The default is off.
UnwantedStatus GetUnwantedTrialGroup();
} // namespace safe_browsing_util
#endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UTIL_H_
|
