Include the full certificate chain in the download pingback.

chrome/browser/safe_browsing/download_protection_service.cc

Index: chrome/browser/safe_browsing/download_protection_service.cc
===================================================================
--- chrome/browser/safe_browsing/download_protection_service.cc	(revision 109680)
+++ chrome/browser/safe_browsing/download_protection_service.cc	(working copy)
@@ -405,7 +405,7 @@
   void ExtractFileFeatures() {
     DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));

[mattm, 2011/11/12 03:15:36]

Probably want to move to doing this with WorkerPool so we don't block up the
file thread for too long.  Can do that in a separate CL though.

[Ryan Sleevi, 2011/11/12 22:06:17]

drive-by: +1 to this. These calls can take upwards of 20 seconds, depending on
how the system is configured, due to things like AIA chasing (which can still
happen for WinVerifyTrust/Authenticode sigs, IIRC).

     signature_util_->CheckSignature(info_.local_file, &signature_info_);
-    bool is_signed = signature_info_.has_certificate_contents();
+    bool is_signed = (signature_info_.certificate_chain_size() > 0);
     if (is_signed) {
       VLOG(2) << "Downloaded a signed binary: " << info_.local_file.value();
     } else {
@@ -454,7 +454,8 @@
           sb_service_->MatchDownloadWhitelistUrl(info_.referrer_url)) {
         reason = REASON_WHITELISTED_REFERRER;
       }
-      if (reason != REASON_MAX || signature_info_.has_certificate_contents()) {
+      if (reason != REASON_MAX ||
+          signature_info_.certificate_chain_size() > 0) {
         UMA_HISTOGRAM_COUNTS("SBClientDownload.SignedOrWhitelistedDownload", 1);
       }
     }