Implement anonymous, opt-in, collection of OS X binary integrity incidents.

chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc

Index: chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc
diff --git a/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc b/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc
new file mode 100644
index 0000000000000000000000000000000000000000..ea54531e561c32509beeb01a6a6c5ab556a159f6
--- /dev/null
+++ b/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.cc
@@ -0,0 +1,94 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h"
+
+#include "base/base_paths.h"
+#include "base/files/file_util.h"
+#include "base/path_service.h"
+#include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_incident.h"
+#include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h"
+#include "chrome/browser/safe_browsing/signature_evaluator_mac.h"
+#include "chrome/common/safe_browsing/csd.pb.h"
+
+#define DEVELOPER_ID_APPLICATION_OID "field.1.2.840.113635.100.6.1.13"
+#define DEVELOPER_ID_INTERMEDIATE_OID "field.1.2.840.113635.100.6.2.6"
+
+namespace safe_browsing {
+
+namespace {
+
+void VerifyBinaryIntegrityHelper(IncidentReceiver* incident_receiver,
+                                 const base::FilePath& path,
+                                 const std::string& requirement) {
+  base::FilePath binary_path(path);
+  if (!base::PathExists(binary_path))
+    return;
+
+  MacSignatureEvaluator evaluator(binary_path, requirement);
+  if (!evaluator.Initialize()) {
+    LOG(ERROR) << "Could not initialize mac signature evaluator";
+    return;
+  }
+
+  std::vector<ClientIncidentReport_IncidentData_BinaryIntegrityIncident>
+      results;
+  if (!evaluator.PerformEvaluation(&results)) {
+    VLOG(1) << "Signature verification failed: " << path.value();
+    for (const auto& incident : results) {
+      scoped_ptr<ClientIncidentReport_IncidentData_BinaryIntegrityIncident>
+          incident_copy(
+              new ClientIncidentReport_IncidentData_BinaryIntegrityIncident(incident));

[Robert Sesek, 2015/10/15 00:11:20]

nit: 80 cols

[Greg K, 2015/10/16 19:17:58]

Done.

[Mark Mentovai, 2015/10/16 22:46:40]

Greg Kerr wrote:
Can you re-upload?

+      incident_receiver->AddIncidentForProcess(
+          make_scoped_ptr(new BinaryIntegrityIncident(incident_copy.Pass())));
+    }
+  }
+}
+
+}  // namespace
+
+std::vector<std::pair<base::FilePath, std::string>>
+GetCriticalPathsAndRequirements() {
+  // Get the path to the main executable.
+  std::vector<std::pair<base::FilePath, std::string>> critical_binaries;
+  base::FilePath main_exe;
+  if (!PathService::Get(base::FILE_EXE, &main_exe)) {
+    NOTREACHED();
+    return critical_binaries;
+  }
+
+  // This requirement describes a developer ID signed application,
+  // with Google's team identifier, and the com.Google.Chrome[.canary]
+  // identifier.
+  std::string requirement =
+      "anchor apple generic and certificate 1[" DEVELOPER_ID_INTERMEDIATE_OID
+      "] exists and certificate leaf[" DEVELOPER_ID_APPLICATION_OID
+      "] exists and certificate leaf[subject.OU]=\"EQHXZ8M8AV\" and "
+      "(identifier=\"com.google.Chrome\" or "
+      "identifier=\"com.google.Chrome.canary\")";
+  critical_binaries.push_back(std::make_pair(main_exe, requirement));
+  // TODO(kerrnel): eventually add Adobe Flash Player to this list.
+  return critical_binaries;
+}
+
+void VerifyBinaryIntegrityForTesting(IncidentReceiver* incident_receiver,
+                                     const base::FilePath& path,
+                                     const std::string& requirement) {
+  VerifyBinaryIntegrityHelper(incident_receiver, path, requirement);
+}
+
+void VerifyBinaryIntegrity(scoped_ptr<IncidentReceiver> incident_receiver) {
+  std::vector<std::pair<base::FilePath, std::string>> bundles_and_requirements =
+      GetCriticalPathsAndRequirements();
+  int i = 0;

[Robert Sesek, 2015/10/15 00:11:20]

size_t

[Greg K, 2015/10/16 19:17:58]

Done.

+  for (const auto& p : bundles_and_requirements) {
+    const base::FilePath& path = p.first;
+    const std::string& requirement = p.second;
+    base::TimeTicks time_before = base::TimeTicks::Now();
+    VerifyBinaryIntegrityHelper(incident_receiver.get(), path, requirement);
+    RecordSignatureVerificationTime(i++, base::TimeTicks::Now() - time_before);
+  }
+}
+
+}  // namespac