Adding a new delayed analysis that verify binaries signature.

chrome/browser/safe_browsing/binary_integrity_analyzer.cc

Index: chrome/browser/safe_browsing/binary_integrity_analyzer.cc
diff --git a/chrome/browser/safe_browsing/binary_integrity_analyzer.cc b/chrome/browser/safe_browsing/binary_integrity_analyzer.cc
new file mode 100644
index 0000000000000000000000000000000000000000..22ad82e26592edc62d15369b169e1d75a2ee0bf5
--- /dev/null
+++ b/chrome/browser/safe_browsing/binary_integrity_analyzer.cc
@@ -0,0 +1,59 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/binary_integrity_analyzer.h"
+
+#include "base/bind.h"
+#include "base/callback.h"
+#include "base/file_util.h"
+#include "base/file_version_info.h"

[grt (UTC plus 2), 2014/08/08 02:23:05]

unused

[pmonette_google.com, 2014/08/08 15:05:42]

Removed.

+#include "base/path_service.h"

[grt (UTC plus 2), 2014/08/08 02:23:05]

unused

[pmonette_google.com, 2014/08/08 15:05:42]

Removed.

+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/safe_browsing/binary_feature_extractor.h"
+#include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/common/safe_browsing/csd.pb.h"
+
+namespace safe_browsing {
+
+void RegisterBinaryIntegrityAnalysis() {
+#if defined(OS_WIN)
+  scoped_refptr<SafeBrowsingService> safe_browsing_service(
+      g_browser_process->safe_browsing_service());
+
+  safe_browsing_service->RegisterDelayedAnalysisCallback(
+      base::Bind(&VerifyBinaryIntegrity));
+#endif
+}
+
+void VerifyBinaryIntegrity(const AddIncidentCallback& callback) {
+  scoped_refptr<BinaryFeatureExtractor> binary_feature_extractor(
+      new BinaryFeatureExtractor());
+
+  std::vector<base::FilePath> critical_binaries = GetCriticalBinariesPath();
+  for (size_t i = 0; i < critical_binaries.size(); ++i) {
+    base::FilePath binary_path(critical_binaries[i]);
+    if (!base::PathExists(binary_path))
+      continue;
+
+    scoped_ptr<ClientDownloadRequest_SignatureInfo> signature_info(
+        new ClientDownloadRequest_SignatureInfo());
+    binary_feature_extractor->CheckSignature(binary_path, signature_info.get());

[grt (UTC plus 2), 2014/08/08 02:23:05]

please add some use of UMA_HISTOGRAM_TIMES so we can see how long this takes for
each binary. it would be best to have distinct histograms for the different
binaries. this probably means using base::Histogram::FactoryTimeGet with a name
along the lines of "SBIRS.VerifyBinaryIntegrity.N" where N is the index into the
array. maybe there's an even better way. asvitkine will know.

[Alexei Svitkine (slow), 2014/08/08 15:14:59]

Yeah, Histogram::FactoryTimeGet() is the right way to do something like this
(since a macro can't be used with variable names to caching) - you can get the
params from the expansion of one of the macros. In xml file, you can use a
histograms_suffixes element to avoid duplication.

+
+    // Only create a report if the signature is untrusted.
+    if (!signature_info->trusted()) {
+      scoped_ptr<ClientIncidentReport_IncidentData> incident_data(
+          new ClientIncidentReport_IncidentData());
+      ClientIncidentReport_IncidentData_BinaryIntegrityIncident*
+          binary_integrity = incident_data->mutable_binary_integrity();
+
+      binary_integrity->set_file(binary_path.AsUTF8Unsafe());
+      binary_integrity->set_allocated_signature(signature_info.release());
+
+      // Send the report.
+      callback.Run(incident_data.Pass());
+    }
+  }
+}
+

[grt (UTC plus 2), 2014/08/08 02:23:05]

you need this for non-win platform, no?
#if !defined(OS_WIN)
std::vector<base::FilePath> GetCriticalBinariesPath() {
  return std::vector<base::FilePath>();
}
#endif  // !defined(OS_WIN)

[pmonette_google.com, 2014/08/08 15:05:42]

Done.

+}  // namespace safe_browsing