1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer.h"
10 #include "base/callback.h"
11 #include "base/files/file_util.h"
12 #include "base/metrics/histogram.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/strings/string_util.h"
15 #include "base/strings/stringprintf.h"
16 #include "base/time/time.h"
17 #include "chrome/browser/browser_process.h"
18 #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_incident.h"
19 #include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h"
20 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
21 #include "chrome/common/safe_browsing/binary_feature_extractor.h"
22 #include "chrome/common/safe_browsing/csd.pb.h"
24 namespace safe_browsing
{
28 void RecordSignatureVerificationTime(size_t file_index
,
29 const base::TimeDelta
& verification_time
) {
30 static const char kHistogramName
[] = "SBIRS.VerifyBinaryIntegrity.";
32 base::HistogramBase
* signature_verification_time_histogram
=
33 base::Histogram::FactoryTimeGet(
34 std::string(kHistogramName
) + base::SizeTToString(file_index
),
35 base::TimeDelta::FromMilliseconds(1),
36 base::TimeDelta::FromSeconds(20),
38 base::Histogram::kUmaTargetedHistogramFlag
);
40 signature_verification_time_histogram
->AddTime(verification_time
);
45 void RegisterBinaryIntegrityAnalysis() {
47 scoped_refptr
<SafeBrowsingService
> safe_browsing_service(
48 g_browser_process
->safe_browsing_service());
50 safe_browsing_service
->RegisterDelayedAnalysisCallback(
51 base::Bind(&VerifyBinaryIntegrity
));
55 void VerifyBinaryIntegrity(scoped_ptr
<IncidentReceiver
> incident_receiver
) {
56 scoped_refptr
<BinaryFeatureExtractor
> binary_feature_extractor(
57 new BinaryFeatureExtractor());
59 std::vector
<base::FilePath
> critical_binaries
= GetCriticalBinariesPath();
60 for (size_t i
= 0; i
< critical_binaries
.size(); ++i
) {
61 base::FilePath
binary_path(critical_binaries
[i
]);
62 if (!base::PathExists(binary_path
))
65 scoped_ptr
<ClientDownloadRequest_SignatureInfo
> signature_info(
66 new ClientDownloadRequest_SignatureInfo());
68 base::TimeTicks time_before
= base::TimeTicks::Now();
69 binary_feature_extractor
->CheckSignature(binary_path
, signature_info
.get());
70 RecordSignatureVerificationTime(i
, base::TimeTicks::Now() - time_before
);
72 // Only create a report if the signature is untrusted.
73 if (!signature_info
->trusted()) {
74 scoped_ptr
<ClientIncidentReport_IncidentData_BinaryIntegrityIncident
>
76 new ClientIncidentReport_IncidentData_BinaryIntegrityIncident());
78 incident
->set_file_basename(binary_path
.BaseName().AsUTF8Unsafe());
79 incident
->set_allocated_signature(signature_info
.release());
82 incident_receiver
->AddIncidentForProcess(
83 make_scoped_ptr(new BinaryIntegrityIncident(incident
.Pass())));
89 std::vector
<base::FilePath
> GetCriticalBinariesPath() {
90 return std::vector
<base::FilePath
>();
92 #endif // !defined(OS_WIN)
94 } // namespace safe_browsing