search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / download_protection_service.h
blob4d334a63b36e7d746e9caaabb8f1634933e40998
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Helper class which handles communication with the SafeBrowsing servers for
6 // improved binary download protection.
7
8 #ifndef CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_
9 #define CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_
10
11 #include <set>
12 #include <string>
13 #include <vector>
14
15 #include "base/basictypes.h"
16 #include "base/callback.h"
17 #include "base/files/file_path.h"
18 #include "base/gtest_prod_util.h"
19 #include "base/memory/ref_counted.h"
20 #include "chrome/browser/safe_browsing/database_manager.h"
21 #include "chrome/browser/safe_browsing/ui_manager.h"
22 #include "url/gurl.h"
23
24
25 namespace content {
26 class DownloadItem;
27 class PageNavigator;
28 }
29
30 namespace net {
31 class URLRequestContextGetter;
32 class X509Certificate;
33 } // namespace net
34
35 namespace safe_browsing {
36 class DownloadFeedbackService;
37 class SignatureUtil;
38
39 // This class provides an asynchronous API to check whether a particular
40 // client download is malicious or not.
41 class DownloadProtectionService {
42 public:
43 enum DownloadCheckResult {
44 SAFE,
45 DANGEROUS,
46 UNCOMMON,
47 DANGEROUS_HOST,
48 POTENTIALLY_UNWANTED
49 };
50
51 // Callback type which is invoked once the download request is done.
52 typedef base::Callback<void(DownloadCheckResult)> CheckDownloadCallback;
53
54 // Creates a download service. The service is initially disabled. You need
55 // to call SetEnabled() to start it. |sb_service| owns this object; we
56 // keep a reference to |request_context_getter|.
57 DownloadProtectionService(
58 SafeBrowsingService* sb_service,
59 net::URLRequestContextGetter* request_context_getter);
60
61 virtual ~DownloadProtectionService();
62
63 // Checks whether the given client download is likely to be malicious or not.
64 // The result is delivered asynchronously via the given callback. This
65 // method must be called on the UI thread, and the callback will also be
66 // invoked on the UI thread. This method must be called once the download
67 // is finished and written to disk.
68 virtual void CheckClientDownload(content::DownloadItem* item,
69 const CheckDownloadCallback& callback);
70
71 // Checks whether any of the URLs in the redirect chain of the
72 // download match the SafeBrowsing bad binary URL list. The result is
73 // delivered asynchronously via the given callback. This method must be
74 // called on the UI thread, and the callback will also be invoked on the UI
75 // thread. Pre-condition: !info.download_url_chain.empty().
76 virtual void CheckDownloadUrl(const content::DownloadItem& item,
77 const CheckDownloadCallback& callback);
78
79 // Returns true iff the download specified by |info| should be scanned by
80 // CheckClientDownload() for malicious content.
81 virtual bool IsSupportedDownload(const content::DownloadItem& item,
82 const base::FilePath& target_path) const;
83
84 // Display more information to the user regarding the download specified by
85 // |info|. This method is invoked when the user requests more information
86 // about a download that was marked as malicious.
87 void ShowDetailsForDownload(const content::DownloadItem& item,
88 content::PageNavigator* navigator);
89
90 // Enables or disables the service. This is usually called by the
91 // SafeBrowsingService, which tracks whether any profile uses these services
92 // at all. Disabling causes any pending and future requests to have their
93 // callbacks called with "SAFE" results.
94 void SetEnabled(bool enabled);
95
96 bool enabled() const {
97 return enabled_;
98 }
99
100 // Returns the timeout that is used by CheckClientDownload().
101 int64 download_request_timeout_ms() const {
102 return download_request_timeout_ms_;
103 }
104
105 DownloadFeedbackService* feedback_service() {
106 return feedback_service_.get();
107 }
108
109 protected:
110 // Enum to keep track why a particular download verdict was chosen.
111 // This is used to keep some stats around.
112 enum DownloadCheckResultReason {
113 REASON_INVALID_URL,
114 REASON_SB_DISABLED,
115 REASON_WHITELISTED_URL,
116 REASON_WHITELISTED_REFERRER,
117 REASON_INVALID_REQUEST_PROTO,
118 REASON_SERVER_PING_FAILED,
119 REASON_INVALID_RESPONSE_PROTO,
120 REASON_NOT_BINARY_FILE,
121 REASON_REQUEST_CANCELED,
122 REASON_DOWNLOAD_DANGEROUS,
123 REASON_DOWNLOAD_SAFE,
124 REASON_EMPTY_URL_CHAIN,
125 DEPRECATED_REASON_HTTPS_URL,
126 REASON_PING_DISABLED,
127 REASON_TRUSTED_EXECUTABLE,
128 REASON_OS_NOT_SUPPORTED,
129 REASON_DOWNLOAD_UNCOMMON,
130 REASON_DOWNLOAD_NOT_SUPPORTED,
131 REASON_INVALID_RESPONSE_VERDICT,
132 REASON_ARCHIVE_WITHOUT_BINARIES,
133 REASON_DOWNLOAD_DANGEROUS_HOST,
134 REASON_DOWNLOAD_POTENTIALLY_UNWANTED,
135 REASON_MAX // Always add new values before this one.
136 };
137
138 private:
139 class CheckClientDownloadRequest; // Per-request state
140 friend class DownloadProtectionServiceTest;
141 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
142 CheckClientDownloadValidateRequest);
143 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
144 CheckClientDownloadSuccess);
145 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
146 CheckClientDownloadHTTPS);
147 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
148 CheckClientDownloadZip);
149 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
150 CheckClientDownloadFetchFailed);
151 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
152 TestDownloadRequestTimeout);
153 FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
154 CheckClientCrxDownloadSuccess);
155 static const char kDownloadRequestUrl[];
156
157 // Cancels all requests in |download_requests_|, and empties it, releasing
158 // the references to the requests.
159 void CancelPendingRequests();
160
161 // Called by a CheckClientDownloadRequest instance when it finishes, to
162 // remove it from |download_requests_|.
163 void RequestFinished(CheckClientDownloadRequest* request);
164
165 // Given a certificate and its immediate issuer certificate, generates the
166 // list of strings that need to be checked against the download whitelist to
167 // determine whether the certificate is whitelisted.
168 static void GetCertificateWhitelistStrings(
169 const net::X509Certificate& certificate,
170 const net::X509Certificate& issuer,
171 std::vector<std::string>* whitelist_strings);
172
173 // Returns the URL that will be used for download requests.
174 static GURL GetDownloadRequestUrl();
175
176 // These pointers may be NULL if SafeBrowsing is disabled.
177 scoped_refptr<SafeBrowsingUIManager> ui_manager_;
178 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
179
180 // The context we use to issue network requests.
181 scoped_refptr<net::URLRequestContextGetter> request_context_getter_;
182
183 // Map of client download request to the corresponding callback that
184 // has to be invoked when the request is done. This map contains all
185 // pending server requests.
186 std::set<scoped_refptr<CheckClientDownloadRequest> > download_requests_;
187
188 // Keeps track of the state of the service.
189 bool enabled_;
190
191 // SignatureUtil object, may be overridden for testing.
192 scoped_refptr<SignatureUtil> signature_util_;
193
194 int64 download_request_timeout_ms_;
195
196 scoped_ptr<DownloadFeedbackService> feedback_service_;
197
198 DISALLOW_COPY_AND_ASSIGN(DownloadProtectionService);
199 };
200 } // namespace safe_browsing
201
202 #endif // CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_