src/chrome/browser/safe_browsing/download_protection_service.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4 //
   5 // Helper class which handles communication with the SafeBrowsing servers for
   6 // improved binary download protection.
   7
   8 #ifndef CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_
   9 #define CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_
  10
  11 #include <set>
  12 #include <string>
  13 #include <vector>
  14
  15 #include "base/basictypes.h"
  16 #include "base/callback.h"
  17 #include "base/callback_list.h"
  18 #include "base/files/file_path.h"
  19 #include "base/gtest_prod_util.h"
  20 #include "base/memory/ref_counted.h"
  21 #include "base/memory/scoped_ptr.h"
  22 #include "chrome/browser/safe_browsing/database_manager.h"
  23 #include "chrome/browser/safe_browsing/ui_manager.h"
  24 #include "url/gurl.h"
  25
  26
  27 namespace content {
  28 class DownloadItem;
  29 class PageNavigator;
  30 }
  31
  32 namespace net {
  33 class URLRequestContextGetter;
  34 class X509Certificate;
  35 }  // namespace net
  36
  37 namespace safe_browsing {
  38 class BinaryFeatureExtractor;
  39 class ClientDownloadRequest;
  40 class DownloadFeedbackService;
  41
  42 // This class provides an asynchronous API to check whether a particular
  43 // client download is malicious or not.
  44 class DownloadProtectionService {
  45  public:
  46   enum DownloadCheckResult {
  47     UNKNOWN,
  48     SAFE,
  49     DANGEROUS,
  50     UNCOMMON,
  51     DANGEROUS_HOST,
  52     POTENTIALLY_UNWANTED
  53   };
  54
  55   // Callback type which is invoked once the download request is done.
  56   typedef base::Callback<void(DownloadCheckResult)> CheckDownloadCallback;
  57
  58   // A type of callback run on the main thread when a ClientDownloadRequest has
  59   // been formed for a download, or when one has not been formed for a supported
  60   // download.
  61   typedef base::Callback<void(content::DownloadItem*,
  62                               const ClientDownloadRequest*)>
  63       ClientDownloadRequestCallback;
  64
  65   // A list of ClientDownloadRequest callbacks.
  66   typedef base::CallbackList<void(content::DownloadItem*,
  67                                   const ClientDownloadRequest*)>
  68       ClientDownloadRequestCallbackList;
  69
  70   // A subscription to a registered ClientDownloadRequest callback.
  71   typedef scoped_ptr<ClientDownloadRequestCallbackList::Subscription>
  72       ClientDownloadRequestSubscription;
  73
  74   // Creates a download service.  The service is initially disabled.  You need
  75   // to call SetEnabled() to start it.  |sb_service| owns this object; we
  76   // keep a reference to |request_context_getter|.
  77   DownloadProtectionService(
  78       SafeBrowsingService* sb_service,
  79       net::URLRequestContextGetter* request_context_getter);
  80
  81   virtual ~DownloadProtectionService();
  82
  83   // Checks whether the given client download is likely to be malicious or not.
  84   // The result is delivered asynchronously via the given callback.  This
  85   // method must be called on the UI thread, and the callback will also be
  86   // invoked on the UI thread.  This method must be called once the download
  87   // is finished and written to disk.
  88   virtual void CheckClientDownload(content::DownloadItem* item,
  89                                    const CheckDownloadCallback& callback);
  90
  91   // Checks whether any of the URLs in the redirect chain of the
  92   // download match the SafeBrowsing bad binary URL list.  The result is
  93   // delivered asynchronously via the given callback.  This method must be
  94   // called on the UI thread, and the callback will also be invoked on the UI
  95   // thread.  Pre-condition: !info.download_url_chain.empty().
  96   virtual void CheckDownloadUrl(const content::DownloadItem& item,
  97                                 const CheckDownloadCallback& callback);
  98
  99   // Returns true iff the download specified by |info| should be scanned by
 100   // CheckClientDownload() for malicious content.
 101   virtual bool IsSupportedDownload(const content::DownloadItem& item,
 102                                    const base::FilePath& target_path) const;
 103
 104   // Display more information to the user regarding the download specified by
 105   // |info|. This method is invoked when the user requests more information
 106   // about a download that was marked as malicious.
 107   void ShowDetailsForDownload(const content::DownloadItem& item,
 108                               content::PageNavigator* navigator);
 109
 110   // Enables or disables the service.  This is usually called by the
 111   // SafeBrowsingService, which tracks whether any profile uses these services
 112   // at all.  Disabling causes any pending and future requests to have their
 113   // callbacks called with "UNKNOWN" results.
 114   void SetEnabled(bool enabled);
 115
 116   bool enabled() const {
 117     return enabled_;
 118   }
 119
 120   // Returns the timeout that is used by CheckClientDownload().
 121   int64 download_request_timeout_ms() const {
 122     return download_request_timeout_ms_;
 123   }
 124
 125   DownloadFeedbackService* feedback_service() {
 126     return feedback_service_.get();
 127   }
 128
 129   // Registers a callback that will be run when a ClientDownloadRequest has
 130   // been formed.
 131   ClientDownloadRequestSubscription RegisterClientDownloadRequestCallback(
 132       const ClientDownloadRequestCallback& callback);
 133
 134  protected:
 135   // Enum to keep track why a particular download verdict was chosen.
 136   // This is used to keep some stats around.
 137   enum DownloadCheckResultReason {
 138     REASON_INVALID_URL,
 139     REASON_SB_DISABLED,
 140     REASON_WHITELISTED_URL,
 141     REASON_WHITELISTED_REFERRER,
 142     REASON_INVALID_REQUEST_PROTO,
 143     REASON_SERVER_PING_FAILED,
 144     REASON_INVALID_RESPONSE_PROTO,
 145     REASON_NOT_BINARY_FILE,
 146     REASON_REQUEST_CANCELED,
 147     REASON_DOWNLOAD_DANGEROUS,
 148     REASON_DOWNLOAD_SAFE,
 149     REASON_EMPTY_URL_CHAIN,
 150     DEPRECATED_REASON_HTTPS_URL,
 151     REASON_PING_DISABLED,
 152     REASON_TRUSTED_EXECUTABLE,
 153     REASON_OS_NOT_SUPPORTED,
 154     REASON_DOWNLOAD_UNCOMMON,
 155     REASON_DOWNLOAD_NOT_SUPPORTED,
 156     REASON_INVALID_RESPONSE_VERDICT,
 157     REASON_ARCHIVE_WITHOUT_BINARIES,
 158     REASON_DOWNLOAD_DANGEROUS_HOST,
 159     REASON_DOWNLOAD_POTENTIALLY_UNWANTED,
 160     REASON_MAX  // Always add new values before this one.
 161   };
 162
 163  private:
 164   class CheckClientDownloadRequest;  // Per-request state
 165   friend class DownloadProtectionServiceTest;
 166   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 167                            CheckClientDownloadWhitelistedUrl);
 168   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 169                            CheckClientDownloadValidateRequest);
 170   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 171                            CheckClientDownloadSuccess);
 172   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 173                            CheckClientDownloadHTTPS);
 174   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 175                            CheckClientDownloadZip);
 176   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 177                            CheckClientDownloadFetchFailed);
 178   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 179                            TestDownloadRequestTimeout);
 180   FRIEND_TEST_ALL_PREFIXES(DownloadProtectionServiceTest,
 181                            CheckClientCrxDownloadSuccess);
 182   static const char kDownloadRequestUrl[];
 183
 184   // Cancels all requests in |download_requests_|, and empties it, releasing
 185   // the references to the requests.
 186   void CancelPendingRequests();
 187
 188   // Called by a CheckClientDownloadRequest instance when it finishes, to
 189   // remove it from |download_requests_|.
 190   void RequestFinished(CheckClientDownloadRequest* request);
 191
 192   // Given a certificate and its immediate issuer certificate, generates the
 193   // list of strings that need to be checked against the download whitelist to
 194   // determine whether the certificate is whitelisted.
 195   static void GetCertificateWhitelistStrings(
 196       const net::X509Certificate& certificate,
 197       const net::X509Certificate& issuer,
 198       std::vector<std::string>* whitelist_strings);
 199
 200   // Returns the URL that will be used for download requests.
 201   static GURL GetDownloadRequestUrl();
 202
 203   // These pointers may be NULL if SafeBrowsing is disabled.
 204   scoped_refptr<SafeBrowsingUIManager> ui_manager_;
 205   scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
 206
 207   // The context we use to issue network requests.
 208   scoped_refptr<net::URLRequestContextGetter> request_context_getter_;
 209
 210   // Map of client download request to the corresponding callback that
 211   // has to be invoked when the request is done.  This map contains all
 212   // pending server requests.
 213   std::set<scoped_refptr<CheckClientDownloadRequest> > download_requests_;
 214
 215   // Keeps track of the state of the service.
 216   bool enabled_;
 217
 218   // BinaryFeatureExtractor object, may be overridden for testing.
 219   scoped_refptr<BinaryFeatureExtractor> binary_feature_extractor_;
 220
 221   int64 download_request_timeout_ms_;
 222
 223   scoped_ptr<DownloadFeedbackService> feedback_service_;
 224
 225   // A list of callbacks to be run on the main thread when a
 226   // ClientDownloadRequest has been formed.
 227   ClientDownloadRequestCallbackList client_download_request_callbacks_;
 228
 229   DISALLOW_COPY_AND_ASSIGN(DownloadProtectionService);
 230 };
 231 }  // namespace safe_browsing
 232
 233 #endif  // CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_SERVICE_H_