Whitelist executables that are trusted in the SafeBrowsing download protection.

chrome/browser/safe_browsing/download_protection_service_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include <map>
 #include <string>
 
 #include "base/bind.h"
@@ skipping 48 matching lines @@
 
  private:
   DISALLOW_COPY_AND_ASSIGN(MockSignatureUtil);
 };
 }  // namespace
 
 ACTION_P(SetCertificateContents, contents) {
   arg1->add_certificate_chain()->add_element()->set_certificate(contents);
 }
 
+ACTION(TrustSignature) {
+  arg1->set_trusted(true);
+}
+
 // We can't call OnSafeBrowsingResult directly because SafeBrowsingCheck does
 // not have any copy constructor which means it can't be stored in a callback
 // easily.  Note: check will be deleted automatically when the callback is
 // deleted.
 void OnSafeBrowsingResult(SafeBrowsingService::SafeBrowsingCheck* check) {
   check->client->OnSafeBrowsingResult(*check);
 }
 
 ACTION_P(CheckDownloadUrlDone, result) {
   SafeBrowsingService::SafeBrowsingCheck* check =
@@ skipping 466 matching lines @@
               CheckDownloadHash(info.sha256_hash, NotNull()))
       .WillOnce(DoAll(
           CheckDownloadHashDone(SafeBrowsingService::BINARY_MALWARE_HASH),
           Return(false)));
   download_service_->CheckClientDownload(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
   EXPECT_EQ(DownloadProtectionService::SAFE, result_);
+  Mock::VerifyAndClearExpectations(sb_service_);
+
+  // If the binary is a trusted executable we will not ping the server but
+  // we will still lookup the digest list.
+  EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_))
+      .WillRepeatedly(Return(false));
+  EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _))
+      .WillOnce(TrustSignature());
+  EXPECT_CALL(*sb_service_,
+              CheckDownloadHash(info.sha256_hash, NotNull()))
+      .WillOnce(DoAll(CheckDownloadHashDone(SafeBrowsingService::SAFE),
+                      Return(false)));
+  download_service_->CheckClientDownload(
+      info,
+      base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
+                 base::Unretained(this)));
+  msg_loop_.Run();
+  EXPECT_EQ(DownloadProtectionService::SAFE, result_);
 }
 
 TEST_F(DownloadProtectionServiceTest, TestCheckDownloadUrl) {
   DownloadProtectionService::DownloadInfo info;
   info.download_url_chain.push_back(GURL("http://www.google.com/"));
   info.download_url_chain.push_back(GURL("http://www.google.com/bla.exe"));
   info.referrer_url = GURL("http://www.google.com/");
 
   // CheckDownloadURL returns immediately which means the client object callback
   // will never be called.  Nevertheless the callback provided to
@@ skipping 44 matching lines @@
           CheckDownloadUrlDone(SafeBrowsingService::BINARY_MALWARE_URL),
           Return(false)));
   download_service_->CheckDownloadUrl(
       info,
       base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
                  base::Unretained(this)));
   msg_loop_.Run();
   EXPECT_EQ(DownloadProtectionService::DANGEROUS, result_);
 }
 }  // namespace safe_browsing