Chromium Code Reviews Chromium Code Reviews
Issue 1363613004:
Implement anonymous, opt-in, collection of OS X binary integrity incidents. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac_unittest.cc |
| diff --git a/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac_unittest.cc b/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac_unittest.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..a98a60b3dca4a2ab79f595682c4c7bd57d60a800 |
| --- /dev/null |
| +++ b/chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac_unittest.cc |
| @@ -0,0 +1,139 @@ |
| +// Copyright 2015 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analyzer_mac.h" |
| + |
| +#include "base/files/file.h" |
| +#include "base/files/file_util.h" |
| +#include "base/files/scoped_temp_dir.h" |
| +#include "base/mac/bundle_locations.h" |
| +#include "base/memory/scoped_ptr.h" |
| +#include "base/path_service.h" |
| +#include "chrome/browser/safe_browsing/incident_reporting/incident.h" |
| +#include "chrome/browser/safe_browsing/incident_reporting/mock_incident_receiver.h" |
| +#include "chrome/common/chrome_paths.h" |
| +#include "chrome/common/safe_browsing/csd.pb.h" |
| +#include "testing/gmock/include/gmock/gmock.h" |
| +#include "testing/gtest/include/gtest/gtest.h" |
| + |
| +using ::testing::_; |
| +using ::testing::StrictMock; |
| + |
| +namespace safe_browsing { |
| + |
| +namespace { |
| + |
| +const char kBundleBase[] = "test-bundle.app"; |
| +const char kBundleURL[] = "test-bundle.app/Contents/MacOS/test-bundle"; |
| + |
| +// Helper function to corrupt the content of a binary to make sure the signature |
| +// verification will fail. |
| +bool CorruptFileContent(const base::FilePath& file_path) { |
| + // This is the hard coded position of the TEXT segment in the mach-o file. |
| + static const uint64_t text_pos = 0x1F90; |
| + base::File file(file_path, base::File::FLAG_OPEN | base::File::FLAG_WRITE); |
| + if (!file.IsValid()) |
| + return false; |
| + char vec[] = {0xAA}; |
| + return file.Write(text_pos, vec, sizeof(vec)) == sizeof(vec); |
| +} |
| + |
| +} // namespace |
| + |
| +class BinaryIntegrityAnalyzerMacTest : public ::testing::Test { |
| + public: |
| + void SetUp() override; |
|
grt (UTC plus 2)
2015/10/30 15:47:04
i forgot to mention: prefer a ctor over SetUp when
Greg K
2015/10/30 20:05:13
Per discussion, SetUp() is used for the availabili
|
| + |
| + protected: |
| + base::FilePath test_data_dir_; |
| + base::ScopedTempDir temp_dir_; |
| +}; |
| + |
| +void BinaryIntegrityAnalyzerMacTest::SetUp() { |
| + ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &test_data_dir_)); |
| + test_data_dir_ = test_data_dir_.Append("safe_browsing/mach_o/"); |
| + |
| + // Set up the temp directory to copy the bundle to. |
| + ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
| + |
| + // Copy the signed bundle to the temp directory. |
| + base::FilePath signed_bundle_path = |
| + base::FilePath(test_data_dir_).Append(kBundleBase); |
| + base::FilePath copied_bundle_path = |
| + base::FilePath(temp_dir_.path()).Append(kBundleBase); |
| + ASSERT_TRUE( |
| + base::CopyDirectory(signed_bundle_path, copied_bundle_path, true)); |
| +} |
| + |
| +TEST_F(BinaryIntegrityAnalyzerMacTest, GetCriticalPathsAndRequirements) { |
| + // Expected paths and requirement strings. |
| + std::vector<PathAndRequirement> paths_and_requirements_expected; |
| + |
| + std::string expected_req = |
| + "anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] " |
| + "exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and " |
| + "certificate leaf[subject.OU]=\"EQHXZ8M8AV\" and " |
| + "(identifier=\"com.google.Chrome\" or " |
| + "identifier=\"com.google.Chrome.canary\")"; |
| + paths_and_requirements_expected.push_back( |
| + PathAndRequirement(base::mac::OuterBundlePath(), expected_req)); |
| + |
| + std::vector<PathAndRequirement> paths_and_requirements = |
| + GetCriticalPathsAndRequirements(); |
| + ASSERT_EQ(1u, paths_and_requirements.size()); |
| + EXPECT_EQ(paths_and_requirements[0].path, |
| + paths_and_requirements_expected[0].path); |
| + EXPECT_EQ(paths_and_requirements[0].requirement, |
| + paths_and_requirements_expected[0].requirement); |
| +} |
| + |
| +TEST_F(BinaryIntegrityAnalyzerMacTest, VerifyBinaryIntegrityForTesting) { |
| + scoped_ptr<MockIncidentReceiver> mock_receiver( |
| + new StrictMock<MockIncidentReceiver>()); |
| + base::FilePath bundle = temp_dir_.path().Append(kBundleBase); |
| + std::string requirement( |
| + "certificate leaf[subject.CN]=\"untrusted@goat.local\""); |
| + |
| + // Run check on valid bundle. |
| + scoped_ptr<Incident> incident_to_clear; |
| + EXPECT_CALL(*mock_receiver, DoClearIncidentForProcess(_)) |
| + .WillOnce(TakeIncident(&incident_to_clear)); |
| + VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); |
| + |
| + ASSERT_TRUE(incident_to_clear); |
| + ASSERT_EQ(IncidentType::BINARY_INTEGRITY, incident_to_clear->GetType()); |
| + ASSERT_EQ(incident_to_clear->GetKey(), "test-bundle.app"); |
| + |
| + base::FilePath exe_path = temp_dir_.path().Append(kBundleURL); |
| + ASSERT_TRUE(CorruptFileContent(exe_path)); |
| + |
| + scoped_ptr<Incident> incident; |
| + EXPECT_CALL(*mock_receiver, DoAddIncidentForProcess(_)) |
| + .WillOnce(TakeIncident(&incident)); |
| + |
| + VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); |
| + |
| + // Verify that the incident report contains the expected data. |
| + scoped_ptr<ClientIncidentReport_IncidentData> incident_data( |
| + incident->TakePayload()); |
| + |
| + ASSERT_TRUE(incident_data->has_binary_integrity()); |
| + EXPECT_TRUE(incident_data->binary_integrity().has_file_basename()); |
| + EXPECT_EQ("test-bundle.app", |
| + incident_data->binary_integrity().file_basename()); |
| + EXPECT_TRUE(incident_data->binary_integrity().has_sec_error()); |
| + EXPECT_EQ(-67061, incident_data->binary_integrity().sec_error()); |
| + EXPECT_FALSE(incident_data->binary_integrity().has_signature()); |
| + EXPECT_EQ(0, |
| + incident_data->binary_integrity().signature().signed_data_size()); |
| + EXPECT_EQ(1, incident_data->binary_integrity().contained_file_size()); |
| + |
| + const auto& contained_file = |
| + incident_data->binary_integrity().contained_file(0); |
| + EXPECT_EQ(contained_file.relative_path(), "Contents/MacOS/test-bundle"); |
| + EXPECT_TRUE(contained_file.has_signature()); |
| + EXPECT_TRUE(contained_file.has_image_headers()); |
| +} |
| + |
| +} // namespace safe_browsing |
