OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analy
zer_mac.h" | 5 #include "chrome/browser/safe_browsing/incident_reporting/binary_integrity_analy
zer_mac.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
| 9 #include <memory> |
| 10 |
9 #include "base/files/file.h" | 11 #include "base/files/file.h" |
10 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
11 #include "base/files/scoped_temp_dir.h" | 13 #include "base/files/scoped_temp_dir.h" |
12 #include "base/mac/bundle_locations.h" | 14 #include "base/mac/bundle_locations.h" |
13 #include "base/memory/scoped_ptr.h" | |
14 #include "base/path_service.h" | 15 #include "base/path_service.h" |
15 #include "chrome/browser/safe_browsing/incident_reporting/incident.h" | 16 #include "chrome/browser/safe_browsing/incident_reporting/incident.h" |
16 #include "chrome/browser/safe_browsing/incident_reporting/mock_incident_receiver
.h" | 17 #include "chrome/browser/safe_browsing/incident_reporting/mock_incident_receiver
.h" |
17 #include "chrome/common/chrome_paths.h" | 18 #include "chrome/common/chrome_paths.h" |
18 #include "chrome/common/safe_browsing/csd.pb.h" | 19 #include "chrome/common/safe_browsing/csd.pb.h" |
19 #include "testing/gmock/include/gmock/gmock.h" | 20 #include "testing/gmock/include/gmock/gmock.h" |
20 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
21 | 22 |
22 using ::testing::_; | 23 using ::testing::_; |
23 using ::testing::StrictMock; | 24 using ::testing::StrictMock; |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
84 std::vector<PathAndRequirement> paths_and_requirements = | 85 std::vector<PathAndRequirement> paths_and_requirements = |
85 GetCriticalPathsAndRequirements(); | 86 GetCriticalPathsAndRequirements(); |
86 ASSERT_EQ(1u, paths_and_requirements.size()); | 87 ASSERT_EQ(1u, paths_and_requirements.size()); |
87 EXPECT_EQ(paths_and_requirements[0].path, | 88 EXPECT_EQ(paths_and_requirements[0].path, |
88 paths_and_requirements_expected[0].path); | 89 paths_and_requirements_expected[0].path); |
89 EXPECT_EQ(paths_and_requirements[0].requirement, | 90 EXPECT_EQ(paths_and_requirements[0].requirement, |
90 paths_and_requirements_expected[0].requirement); | 91 paths_and_requirements_expected[0].requirement); |
91 } | 92 } |
92 | 93 |
93 TEST_F(BinaryIntegrityAnalyzerMacTest, VerifyBinaryIntegrityForTesting) { | 94 TEST_F(BinaryIntegrityAnalyzerMacTest, VerifyBinaryIntegrityForTesting) { |
94 scoped_ptr<MockIncidentReceiver> mock_receiver( | 95 std::unique_ptr<MockIncidentReceiver> mock_receiver( |
95 new StrictMock<MockIncidentReceiver>()); | 96 new StrictMock<MockIncidentReceiver>()); |
96 base::FilePath bundle = temp_dir_.path().Append(kBundleBase); | 97 base::FilePath bundle = temp_dir_.path().Append(kBundleBase); |
97 std::string requirement( | 98 std::string requirement( |
98 "certificate leaf[subject.CN]=\"untrusted@goat.local\""); | 99 "certificate leaf[subject.CN]=\"untrusted@goat.local\""); |
99 | 100 |
100 // Run check on valid bundle. | 101 // Run check on valid bundle. |
101 scoped_ptr<Incident> incident_to_clear; | 102 std::unique_ptr<Incident> incident_to_clear; |
102 EXPECT_CALL(*mock_receiver, DoClearIncidentForProcess(_)) | 103 EXPECT_CALL(*mock_receiver, DoClearIncidentForProcess(_)) |
103 .WillOnce(TakeIncident(&incident_to_clear)); | 104 .WillOnce(TakeIncident(&incident_to_clear)); |
104 VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); | 105 VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); |
105 | 106 |
106 ASSERT_TRUE(incident_to_clear); | 107 ASSERT_TRUE(incident_to_clear); |
107 ASSERT_EQ(IncidentType::BINARY_INTEGRITY, incident_to_clear->GetType()); | 108 ASSERT_EQ(IncidentType::BINARY_INTEGRITY, incident_to_clear->GetType()); |
108 ASSERT_EQ(incident_to_clear->GetKey(), "test-bundle.app"); | 109 ASSERT_EQ(incident_to_clear->GetKey(), "test-bundle.app"); |
109 | 110 |
110 base::FilePath exe_path = temp_dir_.path().Append(kBundleURL); | 111 base::FilePath exe_path = temp_dir_.path().Append(kBundleURL); |
111 ASSERT_TRUE(CorruptFileContent(exe_path)); | 112 ASSERT_TRUE(CorruptFileContent(exe_path)); |
112 | 113 |
113 scoped_ptr<Incident> incident; | 114 std::unique_ptr<Incident> incident; |
114 EXPECT_CALL(*mock_receiver, DoAddIncidentForProcess(_)) | 115 EXPECT_CALL(*mock_receiver, DoAddIncidentForProcess(_)) |
115 .WillOnce(TakeIncident(&incident)); | 116 .WillOnce(TakeIncident(&incident)); |
116 | 117 |
117 VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); | 118 VerifyBinaryIntegrityForTesting(mock_receiver.get(), bundle, requirement); |
118 | 119 |
119 // Verify that the incident report contains the expected data. | 120 // Verify that the incident report contains the expected data. |
120 scoped_ptr<ClientIncidentReport_IncidentData> incident_data( | 121 std::unique_ptr<ClientIncidentReport_IncidentData> incident_data( |
121 incident->TakePayload()); | 122 incident->TakePayload()); |
122 | 123 |
123 ASSERT_TRUE(incident_data->has_binary_integrity()); | 124 ASSERT_TRUE(incident_data->has_binary_integrity()); |
124 EXPECT_TRUE(incident_data->binary_integrity().has_file_basename()); | 125 EXPECT_TRUE(incident_data->binary_integrity().has_file_basename()); |
125 EXPECT_EQ("test-bundle.app", | 126 EXPECT_EQ("test-bundle.app", |
126 incident_data->binary_integrity().file_basename()); | 127 incident_data->binary_integrity().file_basename()); |
127 EXPECT_TRUE(incident_data->binary_integrity().has_sec_error()); | 128 EXPECT_TRUE(incident_data->binary_integrity().has_sec_error()); |
128 EXPECT_EQ(-67061, incident_data->binary_integrity().sec_error()); | 129 EXPECT_EQ(-67061, incident_data->binary_integrity().sec_error()); |
129 EXPECT_FALSE(incident_data->binary_integrity().has_signature()); | 130 EXPECT_FALSE(incident_data->binary_integrity().has_signature()); |
130 EXPECT_EQ(0, | 131 EXPECT_EQ(0, |
131 incident_data->binary_integrity().signature().signed_data_size()); | 132 incident_data->binary_integrity().signature().signed_data_size()); |
132 EXPECT_EQ(1, incident_data->binary_integrity().contained_file_size()); | 133 EXPECT_EQ(1, incident_data->binary_integrity().contained_file_size()); |
133 | 134 |
134 const auto& contained_file = | 135 const auto& contained_file = |
135 incident_data->binary_integrity().contained_file(0); | 136 incident_data->binary_integrity().contained_file(0); |
136 EXPECT_EQ(contained_file.relative_path(), "Contents/MacOS/test-bundle"); | 137 EXPECT_EQ(contained_file.relative_path(), "Contents/MacOS/test-bundle"); |
137 EXPECT_TRUE(contained_file.has_signature()); | 138 EXPECT_TRUE(contained_file.has_signature()); |
138 EXPECT_TRUE(contained_file.has_image_headers()); | 139 EXPECT_TRUE(contained_file.has_image_headers()); |
139 } | 140 } |
140 | 141 |
141 } // namespace safe_browsing | 142 } // namespace safe_browsing |
OLD | NEW |