Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1173)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/crx_file/crx_verifier_unittest.cc

Issue 2888853003: Expand CRX verifier to verify CRX₃ files. (Closed)
Patch Set: BUILD fix + comment. Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/crx_file/crx_verifier.cc ('k') | components/test/data/crx_file/unsigned.crx3 » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/crx_file/crx_verifier.h"
6 #include "base/base_paths.h"
7 #include "base/files/file_path.h"
8 #include "base/path_service.h"
9 #include "base/strings/string_number_conversions.h"
10 #include "testing/gtest/include/gtest/gtest.h"
11
12 namespace {
13
14 base::FilePath TestFile(const std::string& file) {
15 base::FilePath path;
16 PathService::Get(base::DIR_SOURCE_ROOT, &path);
17 return path.AppendASCII("components")
18 .AppendASCII("test")
19 .AppendASCII("data")
20 .AppendASCII("crx_file")
21 .AppendASCII(file);
22 }
23
24 constexpr char kOjjHash[] = "ojjgnpkioondelmggbekfhllhdaimnho";
25 constexpr char kOjjKey[] =
26 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA230uN7vYDEhdDlb4/"
27 "+pg2pfL8p0FFzCF/O146NB3D5dPKuLbnNphn0OUzOrDzR/Z1XLVDlDyiA6xnb+qeRp7H8n7Wk/"
28 "/gvVDNArZyForlVqWdaHLhl4dyZoNJwPKsggf30p/"
29 "MxCbNfy2rzFujzn2nguOrJKzWvNt0BFqssrBpzOQl69blBezE2ZYGOnYW8mPgQV29ekIgOfJk2"
30 "GgXoJBQQRRsjoPmUY7GDuEKudEB/"
31 "CmWh3+"
32 "mCsHBHFWbqtGhSN4YCAw3DYQzwdTcIVaIA8f2Uo4AZ4INKkrEPRL8o9mZDYtO2YHIQg8pMSRMa"
33 "6AawBNYi9tZScnmgl5L1qE6z5oIwIDAQAB";
34
35 } // namespace
36
37 namespace crx_file {
38
39 using CrxVerifierTest = testing::Test;
40
41 TEST_F(CrxVerifierTest, ValidFullCrx2) {
42 const std::vector<std::vector<uint8_t>> keys;
43 const std::vector<uint8_t> hash;
44 std::string public_key;
45 std::string crx_id;
46
47 EXPECT_EQ(VerifierResult::OK_FULL,
48 Verify(TestFile("valid.crx2"), VerifierFormat::CRX2_OR_CRX3, keys,
49 hash, &public_key, &crx_id));
50 EXPECT_EQ(std::string(kOjjHash), crx_id);
51 EXPECT_EQ(std::string(kOjjKey), public_key);
52 }
53
54 TEST_F(CrxVerifierTest, ValidFullCrx3) {
55 const std::vector<std::vector<uint8_t>> keys;
56 const std::vector<uint8_t> hash;
57 std::string public_key = "UNSET";
58 std::string crx_id = "UNSET";
59
60 EXPECT_EQ(VerifierResult::OK_FULL, Verify(TestFile("valid_no_publisher.crx3"),
61 VerifierFormat::CRX2_OR_CRX3, keys,
62 hash, &public_key, &crx_id));
63 EXPECT_EQ(std::string(kOjjHash), crx_id);
64 EXPECT_EQ(std::string(kOjjKey), public_key);
65
66 public_key = "UNSET";
67 crx_id = "UNSET";
68 EXPECT_EQ(VerifierResult::OK_FULL,
69 Verify(TestFile("valid_no_publisher.crx3"), VerifierFormat::CRX3,
70 keys, hash, &public_key, &crx_id));
71 EXPECT_EQ(std::string(kOjjHash), crx_id);
72 EXPECT_EQ(std::string(kOjjKey), public_key);
73 }
74
75 TEST_F(CrxVerifierTest, Crx3RejectsCrx2) {
76 const std::vector<std::vector<uint8_t>> keys;
77 const std::vector<uint8_t> hash;
78 std::string public_key = "UNSET";
79 std::string crx_id = "UNSET";
80
81 EXPECT_EQ(VerifierResult::ERROR_HEADER_INVALID,
82 Verify(TestFile("valid.crx2"), VerifierFormat::CRX3, keys, hash,
83 &public_key, &crx_id));
84 EXPECT_EQ("UNSET", crx_id);
85 EXPECT_EQ("UNSET", public_key);
86 }
87
88 TEST_F(CrxVerifierTest, VerifiesFileHash) {
89 const std::vector<std::vector<uint8_t>> keys;
90 std::vector<uint8_t> hash;
91 EXPECT_TRUE(base::HexStringToBytes(
92 "d033c510f9e4ee081ccb60ea2bf530dc2e5cb0e71085b55503c8b13b74515fe4",
93 &hash));
94 std::string public_key = "UNSET";
95 std::string crx_id = "UNSET";
96
97 EXPECT_EQ(VerifierResult::OK_FULL, Verify(TestFile("valid_no_publisher.crx3"),
98 VerifierFormat::CRX2_OR_CRX3, keys,
99 hash, &public_key, &crx_id));
100 EXPECT_EQ(std::string(kOjjHash), crx_id);
101 EXPECT_EQ(std::string(kOjjKey), public_key);
102
103 hash.clear();
104 EXPECT_TRUE(base::HexStringToBytes(std::string(32, '0'), &hash));
105 public_key = "UNSET";
106 crx_id = "UNSET";
107 EXPECT_EQ(VerifierResult::ERROR_EXPECTED_HASH_INVALID,
108 Verify(TestFile("valid_no_publisher.crx3"), VerifierFormat::CRX3,
109 keys, hash, &public_key, &crx_id));
110 EXPECT_EQ("UNSET", crx_id);
111 EXPECT_EQ("UNSET", public_key);
112
113 hash.clear();
114 EXPECT_TRUE(base::HexStringToBytes(std::string(64, '0'), &hash));
115 public_key = "UNSET";
116 crx_id = "UNSET";
117 EXPECT_EQ(VerifierResult::ERROR_FILE_HASH_FAILED,
118 Verify(TestFile("valid_no_publisher.crx3"), VerifierFormat::CRX3,
119 keys, hash, &public_key, &crx_id));
120 EXPECT_EQ("UNSET", crx_id);
121 EXPECT_EQ("UNSET", public_key);
122 }
123
124 TEST_F(CrxVerifierTest, ChecksRequiredKeyHashes) {
125 const std::vector<uint8_t> hash;
126
127 std::vector<uint8_t> good_key;
128 EXPECT_TRUE(base::HexStringToBytes(
129 "e996dfa8eed34bc6614a57bb7308cd7e519bcc690841e1969f7cb173ef16800a",
130 &good_key));
131 const std::vector<std::vector<uint8_t>> good_keys = {good_key};
132 std::string public_key = "UNSET";
133 std::string crx_id = "UNSET";
134 EXPECT_EQ(
135 VerifierResult::OK_FULL,
136 Verify(TestFile("valid_no_publisher.crx3"), VerifierFormat::CRX2_OR_CRX3,
137 good_keys, hash, &public_key, &crx_id));
138 EXPECT_EQ(std::string(kOjjHash), crx_id);
139 EXPECT_EQ(std::string(kOjjKey), public_key);
140
141 std::vector<uint8_t> bad_key;
142 EXPECT_TRUE(base::HexStringToBytes(std::string(64, '0'), &bad_key));
143 const std::vector<std::vector<uint8_t>> bad_keys = {bad_key};
144 public_key = "UNSET";
145 crx_id = "UNSET";
146 EXPECT_EQ(VerifierResult::ERROR_REQUIRED_PROOF_MISSING,
147 Verify(TestFile("valid_no_publisher.crx3"), VerifierFormat::CRX3,
148 bad_keys, hash, &public_key, &crx_id));
149 EXPECT_EQ("UNSET", crx_id);
150 EXPECT_EQ("UNSET", public_key);
151 }
152
153 TEST_F(CrxVerifierTest, ChecksPinnedKey) {
154 const std::vector<uint8_t> hash;
155 const std::vector<std::vector<uint8_t>> keys;
156 std::string public_key = "UNSET";
157 std::string crx_id = "UNSET";
158 EXPECT_EQ(VerifierResult::OK_FULL,
159 Verify(TestFile("valid_publisher.crx3"),
160 VerifierFormat::CRX3_WITH_PUBLISHER_PROOF, keys, hash,
161 &public_key, &crx_id));
162 EXPECT_EQ(std::string(kOjjHash), crx_id);
163 EXPECT_EQ(std::string(kOjjKey), public_key);
164
165 public_key = "UNSET";
166 crx_id = "UNSET";
167 EXPECT_EQ(VerifierResult::ERROR_REQUIRED_PROOF_MISSING,
168 Verify(TestFile("valid_no_publisher.crx3"),
169 VerifierFormat::CRX3_WITH_PUBLISHER_PROOF, keys, hash,
170 &public_key, &crx_id));
171 EXPECT_EQ("UNSET", crx_id);
172 EXPECT_EQ("UNSET", public_key);
173 }
174
175 TEST_F(CrxVerifierTest, NullptrSafe) {
176 const std::vector<uint8_t> hash;
177 const std::vector<std::vector<uint8_t>> keys;
178 EXPECT_EQ(VerifierResult::OK_FULL,
179 Verify(TestFile("valid_publisher.crx3"),
180 VerifierFormat::CRX3_WITH_PUBLISHER_PROOF, keys, hash,
181 nullptr, nullptr));
182 }
183
184 TEST_F(CrxVerifierTest, RequiresDeveloperKey) {
185 const std::vector<uint8_t> hash;
186 const std::vector<std::vector<uint8_t>> keys;
187 std::string public_key = "UNSET";
188 std::string crx_id = "UNSET";
189 EXPECT_EQ(VerifierResult::ERROR_REQUIRED_PROOF_MISSING,
190 Verify(TestFile("unsigned.crx3"), VerifierFormat::CRX2_OR_CRX3,
191 keys, hash, &public_key, &crx_id));
192 EXPECT_EQ("UNSET", crx_id);
193 EXPECT_EQ("UNSET", public_key);
194 }
195
196 } // namespace crx_file
OLDNEW
« no previous file with comments | « components/crx_file/crx_verifier.cc ('k') | components/test/data/crx_file/unsigned.crx3 » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698