Chromium Code Reviews Chromium Code Reviews
Issue 2934373002:
Record Code Signature of Downloaded DMG files (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| (...skipping 1429 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1440 CheckClientDownloadReportCorruptZip) { | 1440 CheckClientDownloadReportCorruptZip) { |
| 1441 CheckClientDownloadReportCorruptArchive(ZIP); | 1441 CheckClientDownloadReportCorruptArchive(ZIP); |
| 1442 } | 1442 } |
| 1443 | 1443 |
| 1444 #if defined(OS_MACOSX) | 1444 #if defined(OS_MACOSX) |
| 1445 TEST_F(DownloadProtectionServiceTest, | 1445 TEST_F(DownloadProtectionServiceTest, |
| 1446 CheckClientDownloadReportCorruptDmg) { | 1446 CheckClientDownloadReportCorruptDmg) { |
| 1447 CheckClientDownloadReportCorruptArchive(DMG); | 1447 CheckClientDownloadReportCorruptArchive(DMG); |
| 1448 } | 1448 } |
| 1449 | 1449 |
| 1450 // Tests that signatures get recorded and uploaded for signed DMGs. | |
| 1451 TEST_F(DownloadProtectionServiceTest, | |
| 1452 CheckClientDownloadReportDmgWithSignature) { | |
| 1453 net::FakeURLFetcherFactory factory(NULL); | |
| 1454 PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK, | |
| 1455 net::URLRequestStatus::SUCCESS); | |
| 1456 | |
| 1457 base::FilePath signed_dmg; | |
| 1458 EXPECT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg)); | |
| 1459 signed_dmg = signed_dmg.AppendASCII("safe_browsing") | |
| 1460 .AppendASCII("download_protection") | |
| 1461 .AppendASCII("googlechrome.dmg"); | |
| 1462 | |
| 1463 NiceMockDownloadItem item; | |
| 1464 PrepareBasicDownloadItemWithFullPaths( | |
| 1465 &item, {"http://www.evil.com/a.dmg"}, // url_chain | |
| 1466 "http://www.google.com/", // referrer | |
| 1467 signed_dmg, // tmp_path | |
| 1468 temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path | |
| 1469 | |
| 1470 RunLoop run_loop; | |
| 1471 download_service_->CheckClientDownload( | |
| 1472 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | |
| 1473 base::Unretained(this), run_loop.QuitClosure())); | |
| 1474 run_loop.Run(); | |
| 1475 | |
| 1476 ASSERT_TRUE(HasClientDownloadRequest()); | |
| 1477 EXPECT_TRUE(GetClientDownloadRequest()->has_udif_code_signature()); | |
| 1478 EXPECT_EQ((uint64_t)9454, | |
|
Robert Sesek
2017/06/28 18:21:06
Remove the cast and just use |9454u|.
mortonm
2017/06/28 23:07:08
Done.
| |
| 1479 GetClientDownloadRequest()->udif_code_signature().length()); | |
| 1480 | |
| 1481 base::FilePath signed_dmg_signature; | |
| 1482 EXPECT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg_signature)); | |
| 1483 signed_dmg_signature = signed_dmg_signature.AppendASCII("safe_browsing") | |
| 1484 .AppendASCII("download_protection") | |
| 1485 .AppendASCII("googlechrome_signature.data"); | |
| 1486 | |
| 1487 std::string signature; | |
| 1488 base::ReadFileToString(signed_dmg_signature, &signature); | |
| 1489 EXPECT_EQ((uint64_t)9454, signature.length()); | |
|
Robert Sesek
2017/06/28 18:21:06
Same.
mortonm
2017/06/28 23:07:08
Done.
| |
| 1490 | |
| 1491 // EXPECT_EQ(0, | |
| 1492 // GetClientDownloadRequest()->udif_code_signature().compare(signature)); | |
| 1493 EXPECT_EQ(signature, GetClientDownloadRequest()->udif_code_signature()); | |
| 1494 | |
| 1495 base::File file; | |
| 1496 file = base::File(signed_dmg, base::File::FLAG_OPEN | base::File::FLAG_READ); | |
| 1497 ASSERT_TRUE(file.IsValid()); | |
| 1498 | |
| 1499 ClearClientDownloadRequest(); | |
| 1500 | |
| 1501 Mock::VerifyAndClearExpectations(sb_service_.get()); | |
| 1502 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | |
| 1503 } | |
| 1504 | |
| 1505 // Tests that no signature gets recorded and uploaded for unsigned DMGs. | |
| 1506 TEST_F(DownloadProtectionServiceTest, | |
| 1507 CheckClientDownloadReportDmgWithoutSignature) { | |
| 1508 net::FakeURLFetcherFactory factory(NULL); | |
| 1509 PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK, | |
| 1510 net::URLRequestStatus::SUCCESS); | |
| 1511 | |
| 1512 base::FilePath unsigned_dmg; | |
| 1513 EXPECT_TRUE(PathService::Get(chrome::DIR_GEN_TEST_DATA, &unsigned_dmg)); | |
| 1514 unsigned_dmg = unsigned_dmg.AppendASCII("chrome") | |
| 1515 .AppendASCII("safe_browsing_dmg") | |
| 1516 .AppendASCII("mach_o_in_dmg.dmg"); | |
| 1517 | |
| 1518 NiceMockDownloadItem item; | |
| 1519 PrepareBasicDownloadItemWithFullPaths( | |
| 1520 &item, {"http://www.evil.com/a.dmg"}, // url_chain | |
| 1521 "http://www.google.com/", // referrer | |
| 1522 unsigned_dmg, // tmp_path | |
| 1523 temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path | |
| 1524 | |
| 1525 RunLoop run_loop; | |
| 1526 download_service_->CheckClientDownload( | |
| 1527 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | |
| 1528 base::Unretained(this), run_loop.QuitClosure())); | |
| 1529 run_loop.Run(); | |
| 1530 | |
| 1531 ASSERT_TRUE(HasClientDownloadRequest()); | |
| 1532 EXPECT_FALSE(GetClientDownloadRequest()->has_udif_code_signature()); | |
| 1533 | |
| 1534 ClearClientDownloadRequest(); | |
| 1535 | |
| 1536 Mock::VerifyAndClearExpectations(sb_service_.get()); | |
| 1537 Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); | |
| 1538 } | |
| 1539 | |
| 1450 // Test that downloaded files with no disk image extension that have a 'koly' | 1540 // Test that downloaded files with no disk image extension that have a 'koly' |
| 1451 // trailer are treated as disk images and processed accordingly. | 1541 // trailer are treated as disk images and processed accordingly. |
| 1452 TEST_F(DownloadProtectionServiceTest, | 1542 TEST_F(DownloadProtectionServiceTest, |
| 1453 CheckClientDownloadReportDmgWithoutExtension) { | 1543 CheckClientDownloadReportDmgWithoutExtension) { |
| 1454 net::FakeURLFetcherFactory factory(NULL); | 1544 net::FakeURLFetcherFactory factory(NULL); |
| 1455 PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK, | 1545 PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK, |
| 1456 net::URLRequestStatus::SUCCESS); | 1546 net::URLRequestStatus::SUCCESS); |
| 1457 | 1547 |
| 1458 base::FilePath test_data; | 1548 base::FilePath test_data; |
| 1459 EXPECT_TRUE(PathService::Get(chrome::DIR_GEN_TEST_DATA, &test_data)); | 1549 EXPECT_TRUE(PathService::Get(chrome::DIR_GEN_TEST_DATA, &test_data)); |
| (...skipping 1002 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2462 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 2552 &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 2463 base::Unretained(this), run_loop.QuitClosure())); | 2553 base::Unretained(this), run_loop.QuitClosure())); |
| 2464 run_loop.Run(); | 2554 run_loop.Run(); |
| 2465 | 2555 |
| 2466 EXPECT_FALSE(HasClientDownloadRequest()); | 2556 EXPECT_FALSE(HasClientDownloadRequest()); |
| 2467 // Overriden by flag: | 2557 // Overriden by flag: |
| 2468 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); | 2558 EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS)); |
| 2469 } | 2559 } |
| 2470 | 2560 |
| 2471 } // namespace safe_browsing | 2561 } // namespace safe_browsing |
| OLD | NEW |
