Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7986)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/safe_browsing/download_protection_service_unittest.cc

Issue 2934373002: Record Code Signature of Downloaded DMG files (Closed)
Patch Set: adjusted test file path names Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/safe_browsing/download_protection_service.cc ('k') | chrome/browser/safe_browsing/sandboxed_dmg_analyzer_mac_unittest.cc » ('j') | chrome/utility/safe_browsing/mac/dmg_iterator.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/safe_browsing/download_protection_service_unittest.cc
diff --git a/chrome/browser/safe_browsing/download_protection_service_unittest.cc b/chrome/browser/safe_browsing/download_protection_service_unittest.cc
index eee257605c41975c25af6db9c2d0516c26379f21..c485197a0677169bae46188ca3193137ecb84590 100644
--- a/chrome/browser/safe_browsing/download_protection_service_unittest.cc
+++ b/chrome/browser/safe_browsing/download_protection_service_unittest.cc
@@ -33,6 +33,7 @@
#include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.h"
#include "chrome/browser/safe_browsing/local_database_manager.h"
#include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/common/chrome_paths.h"
#include "chrome/common/safe_browsing/binary_feature_extractor.h"
#include "chrome/common/safe_browsing/file_type_policies_test_util.h"
#include "chrome/test/base/testing_profile.h"
@@ -1443,6 +1444,92 @@ TEST_F(DownloadProtectionServiceTest,
CheckClientDownloadReportCorruptDmg) {
CheckClientDownloadReportCorruptArchive(DMG);
}
+
+// Tests that signatures get recorded and uploaded for signed DMGs.
+TEST_F(DownloadProtectionServiceTest,
+ CheckClientDownloadReportDmgWithSignature) {
+ net::FakeURLFetcherFactory factory(NULL);
+ PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK,
+ net::URLRequestStatus::SUCCESS);
+
+ base::FilePath signed_dmg;
+ EXPECT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg));
+ signed_dmg = signed_dmg.AppendASCII("safe_browsing")
+ .AppendASCII("download_protection")
+ .AppendASCII("googlechrome.dmg");
+
+ NiceMockDownloadItem item;
+ PrepareBasicDownloadItemWithFullPaths(
+ &item, {"http://www.evil.com/a.dmg"}, // url_chain
+ "http://www.google.com/", // referrer
+ signed_dmg, // tmp_path
+ temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path
+
+ RunLoop run_loop;
+ download_service_->CheckClientDownload(
+ &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
+ base::Unretained(this), run_loop.QuitClosure()));
+ run_loop.Run();
+
+ ASSERT_TRUE(HasClientDownloadRequest());
+ EXPECT_TRUE(GetClientDownloadRequest()->has_udif_code_signature());
+ EXPECT_EQ(GetClientDownloadRequest()->udif_code_signature().length(),
+ (uint64_t)9454);
+
+ base::FilePath signed_dmg_signature;
+ EXPECT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg_signature));
+ signed_dmg_signature = signed_dmg_signature.AppendASCII("safe_browsing")
+ .AppendASCII("download_protection")
+ .AppendASCII("googlechrome_signature.data");
+
+ std::string signature;
+ base::ReadFileToString(signed_dmg_signature, &signature);
+ EXPECT_EQ(signature.length(), (uint64_t)9454);
+
+ EXPECT_EQ(
+ GetClientDownloadRequest()->udif_code_signature().compare(signature), 0);
+
+ ClearClientDownloadRequest();
+
+ Mock::VerifyAndClearExpectations(sb_service_.get());
+ Mock::VerifyAndClearExpectations(binary_feature_extractor_.get());
+}
+
+// Tests that no signature gets recorded and uploaded for unsigned DMGs.
+TEST_F(DownloadProtectionServiceTest,
+ CheckClientDownloadReportDmgWithoutSignature) {
+ net::FakeURLFetcherFactory factory(NULL);
+ PrepareResponse(&factory, ClientDownloadResponse::SAFE, net::HTTP_OK,
+ net::URLRequestStatus::SUCCESS);
+
+ base::FilePath unsigned_dmg;
+ EXPECT_TRUE(PathService::Get(chrome::DIR_GEN_TEST_DATA, &unsigned_dmg));
+ unsigned_dmg = unsigned_dmg.AppendASCII("chrome")
+ .AppendASCII("safe_browsing_dmg")
+ .AppendASCII("mach_o_in_dmg.dmg");
+
+ NiceMockDownloadItem item;
+ PrepareBasicDownloadItemWithFullPaths(
+ &item, {"http://www.evil.com/a.dmg"}, // url_chain
+ "http://www.google.com/", // referrer
+ unsigned_dmg, // tmp_path
+ temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path
+
+ RunLoop run_loop;
+ download_service_->CheckClientDownload(
+ &item, base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
+ base::Unretained(this), run_loop.QuitClosure()));
+ run_loop.Run();
+
+ ASSERT_TRUE(HasClientDownloadRequest());
+ EXPECT_FALSE(GetClientDownloadRequest()->has_udif_code_signature());
+
+ ClearClientDownloadRequest();
+
+ Mock::VerifyAndClearExpectations(sb_service_.get());
+ Mock::VerifyAndClearExpectations(binary_feature_extractor_.get());
+}
+
#endif
TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequest) {
« no previous file with comments | « chrome/browser/safe_browsing/download_protection_service.cc ('k') | chrome/browser/safe_browsing/sandboxed_dmg_analyzer_mac_unittest.cc » ('j') | chrome/utility/safe_browsing/mac/dmg_iterator.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698