Adding a new delayed analysis that verify binaries signature.

chrome/browser/safe_browsing/binary_integrity_service_win_unittest.cc

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/binary_integrity_service.h"
+
+#include "base/bind.h"
+#include "base/files/scoped_temp_dir.h"
+#include "base/file_util.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/path_service.h"
+#include "base/test/scoped_path_override.h"
+#include "chrome/common/chrome_paths.h"
+#include "chrome/common/safe_browsing/csd.pb.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "testing/gmock/include/gmock/gmock.h"
+
+namespace safe_browsing {
+
+namespace {
+
+
+const wchar_t kChromeDll[] = L"chrome.dll";
+const wchar_t kChromeElfDll[] = L"chrome_elf.dll";
+const wchar_t kChromeExe[] = L"chrome.exe";
+const wchar_t kSignedBinaryDll[] = L"signed_binary.dll";
+
+// Indicate if the AddIncidentCallback has been called.
+bool g_callback_called = false;
+
+// Helper function to erase the content of a binary to make sure the signature
+// verification will fail.
+bool EraseFileContent(const base::FilePath& file_path) {
+  FILE* file = base::OpenFile(file_path, "w");
+
+  if (file == NULL)
+    return false;
+
+  bool success = base::TruncateFile(file);
+  return base::CloseFile(file) && success;
+}
+
+// Mock the AddIncidentCallback so we can test that VerifyBinaryIntegrity
+// adds an incident callback when a signature verification fails.
+void MockAddIncidentCallback(scoped_ptr<ClientIncidentReport_IncidentData>) {
+  g_callback_called = true;
+}
+
+}  // namespace
+
+class BinaryIntegrityServiceWinTest : public ::testing::Test {
+ protected:
+  BinaryIntegrityServiceWinTest();
+
+  base::FilePath test_data_dir_;
+  base::ScopedTempDir temp_dir_;
+  scoped_ptr<base::ScopedPathOverride> exe_dir_override_;
+};
+
+BinaryIntegrityServiceWinTest::BinaryIntegrityServiceWinTest() {
+  temp_dir_.CreateUniqueTempDir();
+  base::CreateDirectory(temp_dir_.path().Append(GetChromeVersion()));
+
+  // We retrieve DIR_TEST_DATA here because it is based on DIR_EXE and we are
+  // about to override the path to the latter.
+  if (!PathService::Get(chrome::DIR_TEST_DATA, &test_data_dir_))
+    NOTREACHED();
+
+  exe_dir_override_.reset(
+      new base::ScopedPathOverride(base::DIR_EXE, temp_dir_.path()));
+}
+
+TEST_F(BinaryIntegrityServiceWinTest, GetCriticalBinariesPath) {
+  // Expected paths.
+  std::vector<base::FilePath> critical_binaries_path_expected;
+  critical_binaries_path_expected.push_back(
+      temp_dir_.path().Append(GetChromeVersion()).Append(kChromeDll));
+  critical_binaries_path_expected.push_back(
+      temp_dir_.path().Append(GetChromeVersion()).Append(kChromeElfDll));
+  critical_binaries_path_expected.push_back(
+      temp_dir_.path().Append(kChromeExe));
+
+  std::vector<base::FilePath> critical_binaries_path =
+      GetCriticalBinariesPath();
+
+  ASSERT_THAT(critical_binaries_path,
+              ::testing::ContainerEq(critical_binaries_path_expected));
+}
+
+TEST_F(BinaryIntegrityServiceWinTest, VerifyBinaryIntegrity) {
+  // Copy the signed dll to the temp exe directory.
+  base::FilePath signed_binary_path(test_data_dir_);
+  signed_binary_path =
+      signed_binary_path.Append(L"safe_browsing").Append(kSignedBinaryDll);
+
+  base::FilePath chrome_elf_path(temp_dir_.path());
+  chrome_elf_path = chrome_elf_path.Append(
+      GetChromeVersion()).Append(kChromeElfDll);
+
+  ASSERT_TRUE(base::CopyFile(signed_binary_path, chrome_elf_path));
+
+  AddIncidentCallback callback = base::Bind(&MockAddIncidentCallback);
+
+  VerifyBinaryIntegrity(callback);
+  ASSERT_FALSE(g_callback_called);
+
+  ASSERT_TRUE(EraseFileContent(chrome_elf_path));
+
+  VerifyBinaryIntegrity(callback);
+  ASSERT_TRUE(g_callback_called);
+}
+
+}  // namespace safe_browsing