The Tor Browser / file comparison

comparison: toolkit/components/downloads/test/unit/test_app_rep_windows.js

toolkit/components/downloads/test/unit/test_app_rep_windows.js

changeset 0
6474c204b198
equal deleted inserted replaced
-1:000000000000 0:e524065f400e
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=2 et sw=2 tw=80: */
3 /* Any copyright is dedicated to the Public Domain.
4 * http://creativecommons.org/publicdomain/zero/1.0/ */
5
6 /**
7 * This file tests signature extraction using Windows Authenticode APIs of
8 * downloaded files.
9 */
10
11 ////////////////////////////////////////////////////////////////////////////////
12 //// Globals
13
14 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
15
16 XPCOMUtils.defineLazyModuleGetter(this, "FileUtils",
17 "resource://gre/modules/FileUtils.jsm");
18 XPCOMUtils.defineLazyModuleGetter(this, "NetUtil",
19 "resource://gre/modules/NetUtil.jsm");
20 XPCOMUtils.defineLazyModuleGetter(this, "Promise",
21 "resource://gre/modules/Promise.jsm");
22 XPCOMUtils.defineLazyModuleGetter(this, "Task",
23 "resource://gre/modules/Task.jsm");
24
25 const BackgroundFileSaverOutputStream = Components.Constructor(
26 "@mozilla.org/network/background-file-saver;1?mode=outputstream",
27 "nsIBackgroundFileSaver");
28
29 const StringInputStream = Components.Constructor(
30 "@mozilla.org/io/string-input-stream;1",
31 "nsIStringInputStream",
32 "setData");
33
34 const TEST_FILE_NAME_1 = "test-backgroundfilesaver-1.txt";
35
36 const gAppRep = Cc["@mozilla.org/downloads/application-reputation-service;1"].
37 getService(Ci.nsIApplicationReputationService);
38 let gStillRunning = true;
39 let gTables = {};
40 let gHttpServer = null;
41
42 /**
43 * Returns a reference to a temporary file. If the file is then created, it
44 * will be removed when tests in this file finish.
45 */
46 function getTempFile(aLeafName) {
47 let file = FileUtils.getFile("TmpD", [aLeafName]);
48 do_register_cleanup(function GTF_cleanup() {
49 if (file.exists()) {
50 file.remove(false);
51 }
52 });
53 return file;
54 }
55
56 function readFileToString(aFilename) {
57 let f = do_get_file(aFilename);
58 let stream = Cc["@mozilla.org/network/file-input-stream;1"]
59 .createInstance(Ci.nsIFileInputStream);
60 stream.init(f, -1, 0, 0);
61 let buf = NetUtil.readInputStreamToString(stream, stream.available());
62 return buf;
63 }
64
65 /**
66 * Waits for the given saver object to complete.
67 *
68 * @param aSaver
69 * The saver, with the output stream or a stream listener implementation.
70 * @param aOnTargetChangeFn
71 * Optional callback invoked with the target file name when it changes.
72 *
73 * @return {Promise}
74 * @resolves When onSaveComplete is called with a success code.
75 * @rejects With an exception, if onSaveComplete is called with a failure code.
76 */
77 function promiseSaverComplete(aSaver, aOnTargetChangeFn) {
78 let deferred = Promise.defer();
79 aSaver.observer = {
80 onTargetChange: function BFSO_onSaveComplete(aSaver, aTarget)
81 {
82 if (aOnTargetChangeFn) {
83 aOnTargetChangeFn(aTarget);
84 }
85 },
86 onSaveComplete: function BFSO_onSaveComplete(aSaver, aStatus)
87 {
88 if (Components.isSuccessCode(aStatus)) {
89 deferred.resolve();
90 } else {
91 deferred.reject(new Components.Exception("Saver failed.", aStatus));
92 }
93 },
94 };
95 return deferred.promise;
96 }
97
98 /**
99 * Feeds a string to a BackgroundFileSaverOutputStream.
100 *
101 * @param aSourceString
102 * The source data to copy.
103 * @param aSaverOutputStream
104 * The BackgroundFileSaverOutputStream to feed.
105 * @param aCloseWhenDone
106 * If true, the output stream will be closed when the copy finishes.
107 *
108 * @return {Promise}
109 * @resolves When the copy completes with a success code.
110 * @rejects With an exception, if the copy fails.
111 */
112 function promiseCopyToSaver(aSourceString, aSaverOutputStream, aCloseWhenDone) {
113 let deferred = Promise.defer();
114 let inputStream = new StringInputStream(aSourceString, aSourceString.length);
115 let copier = Cc["@mozilla.org/network/async-stream-copier;1"]
116 .createInstance(Ci.nsIAsyncStreamCopier);
117 copier.init(inputStream, aSaverOutputStream, null, false, true, 0x8000, true,
118 aCloseWhenDone);
119 copier.asyncCopy({
120 onStartRequest: function () { },
121 onStopRequest: function (aRequest, aContext, aStatusCode)
122 {
123 if (Components.isSuccessCode(aStatusCode)) {
124 deferred.resolve();
125 } else {
126 deferred.reject(new Components.Exception(aResult));
127 }
128 },
129 }, null);
130 return deferred.promise;
131 }
132
133 // Registers a table for which to serve update chunks.
134 function registerTableUpdate(aTable, aFilename) {
135 // If we haven't been given an update for this table yet, add it to the map
136 if (!(aTable in gTables)) {
137 gTables[aTable] = [];
138 }
139
140 // The number of chunks associated with this table.
141 let numChunks = gTables[aTable].length + 1;
142 let redirectPath = "/" + aTable + "-" + numChunks;
143 let redirectUrl = "localhost:4444" + redirectPath;
144
145 // Store redirect url for that table so we can return it later when we
146 // process an update request.
147 gTables[aTable].push(redirectUrl);
148
149 gHttpServer.registerPathHandler(redirectPath, function(request, response) {
150 do_print("Mock safebrowsing server handling request for " + redirectPath);
151 let contents = readFileToString(aFilename);
152 do_print("Length of " + aFilename + ": " + contents.length);
153 response.setHeader("Content-Type",
154 "application/vnd.google.safebrowsing-update", false);
155 response.setStatusLine(request.httpVersion, 200, "OK");
156 response.bodyOutputStream.write(contents, contents.length);
157 });
158 }
159
160 ////////////////////////////////////////////////////////////////////////////////
161 //// Tests
162
163 function run_test()
164 {
165 run_next_test();
166 }
167
168 add_task(function test_setup()
169 {
170 // Wait 10 minutes, that is half of the external xpcshell timeout.
171 do_timeout(10 * 60 * 1000, function() {
172 if (gStillRunning) {
173 do_throw("Test timed out.");
174 }
175 });
176 // Set up a local HTTP server to return bad verdicts.
177 Services.prefs.setCharPref("browser.safebrowsing.appRepURL",
178 "http://localhost:4444/download");
179 // Ensure safebrowsing is enabled for this test, even if the app
180 // doesn't have it enabled.
181 Services.prefs.setBoolPref("browser.safebrowsing.malware.enabled", true);
182 do_register_cleanup(function() {
183 Services.prefs.clearUserPref("browser.safebrowsing.malware.enabled");
184 });
185
186 gHttpServer = new HttpServer();
187 gHttpServer.registerDirectory("/", do_get_cwd());
188
189 function createVerdict(aShouldBlock) {
190 // We can't programmatically create a protocol buffer here, so just
191 // hardcode some already serialized ones.
192 blob = String.fromCharCode(parseInt(0x08, 16));
193 if (aShouldBlock) {
194 // A safe_browsing::ClientDownloadRequest with a DANGEROUS verdict
195 blob += String.fromCharCode(parseInt(0x01, 16));
196 } else {
197 // A safe_browsing::ClientDownloadRequest with a SAFE verdict
198 blob += String.fromCharCode(parseInt(0x00, 16));
199 }
200 return blob;
201 }
202
203 gHttpServer.registerPathHandler("/throw", function(request, response) {
204 do_throw("We shouldn't be getting here");
205 });
206
207 gHttpServer.registerPathHandler("/download", function(request, response) {
208 do_print("Querying remote server for verdict");
209 response.setHeader("Content-Type", "application/octet-stream", false);
210 let buf = NetUtil.readInputStreamToString(
211 request.bodyInputStream,
212 request.bodyInputStream.available());
213 do_print("Request length: " + buf.length);
214 // A garbage response. By default this produces NS_CANNOT_CONVERT_DATA as
215 // the callback status.
216 let blob = "this is not a serialized protocol buffer";
217 // We can't actually parse the protocol buffer here, so just switch on the
218 // length instead of inspecting the contents.
219 if (buf.length == 45) {
220 // evil.com
221 blob = createVerdict(true);
222 } else if (buf.length == 48) {
223 // mozilla.com
224 blob = createVerdict(false);
225 }
226 response.bodyOutputStream.write(blob, blob.length);
227 });
228
229 gHttpServer.start(4444);
230 });
231
232 // Construct a response with redirect urls.
233 function processUpdateRequest() {
234 let response = "n:1000\n";
235 for (let table in gTables) {
236 response += "i:" + table + "\n";
237 for (let i = 0; i < gTables[table].length; ++i) {
238 response += "u:" + gTables[table][i] + "\n";
239 }
240 }
241 do_print("Returning update response: " + response);
242 return response;
243 }
244
245 // Set up the local whitelist.
246 function waitForUpdates() {
247 let deferred = Promise.defer();
248 gHttpServer.registerPathHandler("/downloads", function(request, response) {
249 let buf = NetUtil.readInputStreamToString(request.bodyInputStream,
250 request.bodyInputStream.available());
251 let blob = processUpdateRequest();
252 response.setHeader("Content-Type",
253 "application/vnd.google.safebrowsing-update", false);
254 response.setStatusLine(request.httpVersion, 200, "OK");
255 response.bodyOutputStream.write(blob, blob.length);
256 });
257
258 let streamUpdater = Cc["@mozilla.org/url-classifier/streamupdater;1"]
259 .getService(Ci.nsIUrlClassifierStreamUpdater);
260 streamUpdater.updateUrl = "http://localhost:4444/downloads";
261
262 // Load up some update chunks for the safebrowsing server to serve. This
263 // particular chunk contains the hash of whitelisted.com/ and
264 // sb-ssl.google.com/safebrowsing/csd/certificate/.
265 registerTableUpdate("goog-downloadwhite-digest256", "data/digest.chunk");
266
267 // Resolve the promise once processing the updates is complete.
268 function updateSuccess(aEvent) {
269 // Timeout of n:1000 is constructed in processUpdateRequest above and
270 // passed back in the callback in nsIUrlClassifierStreamUpdater on success.
271 do_check_eq("1000", aEvent);
272 do_print("All data processed");
273 deferred.resolve(true);
274 }
275 // Just throw if we ever get an update or download error.
276 function handleError(aEvent) {
277 do_throw("We didn't download or update correctly: " + aEvent);
278 deferred.reject();
279 }
280 streamUpdater.downloadUpdates(
281 "goog-downloadwhite-digest256",
282 "goog-downloadwhite-digest256;\n",
283 updateSuccess, handleError, handleError);
284 return deferred.promise;
285 }
286
287 function promiseQueryReputation(query, expectedShouldBlock) {
288 let deferred = Promise.defer();
289 function onComplete(aShouldBlock, aStatus) {
290 do_check_eq(Cr.NS_OK, aStatus);
291 do_check_eq(aShouldBlock, expectedShouldBlock);
292 deferred.resolve(true);
293 }
294 gAppRep.queryReputation(query, onComplete);
295 return deferred.promise;
296 }
297
298 add_task(function()
299 {
300 // Wait for Safebrowsing local list updates to complete.
301 yield waitForUpdates();
302 });
303
304 add_task(function test_signature_whitelists()
305 {
306 // We should never get to the remote server.
307 Services.prefs.setCharPref("browser.safebrowsing.appRepURL",
308 "http://localhost:4444/throw");
309
310 // Use BackgroundFileSaver to extract the signature on Windows.
311 let destFile = getTempFile(TEST_FILE_NAME_1);
312
313 let data = readFileToString("data/signed_win.exe");
314 let saver = new BackgroundFileSaverOutputStream();
315 let completionPromise = promiseSaverComplete(saver);
316 saver.enableSignatureInfo();
317 saver.setTarget(destFile, false);
318 yield promiseCopyToSaver(data, saver, true);
319
320 saver.finish(Cr.NS_OK);
321 yield completionPromise;
322
323 // Clean up.
324 destFile.remove(false);
325
326 // evil.com is not on the allowlist, but this binary is signed by an entity
327 // whose certificate information is on the allowlist.
328 yield promiseQueryReputation({sourceURI: createURI("http://evil.com"),
329 signatureInfo: saver.signatureInfo,
330 fileSize: 12}, false);
331 });
332
333 add_task(function test_blocked_binary()
334 {
335 // We should reach the remote server for a verdict.
336 Services.prefs.setCharPref("browser.safebrowsing.appRepURL",
337 "http://localhost:4444/download");
338 // evil.com should return a malware verdict from the remote server.
339 yield promiseQueryReputation({sourceURI: createURI("http://evil.com"),
340 suggestedFileName: "noop.bat",
341 fileSize: 12}, true);
342 });
343
344 add_task(function test_non_binary()
345 {
346 // We should not reach the remote server for a verdict for non-binary files.
347 Services.prefs.setCharPref("browser.safebrowsing.appRepURL",
348 "http://localhost:4444/throw");
349 yield promiseQueryReputation({sourceURI: createURI("http://evil.com"),
350 suggestedFileName: "noop.txt",
351 fileSize: 12}, false);
352 });
353
354 add_task(function test_good_binary()
355 {
356 // We should reach the remote server for a verdict.
357 Services.prefs.setCharPref("browser.safebrowsing.appRepURL",
358 "http://localhost:4444/download");
359 // mozilla.com should return a not-guilty verdict from the remote server.
360 yield promiseQueryReputation({sourceURI: createURI("http://mozilla.com"),
361 suggestedFileName: "noop.bat",
362 fileSize: 12}, false);
363 });
364
365 add_task(function test_teardown()
366 {
367 gStillRunning = false;
368 });

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial