NaCl: Update revision in DEPS, r12770 -> r12773
[chromium-blink-merge.git] / chrome / browser / safe_browsing / signature_util_win_unittest.cc
blob294a8e983fe192341f9d6a39015486f5c91d1bce
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/safe_browsing/signature_util.h"
7 #include <string>
8 #include <vector>
10 #include "base/base_paths.h"
11 #include "base/files/file_path.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/path_service.h"
14 #include "chrome/common/safe_browsing/csd.pb.h"
15 #include "net/cert/x509_cert_types.h"
16 #include "net/cert/x509_certificate.h"
17 #include "testing/gtest/include/gtest/gtest.h"
19 namespace safe_browsing {
21 class SignatureUtilWinTest : public testing::Test {
22 protected:
23 virtual void SetUp() {
24 base::FilePath source_path;
25 ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &source_path));
26 testdata_path_ = source_path
27 .AppendASCII("chrome")
28 .AppendASCII("test")
29 .AppendASCII("data")
30 .AppendASCII("safe_browsing")
31 .AppendASCII("download_protection");
34 // Given a certificate chain protobuf, parse it into X509Certificates.
35 void ParseCertificateChain(
36 const ClientDownloadRequest_CertificateChain& chain,
37 std::vector<scoped_refptr<net::X509Certificate> >* certs) {
38 for (int i = 0; i < chain.element_size(); ++i) {
39 certs->push_back(
40 net::X509Certificate::CreateFromBytes(
41 chain.element(i).certificate().data(),
42 chain.element(i).certificate().size()));
46 base::FilePath testdata_path_;
49 TEST_F(SignatureUtilWinTest, UntrustedSignedBinary) {
50 // signed.exe is signed by an untrusted root CA.
51 scoped_refptr<SignatureUtil> signature_util(new SignatureUtil());
52 ClientDownloadRequest_SignatureInfo signature_info;
53 signature_util->CheckSignature(testdata_path_.Append(L"signed.exe"),
54 &signature_info);
55 ASSERT_EQ(1, signature_info.certificate_chain_size());
56 std::vector<scoped_refptr<net::X509Certificate> > certs;
57 ParseCertificateChain(signature_info.certificate_chain(0), &certs);
58 ASSERT_EQ(2, certs.size());
59 EXPECT_EQ("Joe's-Software-Emporium", certs[0]->subject().common_name);
60 EXPECT_EQ("Root Agency", certs[1]->subject().common_name);
62 EXPECT_TRUE(signature_info.has_trusted());
63 EXPECT_FALSE(signature_info.trusted());
66 TEST_F(SignatureUtilWinTest, TrustedBinary) {
67 // wow_helper.exe is signed using Google's signing certifiacte.
68 scoped_refptr<SignatureUtil> signature_util(new SignatureUtil());
69 ClientDownloadRequest_SignatureInfo signature_info;
70 signature_util->CheckSignature(testdata_path_.Append(L"wow_helper.exe"),
71 &signature_info);
72 ASSERT_EQ(1, signature_info.certificate_chain_size());
73 std::vector<scoped_refptr<net::X509Certificate> > certs;
74 ParseCertificateChain(signature_info.certificate_chain(0), &certs);
75 ASSERT_EQ(3, certs.size());
77 EXPECT_EQ("Google Inc", certs[0]->subject().common_name);
78 EXPECT_EQ("VeriSign Class 3 Code Signing 2009-2 CA",
79 certs[1]->subject().common_name);
80 EXPECT_EQ("Class 3 Public Primary Certification Authority",
81 certs[2]->subject().organization_unit_names[0]);
83 EXPECT_TRUE(signature_info.trusted());
86 TEST_F(SignatureUtilWinTest, UnsignedBinary) {
87 // unsigned.exe has no signature information.
88 scoped_refptr<SignatureUtil> signature_util(new SignatureUtil());
89 ClientDownloadRequest_SignatureInfo signature_info;
90 signature_util->CheckSignature(testdata_path_.Append(L"unsigned.exe"),
91 &signature_info);
92 EXPECT_EQ(0, signature_info.certificate_chain_size());
93 EXPECT_FALSE(signature_info.has_trusted());
96 TEST_F(SignatureUtilWinTest, NonExistentBinary) {
97 // Test a file that doesn't exist.
98 scoped_refptr<SignatureUtil> signature_util(new SignatureUtil());
99 ClientDownloadRequest_SignatureInfo signature_info;
100 signature_util->CheckSignature(testdata_path_.Append(L"doesnotexist.exe"),
101 &signature_info);
102 EXPECT_EQ(0, signature_info.certificate_chain_size());
103 EXPECT_FALSE(signature_info.has_trusted());
106 } // namespace safe_browsing