// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <algorithm> #include "base/command_line.h" #include "base/files/file_util.h" #include "base/memory/raw_ptr.h" #include "base/path_service.h" #include "build/config/chromebox_for_meetings/buildflags.h" #include "chrome/browser/extensions/chrome_content_verifier_delegate.h" #include "chrome/browser/extensions/extension_service_test_with_install.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/chrome_switches.h" #include "chrome/test/base/testing_profile.h" #include "extensions/browser/content_verifier/test_utils.h" #include "extensions/browser/extension_system.h" #include "extensions/common/file_util.h" #include "extensions/common/switches.h" namespace extensions { namespace { constexpr char kCaseSensitiveManifestPathsCrx[] = …; std::set<base::FilePath> ToFilePaths(const std::set<std::string>& paths) { … } bool IsSuperset(const std::set<base::FilePath>& container, const std::set<base::FilePath>& candidates) { … } } // namespace // Tests are run with //chrome layer so that manifest's //chrome specific bits // (e.g. browser images, default_icon in actions) are present. class ChromeContentVerifierTest : public ExtensionServiceTestWithInstall { … }; // Tests that an extension with mixed case resources specified in manifest.json // (messages, browser images, browserAction.default_icon) loads correctly. TEST_F(ChromeContentVerifierTest, CaseSensitivityInManifestPaths) { … } // Tests that tampered resources cause verification failure due to hash mismatch // during OnExtensionLoaded. TEST_F(ChromeContentVerifierTest, VerifyFailedOnLoad) { … } #if BUILDFLAG(PLATFORM_CFM) // Content should be verified on a CfM without the // kDisableAppContentVerification flag. TEST_F(ChromeContentVerifierTest, CfmChecksHashWithoutForceFlag) { ASSERT_FALSE(base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kDisableAppContentVerification)); InitContentVerifier(); ASSERT_TRUE(InstallExtension(kCaseSensitiveManifestPathsCrx)); // Ensure that content verifier has checked hashes from |extension|. EXPECT_EQ(ChromeContentVerifierDelegate::VerifierSourceType::SIGNED_HASHES, GetVerifierSourceType(extension())); } // Content should NOT be verified on a CfM only when the // kDisableAppContentVerification flag is present. TEST_F(ChromeContentVerifierTest, CfmDoesNotCheckHashWithForceFlag) { base::CommandLine::ForCurrentProcess()->AppendSwitch( switches::kDisableAppContentVerification); InitContentVerifier(); ASSERT_TRUE(InstallExtension(kCaseSensitiveManifestPathsCrx)); // Ensure that content verifier has NOT checked hashes from |extension|. EXPECT_EQ(ChromeContentVerifierDelegate::VerifierSourceType::NONE, GetVerifierSourceType(extension())); } #else // BUILDFLAG(PLATFORM_CFM) // Content should be verified on non-CfM builds even when the // kDisableAppContentVerification flag is present. TEST_F(ChromeContentVerifierTest, NonCfmChecksHashEvenWithForceFlag) { … } #endif // BUILDFLAG(PLATFORM_CFM) } // namespace extensions
Codebase Browser
chromium