def testDeleteSignedBinary(self):
binary1_urn = rdfvalue.RDFURN("aff4:/config/executables/foo1")
binary2_urn = rdfvalue.RDFURN("aff4:/config/executables/foo2")
signed_binary_utils.WriteSignedBinaryBlobs(
binary1_urn, [rdf_crypto.SignedBlob().Sign(b"\x00", self._private_key)])
signed_binary_utils.WriteSignedBinaryBlobs(
binary2_urn, [rdf_crypto.SignedBlob().Sign(b"\x11", self._private_key)])
self.assertCountEqual(signed_binary_utils.FetchURNsForAllSignedBinaries(),
[binary1_urn, binary2_urn])
signed_binary_utils.DeleteSignedBinary(binary1_urn)
self.assertCountEqual(signed_binary_utils.FetchURNsForAllSignedBinaries(),
[binary2_urn])
def Handle(self, args, token=None):
if not args.path:
raise ValueError("Invalid binary path: %s" % args.path)
root_urn = _GetBinaryRootUrn(args.type)
signed_binary_utils.WriteSignedBinaryBlobs(
root_urn.Add(args.path), list(args.blobs))
def testWriteSignedBinaryBlobs(self):
test_urn = rdfvalue.RDFURN("aff4:/config/executables/foo")
test_blobs = [
rdf_crypto.SignedBlob().Sign(b"\x00\x11\x22", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x33\x44\x55", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x66\x77\x88", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x99", self._private_key)
]
signed_binary_utils.WriteSignedBinaryBlobs(test_urn, test_blobs)
blobs_iter, timestamp = signed_binary_utils.FetchBlobsForSignedBinaryByURN(
test_urn)
self.assertGreater(timestamp.AsMicrosecondsSinceEpoch(), 0)
self.assertCountEqual(list(blobs_iter), test_blobs)
def testFetchSizeOfSignedBinary(self):
binary1_urn = rdfvalue.RDFURN("aff4:/config/executables/foo1")
binary2_urn = rdfvalue.RDFURN("aff4:/config/executables/foo2")
binary1_data = b"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99"
binary2_blobs = [
rdf_crypto.SignedBlob().Sign(b"\x00\x11\x22", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x33\x44", self._private_key)
]
signed_binary_utils.WriteSignedBinary(binary1_urn,
binary1_data,
private_key=self._private_key,
public_key=self._public_key,
chunk_size=3)
signed_binary_utils.WriteSignedBinaryBlobs(binary2_urn, binary2_blobs)
binary1_size = signed_binary_utils.FetchSizeOfSignedBinary(binary1_urn)
binary2_size = signed_binary_utils.FetchSizeOfSignedBinary(binary2_urn)
self.assertEqual(binary1_size, 10)
self.assertEqual(binary2_size, 5)
def Handle(self, args, context=None):
if not args.path:
raise ValueError("Invalid binary path: %s" % args.path)
root_urn = _GetBinaryRootUrn(args.type)
urn = root_urn.Add(args.path)
# If GRR binaries are readonly, check if a binary with the given
# name and type exists and raise if it does.
if config.CONFIG["Server.grr_binaries_readonly"]:
try:
signed_binary_utils.FetchBlobsForSignedBinaryByURN(urn)
raise GrrBinaryIsNotOverwritableError(
f"GRR binary ({args.path}, {args.type}) can't be overwritten: "
"all binaries are read-only.")
except signed_binary_utils.SignedBinaryNotFoundError:
pass
signed_binary_utils.WriteSignedBinaryBlobs(urn, list(args.blobs))
def testReadIndividualBlobsFromSignedBinary(self):
test_urn = rdfvalue.RDFURN("aff4:/config/executables/foo")
test_blobs = [
rdf_crypto.SignedBlob().Sign(b"\x00\x11\x22", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x33\x44\x55", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x66\x77\x88", self._private_key),
rdf_crypto.SignedBlob().Sign(b"\x99", self._private_key)
]
signed_binary_utils.WriteSignedBinaryBlobs(test_urn, test_blobs)
with self.assertRaises(ValueError):
signed_binary_utils.FetchBlobForSignedBinaryByURN(test_urn, -1)
for i, test_blob in enumerate(test_blobs):
blob = signed_binary_utils.FetchBlobForSignedBinaryByURN(test_urn, i)
self.assertEqual(blob.data, test_blob.data)
with self.assertRaises(signed_binary_utils.BlobIndexOutOfBoundsError):
signed_binary_utils.FetchBlobForSignedBinaryByURN(test_urn,
len(test_blobs))
