def testHashAction(self): paths = [os.path.join(self.base_path, "hello.exe")] hash_action = rdf_file_finder.FileFinderAction( action_type=rdf_file_finder.FileFinderAction.Action.HASH) results = self._RunFileFinder(paths, hash_action) self.assertEqual(len(results), 1) res = results[0] data = open(paths[0], "rb").read() self.assertEqual(res.hash_entry.num_bytes, len(data)) self.assertEqual(res.hash_entry.md5.HexDigest(), hashlib.md5(data).hexdigest()) self.assertEqual(res.hash_entry.sha1.HexDigest(), hashlib.sha1(data).hexdigest()) self.assertEqual(res.hash_entry.sha256.HexDigest(), hashlib.sha256(data).hexdigest()) hash_action = rdf_file_finder.FileFinderAction( action_type=rdf_file_finder.FileFinderAction.Action.HASH, hash=rdf_file_finder.FileFinderHashActionOptions( max_size=100, oversized_file_policy="SKIP")) results = self._RunFileFinder(paths, hash_action) self.assertEqual(len(results), 1) res = results[0] self.assertFalse(res.HasField("hash")) hash_action = rdf_file_finder.FileFinderAction( action_type=rdf_file_finder.FileFinderAction.Action.HASH, hash=rdf_file_finder.FileFinderHashActionOptions( max_size=100, oversized_file_policy="HASH_TRUNCATED")) results = self._RunFileFinder(paths, hash_action) self.assertEqual(len(results), 1) res = results[0] data = open(paths[0], "rb").read()[:100] self.assertEqual(res.hash_entry.num_bytes, len(data)) self.assertEqual(res.hash_entry.md5.HexDigest(), hashlib.md5(data).hexdigest()) self.assertEqual(res.hash_entry.sha1.HexDigest(), hashlib.sha1(data).hexdigest()) self.assertEqual(res.hash_entry.sha256.HexDigest(), hashlib.sha256(data).hexdigest())
def testFileFinderHashMaxFileSizeCanBeOverriden(self): router = self._CreateRouter( file_finder_flow=rr.RobotRouterFileFinderFlowParams( enabled=True, max_file_size=42)) ha = rdf_file_finder.FileFinderHashActionOptions() ha.max_size = 80 ha.oversized_file_policy = ha.OversizedFilePolicy.HASH_TRUNCATED path = "/foo/bar" handler = router.CreateFlow(api_flow.ApiCreateFlowArgs( flow=api_flow.ApiFlow(name=file_finder.FileFinder.__name__, args=rdf_file_finder.FileFinderArgs( paths=[path], action=rdf_file_finder.FileFinderAction( action_type="HASH", hash=ha))), client_id=self.client_id), token=self.token) ha = handler.override_flow_args.action.hash self.assertEqual(ha.oversized_file_policy, ha.OversizedFilePolicy.SKIP) self.assertEqual(ha.max_size, 42)