def AddFileToFileStore(pathspec=None, client_id=None, token=None): """Adds file with given pathspec to the hash file store.""" if pathspec is None: raise ValueError("pathspec can't be None") if client_id is None: raise ValueError("client_id can't be None") urn = pathspec.AFF4Path(client_id) client_mock = action_mocks.GetFileClientMock() for _ in test_lib.TestFlowHelper( transfer.GetFile.__name__, client_mock, token=token, client_id=client_id, pathspec=pathspec): pass auth_state = rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED events.Events.PublishEvent( "FileStore.AddFileToStore", rdf_flows.GrrMessage(payload=urn, auth_state=auth_state), token=token) worker = test_lib.MockWorker(token=token) worker.Simulate() return urn
def testGetFile(self): """Test that the GetFile flow works.""" client_mock = action_mocks.GetFileClientMock() pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS, path=os.path.join( self.base_path, "test_img.dd")) for _ in test_lib.TestFlowHelper("GetFile", client_mock, token=self.token, client_id=self.client_id, pathspec=pathspec): pass # Fix path for Windows testing. pathspec.path = pathspec.path.replace("\\", "/") # Test the AFF4 file that was created. urn = pathspec.AFF4Path(self.client_id) fd1 = aff4.FACTORY.Open(urn, token=self.token) fd2 = open(pathspec.path, "rb") fd2.seek(0, 2) self.assertEqual(fd2.tell(), int(fd1.Get(fd1.Schema.SIZE))) self.CompareFDs(fd1, fd2)
def testGetFilePathCorrection(self): """Tests that the pathspec returned is used for the aff4path.""" client_mock = action_mocks.GetFileClientMock() # Deliberately using the wrong casing. pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS, path=os.path.join( self.base_path, "TEST_IMG.dd")) for s in test_lib.TestFlowHelper("GetFile", client_mock, token=self.token, client_id=self.client_id, pathspec=pathspec): session_id = s results = flow.GRRFlow.ResultCollectionForFID(session_id, token=self.token) self.assertEqual(len(results), 1) res_pathspec = results[0].pathspec # Fix path for Windows testing. pathspec.path = pathspec.path.replace("\\", "/") # Test the AFF4 file that was created. urn = res_pathspec.AFF4Path(self.client_id) fd1 = aff4.FACTORY.Open(urn, token=self.token) fd2 = open(res_pathspec.path, "rb") fd2.seek(0, 2) self.assertEqual(fd2.tell(), int(fd1.Get(fd1.Schema.SIZE))) self.CompareFDs(fd1, fd2)
def testExportWithDummyPlugin(self): pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS, path=os.path.join( self.base_path, "winexec_img.dd")) pathspec.Append(path="/Ext2IFS_1_10b.exe", pathtype=rdf_paths.PathSpec.PathType.TSK) urn = pathspec.AFF4Path(self.client_id) client_mock = action_mocks.GetFileClientMock() for _ in test_lib.TestFlowHelper("GetFile", client_mock, token=self.token, client_id=self.client_id, pathspec=pathspec): pass auth_state = rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED events.Events.PublishEvent("FileStore.AddFileToStore", rdf_flows.GrrMessage(payload=urn, auth_state=auth_state), token=self.token) worker = test_lib.MockWorker(token=self.token) worker.Simulate() plugin = hash_file_store_plugin.HashFileStoreExportPlugin() parser = argparse.ArgumentParser() plugin.ConfigureArgParser(parser) plugin.Run(parser.parse_args(args=["--threads", "0", "dummy"])) responses = DummyOutputPlugin.responses self.assertEqual(len(responses), 5) for response in responses: self.assertTrue(isinstance(response, aff4_filestore.FileStoreHash)) self.assertTrue( aff4_filestore.FileStoreHash( fingerprint_type="pecoff", hash_type="md5", hash_value="a3a3259f7b145a21c7b512d876a5da06") in responses) self.assertTrue( aff4_filestore.FileStoreHash( fingerprint_type="pecoff", hash_type="sha1", hash_value="019bddad9cac09f37f3941a7f285c79d3c7e7801") in responses) self.assertTrue( aff4_filestore.FileStoreHash( fingerprint_type="generic", hash_type="md5", hash_value="bb0a15eefe63fd41f8dc9dee01c5cf9a") in responses) self.assertTrue( aff4_filestore.FileStoreHash( fingerprint_type="generic", hash_type="sha1", hash_value="7dd6bee591dfcb6d75eb705405302c3eab65e21a") in responses) self.assertTrue( aff4_filestore.FileStoreHash( fingerprint_type="generic", hash_type="sha256", hash_value="0e8dc93e150021bb4752029ebbff51394aa36f06" "9cf19901578e4f06017acdb5") in responses)