def AddFileToFileStore(pathspec=None, client_id=None, token=None):
"""Adds file with given pathspec to the hash file store."""
if pathspec is None:
raise ValueError("pathspec can't be None")
if client_id is None:
raise ValueError("client_id can't be None")
urn = pathspec.AFF4Path(client_id)
client_mock = action_mocks.GetFileClientMock()
for _ in test_lib.TestFlowHelper(
transfer.GetFile.__name__,
client_mock,
token=token,
client_id=client_id,
pathspec=pathspec):
pass
auth_state = rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED
events.Events.PublishEvent(
"FileStore.AddFileToStore",
rdf_flows.GrrMessage(payload=urn, auth_state=auth_state),
token=token)
worker = test_lib.MockWorker(token=token)
worker.Simulate()
return urn
def testGetFile(self):
"""Test that the GetFile flow works."""
client_mock = action_mocks.GetFileClientMock()
pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS,
path=os.path.join(
self.base_path, "test_img.dd"))
for _ in test_lib.TestFlowHelper("GetFile",
client_mock,
token=self.token,
client_id=self.client_id,
pathspec=pathspec):
pass
# Fix path for Windows testing.
pathspec.path = pathspec.path.replace("\\", "/")
# Test the AFF4 file that was created.
urn = pathspec.AFF4Path(self.client_id)
fd1 = aff4.FACTORY.Open(urn, token=self.token)
fd2 = open(pathspec.path, "rb")
fd2.seek(0, 2)
self.assertEqual(fd2.tell(), int(fd1.Get(fd1.Schema.SIZE)))
self.CompareFDs(fd1, fd2)
def testGetFilePathCorrection(self):
"""Tests that the pathspec returned is used for the aff4path."""
client_mock = action_mocks.GetFileClientMock()
# Deliberately using the wrong casing.
pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS,
path=os.path.join(
self.base_path, "TEST_IMG.dd"))
for s in test_lib.TestFlowHelper("GetFile",
client_mock,
token=self.token,
client_id=self.client_id,
pathspec=pathspec):
session_id = s
results = flow.GRRFlow.ResultCollectionForFID(session_id,
token=self.token)
self.assertEqual(len(results), 1)
res_pathspec = results[0].pathspec
# Fix path for Windows testing.
pathspec.path = pathspec.path.replace("\\", "/")
# Test the AFF4 file that was created.
urn = res_pathspec.AFF4Path(self.client_id)
fd1 = aff4.FACTORY.Open(urn, token=self.token)
fd2 = open(res_pathspec.path, "rb")
fd2.seek(0, 2)
self.assertEqual(fd2.tell(), int(fd1.Get(fd1.Schema.SIZE)))
self.CompareFDs(fd1, fd2)
def testExportWithDummyPlugin(self):
pathspec = rdf_paths.PathSpec(pathtype=rdf_paths.PathSpec.PathType.OS,
path=os.path.join(
self.base_path, "winexec_img.dd"))
pathspec.Append(path="/Ext2IFS_1_10b.exe",
pathtype=rdf_paths.PathSpec.PathType.TSK)
urn = pathspec.AFF4Path(self.client_id)
client_mock = action_mocks.GetFileClientMock()
for _ in test_lib.TestFlowHelper("GetFile",
client_mock,
token=self.token,
client_id=self.client_id,
pathspec=pathspec):
pass
auth_state = rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED
events.Events.PublishEvent("FileStore.AddFileToStore",
rdf_flows.GrrMessage(payload=urn,
auth_state=auth_state),
token=self.token)
worker = test_lib.MockWorker(token=self.token)
worker.Simulate()
plugin = hash_file_store_plugin.HashFileStoreExportPlugin()
parser = argparse.ArgumentParser()
plugin.ConfigureArgParser(parser)
plugin.Run(parser.parse_args(args=["--threads", "0", "dummy"]))
responses = DummyOutputPlugin.responses
self.assertEqual(len(responses), 5)
for response in responses:
self.assertTrue(isinstance(response, aff4_filestore.FileStoreHash))
self.assertTrue(
aff4_filestore.FileStoreHash(
fingerprint_type="pecoff",
hash_type="md5",
hash_value="a3a3259f7b145a21c7b512d876a5da06") in responses)
self.assertTrue(
aff4_filestore.FileStoreHash(
fingerprint_type="pecoff",
hash_type="sha1",
hash_value="019bddad9cac09f37f3941a7f285c79d3c7e7801") in
responses)
self.assertTrue(
aff4_filestore.FileStoreHash(
fingerprint_type="generic",
hash_type="md5",
hash_value="bb0a15eefe63fd41f8dc9dee01c5cf9a") in responses)
self.assertTrue(
aff4_filestore.FileStoreHash(
fingerprint_type="generic",
hash_type="sha1",
hash_value="7dd6bee591dfcb6d75eb705405302c3eab65e21a") in
responses)
self.assertTrue(
aff4_filestore.FileStoreHash(
fingerprint_type="generic",
hash_type="sha256",
hash_value="0e8dc93e150021bb4752029ebbff51394aa36f06"
"9cf19901578e4f06017acdb5") in responses)