annotate ui/tests/binverifytest.cpp @ 808:13cf42dbe9bd

Increase MAX SW size to 15mb
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 15 Jul 2014 16:30:24 +0200
parents 44fa5de02b52
children b1df9621c89c
rev   line source
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
2 * Software engineering by Intevation GmbH
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
3 *
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
6 * See LICENSE.txt for details.
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
7 */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 #include "binverify.h"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 #include "binverifytest.h"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
10
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
11 #include <QTest>
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
12
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
13 #ifdef Q_OS_WIN
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 # define EXE_SUFFIX ".exe"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #else
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 # define EXE_SUFFIX ""
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 #endif
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 /* Some general robustness checks */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 void BinVerifyTest::testMiscErrors()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
21 {
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
22 QVERIFY (verify_binary (NULL, 10) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 QVERIFY (verify_binary ("foo", 10) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 QVERIFY (verify_binary ("bar", -1) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 /* On windows the next line will check that a valid microsoft
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 * signed executable is not valid for us (pinning). On linux
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
27 * it will just fail with a read error which we tested above */
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
28 #ifdef Q_OS_WIN
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
29 QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe",
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
30 strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate);
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
31 #endif
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32 QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
34
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
35 /* Check that a signature with only a different key (of the same size)
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
36 * is not validated (Invalid signature because key and cert don't match)*/
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
37 void BinVerifyTest::testOtherKey()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
38 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
39 QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
40 strlen("fakeinst-other-key" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
41 }
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
42
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
43 /* Check that an invalid signature is not validated */
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
44 void BinVerifyTest::testInvalidSig()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
45 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
46 QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
47 strlen("fakeinst-invalid" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
48 }
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
49
774
44fa5de02b52 (issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 637
diff changeset
50 #ifdef Q_OS_WIN
44fa5de02b52 (issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 637
diff changeset
51 /* Check that a signature with a different (valid) certificate is not validated
44fa5de02b52 (issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 637
diff changeset
52 * on Linux only the key is checked not the certificate */
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
53 void BinVerifyTest::testOtherCert()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
54 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
55 QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
56 strlen("fakeinst-other-cert" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
57 }
774
44fa5de02b52 (issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 637
diff changeset
58 #endif
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
59
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
60 /* Check that no signature is not validated */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
61 void BinVerifyTest::testNoSignature()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
62 {
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
63 QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
64 strlen("fakeinst" EXE_SUFFIX)));
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
65 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
66
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
67 /* Check that a valid signed executable is verified */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 void BinVerifyTest::testValidBinary()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69 {
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
70 QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX,
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
71 strlen("fakeinst-signed" EXE_SUFFIX)));
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
72 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
73
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
74 QTEST_GUILESS_MAIN (BinVerifyTest);

http://wald.intevation.org/projects/trustbridge/