Mercurial > trustbridge
annotate ui/tests/binverifytest.cpp @ 894:2e7fff9d195a
Update in the real prefix
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Fri, 08 Aug 2014 14:37:31 +0200 |
parents | b1df9621c89c |
children | 317ee9dc4684 |
rev | line source |
---|---|
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 * |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 #include "binverify.h" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 #include "binverifytest.h" |
869
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
10 #include "createinstallerdialog.h" |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
11 #include "common.h" |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
12 #include "mainwindow.h" |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 |
869
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
14 #include <QtTest> |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
15 #include <QSettings> |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
16 #include <QTemporaryFile> |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #ifdef Q_OS_WIN |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 # define EXE_SUFFIX ".exe" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 #else |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 # define EXE_SUFFIX "" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 #endif |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 |
869
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
24 #ifdef Q_OS_WIN |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
25 Q_IMPORT_PLUGIN(QWindowsIntegrationPlugin) |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
26 #else |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
27 Q_IMPORT_PLUGIN(QXcbIntegrationPlugin) |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
28 #endif |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
29 |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
30 /* Some general robustness checks */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
31 void BinVerifyTest::testMiscErrors() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 { |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 QVERIFY (verify_binary (NULL, 10) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 QVERIFY (verify_binary ("foo", 10) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
35 QVERIFY (verify_binary ("bar", -1) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
36 /* On windows the next line will check that a valid microsoft |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
37 * signed executable is not valid for us (pinning). On linux |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
38 * it will just fail with a read error which we tested above */ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
39 #ifdef Q_OS_WIN |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
40 QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe", |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
41 strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
42 #endif |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
43 QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
44 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
45 |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
46 /* Check that a signature with only a different key (of the same size) |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
47 * is not validated (Invalid signature because key and cert don't match)*/ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
48 void BinVerifyTest::testOtherKey() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
49 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
50 QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
51 strlen("fakeinst-other-key" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
52 } |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
53 |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
54 /* Check that an invalid signature is not validated */ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
55 void BinVerifyTest::testInvalidSig() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
56 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
57 QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
58 strlen("fakeinst-invalid" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
59 } |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
60 |
774
44fa5de02b52
(issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
637
diff
changeset
|
61 #ifdef Q_OS_WIN |
44fa5de02b52
(issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
637
diff
changeset
|
62 /* Check that a signature with a different (valid) certificate is not validated |
44fa5de02b52
(issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
637
diff
changeset
|
63 * on Linux only the key is checked not the certificate */ |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
64 void BinVerifyTest::testOtherCert() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
65 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
66 QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
67 strlen("fakeinst-other-cert" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
68 } |
774
44fa5de02b52
(issue43) Finalize and verify binary verification for linux.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
637
diff
changeset
|
69 #endif |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
70 |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
71 /* Check that no signature is not validated */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
72 void BinVerifyTest::testNoSignature() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
73 { |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
74 QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
75 strlen("fakeinst" EXE_SUFFIX))); |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
76 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
77 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
78 /* Check that a valid signed executable is verified */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
79 void BinVerifyTest::testValidBinary() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
80 { |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
81 QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX, |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
82 strlen("fakeinst-signed" EXE_SUFFIX))); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
83 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
84 |
869
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
85 void BinVerifyTest::testSignatureCreation() |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
86 { |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
87 QSettings testsettings; |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
88 testsettings.setValue("CodeSignCert", SOURCE_DIR"/data/codesign/codesigning-combined.pem"); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
89 testsettings.sync(); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
90 CreateInstallerDialog *theDialog = new CreateInstallerDialog(NULL); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
91 QString garbage = getRandomDataFile(21*1024*1024); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
92 QTemporaryFile outfile; |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
93 outfile.open(); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
94 outfile.close(); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
95 bool ret = theDialog->appendTextSignatureToFile (garbage, outfile.fileName()); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
96 QVERIFY(QFile::remove(garbage)); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
97 QVERIFY(ret == true); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
98 QVERIFY(VerifyValid == verify_binary (outfile.fileName().toUtf8().constData(), |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
99 outfile.fileName().toUtf8().size())); |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
100 } |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
101 |
b1df9621c89c
Add a test for text signature creation with createinstallerdialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
774
diff
changeset
|
102 QTEST_MAIN (BinVerifyTest); |