annotate common/selftest.c @ 1369:948f03bb5254

Add signature time extraction for Linux and test for it in binverifytest
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 24 Nov 2014 14:43:10 +0100
parents 28885e8c891f
children
rev   line source
1160
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
2 * Software engineering by Intevation GmbH
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
3 *
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
6 * See LICENSE.txt for details.
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
7 */
a974b61a5cce (issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1081
diff changeset
8
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 #include "selftest.h"
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
10 #include "binverify.h"
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
11 #include "strhelp.h"
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
12 #include "logging.h"
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
13
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 bool
1364
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
15 selftest(time_t *sig_time)
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 {
1081
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
17 bin_verify_result res;
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 #ifdef WIN32
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 wchar_t wPath[MAX_PATH];
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 char *utf8path = NULL;
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
21
904
f89b41fa7048 Fix whitespace errors
Andre Heinecke <andre.heinecke@intevation.de>
parents: 634
diff changeset
22 if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1))
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 {
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 PRINTLASTERROR ("Failed to obtain module file name. Path too long?");
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 return false;
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 }
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
27
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
28 /* wPath might not be 0 terminated */
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
29 wPath[MAX_PATH - 1] = '\0';
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
30
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
31 utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH));
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33 if (utf8path == NULL)
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
34 {
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
35 ERRORPRINTF ("Failed to convert module path to utf-8");
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
36 return false;
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
37 }
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
38
1081
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
39 res = verify_binary (utf8path, strlen(utf8path));
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
40 if (res.result != VerifyValid)
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
41 {
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
42 ERRORPRINTF ("Verification of the binary failed");
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
43 syslog_error_printf ("Integrity check failed.");
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
44 xfree(utf8path);
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
45 return false;
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
46 }
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
47
1364
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
48 if (sig_time)
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
49 {
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
50 *sig_time = res.sig_time;
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
51 }
1081
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
52 fclose(res.fptr);
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
53 xfree(utf8path);
1073
fa3f4e2370d3 Fix selftest it was broken during the move out of verify_binary
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
54 return true;
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
55 #else
1081
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
56 res = verify_binary ("/proc/self/exe", 14);
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
57 if (res.result != VerifyValid)
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
58 {
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
59 syslog_error_printf ("Integrity check failed.");
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
60 return false;
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
61 }
1364
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
62 if (sig_time)
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
63 {
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
64 *sig_time = res.sig_time;
28885e8c891f (issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1160
diff changeset
65 }
1081
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
66 fclose(res.fptr);
edbf5e5e88f4 (issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1073
diff changeset
67 return true;
634
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 #endif
80d1a80b3e8d Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69 }

http://wald.intevation.org/projects/trustbridge/