Mercurial > trustbridge
annotate common/selftest.c @ 1369:948f03bb5254
Add signature time extraction for Linux and test for it in binverifytest
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 24 Nov 2014 14:43:10 +0100 |
parents | 28885e8c891f |
children |
rev | line source |
---|---|
1160
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
2 * Software engineering by Intevation GmbH |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
3 * |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
6 * See LICENSE.txt for details. |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
7 */ |
a974b61a5cce
(issue108) Add missing license headers
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1081
diff
changeset
|
8 |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 #include "selftest.h" |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
10 #include "binverify.h" |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
11 #include "strhelp.h" |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
12 #include "logging.h" |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 bool |
1364
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
15 selftest(time_t *sig_time) |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 { |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
17 bin_verify_result res; |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #ifdef WIN32 |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 wchar_t wPath[MAX_PATH]; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 char *utf8path = NULL; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 |
904
f89b41fa7048
Fix whitespace errors
Andre Heinecke <andre.heinecke@intevation.de>
parents:
634
diff
changeset
|
22 if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1)) |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 { |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 PRINTLASTERROR ("Failed to obtain module file name. Path too long?"); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 return false; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 } |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
27 |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
28 /* wPath might not be 0 terminated */ |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
29 wPath[MAX_PATH - 1] = '\0'; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
30 |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
31 utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH)); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 if (utf8path == NULL) |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 { |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
35 ERRORPRINTF ("Failed to convert module path to utf-8"); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
36 return false; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
37 } |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
38 |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
39 res = verify_binary (utf8path, strlen(utf8path)); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
40 if (res.result != VerifyValid) |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
41 { |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
42 ERRORPRINTF ("Verification of the binary failed"); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
43 syslog_error_printf ("Integrity check failed."); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
44 xfree(utf8path); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
45 return false; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
46 } |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
47 |
1364
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
48 if (sig_time) |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
49 { |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
50 *sig_time = res.sig_time; |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
51 } |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
52 fclose(res.fptr); |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
53 xfree(utf8path); |
1073
fa3f4e2370d3
Fix selftest it was broken during the move out of verify_binary
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
54 return true; |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
55 #else |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
56 res = verify_binary ("/proc/self/exe", 14); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
57 if (res.result != VerifyValid) |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
58 { |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
59 syslog_error_printf ("Integrity check failed."); |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
60 return false; |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
61 } |
1364
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
62 if (sig_time) |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
63 { |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
64 *sig_time = res.sig_time; |
28885e8c891f
(issue177) Read signature time from PKCS#7 object in selftest and binverify
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1160
diff
changeset
|
65 } |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
66 fclose(res.fptr); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1073
diff
changeset
|
67 return true; |
634
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
68 #endif |
80d1a80b3e8d
Factor out selftest for better test and reviewability
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
69 } |