Mercurial > trustbridge
annotate ui/tests/binverifytest.cpp @ 723:e71c59b16eee
Added certificate deinstallation.
author | Sascha Wilde <wilde@intevation.de> |
---|---|
date | Wed, 02 Jul 2014 16:19:18 +0200 |
parents | be30d50bc4f0 |
children | 44fa5de02b52 |
rev | line source |
---|---|
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 * |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 #include "binverify.h" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 #include "binverifytest.h" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
10 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
11 #include <QTest> |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
12 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 #ifdef Q_OS_WIN |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 # define EXE_SUFFIX ".exe" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 #else |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 # define EXE_SUFFIX "" |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 #endif |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 /* Some general robustness checks */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 void BinVerifyTest::testMiscErrors() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 { |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 QVERIFY (verify_binary (NULL, 10) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 QVERIFY (verify_binary ("foo", 10) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 QVERIFY (verify_binary ("bar", -1) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 /* On windows the next line will check that a valid microsoft |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 * signed executable is not valid for us (pinning). On linux |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
27 * it will just fail with a read error which we tested above */ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
28 #ifdef Q_OS_WIN |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
29 QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe", |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
30 strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
31 #endif |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
35 /* Check that a signature with only a different key (of the same size) |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
36 * is not validated (Invalid signature because key and cert don't match)*/ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
37 void BinVerifyTest::testOtherKey() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
38 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
39 QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
40 strlen("fakeinst-other-key" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
41 } |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
42 |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
43 /* Check that an invalid signature is not validated */ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
44 void BinVerifyTest::testInvalidSig() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
45 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
46 QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
47 strlen("fakeinst-invalid" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
48 } |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
49 |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
50 /* Check that a signature with a different (valid) certificate is not validated */ |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
51 void BinVerifyTest::testOtherCert() |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
52 { |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
53 QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
54 strlen("fakeinst-other-cert" EXE_SUFFIX))); |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
55 } |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
56 |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
57 /* Check that no signature is not validated */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
58 void BinVerifyTest::testNoSignature() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
59 { |
637
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
60 QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX, |
be30d50bc4f0
Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents:
636
diff
changeset
|
61 strlen("fakeinst" EXE_SUFFIX))); |
636
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
62 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
63 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
64 /* Check that a valid signed executable is verified */ |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
65 void BinVerifyTest::testValidBinary() |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
66 { |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
67 QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX, |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
68 strlen("fakeinst-signed" EXE_SUFFIX))); |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
69 } |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
70 |
2fd4f9980a2a
Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
71 QTEST_GUILESS_MAIN (BinVerifyTest); |