annotate ui/tests/binverifytest.cpp @ 723:e71c59b16eee

Added certificate deinstallation.
author Sascha Wilde <wilde@intevation.de>
date Wed, 02 Jul 2014 16:19:18 +0200
parents be30d50bc4f0
children 44fa5de02b52
rev   line source
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
2 * Software engineering by Intevation GmbH
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
3 *
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
6 * See LICENSE.txt for details.
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
7 */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 #include "binverify.h"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 #include "binverifytest.h"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
10
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
11 #include <QTest>
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
12
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
13 #ifdef Q_OS_WIN
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 # define EXE_SUFFIX ".exe"
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #else
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 # define EXE_SUFFIX ""
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 #endif
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 /* Some general robustness checks */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 void BinVerifyTest::testMiscErrors()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
21 {
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
22 QVERIFY (verify_binary (NULL, 10) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 QVERIFY (verify_binary ("foo", 10) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 QVERIFY (verify_binary ("bar", -1) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 /* On windows the next line will check that a valid microsoft
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 * signed executable is not valid for us (pinning). On linux
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
27 * it will just fail with a read error which we tested above */
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
28 #ifdef Q_OS_WIN
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
29 QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe",
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
30 strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate);
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
31 #endif
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32 QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid);
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
34
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
35 /* Check that a signature with only a different key (of the same size)
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
36 * is not validated (Invalid signature because key and cert don't match)*/
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
37 void BinVerifyTest::testOtherKey()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
38 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
39 QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
40 strlen("fakeinst-other-key" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
41 }
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
42
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
43 /* Check that an invalid signature is not validated */
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
44 void BinVerifyTest::testInvalidSig()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
45 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
46 QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
47 strlen("fakeinst-invalid" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
48 }
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
49
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
50 /* Check that a signature with a different (valid) certificate is not validated */
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
51 void BinVerifyTest::testOtherCert()
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
52 {
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
53 QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
54 strlen("fakeinst-other-cert" EXE_SUFFIX)));
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
55 }
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
56
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
57 /* Check that no signature is not validated */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
58 void BinVerifyTest::testNoSignature()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
59 {
637
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
60 QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX,
be30d50bc4f0 Add remaining tests to check binverify functionality
Andre Heinecke <andre.heinecke@intevation.de>
parents: 636
diff changeset
61 strlen("fakeinst" EXE_SUFFIX)));
636
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
62 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
63
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
64 /* Check that a valid signed executable is verified */
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
65 void BinVerifyTest::testValidBinary()
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
66 {
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
67 QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX,
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 strlen("fakeinst-signed" EXE_SUFFIX)));
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69 }
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
70
2fd4f9980a2a Add test for authenticode verificate (binverify)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
71 QTEST_GUILESS_MAIN (BinVerifyTest);

http://wald.intevation.org/projects/trustbridge/