diff ui/tests/binverifytest.cpp @ 636:2fd4f9980a2a

Add test for authenticode verificate (binverify) Still incomplete
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 23 Jun 2014 18:00:45 +0200
parents
children be30d50bc4f0
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ui/tests/binverifytest.cpp	Mon Jun 23 18:00:45 2014 +0200
@@ -0,0 +1,51 @@
+/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
+ * Software engineering by Intevation GmbH
+ *
+ * This file is Free Software under the GNU GPL (v>=2)
+ * and comes with ABSOLUTELY NO WARRANTY!
+ * See LICENSE.txt for details.
+ */
+#include "binverify.h"
+#include "binverifytest.h"
+
+#include <QTest>
+
+#ifdef Q_OS_WIN
+# define EXE_SUFFIX ".exe"
+#else
+# define EXE_SUFFIX ""
+#endif
+
+/* Some general robustness checks */
+void BinVerifyTest::testMiscErrors()
+{
+  QVERIFY (verify_binary (NULL, 10) != VerifyValid);
+  QVERIFY (verify_binary ("foo", 10) != VerifyValid);
+  QVERIFY (verify_binary ("bar", -1) != VerifyValid);
+  /* On windows the next line will check that a valid microsoft
+   * signed executable is not valid for us (pinning). On linux
+   * it will just fail with a read error. */
+  QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe",
+                          strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyValid);
+  QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid);
+}
+
+/* Check that no signature is not validated */
+/* Check that an invalid signature is not validated */
+/* Check that a signature with only a different key (of the same size)
+ * is not validated */
+/* Check that a signature with a different certificate is not validated */
+void BinVerifyTest::testNoSignature()
+{
+    QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst" EXE_SUFFIX,
+                                                     strlen("fakeinst" EXE_SUFFIX)));
+}
+
+/* Check that a valid signed executable is verified */
+void BinVerifyTest::testValidBinary()
+{
+  QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX,
+                                         strlen("fakeinst-signed" EXE_SUFFIX)));
+}
+
+QTEST_GUILESS_MAIN (BinVerifyTest);

http://wald.intevation.org/projects/trustbridge/