view ui/tests/windowsstoretest.cpp @ 1375:341f79090de2

Notes about using a different certificate for codesigning
author Andre Heinecke <andre.heinecke@intevation.de>
date Thu, 04 Dec 2014 13:19:11 +0100
parents 562d66614b5c
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#include "windowsstoretest.h"
#include "certificatelist.h"
#include "strhelp.h"
#include "logging.h"
#include "certificate.h"
#include "../cinst/windowsstore.h"

#include <QTest>

void WindowsStoreTest::dumpContents() {
    wchar_t pszNameString[256];
    PCCERT_CONTEXT pCert = NULL;
    qDebug() << "Currently in store: " ;
    while((pCert = CertEnumCertificatesInStore(testStore, pCert))) {
        if(CertGetNameString(pCert,
                             CERT_NAME_SIMPLE_DISPLAY_TYPE,
                             0,
                             NULL,
                             pszNameString,
                             128)){
            qDebug() << "   " << pszNameString ;
        }
    }
}

void WindowsStoreTest::initTestCase() {
    testStore = CertOpenStore(
      CERT_STORE_PROV_MEMORY,    // A memory store
      0,                         // Encoding type
                                 // Not used with a memory store
      0,                         // Use the default provider
      0,                         // No flags
      NULL);                     // Not needed
    QVERIFY (testStore);
    tmpFile.open(); // get the file name
    /* This is not really a secure way to open a temporay file but it's ok
     * for a unit test. The Problem is that qtemporaryfile prohibits obtaining
     * an exclusive lock on the created file. */
    QVERIFY(QFile::copy(":/list-valid-signed.txt", tmpFile.fileName() + "_exclusive"));
    tmpFile.close();

    validList = CertificateList((tmpFile.fileName() + "_exclusive").toLocal8Bit().data());
    QVERIFY(validList.isValid());
    QVERIFY(validList.getCertificates().size() > 0);
}

void WindowsStoreTest::testInstRemove() {
    char ** to_install = NULL,
         ** to_remove = NULL;
    PCCERT_CONTEXT pCert = NULL;
    size_t i = 0;

    QList<Certificate> instList;

    foreach (const Certificate &cert, validList.getCertificates()) {
        if (cert.isInstallCert())
            instList << cert;
    }


    foreach (const Certificate &cert, instList) {
        strv_append (&to_install, cert.base64Line().toLatin1().constData() + 2,
                cert.base64Line().size() - 2);
    }

    /* Just a quick check for str_append_str functionality */
    QVERIFY((size_t) instList.size() == strv_length(to_install));
    QVERIFY(strv_length(to_install) > 0);
    for (i = 0; i < strv_length(to_install); i++) {
        QVERIFY (instList[i].base64Line().right(
                    instList[i].base64Line().size() - 2) ==
                QString::fromLatin1(to_install[i]));
    }

    do_install(testStore, to_install);

    i = 0;
    while((pCert = CertEnumCertificatesInStore(testStore, pCert))) {
        bool certFound = false;
        QByteArray data = QByteArray::fromRawData ((const char *)pCert->pbCertEncoded,
                pCert->cbCertEncoded);
        foreach (const Certificate &cert, instList) {
            QByteArray asn1data = QByteArray::fromBase64(
                    cert.base64Line().right(cert.base64Line().size() - 2).toLatin1());
            if (asn1data == data) {
                certFound = true;
            }
        }
        QVERIFY(certFound);
        i++;
    }
    QVERIFY ((size_t)instList.size() == i);

    /* Remove all except one */
    QVERIFY(strv_length(to_install));
    for (i = 0; i < strv_length(to_install) - 1; i++) {
        strv_append(&to_remove, to_install[i], qstrlen(to_install[i]));
    }

    do_remove(testStore, to_remove);

    i = 0;
    while((pCert = CertEnumCertificatesInStore(testStore, pCert))) {
        i++;
    }

    QVERIFY(i == 1);

    /* Remove that too */
    strv_free(to_remove);
    to_remove = NULL;
    strv_append(&to_remove, to_install[strv_length(to_install) - 1],
                qstrlen(to_install[strv_length(to_install) - 1]));

    do_remove(testStore, to_remove);

    QVERIFY (CertEnumCertificatesInStore(testStore, pCert) == NULL);

    /* Install them all again */
    do_install(testStore, to_install);
    strv_free(to_remove);
    to_remove = NULL;
    strv_append(&to_remove, to_install[strv_length(to_install) - 1],
                qstrlen(to_install[strv_length(to_install) - 1]));
    do_remove(testStore, to_remove);

    i = 0;
    while((pCert = CertEnumCertificatesInStore(testStore, pCert))) {
        bool certFound = false;
        QByteArray data = QByteArray::fromRawData((const char*) pCert->pbCertEncoded,
                pCert->cbCertEncoded);
        QVERIFY (data.toBase64() != to_remove[0]);
        for (int j = 0; j < instList.size() - 1; j++) {
            const Certificate &cert = instList[j];
            QByteArray asn1data = QByteArray::fromBase64(
                    cert.base64Line().right(cert.base64Line().size() - 2).toLatin1());
            if (asn1data == data) {
                certFound = true;
            }
        }
        QVERIFY(certFound);
        i++;
    }

    QVERIFY(i == strv_length(to_install) - 1);

    /* Install all again and remove them afterwards */
    do_install(testStore, to_install);
    do_remove(testStore, to_install);

    QVERIFY (CertEnumCertificatesInStore(testStore, pCert) == NULL);

    strv_free(to_install);
    strv_free(to_remove);
}

void WindowsStoreTest::cleanupTestCase() {
    QFile::remove(tmpFile.fileName() + "_exclusive");
    CertCloseStore(testStore, 0);
}

bool g_debug = true;

QTEST_GUILESS_MAIN (WindowsStoreTest);

http://wald.intevation.org/projects/trustbridge/