Mercurial > trustbridge
view ui/tests/binverifytest.cpp @ 851:5a4fc27db446
Merge
author | Emanuel Schuetze <emanuel@intevation.de> |
---|---|
date | Wed, 30 Jul 2014 17:00:03 +0200 |
parents | 44fa5de02b52 |
children | b1df9621c89c |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #include "binverify.h" #include "binverifytest.h" #include <QTest> #ifdef Q_OS_WIN # define EXE_SUFFIX ".exe" #else # define EXE_SUFFIX "" #endif /* Some general robustness checks */ void BinVerifyTest::testMiscErrors() { QVERIFY (verify_binary (NULL, 10) != VerifyValid); QVERIFY (verify_binary ("foo", 10) != VerifyValid); QVERIFY (verify_binary ("bar", -1) != VerifyValid); /* On windows the next line will check that a valid microsoft * signed executable is not valid for us (pinning). On linux * it will just fail with a read error which we tested above */ #ifdef Q_OS_WIN QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe", strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate); #endif QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid); } /* Check that a signature with only a different key (of the same size) * is not validated (Invalid signature because key and cert don't match)*/ void BinVerifyTest::testOtherKey() { QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX, strlen("fakeinst-other-key" EXE_SUFFIX))); } /* Check that an invalid signature is not validated */ void BinVerifyTest::testInvalidSig() { QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX, strlen("fakeinst-invalid" EXE_SUFFIX))); } #ifdef Q_OS_WIN /* Check that a signature with a different (valid) certificate is not validated * on Linux only the key is checked not the certificate */ void BinVerifyTest::testOtherCert() { QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX, strlen("fakeinst-other-cert" EXE_SUFFIX))); } #endif /* Check that no signature is not validated */ void BinVerifyTest::testNoSignature() { QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX, strlen("fakeinst" EXE_SUFFIX))); } /* Check that a valid signed executable is verified */ void BinVerifyTest::testValidBinary() { QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX, strlen("fakeinst-signed" EXE_SUFFIX))); } QTEST_GUILESS_MAIN (BinVerifyTest);