Mercurial > trustbridge
view ui/tests/binverifytest.cpp @ 975:b3695a3399de
(issue86) Install into default directories on Linux
If the mozilla process is now started as root it will
try to write into the default directories for NSS Shared
and mozilla / thunderbird profiles.
Cinst will now start the mozilla process once as root.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Fri, 29 Aug 2014 12:59:44 +0200 |
| parents | b1df9621c89c |
| children | 317ee9dc4684 |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #include "binverify.h" #include "binverifytest.h" #include "createinstallerdialog.h" #include "common.h" #include "mainwindow.h" #include <QtTest> #include <QSettings> #include <QTemporaryFile> #ifdef Q_OS_WIN # define EXE_SUFFIX ".exe" #else # define EXE_SUFFIX "" #endif #ifdef Q_OS_WIN Q_IMPORT_PLUGIN(QWindowsIntegrationPlugin) #else Q_IMPORT_PLUGIN(QXcbIntegrationPlugin) #endif /* Some general robustness checks */ void BinVerifyTest::testMiscErrors() { QVERIFY (verify_binary (NULL, 10) != VerifyValid); QVERIFY (verify_binary ("foo", 10) != VerifyValid); QVERIFY (verify_binary ("bar", -1) != VerifyValid); /* On windows the next line will check that a valid microsoft * signed executable is not valid for us (pinning). On linux * it will just fail with a read error which we tested above */ #ifdef Q_OS_WIN QVERIFY (verify_binary ("c:\\Windows\\System32\\mmc.exe", strlen("c:\\Windows\\System32\\mmc.exe")) != VerifyInvalidCertificate); #endif QVERIFY (verify_binary ("/dev/null", strlen("/dev/null")) != VerifyValid); } /* Check that a signature with only a different key (of the same size) * is not validated (Invalid signature because key and cert don't match)*/ void BinVerifyTest::testOtherKey() { QVERIFY(VerifyInvalidSignature == verify_binary ("fakeinst-other-key" EXE_SUFFIX, strlen("fakeinst-other-key" EXE_SUFFIX))); } /* Check that an invalid signature is not validated */ void BinVerifyTest::testInvalidSig() { QVERIFY(VerifyValid != verify_binary ("fakeinst-invalid" EXE_SUFFIX, strlen("fakeinst-invalid" EXE_SUFFIX))); } #ifdef Q_OS_WIN /* Check that a signature with a different (valid) certificate is not validated * on Linux only the key is checked not the certificate */ void BinVerifyTest::testOtherCert() { QVERIFY(VerifyInvalidCertificate == verify_binary ("fakeinst-other-cert" EXE_SUFFIX, strlen("fakeinst-other-cert" EXE_SUFFIX))); } #endif /* Check that no signature is not validated */ void BinVerifyTest::testNoSignature() { QVERIFY(VerifyValid != verify_binary ("fakeinst" EXE_SUFFIX, strlen("fakeinst" EXE_SUFFIX))); } /* Check that a valid signed executable is verified */ void BinVerifyTest::testValidBinary() { QVERIFY (VerifyValid == verify_binary ("fakeinst-signed" EXE_SUFFIX, strlen("fakeinst-signed" EXE_SUFFIX))); } void BinVerifyTest::testSignatureCreation() { QSettings testsettings; testsettings.setValue("CodeSignCert", SOURCE_DIR"/data/codesign/codesigning-combined.pem"); testsettings.sync(); CreateInstallerDialog *theDialog = new CreateInstallerDialog(NULL); QString garbage = getRandomDataFile(21*1024*1024); QTemporaryFile outfile; outfile.open(); outfile.close(); bool ret = theDialog->appendTextSignatureToFile (garbage, outfile.fileName()); QVERIFY(QFile::remove(garbage)); QVERIFY(ret == true); QVERIFY(VerifyValid == verify_binary (outfile.fileName().toUtf8().constData(), outfile.fileName().toUtf8().size())); } QTEST_MAIN (BinVerifyTest);