Test improvements (#14)

* removed pvk keys tests
* new 11_sign_nest test
* improved verify_signature()
* new tests of timestamping with the add command
This commit is contained in:
olszomal
2019-07-20 12:54:46 +02:00
committed by Michał Trojnara
parent 62e8ffd0c9
commit 00290bc363
35 changed files with 352 additions and 264 deletions

View File

@ -11,7 +11,7 @@ test_result() {
local result=0
if [ $1 -eq 0 ]
if [ "$1" -eq 0 ]
then
printf "%s\n" "Test succeeded"
else
@ -19,63 +19,7 @@ test_result() {
printf "%-100s\t%s\n" "$2" "failed" 1>&3
result=1
fi
return $result
}
verify_signature() {
# $1 sign exit code
# $2 test number
# $3 filename extension
# $4 sha256sum requirement
local result=0
if [ "$1" -eq 0 ]
then
../../osslsigncode verify -in "test_$2.$3" 2> "verify.log" 1>&2
result=$?
if [ "$result" -ne 0 ] || grep -q "No signature found" "verify.log"
then
cat "verify.log" >> "results.log"
elif [ "$4" = "sha256sum" ]
then
sha256sum "test_$2.$3" 2>> "sha256sum_$3.log" 1>&2
if [ -s "test_$2_signed.$3" ]
then
sha256sum "test_$2_signed.$3" 2>> "sha256sum_$3.log" 1>&2
fi
else
rm -f "test_$2.$3" "test_$2_signed.$3"
fi
else
result=1
fi
return $result
}
verify_no_signature() {
# $1 sign exit code
# $2 test number
# $3 filename extension
# $4 sha256sum requirement
local result=0
if [ "$1" -eq 0 ]
then
../../osslsigncode verify -in "test_$2.$3" 2> "verify.log" 1>&2
if grep -q -e "No signature found" -e "MSI file has no signature" "verify.log"
then
sha256sum "test_$2_signed.$3" 2>> "sha256sum_$3.log" 1>&2
else
result=1
cat "verify.log" >> "results.log"
printf "Faild: the signature was found\n"
fi
else
result=1
fi
return $result
return "$result"
}
modify_blob() {
@ -95,23 +39,24 @@ modify_blob() {
if [ "$result" -ne 0 ] || \
[ $(grep -e "Calculated DigitalSignature" -e "Calculated message digest" "verify.log" | uniq | wc -l) -ne 1 ]
then
result=1
result=$?
cat "verify.log" >> "results.log"
printf "Faild: verify error or non-unique message digests were found\n"
else
rm -f "test_$1_modifed.$2"
fi
return $result
return "$result"
}
verify_text() {
verify_signature() {
# $1 sign exit code
# $2 test number
# $3 filename extension
# $4 searched text
# $5 ASCII od HEX format
# $6 sha256sum requirement
# $7 modify requirement
# $4 modify requirement
# $5 sha256sum requirement
# $6 ASCII or HEX "$7 text" format
# $7 obligatory text1 searched in a binary file or verify.log
# $8 optional text2 searched in verify.log
local result=0
@ -122,47 +67,79 @@ verify_text() {
../../osslsigncode verify -in "test_$2.$3" 2> "verify.log" 1>&2
result=$?
fi
if [ "$result" -ne 0 ] || grep -q "No signature found" "verify.log"
then
result=1
cat "verify.log" >> "results.log"
else
if [ "$5" = "ASCII" ]
if [ "$6" = "ASCII" ]
then
searched_text=$(echo -n "$4" | xxd -p)
searched_text=$(echo -n "$7" | xxd -p)
else
searched_text=$4
searched_text=$7
fi
if ! xxd -p -c 1000 "test_$2.$3" | grep $searched_text 2>> /dev/null 1>&2
if ! grep -q "$7" "verify.log" && \
! xxd -p -c 1000 "test_$2.$3" | grep "$searched_text" 2>> /dev/null 1>&2
then
result=1
printf "Faild: $7 not found\n"
elif [ "$4" = "MODIFY" ]
then
result=1
printf "Faild: $4 not found\n"
elif [ "$7" = "MODIFY" ]
then
modify_blob $2 $3
result=$?
fi
if [ "$result" -eq 0 ]
then
if [ "$6" = "sha256sum" ]
if [ "$3" != "ex_" ]
then
sha256sum "test_$2.$3" 2>> "sha256sum_$3.log" 1>&2
if [ -s "test_$2_signed.$3" ]
then
sha256sum "test_$2_signed.$3" 2>> "sha256sum_$3.log" 1>&2
fi
modify_blob "$2" "$3"
result=$?
else
rm -f "test_$2.$3" "test_$2_signed.$3"
printf "MODIFY is not supported for CAB files\n"
fi
fi
if [ "$result" -eq 0 ] && [ "$2" = "401" ]
then
printf "Faild: unhashed file metadata was found\n"
result=1
fi
fi
fi
if [ "$result" -eq 0 ] && [ "$8" != "UNUSED_PATTERN" ] && ! grep -q "$8" "verify.log"
then
result=1
printf "Faild: $8 not found\n"
fi
if [ "$result" -eq 0 ] && [ "$2" = "401" ]
then
printf "Faild: unhashed file metadata was found\n"
result=1
fi
if [ "$result" -eq 0 ]
then
if [ "$5" = "sha256sum" ]
then
sha256sum "test_$2.$3" 2>> "sha256sum_$3.log" 1>&2
if [ -s "test_$2_signed.$3" ]
then
sha256sum "test_$2_signed.$3" 2>> "sha256sum_$3.log" 1>&2
fi
else
rm -f "test_$2.$3" "test_$2_signed.$3"
fi
else
cat "verify.log" >> "results.log"
fi
else
result=1
fi
return $result
return "$result"
}
verify_no_signature() {
# $1 sign exit code
# $2 test number
# $3 filename extension
# $4 sha256sum requirement
local result=0
if [ "$1" -eq 0 ]
then
../../osslsigncode verify -in "test_$2.$3" 2> "verify.log" 1>&2
if grep -q -e "No signature found" -e "MSI file has no signature" "verify.log"
then
sha256sum "test_$2_signed.$3" 2>> "sha256sum_$3.log" 1>&2
else
result=1
cat "verify.log" >> "results.log"
printf "Faild: verify error or the signature was found\n"
fi
else
result=1
fi
return "$result"
}