From d36a10bf09e98ae65cec42b50c40057ec27b8664 Mon Sep 17 00:00:00 2001 From: olszomal Date: Fri, 6 Dec 2019 14:03:59 +0100 Subject: [PATCH] tests improvements --- tests/recipes/01_sign_pem | 46 +++++++++++---------- tests/recipes/02_sign_pass | 51 ++++++++++++------------ tests/recipes/03_sign_der | 51 ++++++++++++------------ tests/recipes/04_sign_spc | 51 ++++++++++++------------ tests/recipes/05_sign_pkcs12 | 49 ++++++++++++----------- tests/recipes/07_sign_timestamp | 51 ++++++++++++------------ tests/recipes/08_sign_rfc3161 | 51 ++++++++++++------------ tests/recipes/09_sign_page_hashes | 17 ++++---- tests/recipes/10_sign_blob | 51 ++++++++++++------------ tests/recipes/11_sign_nest | 49 ++++++++++++----------- tests/recipes/12_sign_readpass_pem | 51 ++++++++++++------------ tests/recipes/13_sign_readpass_pkcs12 | 51 ++++++++++++------------ tests/recipes/14_sign_descryption | 51 ++++++++++++------------ tests/recipes/15_sign_url | 51 ++++++++++++------------ tests/recipes/16_sign_comm | 51 ++++++++++++------------ tests/recipes/17_sign_crosscertfile | 51 ++++++++++++------------ tests/recipes/21_sign_hash_md5 | 17 ++++---- tests/recipes/22_sign_hash_sha1 | 17 ++++---- tests/recipes/23_sign_hash_sha2 | 17 ++++---- tests/recipes/24_sign_hash_sha384 | 17 ++++---- tests/recipes/25_sign_hash_sha512 | 17 ++++---- tests/recipes/31_extract_signature | 39 +++++++++--------- tests/recipes/32_attach_signature | 27 +++++++------ tests/recipes/33_remove_signature | 39 +++++++++--------- tests/recipes/36_add_signature_blob | 44 ++++++++++---------- tests/recipes/37_add_signature_timestamp | 44 ++++++++++---------- tests/recipes/38_add_signature_rfc3161 | 44 ++++++++++---------- tests/recipes/40_verify_leaf_hash | 36 +++++++++-------- tests/recipes/41_sign_add_msi_dse | 14 ++++--- tests/recipes/42_sign_jp_low | 31 ++++++++++++++ tests/recipes/51_sign_jp_low | 30 -------------- 31 files changed, 620 insertions(+), 586 deletions(-) create mode 100644 tests/recipes/42_sign_jp_low delete mode 100644 tests/recipes/51_sign_jp_low diff --git a/tests/recipes/01_sign_pem b/tests/recipes/01_sign_pem index 10ad51b..74369f2 100644 --- a/tests/recipes/01_sign_pem +++ b/tests/recipes/01_sign_pem @@ -1,51 +1,53 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the certificate and private key files in the PEM format. +# Sign a PE/CAB/MSI file with the certificate and private key files in the PEM format. +# -st 1556668800 is the Unix time of May 1 00:00:00 2019 GMT . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="011. Signing a PE file with the certificate and private key files in the PEM format" +test_name="011. Sign a PE file with the certificate and private key files in the PEM format" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_011.exe"' - verify_signature "$?" "011" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_011.exe" + verify_signature "$?" "011" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="012. Signing a CAB file with the certificate and private key files in the PEM format" +test_name="012. Sign a CAB file with the certificate and private key files in the PEM format" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_012.ex_"' - verify_signature "$?" "012" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_012.ex_" + verify_signature "$?" "012" "ex_" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="013. Signing a MSI file with the certificate and private key files in the PEM format" +test_name="013. Sign a MSI file with the certificate and private key files in the PEM format" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_013.msi"' - verify_signature "$?" "013" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_013.msi" + verify_signature "$?" "013" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/02_sign_pass b/tests/recipes/02_sign_pass index 491437c..98c87ca 100644 --- a/tests/recipes/02_sign_pass +++ b/tests/recipes/02_sign_pass @@ -1,54 +1,55 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the encrypted private key file in the PEM format. +# Sign a PE/CAB/MSI file with the encrypted private key file in the PEM format. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="021. Signing a PE file with the encrypted private key file in the PEM format" +test_name="021. Sign a PE file with the encrypted private key file in the PEM format" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "test.exe" -out "test_021.exe"' - verify_signature "$?" "021" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "test.exe" -out "test_021.exe" + verify_signature "$?" "021" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="022. Signing a CAB file with the encrypted private key file in the PEM format" +test_name="022. Sign a CAB file with the encrypted private key file in the PEM format" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "test.ex_" -out "test_022.ex_"' - verify_signature "$?" "022" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "test.ex_" -out "test_022.ex_" + verify_signature "$?" "022" "ex_" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="023. Signing a MSI file with the encrypted private key file in the PEM format" +test_name="023. Sign a MSI file with the encrypted private key file in the PEM format" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "sample.msi" -out "test_023.msi"' - verify_signature "$?" "023" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "sample.msi" -out "test_023.msi" + verify_signature "$?" "023" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/03_sign_der b/tests/recipes/03_sign_der index faf9eb4..e9fbfce 100644 --- a/tests/recipes/03_sign_der +++ b/tests/recipes/03_sign_der @@ -1,55 +1,56 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the encrypted private key file in the DER format. +# Sign a PE/CAB/MSI file with the encrypted private key file in the DER format. # Requires OpenSSL 1.0.0 or later . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="031. Signing a PE file with the encrypted private key file in the DER format" +test_name="031. Sign a PE file with the encrypted private key file in the DER format" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ - -pass passme \ - -in "test.exe" -out "test_031.exe"' - verify_signature "$?" "031" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ + -pass passme \ + -in "test.exe" -out "test_031.exe" + verify_signature "$?" "031" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="032. Signing a CAB file with the encrypted private key file in the DER format" +test_name="032. Sign a CAB file with the encrypted private key file in the DER format" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ - -pass passme \ - -in "test.ex_" -out "test_032.ex_"' - verify_signature "$?" "032" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ + -pass passme \ + -in "test.ex_" -out "test_032.ex_" + verify_signature "$?" "032" "ex_" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="033. Signing a MSI file with the encrypted private key file in the DER format" +test_name="033. Sign a MSI file with the encrypted private key file in the DER format" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ - -pass passme \ - -in "sample.msi" -out "test_033.msi"' - verify_signature "$?" "033" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ + -pass passme \ + -in "sample.msi" -out "test_033.msi" + verify_signature "$?" "033" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/04_sign_spc b/tests/recipes/04_sign_spc index a51352e..e04c235 100644 --- a/tests/recipes/04_sign_spc +++ b/tests/recipes/04_sign_spc @@ -1,55 +1,56 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the certificate file in the SPC format +# Sign a PE/CAB/MSI file with the certificate file in the SPC format # and the private key file in the PEM format. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="041. Signing a PE file a SPC certificate file" +test_name="041. Sign a PE file a SPC certificate file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "test.exe" -out "test_041.exe"' - verify_signature "$?" "041" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "test.exe" -out "test_041.exe" + verify_signature "$?" "041" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="042. Signing a CAB file a SPC certificate file" +test_name="042. Sign a CAB file a SPC certificate file" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "test.ex_" -out "test_042.ex_"' - verify_signature "$?" "042" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "test.ex_" -out "test_042.ex_" + verify_signature "$?" "042" "ex_" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="043. Signing a MSI file a SPC certificate file" +test_name="043. Sign a MSI file a SPC certificate file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ - -pass passme \ - -in "sample.msi" -out "test_043.msi"' - verify_signature "$?" "043" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \ + -pass passme \ + -in "sample.msi" -out "test_043.msi" + verify_signature "$?" "043" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/05_sign_pkcs12 b/tests/recipes/05_sign_pkcs12 index ab6d965..6e212fa 100644 --- a/tests/recipes/05_sign_pkcs12 +++ b/tests/recipes/05_sign_pkcs12 @@ -1,53 +1,54 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container. +# Sign a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="051. Signing a PE file with a certificate and key stored in a PKCS#12 container" +test_name="051. Sign a PE file with a certificate and key stored in a PKCS#12 container" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -pkcs12 "${script_path}/../certs/cert.p12" -pass passme \ - -in "test.exe" -out "test_051.exe"' - verify_signature "$?" "051" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -pkcs12 "${script_path}/../certs/cert.p12" -pass passme \ + -in "test.exe" -out "test_051.exe" + verify_signature "$?" "051" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="052. Signing a CAB file with a certificate and key stored in a PKCS#12 container" +test_name="052. Sign a CAB file with a certificate and key stored in a PKCS#12 container" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -pkcs12 "${script_path}/../certs/cert.p12" \ - -pass passme \ - -in "test.ex_" -out "test_052.ex_"' - verify_signature "$?" "052" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -pkcs12 "${script_path}/../certs/cert.p12" \ + -pass passme \ + -in "test.ex_" -out "test_052.ex_" + verify_signature "$?" "052" "ex_" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="053. Signing a MSI file with a certificate and key stored in a PKCS#12 container" +test_name="053. Sign a MSI file with a certificate and key stored in a PKCS#12 container" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -pkcs12 "${script_path}/../certs/cert.p12" \ - -pass passme \ - -in "sample.msi" -out "test_053.msi"' - verify_signature "$?" "053" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -pkcs12 "${script_path}/../certs/cert.p12" \ + -pass passme \ + -in "sample.msi" -out "test_053.msi" + verify_signature "$?" "053" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/07_sign_timestamp b/tests/recipes/07_sign_timestamp index 0e923da..b58dbc8 100644 --- a/tests/recipes/07_sign_timestamp +++ b/tests/recipes/07_sign_timestamp @@ -1,54 +1,55 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with Authenticode timestamping +# Sign a PE/CAB/MSI file with Authenticode timestamping . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="071. Signing a PE file with Authenticode timestamping" +test_name="071. Sign a PE file with Authenticode timestamping" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -t http://time.certum.pl/ \ - -in "test.exe" -out "test_071.exe" 2>> "results.log" 1>&2' - verify_signature "$?" "071" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -t http://time.certum.pl/ \ + -in "test.exe" -out "test_071.exe" 2>> "results.log" 1>&2 + verify_signature "$?" "071" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="072. Signing a CAB file with Authenticode timestamping" +test_name="072. Sign a CAB file with Authenticode timestamping" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -t http://time.certum.pl/ \ - -in "test.ex_" -out "test_072.ex_" 2>> "results.log" 1>&2' - verify_signature "$?" "072" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -t http://time.certum.pl/ \ + -in "test.ex_" -out "test_072.ex_" 2>> "results.log" 1>&2 + verify_signature "$?" "072" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="073. Signing a MSI file with Authenticode timestamping" +test_name="073. Sign a MSI file with Authenticode timestamping" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -t http://time.certum.pl/ \ - -in "sample.msi" -out "test_073.msi"' - verify_signature "$?" "073" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -t http://time.certum.pl/ \ + -in "sample.msi" -out "test_073.msi" + verify_signature "$?" "073" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/08_sign_rfc3161 b/tests/recipes/08_sign_rfc3161 index 44a891b..682ab23 100644 --- a/tests/recipes/08_sign_rfc3161 +++ b/tests/recipes/08_sign_rfc3161 @@ -1,58 +1,59 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with RFC 3161 timestamping +# Sign a PE/CAB/MSI file with RFC 3161 timestamping # An RFC3161 timestamp server provides an essential function in protecting # data records for the long-term. It provides proof that the data existed # at a particular moment in time and that it has not changed, even by # a single binary bit, since it was notarized and time-stamped. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="081. Signing a PE file with RFC 3161 timestamping" +test_name="081. Sign a PE file with RFC 3161 timestamping" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ts http://time.certum.pl/ \ - -in "test.exe" -out "test_081.exe"' - verify_signature "$?" "081" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ts http://time.certum.pl/ \ + -in "test.exe" -out "test_081.exe" + verify_signature "$?" "081" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="082. Signing a CAB file with RFC 3161 timestamping" +test_name="082. Sign a CAB file with RFC 3161 timestamping" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ts http://time.certum.pl/ \ - -in "test.ex_" -out "test_082.ex_"' - verify_signature "$?" "082" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ts http://time.certum.pl/ \ + -in "test.ex_" -out "test_082.ex_" + verify_signature "$?" "082" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="083. Signing a MSI file with RFC 3161 timestamping" +test_name="083. Sign a MSI file with RFC 3161 timestamping" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ts http://time.certum.pl/ \ - -in "sample.msi" -out "test_083.msi"' - verify_signature "$?" "083" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ts http://time.certum.pl/ \ + -in "sample.msi" -out "test_083.msi" + verify_signature "$?" "083" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/09_sign_page_hashes b/tests/recipes/09_sign_page_hashes index f04a26a..ea83dcf 100644 --- a/tests/recipes/09_sign_page_hashes +++ b/tests/recipes/09_sign_page_hashes @@ -1,19 +1,20 @@ #!/bin/sh -# Generating page hashes for a PE file +# Generate page hashes for a PE file . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="091. Generating page hashes for a PE file" +test_name="091. Generate page hashes for a PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 -ph \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_091.exe"' - verify_signature "$?" "091" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 -ph \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_091.exe" + verify_signature "$?" "091" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/10_sign_blob b/tests/recipes/10_sign_blob index 8111bf0..db57e2d 100644 --- a/tests/recipes/10_sign_blob +++ b/tests/recipes/10_sign_blob @@ -1,54 +1,55 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with addUnauthenticatedBlob. +# Sign a PE/CAB/MSI file with addUnauthenticatedBlob. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="101. Signing a PE file with addUnauthenticatedBlob" +test_name="101. Sign a PE file with addUnauthenticatedBlob" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -addUnauthenticatedBlob \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_101.exe" 2>> "results.log" 1>&2' - verify_signature "$?" "101" "exe" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -addUnauthenticatedBlob \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_101.exe" 2>> "results.log" 1>&2 + verify_signature "$?" "101" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="102. Signing a CAB file with addUnauthenticatedBlob" +test_name="102. Sign a CAB file with addUnauthenticatedBlob" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -addUnauthenticatedBlob \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_102.ex_" 2>> "results.log" 1>&2' - verify_signature "$?" "102" "ex_" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -addUnauthenticatedBlob \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_102.ex_" 2>> "results.log" 1>&2 + verify_signature "$?" "102" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="103. Signing a MSI file with addUnauthenticatedBlob" +test_name="103. Sign a MSI file with addUnauthenticatedBlob" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -addUnauthenticatedBlob \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_103.msi" 2>> "results.log" 1>&2' - verify_signature "$?" "103" "msi" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -addUnauthenticatedBlob \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_103.msi" 2>> "results.log" 1>&2 + verify_signature "$?" "103" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/11_sign_nest b/tests/recipes/11_sign_nest index 5428b07..edf697c 100644 --- a/tests/recipes/11_sign_nest +++ b/tests/recipes/11_sign_nest @@ -1,24 +1,26 @@ #!/bin/sh -# Signing a PE/CAB/MSI file twice with the "nest" flag in the second time +# Sign a PE/CAB/MSI file twice with the "nest" flag in the second time # in order to add the new signature instead of replacing the first one. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="111. Signing a PE file with the nest flag" +test_name="111. Sign a PE file with the nest flag" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_111_signed.exe" - ../../osslsigncode sign -h sha512 \ - -nest \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test_111_signed.exe" -out "test_111.exe"' - verify_signature "$?" "111" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "SHA256" "SHA512" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_111_signed.exe" + ../../osslsigncode sign -h sha512 \ + -nest \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test_111_signed.exe" -out "test_111.exe" + verify_signature "$?" "111" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -28,20 +30,21 @@ if [ -s "test.exe" ] # Error: -nest option is only valid for PE/MSI files # MSI file -test_name="113. Signing a MSI file with the nest flag" +test_name="113. Sign a MSI file with the nest flag" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_113_signed.msi" - ../../osslsigncode sign -h sha512 \ - -nest \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test_113_signed.msi" -out "test_113.msi"' - verify_signature "$?" "113" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "SHA256" "SHA512" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_113_signed.msi" + ../../osslsigncode sign -h sha512 \ + -nest \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test_113_signed.msi" -out "test_113.msi" + verify_signature "$?" "113" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/12_sign_readpass_pem b/tests/recipes/12_sign_readpass_pem index c8761cc..ee0513e 100644 --- a/tests/recipes/12_sign_readpass_pem +++ b/tests/recipes/12_sign_readpass_pem @@ -1,54 +1,55 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with a PEM key file with a password together with a PEM certificate. +# Sign a PE/CAB/MSI file with a PEM key file and a password read from password.txt file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="121. Signing a PE file with a PEM key file with a password read from password.txt file" +test_name="121. Sign a PE file with the PEM key file and the file with a password" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_121.exe"' - verify_signature "$?" "121" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_121.exe" + verify_signature "$?" "121" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="122. Signing a CAB file with a PEM key file with a password read from password.txt file" +test_name="122. Sign a CAB file with a PEM key file and the file with a password" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_122.ex_"' - verify_signature "$?" "122" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_122.ex_" + verify_signature "$?" "122" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="123. Signing a MSI file with a PEM key file with a password read from password.txt file" +test_name="123. Sign a MSI file with a PEM key file and the file with a password" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_123.msi"' - verify_signature "$?" "123" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_123.msi" + verify_signature "$?" "123" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/13_sign_readpass_pkcs12 b/tests/recipes/13_sign_readpass_pkcs12 index d10959e..35f79fd 100644 --- a/tests/recipes/13_sign_readpass_pkcs12 +++ b/tests/recipes/13_sign_readpass_pkcs12 @@ -1,55 +1,56 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container +# Sign a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container # and a password read from password.txt file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="131. Signing a PE file with a PKCS#12 container and a password read from password.txt file" +test_name="131. Sign a PE file with a PKCS#12 container and the file with a password" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -pkcs12 "${script_path}/../certs/cert.p12" \ - -in "test.exe" -out "test_131.exe"' - verify_signature "$?" "131" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -pkcs12 "${script_path}/../certs/cert.p12" \ + -in "test.exe" -out "test_131.exe" + verify_signature "$?" "131" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="132. Signing a CAB file with a PKCS#12 container and a password read from password.txt file" +test_name="132. Sign a CAB file with a PKCS#12 container and the file with a password" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -pkcs12 "${script_path}/../certs/cert.p12" \ - -in "test.ex_" -out "test_132.ex_"' - verify_signature "$?" "132" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -pkcs12 "${script_path}/../certs/cert.p12" \ + -in "test.ex_" -out "test_132.ex_" + verify_signature "$?" "132" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="133. Signing a MSI file with a PKCS#12 container and a password read from password.txt file" +test_name="133. Sign a MSI file with a PKCS#12 container and the file with a password" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -readpass "${script_path}/../certs/password.txt" \ - -pkcs12 "${script_path}/../certs/cert.p12" \ - -in "sample.msi" -out "test_133.msi"' - verify_signature "$?" "133" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -readpass "${script_path}/../certs/password.txt" \ + -pkcs12 "${script_path}/../certs/cert.p12" \ + -in "sample.msi" -out "test_133.msi" + verify_signature "$?" "133" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/14_sign_descryption b/tests/recipes/14_sign_descryption index b44f2e2..d54b33c 100644 --- a/tests/recipes/14_sign_descryption +++ b/tests/recipes/14_sign_descryption @@ -1,54 +1,55 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with a descryption +# Sign a PE/CAB/MSI file with a descryption . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="141. Signing a PE file with a descryption" +test_name="141. Sign a PE file with a descryption" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -n "DESCRYPTION_TEXT" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_141.exe"' - verify_signature "$?" "141" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -n "DESCRYPTION_TEXT" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_141.exe" + verify_signature "$?" "141" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="142. Signing a CAB file with a descryption" +test_name="142. Sign a CAB file with a descryption" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -n "DESCRYPTION_TEXT" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_142.ex_"' - verify_signature "$?" "142" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -n "DESCRYPTION_TEXT" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_142.ex_" + verify_signature "$?" "142" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="143. Signing a MSI file with a descryption" +test_name="143. Sign a MSI file with a descryption" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -n "DESCRYPTION_TEXT" \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_143.msi"' - verify_signature "$?" "143" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -n "DESCRYPTION_TEXT" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_143.msi" + verify_signature "$?" "143" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/15_sign_url b/tests/recipes/15_sign_url index 56d200e..6feef4a 100644 --- a/tests/recipes/15_sign_url +++ b/tests/recipes/15_sign_url @@ -1,55 +1,56 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with specified URL for expanded description of the signed content +# Sign a PE/CAB/MSI file with specified URL for expanded description of the signed content # https://docs.microsoft.com/en-us/windows-hardware/drivers/install/authenticode-signing-of-csps . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="151. Signing a PE file with specified URL" +test_name="151. Sign a PE file with specified URL" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -i "https://www.osslsigncode.com/" \ - -in "test.exe" -out "test_151.exe"' - verify_signature "$?" "151" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -i "https://www.osslsigncode.com/" \ + -in "test.exe" -out "test_151.exe" + verify_signature "$?" "151" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="152. Signing a CAB file with specified URL" +test_name="152. Sign a CAB file with specified URL" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -i "https://www.osslsigncode.com/" \ - -in "test.ex_" -out "test_152.ex_"' - verify_signature "$?" "152" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -i "https://www.osslsigncode.com/" \ + -in "test.ex_" -out "test_152.ex_" + verify_signature "$?" "152" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="153. Signing a MSI file with specified URL" +test_name="153. Sign a MSI file with specified URL" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -i "https://www.osslsigncode.com/" \ - -in "sample.msi" -out "test_153.msi"' - verify_signature "$?" "153" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -i "https://www.osslsigncode.com/" \ + -in "sample.msi" -out "test_153.msi" + verify_signature "$?" "153" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/16_sign_comm b/tests/recipes/16_sign_comm index 9f55660..0083c5a 100644 --- a/tests/recipes/16_sign_comm +++ b/tests/recipes/16_sign_comm @@ -1,57 +1,58 @@ #!/bin/sh -# Signing a PE/CAB/MSI file with the commercial purpose set for SPC_STATEMENT_TYPE_OBJID +# Sign a PE/CAB/MSI file with the commercial purpose set for SPC_STATEMENT_TYPE_OBJID # object ID numbers (OIDs) "1.3.6.1.4.1.311.2.1.11" # changes default Individual Code Signing: "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15" # sets Commercial Code Signing: "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x16" . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="161. Signing a PE file with the common purpose set" +test_name="161. Sign a PE file with the common purpose set" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -comm \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_161.exe"' - verify_signature "$?" "161" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -comm \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_161.exe" + verify_signature "$?" "161" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="162. Signing a CAB file with the common purpose set" +test_name="162. Sign a CAB file with the common purpose set" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -comm \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_162.ex_"' - verify_signature "$?" "162" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -comm \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_162.ex_" + verify_signature "$?" "162" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="163. Signing a MSI file with the common purpose set" +test_name="163. Sign a MSI file with the common purpose set" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -comm \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_163.msi"' - verify_signature "$?" "163" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -comm \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_163.msi" + verify_signature "$?" "163" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/17_sign_crosscertfile b/tests/recipes/17_sign_crosscertfile index f455942..65721b0 100644 --- a/tests/recipes/17_sign_crosscertfile +++ b/tests/recipes/17_sign_crosscertfile @@ -1,56 +1,57 @@ #!/bin/sh -# Adding an additional certificate to the signature block of the PE/CAB/MSI file. +# Add an additional certificate to the signature block of the PE/CAB/MSI file. # https://docs.microsoft.com/en-us/windows-hardware/drivers/install/authenticode-signing-of-csps # https://docs.microsoft.com/en-us/windows/win32/seccertenroll/about-cross-certification . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="171. Adding an additional certificate to the signature block of the PE file" +test_name="171. Add an additional certificate to the signature block of the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ac "${script_path}/../certs/crosscert.pem" \ - -in "test.exe" -out "test_171.exe"' - verify_signature "$?" "171" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ac "${script_path}/../certs/crosscert.pem" \ + -in "test.exe" -out "test_171.exe" + verify_signature "$?" "171" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # CAB file -test_name="172. Adding an additional certificate to the signature block of the CAB file" +test_name="172. Add an additional certificate to the signature block of the CAB file" printf "\n%s\n" "$test_name" if [ -s "test.ex_" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ac "${script_path}/../certs/crosscert.pem" \ - -in "test.ex_" -out "test_172.ex_"' - verify_signature "$?" "172" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ac "${script_path}/../certs/crosscert.pem" \ + -in "test.ex_" -out "test_172.ex_" + verify_signature "$?" "172" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" fi # MSI file -test_name="173. Adding an additional certificate to the signature block of the MSI file" +test_name="173. Add an additional certificate to the signature block of the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -ac "${script_path}/../certs/crosscert.pem" \ - -in "sample.msi" -out "test_173.msi"' - verify_signature "$?" "173" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -ac "${script_path}/../certs/crosscert.pem" \ + -in "sample.msi" -out "test_173.msi" + verify_signature "$?" "173" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/21_sign_hash_md5 b/tests/recipes/21_sign_hash_md5 index cc94fc0..5e7cc28 100644 --- a/tests/recipes/21_sign_hash_md5 +++ b/tests/recipes/21_sign_hash_md5 @@ -1,19 +1,20 @@ #!/bin/sh -# Signing a PE file with md5 set of cryptographic hash functions. +# Sign a PE file with MD5 set of cryptographic hash functions. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="211. Signing a PE file with md5 set of cryptographic hash functions" +test_name="211. Sign a PE file with MD5 set of cryptographic hash functions" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h md5 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_211.exe"' - verify_signature "$?" "211" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "MD5" + ../../osslsigncode sign -h md5 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_211.exe" + verify_signature "$?" "211" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "MD5" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/22_sign_hash_sha1 b/tests/recipes/22_sign_hash_sha1 index b9123ff..45db5da 100644 --- a/tests/recipes/22_sign_hash_sha1 +++ b/tests/recipes/22_sign_hash_sha1 @@ -1,19 +1,20 @@ #!/bin/sh -# Signing a PE file with sha1 set of cryptographic hash functions. +# Sign a PE file with SHA1 set of cryptographic hash functions. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="221. Signing a PE file with sha1 set of cryptographic hash functions" +test_name="221. Sign a PE file with SHA1 set of cryptographic hash functions" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha1 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_221.exe"' - verify_signature "$?" "221" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA1" + ../../osslsigncode sign -h sha1 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_221.exe" + verify_signature "$?" "221" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA1" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/23_sign_hash_sha2 b/tests/recipes/23_sign_hash_sha2 index 8e5ac0b..d14be65 100644 --- a/tests/recipes/23_sign_hash_sha2 +++ b/tests/recipes/23_sign_hash_sha2 @@ -1,19 +1,20 @@ #!/bin/sh -# Signing a PE file with sha2 set of cryptographic hash functions. +# Signing a PE file with SHA1 set of cryptographic hash functions. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="231. Signing a PE file with sha2 set of cryptographic hash functions" +test_name="231. Signing a PE file with SHA1 set of cryptographic hash functions" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha2 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_231.exe"' - verify_signature "$?" "231" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA2" + ../../osslsigncode sign -h sha2 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_231.exe" + verify_signature "$?" "231" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA2" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/24_sign_hash_sha384 b/tests/recipes/24_sign_hash_sha384 index 582a8b9..29fca2a 100644 --- a/tests/recipes/24_sign_hash_sha384 +++ b/tests/recipes/24_sign_hash_sha384 @@ -1,19 +1,20 @@ #!/bin/sh -# Signing a PE file with sha384 set of cryptographic hash functions. +# Sign a PE file with SHA384 set of cryptographic hash functions. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="241. Signing a PE file with sha384 set of cryptographic hash functions" +test_name="241. Sign a PE file with SHA384 set of cryptographic hash functions" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha384 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_241.exe"' - verify_signature "$?" "241" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA384" + ../../osslsigncode sign -h sha384 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_241.exe" + verify_signature "$?" "241" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA384" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/25_sign_hash_sha512 b/tests/recipes/25_sign_hash_sha512 index 9a98b90..9f2efef 100644 --- a/tests/recipes/25_sign_hash_sha512 +++ b/tests/recipes/25_sign_hash_sha512 @@ -1,19 +1,20 @@ #!/bin/sh -# Signing a PE file with sha512 set of cryptographic hash functions. +# Sign a PE file with SHA512 set of cryptographic hash functions. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="251. Signing a PE file with sha512 set of cryptographic hash functions" +test_name="251. Sign a PE file with SHA512 set of cryptographic hash functions" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha512 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_251.exe"' - verify_signature "$?" "251" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha512 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_251.exe" + verify_signature "$?" "251" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/31_extract_signature b/tests/recipes/31_extract_signature index b107c82..e3ce14e 100644 --- a/tests/recipes/31_extract_signature +++ b/tests/recipes/31_extract_signature @@ -1,21 +1,22 @@ #!/bin/sh -# Extracting the signature from the PE/MSI file. +# Extract the signature from the PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="311. Extracting the signature from the PE file" +test_name="311. Extract the signature from the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_311.exe" && \ - ../../osslsigncode extract-signature -pem \ - -in "test_311.exe" -out "sign_pe.pem"' - verify_signature "$?" "311" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_311.exe" && \ + ../../osslsigncode extract-signature -pem \ + -in "test_311.exe" -out "sign_pe.pem" + verify_signature "$?" "311" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -25,18 +26,18 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="312. Extracting the signature from the MSI file" +test_name="312. Extract the signature from the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_312.msi" && \ - ../../osslsigncode extract-signature -pem \ - -in "test_312.msi" -out "sign_msi.pem"' - verify_signature "$?" "312" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_312.msi" && \ + ../../osslsigncode extract-signature -pem \ + -in "test_312.msi" -out "sign_msi.pem" + verify_signature "$?" "312" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/32_attach_signature b/tests/recipes/32_attach_signature index 98236a7..43708ed 100644 --- a/tests/recipes/32_attach_signature +++ b/tests/recipes/32_attach_signature @@ -1,18 +1,19 @@ #!/bin/sh -# Attaching the signature to the PE/MSI file. +# Attach the signature to the PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="321. Attaching the signature to the PE file" +test_name="321. Attach the signature to the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode attach-signature -sigin "sign_pe.pem" \ - -in "test.exe" -out "test_321.exe"' - verify_signature "$?" "321" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode attach-signature -sigin "sign_pe.pem" \ + -CAfile "${script_path}/../certs/CACert.pem" \ + -in "test.exe" -out "test_321.exe" + verify_signature "$?" "321" "exe" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -22,15 +23,15 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="322. Attaching the signature to the MSI file" +test_name="322. Attach the signature to the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode attach-signature -sigin "sign_msi.pem" \ - -in "sample.msi" -out "test_322.msi"' - verify_signature "$?" "322" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" + ../../osslsigncode attach-signature -sigin "sign_msi.pem" \ + -CAfile "${script_path}/../certs/CACert.pem" \ + -in "sample.msi" -out "test_322.msi" + verify_signature "$?" "322" "msi" "success" "@2019-09-01 12:00:00" \ + "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/33_remove_signature b/tests/recipes/33_remove_signature index 206625a..d6c426f 100644 --- a/tests/recipes/33_remove_signature +++ b/tests/recipes/33_remove_signature @@ -1,21 +1,22 @@ #!/bin/sh -# Removing the signature from the PE/MSI file. +# Remove the signature from the PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="331. Removing the signature from the PE file" +test_name="331. Remove the signature from the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_331_signed.exe" && \ - ../../osslsigncode remove-signature \ - -in "test_331_signed.exe" -out "test_331.exe"' - verify_no_signature "$?" "331" "exe" "sha256sum" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_331_signed.exe" && \ + ../../osslsigncode remove-signature \ + -in "test_331_signed.exe" -out "test_331.exe" + verify_signature "$?" "331" "exe" "fail" "@2019-09-01 12:00:00" \ + "sha256sum" "UNUSED_PATTERN" "UNUSED_PATTERN" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -25,18 +26,18 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="332. Removing the signature from the MSI file" +test_name="332. Remove the signature from the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_332_signed.msi" && \ - ../../osslsigncode remove-signature \ - -in "test_332_signed.msi" -out "test_332.msi"' - verify_no_signature "$?" "332" "msi" "sha256sum" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_332_signed.msi" && \ + ../../osslsigncode remove-signature \ + -in "test_332_signed.msi" -out "test_332.msi" + verify_signature "$?" "332" "msi" "fail" "@2019-09-01 12:00:00" \ + "sha256sum" "UNUSED_PATTERN" "UNUSED_PATTERN" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/36_add_signature_blob b/tests/recipes/36_add_signature_blob index 0126420..601ca88 100644 --- a/tests/recipes/36_add_signature_blob +++ b/tests/recipes/36_add_signature_blob @@ -1,22 +1,23 @@ #!/bin/sh -# Adding an unauthenticated blob to the PE/MSI file. +# Add an unauthenticated blob to the PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="361. Adding an unauthenticated blob to the PE file" +test_name="361. Add an unauthenticated blob to the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_361_signed.exe" && \ - ../../osslsigncode add \ - -addUnauthenticatedBlob \ - -in "test_361_signed.exe" -out "test_361.exe"' - verify_signature "$?" "361" "exe" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_361_signed.exe" + ../../osslsigncode add \ + -addUnauthenticatedBlob \ + -in "test_361_signed.exe" -out "test_361.exe" + verify_signature "$?" "361" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -26,20 +27,19 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="362. Adding an unauthenticated blob to the MSI file" +test_name="362. Add an unauthenticated blob to the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - cat "sample.msi" > "test_362.msi" - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_362_signed.msi" && \ - ../../osslsigncode add \ - -addUnauthenticatedBlob \ - -in "test_362_signed.msi" -out "test_362.msi"' - verify_signature "$?" "362" "msi" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_362_signed.msi" + ../../osslsigncode add \ + -addUnauthenticatedBlob \ + -in "test_362_signed.msi" -out "test_362.msi" + verify_signature "$?" "362" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/37_add_signature_timestamp b/tests/recipes/37_add_signature_timestamp index f45f2ac..c32c6ad 100644 --- a/tests/recipes/37_add_signature_timestamp +++ b/tests/recipes/37_add_signature_timestamp @@ -1,22 +1,23 @@ #!/bin/sh -# Adding an authenticode timestamp to the PE/MSI file. +# Add an authenticode timestamp to the PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="371. Adding an authenticode timestamp to the PE file" +test_name="371. Add an authenticode timestamp to the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_371_signed.exe" && \ - ../../osslsigncode add \ - -t http://time.certum.pl/ \ - -in "test_371_signed.exe" -out "test_371.exe"' - verify_signature "$?" "371" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_371_signed.exe" && \ + ../../osslsigncode add \ + -t http://time.certum.pl/ \ + -in "test_371_signed.exe" -out "test_371.exe" + verify_signature "$?" "371" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -26,20 +27,19 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="372. Adding an authenticode timestamp to the MSI file" +test_name="372. Add an authenticode timestamp to the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - cat "sample.msi" > "test_372.msi" - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_372_signed.msi" && \ - ../../osslsigncode add \ - -t http://time.certum.pl/ \ - -in "test_372_signed.msi" -out "test_372.msi"' - verify_signature "$?" "372" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_372_signed.msi" && \ + ../../osslsigncode add \ + -t http://time.certum.pl/ \ + -in "test_372_signed.msi" -out "test_372.msi" + verify_signature "$?" "372" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/38_add_signature_rfc3161 b/tests/recipes/38_add_signature_rfc3161 index 53380a1..d676a4a 100644 --- a/tests/recipes/38_add_signature_rfc3161 +++ b/tests/recipes/38_add_signature_rfc3161 @@ -1,22 +1,23 @@ #!/bin/sh -# Adding an RFC 3161 timestamp to the PE/MSI file. +# Add an RFC 3161 timestamp to signed PE/MSI file. . $(dirname $0)/../test_library +script_path=$(pwd) # PE file -test_name="381. Adding an RFC 3161 timestamp to the PE file" +test_name="381. Add RFC 3161 timestamp to signed PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.exe" -out "test_381_signed.exe" && \ - ../../osslsigncode add \ - -ts http://time.certum.pl/ \ - -in "test_381_signed.exe" -out "test_381.exe"' - verify_signature "$?" "381" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.exe" -out "test_381_signed.exe" + ../../osslsigncode add \ + -ts http://time.certum.pl/ \ + -in "test_381_signed.exe" -out "test_381.exe" + verify_signature "$?" "381" "exe" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" @@ -26,20 +27,19 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="382. Adding an RFC 3161 timestamp to the MSI file" +test_name="382. Add RFC 3161 timestamp to signed MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - cat "sample.msi" > "test_382.msi" - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "sample.msi" -out "test_382_signed.msi" && \ - ../../osslsigncode add \ - -ts http://time.certum.pl/ \ - -in "test_382_signed.msi" -out "test_382.msi"' - verify_signature "$?" "382" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto" + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "sample.msi" -out "test_382_signed.msi" + ../../osslsigncode add \ + -ts http://time.certum.pl/ \ + -in "test_382_signed.msi" -out "test_382.msi" + verify_signature "$?" "382" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/40_verify_leaf_hash b/tests/recipes/40_verify_leaf_hash index f5ccac9..47fc759 100644 --- a/tests/recipes/40_verify_leaf_hash +++ b/tests/recipes/40_verify_leaf_hash @@ -1,21 +1,23 @@ #!/bin/sh -# Comparing the leaf certificate hash against specified SHA256 message digest for the PE/MSI file +# Compare the leaf certificate hash against specified SHA256 message digest for the PE/MSI file . $(dirname $0)/../test_library script_path=$(pwd) # PE file -test_name="401. Comparing the leaf certificate hash against specified SHA256 message digest for the PE file" +test_name="401. Compare the leaf certificate hash against specified SHA256 message digest for the PE file" printf "\n%s\n" "$test_name" if [ -s "test.exe" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ + -in "test.exe" -out "test_401.exe" + TZ=GMT faketime -f '@2019-05-01 00:00:00' /bin/bash -c ' + printf "Verify time: " && date && printf "\n" script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ - -in "test.exe" -out "test_401.exe"' - ../../osslsigncode verify -in "test_401.exe" \ - -require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d' ' -f1) + ../../osslsigncode verify -CAfile "${script_path}/../certs/CACert.pem" -in "test_401.exe" \ + -require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d" " -f1)' if test_result "$?" "$test_name" then rm -f "test_401.exe" @@ -28,20 +30,22 @@ if [ -s "test.exe" ] # Command is not supported for non-PE/non-MSI files # MSI file -test_name="402. Comparing the leaf certificate hash against specified SHA256 message digest for the MSI file" +test_name="402. Compare the leaf certificate hash against specified SHA256 message digest for the MSI file" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ + -in "sample.msi" -out "test_402.msi" + TZ=GMT faketime -f '@2019-05-01 00:00:00' /bin/bash -c ' + printf "Verify time: " && date && printf "\n" script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \ - -in "test.exe" -out "test_402.exe"' - ../../osslsigncode verify -in "test_402.exe" \ - -require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d' ' -f1) + ../../osslsigncode verify -CAfile "${script_path}/../certs/CACert.pem" -in "test_402.msi" \ + -require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d" " -f1)' if test_result "$?" "$test_name" then - rm -f "test_402.exe" + rm -f "test_402.msi" fi else printf "Test skipped\n" diff --git a/tests/recipes/41_sign_add_msi_dse b/tests/recipes/41_sign_add_msi_dse index 7d5108c..02c5064 100644 --- a/tests/recipes/41_sign_add_msi_dse +++ b/tests/recipes/41_sign_add_msi_dse @@ -1,11 +1,12 @@ #!/bin/sh -# Signing a MSI file with the add-msi-dse option. +# Sign a MSI file with the add-msi-dse option. # MsiDigitalSignatureEx (msi-dse) is an enhanced signature type that can be used # when signing MSI files. In addition to file content, it also hashes some file metadata, # specifically file names, file sizes, creation times and modification times. # https://www.unboundtech.com/docs/UKC/UKC_Code_Signing_IG/HTML/Content/Products/UKC-EKM/UKC_Code_Signing_IG/Sign_Windows_PE_and_msi_Files.htm . $(dirname $0)/../test_library +script_path=$(pwd) # PE file # Warning: -add-msi-dse option is only valid for MSI files @@ -14,18 +15,19 @@ # Warning: -add-msi-dse option is only valid for MSI files # MSI file -test_name="411. Signing a MSI file with the add-msi-dse option" +test_name="411. Sign a MSI file with the add-msi-dse option" printf "\n%s\n" "$test_name" if [ -s "sample.msi" ] then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ -add-msi-dse \ -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \ -pass passme \ - -in "sample.msi" -out "test_411.msi"' - verify_signature "$?" "411" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078" "UNUSED_PATTERN" #"MsiDigitalSignatureEx" + -in "sample.msi" -out "test_411.msi" +#"MsiDigitalSignatureEx 4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078" + verify_signature "$?" "411" "msi" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "HEX" "4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078" "UNUSED_PATTERN" test_result "$?" "$test_name" else printf "Test skipped\n" diff --git a/tests/recipes/42_sign_jp_low b/tests/recipes/42_sign_jp_low new file mode 100644 index 0000000..aaaa88e --- /dev/null +++ b/tests/recipes/42_sign_jp_low @@ -0,0 +1,31 @@ +#!/bin/sh +# Sign a CAB file with "jp low" option +# https://support.microsoft.com/en-us/help/193877 + +. $(dirname $0)/../test_library +script_path=$(pwd) + +# PE file +# Warning: -jp option is only valid for CAB files + +# CAB file +test_name="421. Sign a CAB file with jp low option" +printf "\n%s\n" "$test_name" +if [ -s "test.ex_" ] + then + ../../osslsigncode sign -h sha256 \ + -st "1556668800" \ + -jp low \ + -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ + -in "test.ex_" -out "test_421.ex_" + verify_signature "$?" "421" "ex_" "success" "@2019-09-01 12:00:00" \ + "UNUSED_PATTERN" "HEX" "3006030200013000" "UNUSED_PATTERN" + test_result "$?" "$test_name" + else + printf "Test skipped\n" + fi + +# MSI file +# Warning: -jp option is only valid for CAB files + +exit 0 diff --git a/tests/recipes/51_sign_jp_low b/tests/recipes/51_sign_jp_low deleted file mode 100644 index 938a42d..0000000 --- a/tests/recipes/51_sign_jp_low +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh -# Signing a CAB file with "jp low" option -# https://support.microsoft.com/en-us/help/193877 - -. $(dirname $0)/../test_library - -# PE file -# Warning: -jp option is only valid for CAB files - -# CAB file -test_name="511. Signing a CAB file with jp low option" -printf "\n%s\n" "$test_name" -if [ -s "test.ex_" ] - then - faketime -f '@2019-01-01 00:00:00' /bin/bash -c ' - script_path=$(pwd) - ../../osslsigncode sign -h sha256 \ - -jp low \ - -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \ - -in "test.ex_" -out "test_511.ex_"' - verify_signature "$?" "511" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "3006030200013000" "UNUSED_PATTERN" - test_result "$?" "$test_name" - else - printf "Test skipped\n" - fi - -# MSI file -# Warning: -jp option is only valid for CAB files - -exit 0