nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 09:08:04 -05:00
Code Issues Projects Releases Wiki Activity

tests improvements

Browse Source
This commit is contained in:
olszomal 2019-12-06 14:03:59 +01:00 committed by Michał Trojnara
parent a77ed9c9e1
commit d36a10bf09
31 changed files with 620 additions and 586 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
tests/recipes/01_sign_pem
View File

@ -1,51 +1,53 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the certificate and private key files in the PEM format.
# Sign a PE/CAB/MSI file with the certificate and private key files in the PEM format.
# -st 1556668800 is the Unix time of May 1 00:00:00 2019 GMT
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="011. Signing a PE file with the certificate and private key files in the PEM format"
test_name="011. Sign a PE file with the certificate and private key files in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_011.exe"'
verify_signature "$?" "011" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_011.exe"
verify_signature "$?" "011" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="012. Signing a CAB file with the certificate and private key files in the PEM format"
test_name="012. Sign a CAB file with the certificate and private key files in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_012.ex_"'
verify_signature "$?" "012" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_012.ex_"
verify_signature "$?" "012" "ex_" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="013. Signing a MSI file with the certificate and private key files in the PEM format"
test_name="013. Sign a MSI file with the certificate and private key files in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_013.msi"'
verify_signature "$?" "013" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_013.msi"
verify_signature "$?" "013" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/02_sign_pass
View File

@ -1,54 +1,55 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the encrypted private key file in the PEM format.
# Sign a PE/CAB/MSI file with the encrypted private key file in the PEM format.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="021. Signing a PE file with the encrypted private key file in the PEM format"
test_name="021. Sign a PE file with the encrypted private key file in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "test.exe" -out "test_021.exe"'
verify_signature "$?" "021" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_021.exe"
verify_signature "$?" "021" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="022. Signing a CAB file with the encrypted private key file in the PEM format"
test_name="022. Sign a CAB file with the encrypted private key file in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "test.ex_" -out "test_022.ex_"'
verify_signature "$?" "022" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_022.ex_"
verify_signature "$?" "022" "ex_" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="023. Signing a MSI file with the encrypted private key file in the PEM format"
test_name="023. Sign a MSI file with the encrypted private key file in the PEM format"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "sample.msi" -out "test_023.msi"'
verify_signature "$?" "023" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_023.msi"
verify_signature "$?" "023" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/03_sign_der
View File

@ -1,55 +1,56 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the encrypted private key file in the DER format.
# Sign a PE/CAB/MSI file with the encrypted private key file in the DER format.
# Requires OpenSSL 1.0.0 or later
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="031. Signing a PE file with the encrypted private key file in the DER format"
test_name="031. Sign a PE file with the encrypted private key file in the DER format"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \
-pass passme \
-in "test.exe" -out "test_031.exe"'
verify_signature "$?" "031" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_031.exe"
verify_signature "$?" "031" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="032. Signing a CAB file with the encrypted private key file in the DER format"
test_name="032. Sign a CAB file with the encrypted private key file in the DER format"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \
-pass passme \
-in "test.ex_" -out "test_032.ex_"'
verify_signature "$?" "032" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_032.ex_"
verify_signature "$?" "032" "ex_" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="033. Signing a MSI file with the encrypted private key file in the DER format"
test_name="033. Sign a MSI file with the encrypted private key file in the DER format"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \
-pass passme \
-in "sample.msi" -out "test_033.msi"'
verify_signature "$?" "033" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_033.msi"
verify_signature "$?" "033" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/04_sign_spc
View File

@ -1,55 +1,56 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the certificate file in the SPC format
# Sign a PE/CAB/MSI file with the certificate file in the SPC format
# and the private key file in the PEM format.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="041. Signing a PE file a SPC certificate file"
test_name="041. Sign a PE file a SPC certificate file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "test.exe" -out "test_041.exe"'
verify_signature "$?" "041" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_041.exe"
verify_signature "$?" "041" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="042. Signing a CAB file a SPC certificate file"
test_name="042. Sign a CAB file a SPC certificate file"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "test.ex_" -out "test_042.ex_"'
verify_signature "$?" "042" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_042.ex_"
verify_signature "$?" "042" "ex_" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="043. Signing a MSI file a SPC certificate file"
test_name="043. Sign a MSI file a SPC certificate file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.spc" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "sample.msi" -out "test_043.msi"'
verify_signature "$?" "043" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_043.msi"
verify_signature "$?" "043" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/05_sign_pkcs12
View File

@ -1,53 +1,54 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container.
# Sign a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="051. Signing a PE file with a certificate and key stored in a PKCS#12 container"
test_name="051. Sign a PE file with a certificate and key stored in a PKCS#12 container"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-pkcs12 "${script_path}/../certs/cert.p12" -pass passme \
-in "test.exe" -out "test_051.exe"'
verify_signature "$?" "051" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_051.exe"
verify_signature "$?" "051" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="052. Signing a CAB file with a certificate and key stored in a PKCS#12 container"
test_name="052. Sign a CAB file with a certificate and key stored in a PKCS#12 container"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-pkcs12 "${script_path}/../certs/cert.p12" \
-pass passme \
-in "test.ex_" -out "test_052.ex_"'
verify_signature "$?" "052" "ex_" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_052.ex_"
verify_signature "$?" "052" "ex_" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="053. Signing a MSI file with a certificate and key stored in a PKCS#12 container"
test_name="053. Sign a MSI file with a certificate and key stored in a PKCS#12 container"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-pkcs12 "${script_path}/../certs/cert.p12" \
-pass passme \
-in "sample.msi" -out "test_053.msi"'
verify_signature "$?" "053" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_053.msi"
verify_signature "$?" "053" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/07_sign_timestamp
View File

@ -1,54 +1,55 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with Authenticode timestamping
# Sign a PE/CAB/MSI file with Authenticode timestamping
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="071. Signing a PE file with Authenticode timestamping"
test_name="071. Sign a PE file with Authenticode timestamping"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-t http://time.certum.pl/ \
-in "test.exe" -out "test_071.exe" 2>> "results.log" 1>&2'
verify_signature "$?" "071" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test.exe" -out "test_071.exe" 2>> "results.log" 1>&2
verify_signature "$?" "071" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="072. Signing a CAB file with Authenticode timestamping"
test_name="072. Sign a CAB file with Authenticode timestamping"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-t http://time.certum.pl/ \
-in "test.ex_" -out "test_072.ex_" 2>> "results.log" 1>&2'
verify_signature "$?" "072" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test.ex_" -out "test_072.ex_" 2>> "results.log" 1>&2
verify_signature "$?" "072" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="073. Signing a MSI file with Authenticode timestamping"
test_name="073. Sign a MSI file with Authenticode timestamping"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-t http://time.certum.pl/ \
-in "sample.msi" -out "test_073.msi"'
verify_signature "$?" "073" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "sample.msi" -out "test_073.msi"
verify_signature "$?" "073" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/08_sign_rfc3161
View File

@ -1,58 +1,59 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with RFC 3161 timestamping
# Sign a PE/CAB/MSI file with RFC 3161 timestamping
# An RFC3161 timestamp server provides an essential function in protecting
# data records for the long-term. It provides proof that the data existed
# at a particular moment in time and that it has not changed, even by
# a single binary bit, since it was notarized and time-stamped.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="081. Signing a PE file with RFC 3161 timestamping"
test_name="081. Sign a PE file with RFC 3161 timestamping"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ts http://time.certum.pl/ \
-in "test.exe" -out "test_081.exe"'
verify_signature "$?" "081" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test.exe" -out "test_081.exe"
verify_signature "$?" "081" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="082. Signing a CAB file with RFC 3161 timestamping"
test_name="082. Sign a CAB file with RFC 3161 timestamping"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ts http://time.certum.pl/ \
-in "test.ex_" -out "test_082.ex_"'
verify_signature "$?" "082" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test.ex_" -out "test_082.ex_"
verify_signature "$?" "082" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="083. Signing a MSI file with RFC 3161 timestamping"
test_name="083. Sign a MSI file with RFC 3161 timestamping"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ts http://time.certum.pl/ \
-in "sample.msi" -out "test_083.msi"'
verify_signature "$?" "083" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "sample.msi" -out "test_083.msi"
verify_signature "$?" "083" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/09_sign_page_hashes
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Generating page hashes for a PE file
# Generate page hashes for a PE file
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="091. Generating page hashes for a PE file"
test_name="091. Generate page hashes for a PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 -ph \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_091.exe"'
verify_signature "$?" "091" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_091.exe"
verify_signature "$?" "091" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/10_sign_blob
View File

@ -1,54 +1,55 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with addUnauthenticatedBlob.
# Sign a PE/CAB/MSI file with addUnauthenticatedBlob.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="101. Signing a PE file with addUnauthenticatedBlob"
test_name="101. Sign a PE file with addUnauthenticatedBlob"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-addUnauthenticatedBlob \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_101.exe" 2>> "results.log" 1>&2'
verify_signature "$?" "101" "exe" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN"
-in "test.exe" -out "test_101.exe" 2>> "results.log" 1>&2
verify_signature "$?" "101" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="102. Signing a CAB file with addUnauthenticatedBlob"
test_name="102. Sign a CAB file with addUnauthenticatedBlob"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-addUnauthenticatedBlob \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_102.ex_" 2>> "results.log" 1>&2'
verify_signature "$?" "102" "ex_" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN"
-in "test.ex_" -out "test_102.ex_" 2>> "results.log" 1>&2
verify_signature "$?" "102" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="103. Signing a MSI file with addUnauthenticatedBlob"
test_name="103. Sign a MSI file with addUnauthenticatedBlob"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-addUnauthenticatedBlob \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_103.msi" 2>> "results.log" 1>&2'
verify_signature "$?" "103" "msi" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN"
-in "sample.msi" -out "test_103.msi" 2>> "results.log" 1>&2
verify_signature "$?" "103" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

25
tests/recipes/11_sign_nest
View File

@ -1,24 +1,26 @@
#!/bin/sh
# Signing a PE/CAB/MSI file twice with the "nest" flag in the second time
# Sign a PE/CAB/MSI file twice with the "nest" flag in the second time
# in order to add the new signature instead of replacing the first one.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="111. Signing a PE file with the nest flag"
test_name="111. Sign a PE file with the nest flag"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_111_signed.exe"
../../osslsigncode sign -h sha512 \
-nest \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test_111_signed.exe" -out "test_111.exe"'
verify_signature "$?" "111" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "SHA256" "SHA512"
-in "test_111_signed.exe" -out "test_111.exe"
verify_signature "$?" "111" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -28,20 +30,21 @@ if [ -s "test.exe" ]
# Error: -nest option is only valid for PE/MSI files
# MSI file
test_name="113. Signing a MSI file with the nest flag"
test_name="113. Sign a MSI file with the nest flag"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_113_signed.msi"
../../osslsigncode sign -h sha512 \
-nest \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test_113_signed.msi" -out "test_113.msi"'
verify_signature "$?" "113" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "SHA256" "SHA512"
-in "test_113_signed.msi" -out "test_113.msi"
verify_signature "$?" "113" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/12_sign_readpass_pem
View File

@ -1,54 +1,55 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with a PEM key file with a password together with a PEM certificate.
# Sign a PE/CAB/MSI file with a PEM key file and a password read from password.txt file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="121. Signing a PE file with a PEM key file with a password read from password.txt file"
test_name="121. Sign a PE file with the PEM key file and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_121.exe"'
verify_signature "$?" "121" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_121.exe"
verify_signature "$?" "121" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="122. Signing a CAB file with a PEM key file with a password read from password.txt file"
test_name="122. Sign a CAB file with a PEM key file and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_122.ex_"'
verify_signature "$?" "122" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_122.ex_"
verify_signature "$?" "122" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="123. Signing a MSI file with a PEM key file with a password read from password.txt file"
test_name="123. Sign a MSI file with a PEM key file and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_123.msi"'
verify_signature "$?" "123" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_123.msi"
verify_signature "$?" "123" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/13_sign_readpass_pkcs12
View File

@ -1,55 +1,56 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container
# Sign a PE/CAB/MSI file with the certificate and key stored in a PKCS#12 container
# and a password read from password.txt file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="131. Signing a PE file with a PKCS#12 container and a password read from password.txt file"
test_name="131. Sign a PE file with a PKCS#12 container and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-pkcs12 "${script_path}/../certs/cert.p12" \
-in "test.exe" -out "test_131.exe"'
verify_signature "$?" "131" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_131.exe"
verify_signature "$?" "131" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="132. Signing a CAB file with a PKCS#12 container and a password read from password.txt file"
test_name="132. Sign a CAB file with a PKCS#12 container and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-pkcs12 "${script_path}/../certs/cert.p12" \
-in "test.ex_" -out "test_132.ex_"'
verify_signature "$?" "132" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.ex_" -out "test_132.ex_"
verify_signature "$?" "132" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="133. Signing a MSI file with a PKCS#12 container and a password read from password.txt file"
test_name="133. Sign a MSI file with a PKCS#12 container and the file with a password"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-readpass "${script_path}/../certs/password.txt" \
-pkcs12 "${script_path}/../certs/cert.p12" \
-in "sample.msi" -out "test_133.msi"'
verify_signature "$?" "133" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "sample.msi" -out "test_133.msi"
verify_signature "$?" "133" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/14_sign_descryption
View File

@ -1,54 +1,55 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with a descryption
# Sign a PE/CAB/MSI file with a descryption
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="141. Signing a PE file with a descryption"
test_name="141. Sign a PE file with a descryption"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-n "DESCRYPTION_TEXT" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_141.exe"'
verify_signature "$?" "141" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
-in "test.exe" -out "test_141.exe"
verify_signature "$?" "141" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="142. Signing a CAB file with a descryption"
test_name="142. Sign a CAB file with a descryption"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-n "DESCRYPTION_TEXT" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_142.ex_"'
verify_signature "$?" "142" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
-in "test.ex_" -out "test_142.ex_"
verify_signature "$?" "142" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="143. Signing a MSI file with a descryption"
test_name="143. Sign a MSI file with a descryption"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-n "DESCRYPTION_TEXT" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_143.msi"'
verify_signature "$?" "143" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
-in "sample.msi" -out "test_143.msi"
verify_signature "$?" "143" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "DESCRYPTION_TEXT" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/15_sign_url
View File

@ -1,55 +1,56 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with specified URL for expanded description of the signed content
# Sign a PE/CAB/MSI file with specified URL for expanded description of the signed content
# https://docs.microsoft.com/en-us/windows-hardware/drivers/install/authenticode-signing-of-csps
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="151. Signing a PE file with specified URL"
test_name="151. Sign a PE file with specified URL"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-i "https://www.osslsigncode.com/" \
-in "test.exe" -out "test_151.exe"'
verify_signature "$?" "151" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
-in "test.exe" -out "test_151.exe"
verify_signature "$?" "151" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="152. Signing a CAB file with specified URL"
test_name="152. Sign a CAB file with specified URL"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-i "https://www.osslsigncode.com/" \
-in "test.ex_" -out "test_152.ex_"'
verify_signature "$?" "152" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
-in "test.ex_" -out "test_152.ex_"
verify_signature "$?" "152" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="153. Signing a MSI file with specified URL"
test_name="153. Sign a MSI file with specified URL"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-i "https://www.osslsigncode.com/" \
-in "sample.msi" -out "test_153.msi"'
verify_signature "$?" "153" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
-in "sample.msi" -out "test_153.msi"
verify_signature "$?" "153" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "https://www.osslsigncode.com/" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/16_sign_comm
View File

@ -1,57 +1,58 @@
#!/bin/sh
# Signing a PE/CAB/MSI file with the commercial purpose set for SPC_STATEMENT_TYPE_OBJID
# Sign a PE/CAB/MSI file with the commercial purpose set for SPC_STATEMENT_TYPE_OBJID
# object ID numbers (OIDs) "1.3.6.1.4.1.311.2.1.11"
# changes default Individual Code Signing: "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15"
# sets Commercial Code Signing: "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x16"
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="161. Signing a PE file with the common purpose set"
test_name="161. Sign a PE file with the common purpose set"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-comm \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_161.exe"'
verify_signature "$?" "161" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
-in "test.exe" -out "test_161.exe"
verify_signature "$?" "161" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="162. Signing a CAB file with the common purpose set"
test_name="162. Sign a CAB file with the common purpose set"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-comm \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_162.ex_"'
verify_signature "$?" "162" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
-in "test.ex_" -out "test_162.ex_"
verify_signature "$?" "162" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="163. Signing a MSI file with the common purpose set"
test_name="163. Sign a MSI file with the common purpose set"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-comm \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_163.msi"'
verify_signature "$?" "163" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
-in "sample.msi" -out "test_163.msi"
verify_signature "$?" "163" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "HEX" "300c060a2b060104018237020116" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

33
tests/recipes/17_sign_crosscertfile
View File

@ -1,56 +1,57 @@
#!/bin/sh
# Adding an additional certificate to the signature block of the PE/CAB/MSI file.
# Add an additional certificate to the signature block of the PE/CAB/MSI file.
# https://docs.microsoft.com/en-us/windows-hardware/drivers/install/authenticode-signing-of-csps
# https://docs.microsoft.com/en-us/windows/win32/seccertenroll/about-cross-certification
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="171. Adding an additional certificate to the signature block of the PE file"
test_name="171. Add an additional certificate to the signature block of the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ac "${script_path}/../certs/crosscert.pem" \
-in "test.exe" -out "test_171.exe"'
verify_signature "$?" "171" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert"
-in "test.exe" -out "test_171.exe"
verify_signature "$?" "171" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# CAB file
test_name="172. Adding an additional certificate to the signature block of the CAB file"
test_name="172. Add an additional certificate to the signature block of the CAB file"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ac "${script_path}/../certs/crosscert.pem" \
-in "test.ex_" -out "test_172.ex_"'
verify_signature "$?" "172" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert"
-in "test.ex_" -out "test_172.ex_"
verify_signature "$?" "172" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
test_name="173. Adding an additional certificate to the signature block of the MSI file"
test_name="173. Add an additional certificate to the signature block of the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-ac "${script_path}/../certs/crosscert.pem" \
-in "sample.msi" -out "test_173.msi"'
verify_signature "$?" "173" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "crosscert"
-in "sample.msi" -out "test_173.msi"
verify_signature "$?" "173" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "crosscert" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/21_sign_hash_md5
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Signing a PE file with md5 set of cryptographic hash functions.
# Sign a PE file with MD5 set of cryptographic hash functions.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="211. Signing a PE file with md5 set of cryptographic hash functions"
test_name="211. Sign a PE file with MD5 set of cryptographic hash functions"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h md5 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_211.exe"'
verify_signature "$?" "211" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "MD5"
-in "test.exe" -out "test_211.exe"
verify_signature "$?" "211" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "MD5" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/22_sign_hash_sha1
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Signing a PE file with sha1 set of cryptographic hash functions.
# Sign a PE file with SHA1 set of cryptographic hash functions.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="221. Signing a PE file with sha1 set of cryptographic hash functions"
test_name="221. Sign a PE file with SHA1 set of cryptographic hash functions"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha1 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_221.exe"'
verify_signature "$?" "221" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA1"
-in "test.exe" -out "test_221.exe"
verify_signature "$?" "221" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA1" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/23_sign_hash_sha2
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Signing a PE file with sha2 set of cryptographic hash functions.
# Signing a PE file with SHA1 set of cryptographic hash functions.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="231. Signing a PE file with sha2 set of cryptographic hash functions"
test_name="231. Signing a PE file with SHA1 set of cryptographic hash functions"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha2 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_231.exe"'
verify_signature "$?" "231" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA2"
-in "test.exe" -out "test_231.exe"
verify_signature "$?" "231" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA2" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/24_sign_hash_sha384
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Signing a PE file with sha384 set of cryptographic hash functions.
# Sign a PE file with SHA384 set of cryptographic hash functions.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="241. Signing a PE file with sha384 set of cryptographic hash functions"
test_name="241. Sign a PE file with SHA384 set of cryptographic hash functions"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha384 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_241.exe"'
verify_signature "$?" "241" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "SHA384"
-in "test.exe" -out "test_241.exe"
verify_signature "$?" "241" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA384" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

13
tests/recipes/25_sign_hash_sha512
View File

@ -1,19 +1,20 @@
#!/bin/sh
# Signing a PE file with sha512 set of cryptographic hash functions.
# Sign a PE file with SHA512 set of cryptographic hash functions.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="251. Signing a PE file with sha512 set of cryptographic hash functions"
test_name="251. Sign a PE file with SHA512 set of cryptographic hash functions"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha512 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_251.exe"'
verify_signature "$?" "251" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test.exe" -out "test_251.exe"
verify_signature "$?" "251" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "SHA512" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

23
tests/recipes/31_extract_signature
View File

@ -1,21 +1,22 @@
#!/bin/sh
# Extracting the signature from the PE/MSI file.
# Extract the signature from the PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="311. Extracting the signature from the PE file"
test_name="311. Extract the signature from the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_311.exe" && \
../../osslsigncode extract-signature -pem \
-in "test_311.exe" -out "sign_pe.pem"'
verify_signature "$?" "311" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test_311.exe" -out "sign_pe.pem"
verify_signature "$?" "311" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -25,18 +26,18 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="312. Extracting the signature from the MSI file"
test_name="312. Extract the signature from the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_312.msi" && \
../../osslsigncode extract-signature -pem \
-in "test_312.msi" -out "sign_msi.pem"'
verify_signature "$?" "312" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-in "test_312.msi" -out "sign_msi.pem"
verify_signature "$?" "312" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

23
tests/recipes/32_attach_signature
View File

@ -1,18 +1,19 @@
#!/bin/sh
# Attaching the signature to the PE/MSI file.
# Attach the signature to the PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="321. Attaching the signature to the PE file"
test_name="321. Attach the signature to the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode attach-signature -sigin "sign_pe.pem" \
-in "test.exe" -out "test_321.exe"'
verify_signature "$?" "321" "exe" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-CAfile "${script_path}/../certs/CACert.pem" \
-in "test.exe" -out "test_321.exe"
verify_signature "$?" "321" "exe" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -22,15 +23,15 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="322. Attaching the signature to the MSI file"
test_name="322. Attach the signature to the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode attach-signature -sigin "sign_msi.pem" \
-in "sample.msi" -out "test_322.msi"'
verify_signature "$?" "322" "msi" "UNUSED_PATTERN" "sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
-CAfile "${script_path}/../certs/CACert.pem" \
-in "sample.msi" -out "test_322.msi"
verify_signature "$?" "322" "msi" "success" "@2019-09-01 12:00:00" \
"sha256sum" "ASCII" "osslsigncode" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

23
tests/recipes/33_remove_signature
View File

@ -1,21 +1,22 @@
#!/bin/sh
# Removing the signature from the PE/MSI file.
# Remove the signature from the PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="331. Removing the signature from the PE file"
test_name="331. Remove the signature from the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_331_signed.exe" && \
../../osslsigncode remove-signature \
-in "test_331_signed.exe" -out "test_331.exe"'
verify_no_signature "$?" "331" "exe" "sha256sum"
-in "test_331_signed.exe" -out "test_331.exe"
verify_signature "$?" "331" "exe" "fail" "@2019-09-01 12:00:00" \
"sha256sum" "UNUSED_PATTERN" "UNUSED_PATTERN" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -25,18 +26,18 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="332. Removing the signature from the MSI file"
test_name="332. Remove the signature from the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_332_signed.msi" && \
../../osslsigncode remove-signature \
-in "test_332_signed.msi" -out "test_332.msi"'
verify_no_signature "$?" "332" "msi" "sha256sum"
-in "test_332_signed.msi" -out "test_332.msi"
verify_signature "$?" "332" "msi" "fail" "@2019-09-01 12:00:00" \
"sha256sum" "UNUSED_PATTERN" "UNUSED_PATTERN" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

28
tests/recipes/36_add_signature_blob
View File

@ -1,22 +1,23 @@
#!/bin/sh
# Adding an unauthenticated blob to the PE/MSI file.
# Add an unauthenticated blob to the PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="361. Adding an unauthenticated blob to the PE file"
test_name="361. Add an unauthenticated blob to the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_361_signed.exe" && \
-in "test.exe" -out "test_361_signed.exe"
../../osslsigncode add \
-addUnauthenticatedBlob \
-in "test_361_signed.exe" -out "test_361.exe"'
verify_signature "$?" "361" "exe" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN"
-in "test_361_signed.exe" -out "test_361.exe"
verify_signature "$?" "361" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -26,20 +27,19 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="362. Adding an unauthenticated blob to the MSI file"
test_name="362. Add an unauthenticated blob to the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
cat "sample.msi" > "test_362.msi"
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_362_signed.msi" && \
-in "sample.msi" -out "test_362_signed.msi"
../../osslsigncode add \
-addUnauthenticatedBlob \
-in "test_362_signed.msi" -out "test_362.msi"'
verify_signature "$?" "362" "msi" "MODIFY" "UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "UNUSED_PATTERN"
-in "test_362_signed.msi" -out "test_362.msi"
verify_signature "$?" "362" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "BEGIN_BLOB" "MODIFY"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

24
tests/recipes/37_add_signature_timestamp
View File

@ -1,22 +1,23 @@
#!/bin/sh
# Adding an authenticode timestamp to the PE/MSI file.
# Add an authenticode timestamp to the PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="371. Adding an authenticode timestamp to the PE file"
test_name="371. Add an authenticode timestamp to the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_371_signed.exe" && \
../../osslsigncode add \
-t http://time.certum.pl/ \
-in "test_371_signed.exe" -out "test_371.exe"'
verify_signature "$?" "371" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test_371_signed.exe" -out "test_371.exe"
verify_signature "$?" "371" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -26,20 +27,19 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="372. Adding an authenticode timestamp to the MSI file"
test_name="372. Add an authenticode timestamp to the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
cat "sample.msi" > "test_372.msi"
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_372_signed.msi" && \
../../osslsigncode add \
-t http://time.certum.pl/ \
-in "test_372_signed.msi" -out "test_372.msi"'
verify_signature "$?" "372" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test_372_signed.msi" -out "test_372.msi"
verify_signature "$?" "372" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

28
tests/recipes/38_add_signature_rfc3161
View File

@ -1,22 +1,23 @@
#!/bin/sh
# Adding an RFC 3161 timestamp to the PE/MSI file.
# Add an RFC 3161 timestamp to signed PE/MSI file.
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="381. Adding an RFC 3161 timestamp to the PE file"
test_name="381. Add RFC 3161 timestamp to signed PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.exe" -out "test_381_signed.exe" && \
-in "test.exe" -out "test_381_signed.exe"
../../osslsigncode add \
-ts http://time.certum.pl/ \
-in "test_381_signed.exe" -out "test_381.exe"'
verify_signature "$?" "381" "exe" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test_381_signed.exe" -out "test_381.exe"
verify_signature "$?" "381" "exe" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
@ -26,20 +27,19 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="382. Adding an RFC 3161 timestamp to the MSI file"
test_name="382. Add RFC 3161 timestamp to signed MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
cat "sample.msi" > "test_382.msi"
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "sample.msi" -out "test_382_signed.msi" && \
-in "sample.msi" -out "test_382_signed.msi"
../../osslsigncode add \
-ts http://time.certum.pl/ \
-in "test_382_signed.msi" -out "test_382.msi"'
verify_signature "$?" "382" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "ASCII" "Unizeto" "Unizeto"
-in "test_382_signed.msi" -out "test_382.msi"
verify_signature "$?" "382" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "ASCII" "Unizeto" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

32
tests/recipes/40_verify_leaf_hash
View File

@ -1,21 +1,23 @@
#!/bin/sh
# Comparing the leaf certificate hash against specified SHA256 message digest for the PE/MSI file
# Compare the leaf certificate hash against specified SHA256 message digest for the PE/MSI file
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
test_name="401. Comparing the leaf certificate hash against specified SHA256 message digest for the PE file"
test_name="401. Compare the leaf certificate hash against specified SHA256 message digest for the PE file"
printf "\n%s\n" "$test_name"
if [ -s "test.exe" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \
-in "test.exe" -out "test_401.exe"'
../../osslsigncode verify -in "test_401.exe" \
-require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d' ' -f1)
-in "test.exe" -out "test_401.exe"
TZ=GMT faketime -f '@2019-05-01 00:00:00' /bin/bash -c '
printf "Verify time: " && date && printf "\n"
script_path=$(pwd)
../../osslsigncode verify -CAfile "${script_path}/../certs/CACert.pem" -in "test_401.exe" \
-require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d" " -f1)'
if test_result "$?" "$test_name"
then
rm -f "test_401.exe"
@ -28,20 +30,22 @@ if [ -s "test.exe" ]
# Command is not supported for non-PE/non-MSI files
# MSI file
test_name="402. Comparing the leaf certificate hash against specified SHA256 message digest for the MSI file"
test_name="402. Compare the leaf certificate hash against specified SHA256 message digest for the MSI file"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.der" \
-in "test.exe" -out "test_402.exe"'
../../osslsigncode verify -in "test_402.exe" \
-require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d' ' -f1)
-in "sample.msi" -out "test_402.msi"
TZ=GMT faketime -f '@2019-05-01 00:00:00' /bin/bash -c '
printf "Verify time: " && date && printf "\n"
script_path=$(pwd)
../../osslsigncode verify -CAfile "${script_path}/../certs/CACert.pem" -in "test_402.msi" \
-require-leaf-hash SHA256:$(sha256sum "${script_path}/../certs/cert.der" | cut -d" " -f1)'
if test_result "$?" "$test_name"
then
rm -f "test_402.exe"
rm -f "test_402.msi"
fi
else
printf "Test skipped\n"

14
tests/recipes/41_sign_add_msi_dse
View File

@ -1,11 +1,12 @@
#!/bin/sh
# Signing a MSI file with the add-msi-dse option.
# Sign a MSI file with the add-msi-dse option.
# MsiDigitalSignatureEx (msi-dse) is an enhanced signature type that can be used
# when signing MSI files. In addition to file content, it also hashes some file metadata,
# specifically file names, file sizes, creation times and modification times.
# https://www.unboundtech.com/docs/UKC/UKC_Code_Signing_IG/HTML/Content/Products/UKC-EKM/UKC_Code_Signing_IG/Sign_Windows_PE_and_msi_Files.htm
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
# Warning: -add-msi-dse option is only valid for MSI files
@ -14,18 +15,19 @@
# Warning: -add-msi-dse option is only valid for MSI files
# MSI file
test_name="411. Signing a MSI file with the add-msi-dse option"
test_name="411. Sign a MSI file with the add-msi-dse option"
printf "\n%s\n" "$test_name"
if [ -s "sample.msi" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-add-msi-dse \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/keyp.pem" \
-pass passme \
-in "sample.msi" -out "test_411.msi"'
verify_signature "$?" "411" "msi" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078" "UNUSED_PATTERN" #"MsiDigitalSignatureEx"
-in "sample.msi" -out "test_411.msi"
#"MsiDigitalSignatureEx 4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078"
verify_signature "$?" "411" "msi" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "HEX" "4d00730069004400690067006900740061006c005300690067006e0061007400750072006500450078" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"

31
tests/recipes/42_sign_jp_low Normal file
View File

@ -0,0 +1,31 @@
#!/bin/sh
# Sign a CAB file with "jp low" option
# https://support.microsoft.com/en-us/help/193877
. $(dirname $0)/../test_library
script_path=$(pwd)
# PE file
# Warning: -jp option is only valid for CAB files
# CAB file
test_name="421. Sign a CAB file with jp low option"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
../../osslsigncode sign -h sha256 \
-st "1556668800" \
-jp low \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_421.ex_"
verify_signature "$?" "421" "ex_" "success" "@2019-09-01 12:00:00" \
"UNUSED_PATTERN" "HEX" "3006030200013000" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
# Warning: -jp option is only valid for CAB files
exit 0

30
tests/recipes/51_sign_jp_low
View File

@ -1,30 +0,0 @@
#!/bin/sh
# Signing a CAB file with "jp low" option
# https://support.microsoft.com/en-us/help/193877
. $(dirname $0)/../test_library
# PE file
# Warning: -jp option is only valid for CAB files
# CAB file
test_name="511. Signing a CAB file with jp low option"
printf "\n%s\n" "$test_name"
if [ -s "test.ex_" ]
then
faketime -f '@2019-01-01 00:00:00' /bin/bash -c '
script_path=$(pwd)
../../osslsigncode sign -h sha256 \
-jp low \
-certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
-in "test.ex_" -out "test_511.ex_"'
verify_signature "$?" "511" "ex_" "UNUSED_PATTERN" "UNUSED_PATTERN" "HEX" "3006030200013000" "UNUSED_PATTERN"
test_result "$?" "$test_name"
else
printf "Test skipped\n"
fi
# MSI file
# Warning: -jp option is only valid for CAB files
exit 0