Skip to content

Commit

Permalink
Add tests for new signatureVerified flag
Browse files Browse the repository at this point in the history
  • Loading branch information
@HoundThe @PeterMatula
HoundThe authored and PeterMatula committed Aug 25, 2021
1 parent 2fa0388 commit 9ccea43
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 0 deletions.
4 changes: 4 additions & 0 deletions tools/fileinfo/bugs/certificate-segfault/test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ def test_certificate_table_present(self):
assert len(first_sig['signer']['chain']) == 0

# Malware - invalid signature
assert first_sig['signatureVerified'] == False
assert first_sig['warnings'][0] == "Signature digest doesn't match the file digest"
assert first_sig['warnings'][1] == "Signing cert is missing"
assert first_sig['warnings'][2] == "Signature isn't valid"
Expand Down Expand Up @@ -53,6 +54,7 @@ def test_certificate_table_present(self):
assert len(first_sig['signer']['chain']) == 0

# Malware - invalid signature
assert first_sig['signatureVerified'] == False
assert first_sig['warnings'][0] == "Signature digest doesn't match the file digest"
assert first_sig['warnings'][1] == "Signing cert is missing"
assert first_sig['warnings'][2] == "Signature isn't valid"
Expand Down Expand Up @@ -88,6 +90,7 @@ def test_certificate_table_present(self):

first_sig = self.fileinfo.output['digitalSignatures']['signatures'][0]

assert first_sig['signatureVerified'] == False
assert first_sig['warnings'][0] == "Wrong contentInfo contentType"
assert first_sig['warnings'][1] == "Couldn't get SpcSpOpusInfo"
assert first_sig['warnings'][2] == "Couldn't get SignerInfo message digest"
Expand All @@ -113,6 +116,7 @@ def test_certificate_table_present(self):
assert len(first_sig['signer']['chain']) == 1

# Malware - invalid signature
assert first_sig['signatureVerified'] == False
assert first_sig['warnings'][0] == "Signature digest doesn't match the file digest"

assert len(first_sig['allCertificates']) == 3
Expand Down
17 changes: 17 additions & 0 deletions tools/fileinfo/features/certificates-info/test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def test_certificates(self):

assert len(first_sig['allCertificates']) == 5

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == 'F6B86E97AEB3E567F58901F799E18FC6F89CC92E'
Expand Down Expand Up @@ -77,6 +78,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '9FC3902927BFEDA2A3F61D650B0D2CBEC6D84597989EA6244D4EF954C67CA0B3'
Expand Down Expand Up @@ -129,6 +131,7 @@ def test_certificates(self):

assert len(first_sig['allCertificates']) == 5

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == '3E7B33AB316770BD369BFADF5FB5354730C89991'
Expand Down Expand Up @@ -186,6 +189,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '6BE0FA5AB9336DDCC6ACE35ED2BC9744860E80088F35E5D77AF254F246228CDE'
Expand Down Expand Up @@ -235,6 +239,7 @@ def test_certificates(self):

first_sig = self.fileinfo.output['digitalSignatures']['signatures'][0]

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == '0C13D3C2B3C6F48FA3485B36E08AC822C579C1E0'
Expand Down Expand Up @@ -271,6 +276,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '838379A390118A6562F3E06BE818F5A6407FD7F4FEA9ADF4C36A8B6952B1336B'
Expand Down Expand Up @@ -321,6 +327,7 @@ def test_certificates(self):

first_sig = self.fileinfo.output['digitalSignatures']['signatures'][0]

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == 'F9D74771FD4A1A2233D266F1F73B53464328EE1E'
Expand Down Expand Up @@ -368,6 +375,7 @@ def test_certificates(self):

first_sig = self.fileinfo.output['digitalSignatures']['signatures'][0]

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == '65901089C84EF122BE9397F508580A3EFC674D1D'
Expand Down Expand Up @@ -417,6 +425,8 @@ def test_certificates(self):
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == 'A6BE6C062A26427A722571FD634838DD2FE3743D'
assert first_sig['signedDigest'] == 'A6BE6C062A26427A722571FD634838DD2FE3743D'

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert len(first_sig['allCertificates']) == 7

Expand All @@ -435,6 +445,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '54227373068BB3F2721F0E9B849142F3B68FDDD43571A9327C3F9CA44420EEA8'
Expand Down Expand Up @@ -484,6 +495,7 @@ def test_certificates(self):

first_sig = self.fileinfo.output['digitalSignatures']['signatures'][0]

assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert first_sig['digestAlgorithm'] == 'sha1'
assert first_sig['fileDigest'] == '798D33E74F6F28A62A336C61CF81AE0277F47516'
Expand All @@ -507,6 +519,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '5BFB3AB09F359E11D76D95640BACB3A6CD65F2EF0D1763DC47D0B7F7203D22B7'
Expand Down Expand Up @@ -621,6 +634,7 @@ def test_certificates(self):
assert first_sig['fileDigest'] == '427DC17A763807D2DEAD406DDFD3AAE93F5CE235'
assert first_sig['signedDigest'] == '427DC17A763807D2DEAD406DDFD3AAE93F5CE235'
assert first_sig['programName'] == 'VSTST-FileConverter.exe'
assert first_sig['signatureVerified'] == True
assert len(first_sig['warnings']) == 0
assert len(first_sig['allCertificates']) == 4
assert first_sig['allCertificates'][0]['sha256'] == "E43F82BC40029F17DBB516613D1E1A96EC2940CE76E0A9CD5F53BA50175A8766"
Expand All @@ -643,6 +657,7 @@ def test_certificates(self):

second_sig = self.fileinfo.output['digitalSignatures']['signatures'][1]

assert second_sig['signatureVerified'] == True
assert len(second_sig['warnings']) == 0
assert second_sig['digestAlgorithm'] == 'sha256'
assert second_sig['fileDigest'] == '7E6B06384FF2B27537F0AC76E311C116434D02DBC735FAF113B6EFD6D629F74C'
Expand Down Expand Up @@ -733,6 +748,7 @@ def test(self):
assert len(self.fileinfo.output['digitalSignatures']['signatures']) == 2

first_signature = self.fileinfo.output['digitalSignatures']['signatures'][0]
assert first_signature['signatureVerified'] == True
assert len(first_signature['warnings']) == 0
assert len(first_signature['allCertificates']) == 6
assert first_signature['fileDigest'] == 'D643405056A4A16042D47942A8C6A59524BDA64A'
Expand All @@ -755,6 +771,7 @@ def test(self):

#######################################################################
second_signature = self.fileinfo.output['digitalSignatures']['signatures'][1]
assert second_signature['signatureVerified'] == True
assert len(second_signature['warnings']) == 0
assert len(first_signature['allCertificates']) == 6
assert second_signature['fileDigest'] == '75CACDF5BE7BAEECB89C70BC01343FB7C9E8FD000CC191F08D2A996359D617FE'
Expand Down

0 comments on commit 9ccea43

Please sign in to comment.