forked from Cisco-Talos/clamav
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix unit test caused by expiring signing certificate
The clamscan test "assorted_test.py::TC::test_pe_cert_trust" is about to fail because the "test.exe" test file was signed with a cert set to expire after only 2 years, and it has been 23 months. While attempting to generate a new one that will last 73000 days (200 years), I discovered that any signing certificate set to expire after 2038 will fail the trust-check because the `ca.not_after` variable is maxed out `time_t` incapable of expressing a higher number. To fix this, I've upgraded the variables to `uint64_t`. I also had to replace a bunch of generated signatures to match the new "test.exe". Finally, I noticed that "ca.not_before" was being set to the token[8] instead of token[9], which presumably mean the "NotBefore" field for Trusted and Revoked Certificates was non-functional, as it was treating the "CertSign" boolean as the "NotBefore" value. Fixes: Cisco-Talos#1300
- Loading branch information
1 parent
1d30588
commit e97abab
Showing
24 changed files
with
26 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
..._tests/input/pe_allmatch/alert-sigs/Test.GenSig.HDB_1of2_MD5_FIXED_testexe.UNOFFICIAL.hdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
05fcb14bd4dbad8617251d4e22708367:1447976:Test.GenSig.HDB_1of2_MD5_FIXED_testexe | ||
8a655379478861572791e2404f45f9ed:1447992:Test.GenSig.HDB_1of2_MD5_FIXED_testexe |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.HDB_2of2_MD5_STAR_testexe.UNOFFICIAL.hdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
05fcb14bd4dbad8617251d4e22708367:*:Test.GenSig.HDB_2of2_MD5_STAR_testexe:73 | ||
8a655379478861572791e2404f45f9ed:*:Test.GenSig.HDB_2of2_MD5_STAR_testexe:73 |
2 changes: 1 addition & 1 deletion
2
...tests/input/pe_allmatch/alert-sigs/Test.GenSig.HSB_1of4_SHA1_FIXED_testexe.UNOFFICIAL.hsb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
2ba31b0352bae4f57c1c9144f64ac7a57c010876:1447976:Test.GenSig.HSB_1of4_SHA1_FIXED_testexe | ||
4a2a55f483339bf55fae340f82d3b42001b30e16:1447992:Test.GenSig.HSB_1of4_SHA1_FIXED_testexe |
2 changes: 1 addition & 1 deletion
2
..._tests/input/pe_allmatch/alert-sigs/Test.GenSig.HSB_2of4_SHA1_STAR_testexe.UNOFFICIAL.hsb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
2ba31b0352bae4f57c1c9144f64ac7a57c010876:*:Test.GenSig.HSB_2of4_SHA1_STAR_testexe:73 | ||
4a2a55f483339bf55fae340f82d3b42001b30e16:*:Test.GenSig.HSB_2of4_SHA1_STAR_testexe:73 |
2 changes: 1 addition & 1 deletion
2
...sts/input/pe_allmatch/alert-sigs/Test.GenSig.HSB_3of4_SHA256_FIXED_testexe.UNOFFICIAL.hsb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
4f713f2f0d3269d5ea24bf58c8acff9ad67d53044c07f028ae825cacffb6e82e:1447976:Test.GenSig.HSB_3of4_SHA256_FIXED_testexe | ||
ecb52dac06daf876b6ed53063c5fdd5a3e05a0e70f7d326670f202f36ae66c95:1447992:Test.GenSig.HSB_3of4_SHA256_FIXED_testexe |
2 changes: 1 addition & 1 deletion
2
...ests/input/pe_allmatch/alert-sigs/Test.GenSig.HSB_4of4_SHA256_STAR_testexe.UNOFFICIAL.hsb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
4f713f2f0d3269d5ea24bf58c8acff9ad67d53044c07f028ae825cacffb6e82e:*:Test.GenSig.HSB_4of4_SHA256_STAR_testexe:73 | ||
ecb52dac06daf876b6ed53063c5fdd5a3e05a0e70f7d326670f202f36ae66c95:*:Test.GenSig.HSB_4of4_SHA256_STAR_testexe:73 |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MDB_01of16_MD5_FIXED_text.UNOFFICIAL.mdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
34304:c2cf3afc85a94f96246ebc2d10427b99:Test.GenSig.MDB_01of16_MD5_FIXED_text | ||
34304:1931e3808e2374839e1cb81790d14c14:Test.GenSig.MDB_01of16_MD5_FIXED_text |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MDB_02of16_MD5_STAR_text.UNOFFICIAL.mdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:c2cf3afc85a94f96246ebc2d10427b99:Test.GenSig.MDB_02of16_MD5_STAR_text:73 | ||
*:1931e3808e2374839e1cb81790d14c14:Test.GenSig.MDB_02of16_MD5_STAR_text:73 |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MDB_03of16_MD5_FIXED_data.UNOFFICIAL.mdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1168896:6623c7640384c88d74cc4d7701a02627:Test.GenSig.MDB_03of16_MD5_FIXED_data | ||
1168896:b724ae3f375a29dd4d5fbe37f430c0ea:Test.GenSig.MDB_03of16_MD5_FIXED_data |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MDB_04of16_MD5_STAR_data.UNOFFICIAL.mdb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:6623c7640384c88d74cc4d7701a02627:Test.GenSig.MDB_04of16_MD5_STAR_data:73 | ||
*:b724ae3f375a29dd4d5fbe37f430c0ea:Test.GenSig.MDB_04of16_MD5_STAR_data:73 |
2 changes: 1 addition & 1 deletion
2
..._tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_01of32_SHA1_FIXED_text.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
34304:7bcc8fbbab4b38c28cb9a571fa7004d8ff47b09d:Test.GenSig.MSB_01of32_SHA1_FIXED_text | ||
34304:45f9f37f318a50c62d3f26699f2415338ddc1f81:Test.GenSig.MSB_01of32_SHA1_FIXED_text |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_02of32_SHA1_STAR_text.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:7bcc8fbbab4b38c28cb9a571fa7004d8ff47b09d:Test.GenSig.MSB_02of32_SHA1_STAR_text:73 | ||
*:45f9f37f318a50c62d3f26699f2415338ddc1f81:Test.GenSig.MSB_02of32_SHA1_STAR_text:73 |
2 changes: 1 addition & 1 deletion
2
..._tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_03of32_SHA1_FIXED_data.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1168896:dae420693dde3530da0ad06f593148c9647a66b3:Test.GenSig.MSB_03of32_SHA1_FIXED_data | ||
1168896:9cdbd12ab842a2d021be6cb8f379ee219e817fd7:Test.GenSig.MSB_03of32_SHA1_FIXED_data |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_04of32_SHA1_STAR_data.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:dae420693dde3530da0ad06f593148c9647a66b3:Test.GenSig.MSB_04of32_SHA1_STAR_data:73 | ||
*:9cdbd12ab842a2d021be6cb8f379ee219e817fd7:Test.GenSig.MSB_04of32_SHA1_STAR_data:73 |
2 changes: 1 addition & 1 deletion
2
...ests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_17of32_SHA256_FIXED_text.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
34304:a0174c8dfab8cd480495fede811c9fcd16ec40db6d9dbe69e9e5f32907be3a1a:Test.GenSig.MSB_17of32_SHA256_FIXED_text | ||
34304:73757fdfd15f2e63995a547e86cc4568a9137bfb2f64a588ad9e6f45ddd5e367:Test.GenSig.MSB_17of32_SHA256_FIXED_text |
2 changes: 1 addition & 1 deletion
2
...tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_18of32_SHA256_STAR_text.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:a0174c8dfab8cd480495fede811c9fcd16ec40db6d9dbe69e9e5f32907be3a1a:Test.GenSig.MSB_18of32_SHA256_STAR_text:73 | ||
*:73757fdfd15f2e63995a547e86cc4568a9137bfb2f64a588ad9e6f45ddd5e367:Test.GenSig.MSB_18of32_SHA256_STAR_text:73 |
2 changes: 1 addition & 1 deletion
2
...ests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_19of32_SHA256_FIXED_data.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1168896:96559752f87084cc488e3163b615d13eac1816580375facd2f872a3e4d808789:Test.GenSig.MSB_19of32_SHA256_FIXED_data | ||
1168896:09dbd8590151147c35c0b096c7b437d69cfa08bb7116b2f1dfc20a7c8e6d7a58:Test.GenSig.MSB_19of32_SHA256_FIXED_data |
2 changes: 1 addition & 1 deletion
2
...tests/input/pe_allmatch/alert-sigs/Test.GenSig.MSB_20of32_SHA256_STAR_data.UNOFFICIAL.msb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
*:96559752f87084cc488e3163b615d13eac1816580375facd2f872a3e4d808789:Test.GenSig.MSB_20of32_SHA256_STAR_data:73 | ||
*:09dbd8590151147c35c0b096c7b437d69cfa08bb7116b2f1dfc20a7c8e6d7a58:Test.GenSig.MSB_20of32_SHA256_STAR_data:73 |
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/block-cert-sigs/Test.Sig.CRB.BlockCert.crb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
Test.Sig.CRB.BlockCert;0;8b166a274bfaa700a912edd57e8e41365beea576;d2a8ea878c4bba243788488f59354835a005baae;E709F7C042C0DFE60CDEF79BFEC8723468DE92B027E4BC31C2D2B8224DE04B6A23C49C8FEBFAD35274651AA5DAA91FD392E0336B31140F90C125E43E4DEBD3276659BBC639425595F4713C4CAC1892D5D136F76263EDE02DF4EBB849A508B492C7BD3FE295617FC5FF1C482543C938F389D521D8E758D59183C7986A5729E16B5BC3081CF3A749447E23106D170E5835BA137821202B100124EDAD00F7508C19F8103B774E9FA19989058EC52776934690E2CAD67B99E93A9AD50C470E0DF4C48F9F78DBFCEF812730A3A458A310A913CCA7E0B10699A4A441C8900A59193FFDC7376162DA6DB805E4BD9AD9463717B6EEDACAD53AEA9E7FDBB2826588FBF8E45F390B4A44A6A01787DC8110581DD1DC00407C3868F3534241BB340AED7CC9CAB56D27F7E6B645F7CC7BA7B0D1BFB27036F09B9FB25B396575C16B0BF3177FE052F7B5C8BB97F72E69DA7971EAFA643C68E36B5F156BAD46F3E3A580A7CE56BA92ACB972143DDA4B20867A45081262DF2E7A1F80A9D3588C60D48010F10461A8AE675CF8EE47E66425A5A6A0D95F1076AFEC6246C3AA635C13AC1E9CEA760316FD89AE2C19FDF696A106BC20B5A2F8E14613A4633726ADC92FD67B6E219CE1A419FE7F397F153C2591547EE08B19C54C8F04B0F6824EABD2572AF9115486479567A77853DDA31CB84609154BA3A043AD0548204875FF365047BC4B7382FD03AF;010001;0;1;0;;Generated with details from sigtool --print-certs | ||
Test.Sig.CRB.BlockCert;0;a5f872f51516a7b95493a152eb79b61d8999188c;e8fe30ff40549bb36227b3b6fa978bc3b7c93a1b;CA5767E912FAC33005614BF5A30360CBB1C194B3B5EA7AE78DF228B76A745AE803F248CFFAE9BD8690935CE5173BB31565D04A931DD2F1D99E17B1BDD35C066F2DD097A87B1786F437156995193D5F1FD49CD855AF0FD9A3BBEA2F8A267770F0F402B28107087142A166C3FDAF673F75518F74DBA6014669FC4377D572F32F58E32F1E575508E547AA2FE25B085B58414562D77F7FE85E92F285F0B52C276A6B68A7E17E9ACBD62DD40ACD1319EE844772EADBACB789A42583953827F2EF6D796292C3ABD2F9533EB07EF196EC7274C17E7FC43B182B543FE1AC4612A995820CAEA2BF3F4FDC4BCC559E95D6180D1B34F51F7D46E40B6CAA88C0BDCDF07E9A8B415E87F57F6BAA207CBC5843D70E5C0A98E643A5E1D8614C3D9C8765B617A1568133DF55FE7E4DC7AB717EAA670E1590569FE0423619DCB062F9E2579717E9231EE44C95DE7218F2D602828C33D08305049BDE439F783B7C478B0F41DB0ADB607429D7CE33E8CB7DC98FE5ECACF21D135D0B4D5F1361BF3898450A9923D00804657CB1A5940B6D25E10A615FC77F68A60A589A2A5BA052FB6B97C22538ED1801D34950FBF4401CB3CAD2839DD3E733F3F0A8F279C886FDE63F5384B3507F03A1A6FF314A32A724D9D5C4794B7A5B01183F7977AACD402B778B900BA03C2E2D52E3A6F1C8524B833701DC6EB4538EDBD516B64BD2CAE8B7AF23312407C0F09421;010001;0;1;0;;Generated with details from sigtool --print-certs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
2 changes: 1 addition & 1 deletion
2
unit_tests/input/pe_allmatch/trust-sigs/Test.Sig.CRB.TrustCert.crb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
Test.Sig.CRB.TrustCert;1;8b166a274bfaa700a912edd57e8e41365beea576;d2a8ea878c4bba243788488f59354835a005baae;E709F7C042C0DFE60CDEF79BFEC8723468DE92B027E4BC31C2D2B8224DE04B6A23C49C8FEBFAD35274651AA5DAA91FD392E0336B31140F90C125E43E4DEBD3276659BBC639425595F4713C4CAC1892D5D136F76263EDE02DF4EBB849A508B492C7BD3FE295617FC5FF1C482543C938F389D521D8E758D59183C7986A5729E16B5BC3081CF3A749447E23106D170E5835BA137821202B100124EDAD00F7508C19F8103B774E9FA19989058EC52776934690E2CAD67B99E93A9AD50C470E0DF4C48F9F78DBFCEF812730A3A458A310A913CCA7E0B10699A4A441C8900A59193FFDC7376162DA6DB805E4BD9AD9463717B6EEDACAD53AEA9E7FDBB2826588FBF8E45F390B4A44A6A01787DC8110581DD1DC00407C3868F3534241BB340AED7CC9CAB56D27F7E6B645F7CC7BA7B0D1BFB27036F09B9FB25B396575C16B0BF3177FE052F7B5C8BB97F72E69DA7971EAFA643C68E36B5F156BAD46F3E3A580A7CE56BA92ACB972143DDA4B20867A45081262DF2E7A1F80A9D3588C60D48010F10461A8AE675CF8EE47E66425A5A6A0D95F1076AFEC6246C3AA635C13AC1E9CEA760316FD89AE2C19FDF696A106BC20B5A2F8E14613A4633726ADC92FD67B6E219CE1A419FE7F397F153C2591547EE08B19C54C8F04B0F6824EABD2572AF9115486479567A77853DDA31CB84609154BA3A043AD0548204875FF365047BC4B7382FD03AF;010001;1;0;0;;Generated with details from sigtool --print-certs | ||
Test.Sig.CRB.TrustCert;1;a5f872f51516a7b95493a152eb79b61d8999188c;e8fe30ff40549bb36227b3b6fa978bc3b7c93a1b;CA5767E912FAC33005614BF5A30360CBB1C194B3B5EA7AE78DF228B76A745AE803F248CFFAE9BD8690935CE5173BB31565D04A931DD2F1D99E17B1BDD35C066F2DD097A87B1786F437156995193D5F1FD49CD855AF0FD9A3BBEA2F8A267770F0F402B28107087142A166C3FDAF673F75518F74DBA6014669FC4377D572F32F58E32F1E575508E547AA2FE25B085B58414562D77F7FE85E92F285F0B52C276A6B68A7E17E9ACBD62DD40ACD1319EE844772EADBACB789A42583953827F2EF6D796292C3ABD2F9533EB07EF196EC7274C17E7FC43B182B543FE1AC4612A995820CAEA2BF3F4FDC4BCC559E95D6180D1B34F51F7D46E40B6CAA88C0BDCDF07E9A8B415E87F57F6BAA207CBC5843D70E5C0A98E643A5E1D8614C3D9C8765B617A1568133DF55FE7E4DC7AB717EAA670E1590569FE0423619DCB062F9E2579717E9231EE44C95DE7218F2D602828C33D08305049BDE439F783B7C478B0F41DB0ADB607429D7CE33E8CB7DC98FE5ECACF21D135D0B4D5F1361BF3898450A9923D00804657CB1A5940B6D25E10A615FC77F68A60A589A2A5BA052FB6B97C22538ED1801D34950FBF4401CB3CAD2839DD3E733F3F0A8F279C886FDE63F5384B3507F03A1A6FF314A32A724D9D5C4794B7A5B01183F7977AACD402B778B900BA03C2E2D52E3A6F1C8524B833701DC6EB4538EDBD516B64BD2CAE8B7AF23312407C0F09421;010001;1;0;0;;Generated with details from sigtool --print-certs |