| // Copyright 2009 Google Inc. |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| // ======================================================================== |
| // |
| // Unit tests for the Google file signature validation. |
| |
| #include <windows.h> |
| #include <atlstr.h> |
| #include "omaha/common/app_util.h" |
| #include "omaha/common/file.h" |
| #include "omaha/common/signaturevalidator.h" |
| #include "omaha/testing/unit_test.h" |
| |
| namespace omaha { |
| |
| class SignatureValidatorTest : public testing::Test { |
| virtual void SetUp() { |
| } |
| |
| virtual void TearDown() { |
| } |
| }; |
| |
| |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OfficiallySigned) { |
| const TCHAR kRelativePath[] = _T("unittest_support\\SaveArguments.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| // Tests a certificate subject containing multiple CNs such as: |
| // "CN = Google Inc (TEST), CN = Some Other CN, ... |
| // The code exactly matches on the first CN only. |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_MultipleCN) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\SaveArguments_multiple_cn.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| TEST_F(SignatureValidatorTest, |
| VerifySigneeIsGoogle_OfficiallySigned_DifferentOU) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\SaveArguments_different_ou.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OmahaTestSigned) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\SaveArguments_OmahaTestSigned.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| // The certificate was valid when it was used to sign the executable, but it has |
| // since expired. |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_SignedWithNowExpiredCert) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\GoogleUpdate_now_expired_cert.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_NoCN) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\SaveArguments_no_cn.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_WrongCN) { |
| const TCHAR kRelativePath[] = |
| _T("unittest_support\\SaveArguments_wrong_cn.exe"); |
| |
| CString executable_full_path(app_util::GetCurrentModuleDirectory()); |
| ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH), |
| kRelativePath)); |
| ASSERT_TRUE(File::Exists(executable_full_path)); |
| EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path)); |
| } |
| |
| } // namespace omaha |