common/signaturevalidator_unittest.cc - external/omaha - Git at Google

 // Copyright 2009 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 // ========================================================================
 //
 // Unit tests for the Google file signature validation.

 #include <windows.h>
 #include <atlstr.h>
 #include "omaha/common/app_util.h"
 #include "omaha/common/file.h"
 #include "omaha/common/signaturevalidator.h"
 #include "omaha/testing/unit_test.h"

 namespace omaha {

 class SignatureValidatorTest : public testing::Test {
   virtual void SetUp() {
   }

   virtual void TearDown() {
   }
 };


 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OfficiallySigned) {
   const TCHAR kRelativePath[] = _T("unittest_support\\SaveArguments.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
 }

 // Tests a certificate subject containing multiple CNs such as:
 //    "CN = Google Inc (TEST), CN = Some Other CN, ...
 // The code exactly matches on the first CN only.
 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_MultipleCN) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\SaveArguments_multiple_cn.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
 }

 TEST_F(SignatureValidatorTest,
        VerifySigneeIsGoogle_OfficiallySigned_DifferentOU) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\SaveArguments_different_ou.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
 }

 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OmahaTestSigned) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\SaveArguments_OmahaTestSigned.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
 }

 // The certificate was valid when it was used to sign the executable, but it has
 // since expired.
 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_SignedWithNowExpiredCert) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\GoogleUpdate_now_expired_cert.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
 }

 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_NoCN) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\SaveArguments_no_cn.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path));
 }

 TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_WrongCN) {
   const TCHAR kRelativePath[] =
       _T("unittest_support\\SaveArguments_wrong_cn.exe");

   CString executable_full_path(app_util::GetCurrentModuleDirectory());
   ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
                            kRelativePath));
   ASSERT_TRUE(File::Exists(executable_full_path));
   EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path));
 }

 }  // namespace omaha
	// Copyright 2009 Google Inc.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	// ========================================================================
	//
	// Unit tests for the Google file signature validation.

	#include <windows.h>
	#include <atlstr.h>
	#include "omaha/common/app_util.h"
	#include "omaha/common/file.h"
	#include "omaha/common/signaturevalidator.h"
	#include "omaha/testing/unit_test.h"

	namespace omaha {

	class SignatureValidatorTest : public testing::Test {
	virtual void SetUp() {
	}

	virtual void TearDown() {
	}
	};


	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OfficiallySigned) {
	const TCHAR kRelativePath[] = _T("unittest_support\\SaveArguments.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
	}

	// Tests a certificate subject containing multiple CNs such as:
	// "CN = Google Inc (TEST), CN = Some Other CN, ...
	// The code exactly matches on the first CN only.
	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_MultipleCN) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\SaveArguments_multiple_cn.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
	}

	TEST_F(SignatureValidatorTest,
	VerifySigneeIsGoogle_OfficiallySigned_DifferentOU) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\SaveArguments_different_ou.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
	}

	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_OmahaTestSigned) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\SaveArguments_OmahaTestSigned.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
	}

	// The certificate was valid when it was used to sign the executable, but it has
	// since expired.
	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_SignedWithNowExpiredCert) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\GoogleUpdate_now_expired_cert.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_TRUE(VerifySigneeIsGoogle(executable_full_path));
	}

	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_NoCN) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\SaveArguments_no_cn.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path));
	}

	TEST_F(SignatureValidatorTest, VerifySigneeIsGoogle_TestSigned_WrongCN) {
	const TCHAR kRelativePath[] =
	_T("unittest_support\\SaveArguments_wrong_cn.exe");

	CString executable_full_path(app_util::GetCurrentModuleDirectory());
	ASSERT_TRUE(::PathAppend(CStrBuf(executable_full_path, MAX_PATH),
	kRelativePath));
	ASSERT_TRUE(File::Exists(executable_full_path));
	EXPECT_FALSE(VerifySigneeIsGoogle(executable_full_path));
	}

	} // namespace omaha