diff --git a/authenticode-config.cmake b/authenticode-config.cmake index da5957e..6b8ee3d 100644 --- a/authenticode-config.cmake +++ b/authenticode-config.cmake @@ -1,2 +1,2 @@ -find_package(OpenSSL 1.0.1 REQUIRED) +find_package(OpenSSL 1.1.1 REQUIRED) include(${CMAKE_CURRENT_LIST_DIR}/authenticode-targets.cmake) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 30d85d9..45a157b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -16,7 +16,8 @@ set(gtest_force_shared_crt ON CACHE BOOL "" FORCE) FetchContent_MakeAvailable(googletest) add_executable(tests - integration/test.cpp + integration/test_microsoft.cpp + integration/test_non_microsoft.cpp unit/countersignature.cpp unit/certificate.cpp unit/helper.cpp) diff --git a/tests/data.h b/tests/data.h index 4bf0c5a..70e8404 100644 --- a/tests/data.h +++ b/tests/data.h @@ -405,6 +405,189 @@ "76k3su0TSVhNZbXFb80ASw==\n" \ "-----END PKCS7-----\n" +#define VALID_SIGNATURE_PEM_MICROSOFT_COUNTER \ + "-----BEGIN PKCS7-----\n" \ + "MIIhXQYJKoZIhvcNAQcCoIIhTjCCIUoCAQExDzANBglghkgBZQMEAgEFADBcBgor\n" \ + "BgEEAYI3AgEEoE4wTDAXBgorBgEEAYI3AgEPMAkDAQCgBKICgAAwMTANBglghkgB\n" \ + "ZQMEAgEFAAQgx/75TjKb2bZrKBU5Jl+YkxM1bL2cNF355nDpxLbg7c6gggtYMIIF\n" \ + "bzCCBFegAwIBAgITMwAAALIPmthnlPMi9gAAAAAAsjANBgkqhkiG9w0BAQsFADCB\n" \ + "jjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl\n" \ + "ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE4MDYGA1UEAxMv\n" \ + "TWljcm9zb2Z0IFdpbmRvd3MgVGhpcmQgUGFydHkgQ29tcG9uZW50IENBIDIwMTIw\n" \ + "HhcNMjAxMjE1MjIxNTMwWhcNMjExMjAyMjIxNTMwWjCBkTELMAkGA1UEBhMCVVMx\n" \ + "EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT\n" \ + "FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE7MDkGA1UEAxMyTWljcm9zb2Z0IFdpbmRv\n" \ + "d3MgSGFyZHdhcmUgQ29tcGF0aWJpbGl0eSBQdWJsaXNoZXIwggEiMA0GCSqGSIb3\n" \ + "DQEBAQUAA4IBDwAwggEKAoIBAQCZ8Mvh97s1+NdSDuMQQmFP8WJfahRttWXzOsi1\n" \ + "91Lm8LgV4Hc1Dlp2xcP5VVHFo/t9VJn1GDzJca4vskbeCAUSjx+3LVhZMnkM3YB2\n" \ + "dy0WryH1libJD5USJNVnpqaJBx4laPD+BvZDcGO+MSlL4ADlje2q1YCov9m6Ob3t\n" \ + "fCVDkOSCrN1Rm5gWTdmGQZVl/zKIq/MO133qd4EPLfFWweOeNDknKw2PG1WfgyP1\n" \ + "rxLuPMPzTF3ItPv3M3B28JGQSxYKLVP60BqVTSaLByfkQRQw33Unj3nMrIEFW0ba\n" \ + "/96m6prXTr82/S3+XwW1PDnC0GKylnxRxmeObM0IMgMoRy2HAgMBAAGjggG/MIIB\n" \ + "uzAfBgNVHSUEGDAWBgorBgEEAYI3CgMFBggrBgEFBQcDAzAdBgNVHQ4EFgQUAacC\n" \ + "woi4cJdR/kAf/aPCsLeFqIgwUAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jv\n" \ + "c29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAxNTMrNDYz\n" \ + "MDM2MB8GA1UdIwQYMBaAFGFxp4ev/2nVIXZPUpMoAL55EquEMHQGA1UdHwRtMGsw\n" \ + "aaBnoGWGY2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jv\n" \ + "c29mdCUyMFdpbmRvd3MlMjBUaGlyZCUyMFBhcnR5JTIwQ29tcG9uZW50JTIwQ0El\n" \ + "MjAyMDEyLmNybDCBgQYIKwYBBQUHAQEEdTBzMHEGCCsGAQUFBzAChmVodHRwOi8v\n" \ + "d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFdpbmRv\n" \ + "d3MlMjBUaGlyZCUyMFBhcnR5JTIwQ29tcG9uZW50JTIwQ0ElMjAyMDEyLmNydDAM\n" \ + "BgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAZmsxqhxfA21tLIxLczYux\n" \ + "4z70knMfuOHWC9b2kN4HS22SKTyCYAEtysxmimjxDnJqN9L/fuZrHupCT1bxBCSb\n" \ + "1tfn66jBdF9PEUO6x+ZI5IwbKhrfaVS13hZp3xnEvlYzt5G3o8uiNkEAb9WKwtSU\n" \ + "odANrbw7P+UKetAWPLOGaTgkEGtd2fm4pXnkX1xfiASDK4p3NwHgyjHe6aAS/OWR\n" \ + "FJLek77qRKOCL3qDxEikhO65N6T6f0Bnh5uRDlNMlm0mUL1ck/BmZWqg9MfDGBYd\n" \ + "Sos2cFbfQq9goKrQ6y3ju0e5a5SPLISfMwz+9Znxd1u21BzxUN7LQKg9WAByfZd+\n" \ + "MIIF4TCCA8mgAwIBAgIKYQuqwQAAAAAACTANBgkqhkiG9w0BAQsFADCBiDELMAkG\n" \ + "A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx\n" \ + "HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9z\n" \ + "b2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTIwNDE4MjM0\n" \ + "ODM4WhcNMjcwNDE4MjM1ODM4WjCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh\n" \ + "c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD\n" \ + "b3Jwb3JhdGlvbjE4MDYGA1UEAxMvTWljcm9zb2Z0IFdpbmRvd3MgVGhpcmQgUGFy\n" \ + "dHkgQ29tcG9uZW50IENBIDIwMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" \ + "AoIBAQCjnDCECadjLs8KR/DqJPmjMCAPXlcxJoGaMQeyUNTOZwkIZQpapUuu1e0Q\n" \ + "LuelmbWfaC+Yi1gCrCC0KcRxvSgcpf08m2TkxevfYSW88O5ov9Gny34qAoFOZFwM\n" \ + "U4Z5Vxk3YbeY+QygTiJZm/kbLWc8JzxWkGbj/X9lfQ+GvTVH6IrM9NqO6WpOq6dV\n" \ + "7KKJHtUzRVPL+Z53vc0s+QW4f3QBHej7GOFD0Q3pqtw3b73+uA/tHU0BRk4KrPyC\n" \ + "6OxWgxOOOgHtFGR06mSyZhC2aG3IcAB9UEguPUPu4CSVxs2Ox/245JXP3X77lV6h\n" \ + "Ac1DsQfXpDDum4YaKm7BC1midG+LAgMBAAGjggFDMIIBPzAQBgkrBgEEAYI3FQEE\n" \ + "AwIBADAdBgNVHQ4EFgQUYXGnh6//adUhdk9SkygAvnkSq4QwGQYJKwYBBAGCNxQC\n" \ + "BAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYD\n" \ + "VR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZF\n" \ + "aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9v\n" \ + "Q2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcw\n" \ + "AoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJB\n" \ + "dXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAFqKZ9rM1f0NJkF3\n" \ + "vwpGeLSz3hJpK3cjwmUvAV/SA/RhulCdLow5cvNsPmqxHnZt7LfzgtzMu8VpcChz\n" \ + "Zhc/VOvuARZIxEbZG4CugTqND3ltaLCe6i0/OdPKOH69XnwIbhncxsL0ODNoYeJS\n" \ + "R4PhAAFW0rrLh4IFMQpBi07nf19f7V/TOS1F66ITv/0ewphBcWEWX8gKcCV8WWkx\n" \ + "JORx5wq7BBf3n3IeydK7Gr49Av4JDLJDtFkamVOTliFf4Na3JgFClTasJ/2+9IV3\n" \ + "aD0YvfS+mIgiEYZSFvNF7AOXEHCHo3BDcTzbyYYDFwz1c1vGfeFcZO3XxUjX7TLi\n" \ + "0arTz6f2V05h+XfrZ/KIs94A2gOP0Io0Nz4d2GK40rHz4S+LcjuBlnxv/OxmdnJg\n" \ + "GyTyoIltW20ALu8o3YaHBcK0ueW+ZMIq8koVXJjixCeF/1LjYn4PsgIL12bHCrLT\n" \ + "PSAEFFAyWYMKfZvtWjgSAVK6L14gco5K8f3ncQKMO+EHvslz9N1H2LTvtKSzMLmJ\n" \ + "PnbKuQCYVn6r6oq4pdA4q2l3EwsUL+mqQR/3ur06KzSK7gqrY+Zj94gkjiANKzud\n" \ + "48JJUqyfHw45O13UblBq5n1SOqp8MxUpDSZeAVinTqk9eoRvdD9gn+QyTzYAr21x\n" \ + "0z6mRmVfgXTx/sFx2kygQVqC3fEfMYIVeDCCFXQCAQEwgaYwgY4xCzAJBgNVBAYT\n" \ + "AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD\n" \ + "VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xODA2BgNVBAMTL01pY3Jvc29mdCBX\n" \ + "aW5kb3dzIFRoaXJkIFBhcnR5IENvbXBvbmVudCBDQSAyMDEyAhMzAAAAsg+a2GeU\n" \ + "8yL2AAAAAACyMA0GCWCGSAFlAwQCAQUAoIGuMBkGCSqGSIb3DQEJAzEMBgorBgEE\n" \ + "AYI3AgEEMBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJ\n" \ + "BDEiBCAW78UlDE1KmaAO0q2aDj2PvCHaW+law1rTOz2cPzcZoTBCBgorBgEEAYI3\n" \ + "AgEMMTQwMqAQgA4AUAByAG8AYwBlAHgAcKEegBxodHRwczovL3d3dy5zeXNpbnRl\n" \ + "cm5hbHMuY29tMA0GCSqGSIb3DQEBAQUABIIBADFezXsgSTCtb/LuWnk3z2zPMi20\n" \ + "W3F/JeY8sjPVTwmoEHYhglcCh0a75ilUymow6ut8xCILl+7Evlm2e6U4A5goHn2y\n" \ + "X/06UUI5l0jXFjSXby6tyoD2xZZHhXN+o5gT5Ke92ryvXkKzYsOc37cO3Q5/7Jxr\n" \ + "5lqWqCGXJ3pOqBI4KDCA7mgyZtzSk6POoXHEbb+PBKvBB0Fj0HGF/j/q+8m2jpV3\n" \ + "iDEII1StD5C9BjlHdZeRiCKnAvvWjomSnGFg/VXJ6rzqahqij3JTcmBaYnrcJXub\n" \ + "5kY7OYXP4CDO+rrY14LY4VHEdHNOm3i2Ihae5wqIRjKyBdvg6iUz7D7H9bOhghLx\n" \ + "MIIS7QYKKwYBBAGCNwMDATGCEt0wghLZBgkqhkiG9w0BBwKgghLKMIISxgIBAzEP\n" \ + "MA0GCWCGSAFlAwQCAQUAMIIBVQYLKoZIhvcNAQkQAQSgggFEBIIBQDCCATwCAQEG\n" \ + "CisGAQQBhFkKAwEwMTANBglghkgBZQMEAgEFAAQg7d+KRTQOFrNVao5Ss/zS5zxc\n" \ + "R9NqpnFP/u8sGWA3Z28CBmD69yXH+BgTMjAyMTA4MTcwMjAxMzMuMDYzWjAEgAIB\n" \ + "9KCB1KSB0TCBzjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO\n" \ + "BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEp\n" \ + "MCcGA1UECxMgTWljcm9zb2Z0IE9wZXJhdGlvbnMgUHVlcnRvIFJpY28xJjAkBgNV\n" \ + "BAsTHVRoYWxlcyBUU1MgRVNOOjMyQkQtRTNENS0zQjFEMSUwIwYDVQQDExxNaWNy\n" \ + "b3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIORDCCBPUwggPdoAMCAQICEzMAAAFi\n" \ + "0P4C8wHlzUkAAAAAAWIwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzAR\n" \ + "BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p\n" \ + "Y3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh\n" \ + "bXAgUENBIDIwMTAwHhcNMjEwMTE0MTkwMjIyWhcNMjIwNDExMTkwMjIyWjCBzjEL\n" \ + "MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v\n" \ + "bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEpMCcGA1UECxMgTWlj\n" \ + "cm9zb2Z0IE9wZXJhdGlvbnMgUHVlcnRvIFJpY28xJjAkBgNVBAsTHVRoYWxlcyBU\n" \ + "U1MgRVNOOjMyQkQtRTNENS0zQjFEMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T\n" \ + "dGFtcCBTZXJ2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74ah\n" \ + "1Pa5wvcyvYNCy/YQs1tK8rIGlh1Qq1QFaJmYVXLXykb+m5yCStzmL227wJjsalZX\n" \ + "8JA2YcbaZV5Icwm9vAJz8AC/sk/dsUK3pmDvkhtVI04YDV6otuZCILpQB9Ipcs3d\n" \ + "0e1Dl2KKFvdibOk0/0rRxU9l+/Yxeb5lVTRERLxzI+Rd6Xv5QQYT6Sp2IE0N1vzI\n" \ + "Fd3yyO773T5XifNgL5lZbtIUnYUVmUBKlVoemO/54aiFeVBpIG+YzhDTF7cuHNAz\n" \ + "xWIbP1wt4VIqAV9JjuqLMvvBSD56pi8NTKM9fxrERAeaTS2HbfBYfmnRZ27Czjeo\n" \ + "0ijQ5DSZGi0ErvWfKQIDAQABo4IBGzCCARcwHQYDVR0OBBYEFMvEShFgSkO3Onzg\n" \ + "HlaVk3aQ/iprMB8GA1UdIwQYMBaAFNVjOlyKMZDzQ3t8RhvFM2hahW1VMFYGA1Ud\n" \ + "HwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3By\n" \ + "b2R1Y3RzL01pY1RpbVN0YVBDQV8yMDEwLTA3LTAxLmNybDBaBggrBgEFBQcBAQRO\n" \ + "MEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2Vy\n" \ + "dHMvTWljVGltU3RhUENBXzIwMTAtMDctMDEuY3J0MAwGA1UdEwEB/wQCMAAwEwYD\n" \ + "VR0lBAwwCgYIKwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggEBAC1BrcOhdhtb9xcA\n" \ + "JtxVIUZ7iALwZewXFIdPcmDAVT810k5xuRwVNW9Onq+WZO8ebqwiOSdEEHReLU0F\n" \ + "Oo/DbS7q79PsKdz/PSBPqZ/1ysjRVH0L5HUK2N7NgpkR1lnt+41BaOzJ+00OFDL5\n" \ + "GqeqvK3RWh7MtqWF6KKcfNkP/hjiFlg9/S7xNK/Vl8q10HB5YbdBTQun8j1Jsih6\n" \ + "YMb3tFQsxw++ra5+FSnc4yJhAYvVaqTKRKepEmwzYhwDiXh2ag80/p0uDkOvs1Wh\n" \ + "gogwidpBVmNLAMxmFavK9+LNfRKvPIuCQw+EsxWR8vFBBJDfs14WTsXVF94CQ1YC\n" \ + "HqYI5EEwggZxMIIEWaADAgECAgphCYEqAAAAAAACMA0GCSqGSIb3DQEBCwUAMIGI\n" \ + "MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk\n" \ + "bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylN\n" \ + "aWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0xMDA3\n" \ + "MDEyMTM2NTVaFw0yNTA3MDEyMTQ2NTVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI\n" \ + "EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv\n" \ + "ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD\n" \ + "QSAyMDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR0NvHcRijog\n" \ + "7PwTl/X6f2mUa3RUENWlCgCChfvtfGhLLF/Fw+Vhwna3PmYrW/AVUycEMR9BGxqV\n" \ + "Hc4JE458YTBZsTBED/FgiIRUQwzXTbg4CLNC3ZOs1nMwVyaCo0UN0Or1R4HNvyRg\n" \ + "MlhgRvJYR4YyhB50YWeRX4FUsc+TTJLBxKZd0WETbijGGvmGgLvfYfxGwScdJGcS\n" \ + "chohiq9LZIlQYrFd/XcfPfBXday9ikJNQFHRD5wGPmd/9WbAA5ZEfu/QS/1u5ZrK\n" \ + "sajyeioKMfDaTgaRtogINeh4HLDpmc085y9Euqf03GS9pAHBIAmTeM38vMDJRF1e\n" \ + "FpwBBU8iTQIDAQABo4IB5jCCAeIwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYE\n" \ + "FNVjOlyKMZDzQ3t8RhvFM2hahW1VMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBB\n" \ + "MAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP\n" \ + "6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWlj\n" \ + "cm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2\n" \ + "LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cu\n" \ + "bWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMu\n" \ + "Y3J0MIGgBgNVHSABAf8EgZUwgZIwgY8GCSsGAQQBgjcuAzCBgTA9BggrBgEFBQcC\n" \ + "ARYxaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL1BLSS9kb2NzL0NQUy9kZWZhdWx0\n" \ + "Lmh0bTBABggrBgEFBQcCAjA0HjIgHQBMAGUAZwBhAGwAXwBQAG8AbABpAGMAeQBf\n" \ + "AFMAdABhAHQAZQBtAGUAbgB0AC4gHTANBgkqhkiG9w0BAQsFAAOCAgEAB+aIUQ3i\n" \ + "xuCYP4FxAz2do6Ehb7Prpsz1Mb7PBeKp/vpXbRkws8LFZslq3/Xn8Hi9x6ieJeP5\n" \ + "vO1rVFcIK1GCRBL7uVOMzPRgEop2zEBAQZvcXBf/XPleFzWYJFZLdO9CEMivv3/G\n" \ + "f/I3fVo/HPKZeUqRUgCvOA8X9S95gWXZqbVr5MfO9sp6AG9LMEQkIjzP7QOllo9Z\n" \ + "Kby2/QThcJ8ySif9Va8v/rbljjO7Yl+a21dA6fHOmWaQjP9qYn/dxUoLkSbiOewZ\n" \ + "SnFjnXshbcOco6I8+n99lmqQeKZt0uGc+R38ONiU9MalCpaGpL2eGq4EQoO4tYCb\n" \ + "IjggtSXlZOz39L9+Y1klD3ouOVd2onGqBooPiRa6YacRy5rYDkeagMXQzafQ732D\n" \ + "8OE7cQnfXXSYIghh2rBQHm+98eEA3+cxB6STOvdlR3jo+KhIq/fecn5ha293qYHL\n" \ + "pwmsObvsxsvYgrRyzR30uIUBHoD7G4kqVDmyW9rIDVWZeodzOwjmmC3qjeAzLhIp\n" \ + "9cAvVCch98isTtoouLGp25ayp0Kiyc8ZQU3ghvkqmqMRZjDTu3QyS99je/WZii8b\n" \ + "xyGvWbWu3EQ8l1Bx16HSxVXjad5XwdHeMMD9zOZN+w2/XU/pnR4ZOC+8z1gFLu8N\n" \ + "oFA12u8JJxzVs341Hgi62jbb01+P3nSISRKhggLSMIICOwIBATCB/KGB1KSB0TCB\n" \ + "zjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl\n" \ + "ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEpMCcGA1UECxMg\n" \ + "TWljcm9zb2Z0IE9wZXJhdGlvbnMgUHVlcnRvIFJpY28xJjAkBgNVBAsTHVRoYWxl\n" \ + "cyBUU1MgRVNOOjMyQkQtRTNENS0zQjFEMSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt\n" \ + "ZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQCas/oKGtvPRrHuznufk+in\n" \ + "dULyDKCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u\n" \ + "MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp\n" \ + "b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqG\n" \ + "SIb3DQEBBQUAAgUA5MUY7TAiGA8yMDIxMDgxNjIxMDM0MVoYDzIwMjEwODE3MjEw\n" \ + "MzQxWjB3MD0GCisGAQQBhFkKBAExLzAtMAoCBQDkxRjtAgEAMAoCAQACAg4WAgH/\n" \ + "MAcCAQACAhEqMAoCBQDkxmptAgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQB\n" \ + "hFkKAwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJKoZIhvcNAQEFBQADgYEA\n" \ + "KNml34ZXWEvO8kgJa9uw7u+F2acSHsoxOHOZ/so7COqb+iwKmVx74jfqyqorssnn\n" \ + "Vmm8+hRy4zFbEo5lACNtYIlCMB6uIgcfJlHvHAf18unlj3U7H4+BisX27wXJDshB\n" \ + "lyX3cr7ib4AVQhXjGPEUqj2MBZS/bVda3ZhDwLKqGFkxggMNMIIDCQIBATCBkzB8\n" \ + "MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk\n" \ + "bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1N\n" \ + "aWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAWLQ/gLzAeXNSQAAAAAB\n" \ + "YjANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEE\n" \ + "MC8GCSqGSIb3DQEJBDEiBCBPYkNXIBZ7/hs5bcFJ60pVHV91A+hbat8GKp+oVfgL\n" \ + "sTCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIIqqGJX7PA0OulTsNEHsyLnv\n" \ + "GLoYE1iwaOBmqrapUwoyMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT\n" \ + "Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m\n" \ + "dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB\n" \ + "IDIwMTACEzMAAAFi0P4C8wHlzUkAAAAAAWIwIgQggc576of3UYTIpBYSSlOC3fTU\n" \ + "CdPUhARDA3k0nsKK9iUwDQYJKoZIhvcNAQELBQAEggEATYtDaVhvhu0N8/NxvA4r\n" \ + "7MuRznFgDqSp3kMNY9vl0mRZZodTTzmbJvy35qAB36qm5FvEtLASS8oCJnhokn/3\n" \ + "qIMEJpwyvd3r/oWRElnF0sWrhDW3m1zJ5aILJVwEK+h1tXSTNVxzyM2m7SmlEb35\n" \ + "Wr5URlinyoOJ74AL2CTCLuq47sx68ZdaPCHXXDn94Ofayk+kPMWh9SswJ2yvhjZf\n" \ + "HSGSLyJ3X14M4dSxJPazz8b5887FOyvmK5Vitci5/Gcou2ydyESC4DGozGMTMW07\n" \ + "ii94+89h6CigWDLhgq3p8YUuO45tzZbN7YrPnS3KHl6DmfxcCbQtfCo40WWOm8vs\n" \ + "kA==\n" \ + "-----END PKCS7-----" + #define CERTIFICATE_PEM \ "-----BEGIN CERTIFICATE-----\n" \ "MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML\n" \ diff --git a/tests/integration/test_microsoft.cpp b/tests/integration/test_microsoft.cpp new file mode 100644 index 0000000..8cc58ba --- /dev/null +++ b/tests/integration/test_microsoft.cpp @@ -0,0 +1,243 @@ +/* Copyright (c) 2021 Avast Software + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +*/ + +#include "../data.h" +#include + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include + +class MicrosoftSignatureTest : public testing::Test +{ + protected: + unsigned char *data = nullptr; + long data_len = 0; + + void SetUp() override + { + BIO *bio = BIO_new(BIO_s_mem()); + BIO_write( + bio, + VALID_SIGNATURE_PEM_MICROSOFT_COUNTER, + std::strlen(VALID_SIGNATURE_PEM_MICROSOFT_COUNTER)); + char *name = nullptr; + char *header = nullptr; + PEM_read_bio(bio, &name, &header, &data, &data_len); + BIO_free_all(bio); + OPENSSL_free(name); + OPENSSL_free(header); + + initialize_authenticode_parser(); + } + + void TearDown() override { OPENSSL_free(data); } +}; + +TEST_F(MicrosoftSignatureTest, ResultOverview) +{ + AuthenticodeArray *auth = authenticode_new(data, data_len); + ASSERT_NE(auth, nullptr); + + ASSERT_EQ(auth->count, 1); + ASSERT_NE(auth->signatures, nullptr); + + for (size_t i = 0; i < auth->count; ++i) { + ASSERT_TRUE(auth->signatures[i]); + } + + authenticode_array_free(auth); +} + +TEST_F(MicrosoftSignatureTest, SignatureContent) +{ + AuthenticodeArray *auth = authenticode_new(data, data_len); + ASSERT_NE(auth, nullptr); + + ASSERT_EQ(auth->count, 1); + ASSERT_NE(auth->signatures, nullptr); + + const Authenticode *first_sig = auth->signatures[0]; + ASSERT_TRUE(first_sig); + + //***********************************// + // Check the first signature content // + EXPECT_EQ(first_sig->version, 1); + + EXPECT_TRUE(first_sig->digest.data); + uint8_t file_digest[32] = {0xc7, 0xfe, 0xf9, 0x4e, 0x32, 0x9b, 0xd9, 0xb6, 0x6b, 0x28, 0x15, + 0x39, 0x26, 0x5f, 0x98, 0x93, 0x13, 0x35, 0x6c, 0xbd, 0x9c, 0x34, + 0x5d, 0xf9, 0xe6, 0x70, 0xe9, 0xc4, 0xb6, 0xe0, 0xed, 0xce}; + EXPECT_EQ(first_sig->digest.len, 32); + EXPECT_TRUE(std::memcmp(file_digest, first_sig->digest.data, 32) == 0); + EXPECT_STREQ(first_sig->digest_alg, "sha256"); + + EXPECT_EQ(first_sig->verify_flags, AUTHENTICODE_VFY_VALID); + + //****************************// + // Check SignerInfo structure // + ASSERT_TRUE(first_sig->signer); + EXPECT_STREQ(first_sig->signer->digest_alg, "sha256"); + + ASSERT_TRUE(first_sig->signer->digest.data); + ASSERT_EQ(first_sig->signer->digest.len, 32); + uint8_t message_digest[32] = {0x16, 0xef, 0xc5, 0x25, 0x0c, 0x4d, 0x4a, 0x99, 0xa0, 0x0e, 0xd2, + 0xad, 0x9a, 0x0e, 0x3d, 0x8f, 0xbc, 0x21, 0xda, 0x5b, 0xe9, 0x5a, + 0xc3, 0x5a, 0xd3, 0x3b, 0x3d, 0x9c, 0x3f, 0x37, 0x19, 0xa1}; + EXPECT_TRUE(std::memcmp(message_digest, first_sig->signer->digest.data, 32) == 0); + ASSERT_TRUE(first_sig->signer->program_name); + ASSERT_STREQ(first_sig->signer->program_name, "Procexp"); + + //******************************************// + // Test all certificates of first signature // + ASSERT_TRUE(first_sig->certs); + ASSERT_TRUE(first_sig->certs->certs); + ASSERT_EQ(first_sig->certs->count, 2); + + //**************************// + // Check the 1. certificate // + const Certificate *cert = first_sig->certs->certs[0]; + ASSERT_TRUE(cert->sha1.data); + ASSERT_EQ(cert->sha1.len, 20); + unsigned char first_cert_sha1[20] = {0x92, 0xd7, 0x19, 0x2a, 0x7c, 0x31, 0x80, + 0x91, 0x2f, 0xf8, 0x41, 0x4f, 0x79, 0x09, + 0x73, 0xa0, 0x5c, 0x28, 0xf8, 0xb0}; + EXPECT_TRUE(std::memcmp(first_cert_sha1, cert->sha1.data, 20) == 0); + EXPECT_EQ(cert->version, 2); + EXPECT_STREQ( + cert->subject, + "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Hardware " + "Compatibility Publisher"); + EXPECT_STREQ( + cert->issuer, + "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Third Party " + "Component CA 2012"); + + //**************************// + // Check the 2. certificate // + cert = first_sig->certs->certs[1]; + ASSERT_TRUE(cert->sha1.data); + ASSERT_EQ(cert->sha1.len, 20); + unsigned char second_cert_sha1[20] = {0x77, 0xa1, 0x0e, 0xbf, 0x07, 0x54, 0x27, + 0x25, 0x21, 0x8c, 0xd8, 0x3a, 0x01, 0xb5, + 0x21, 0xc5, 0x7b, 0xc6, 0x7f, 0x73}; + EXPECT_TRUE(std::memcmp(second_cert_sha1, cert->sha1.data, 20) == 0); + + //**************************// + // Check the Counter signature // + const Countersignature *countersig = first_sig->countersigs->counters[0]; + + EXPECT_EQ(countersig->verify_flags, COUNTERSIGNATURE_VFY_VALID); + EXPECT_STREQ(countersig->digest_alg, "sha256"); + EXPECT_EQ(countersig->sign_time, 1629165693); + unsigned char first_countersig_digest[32] = {0xed, 0xdf, 0x8a, 0x45, 0x34, 0x0e, 0x16, 0xb3, + 0x55, 0x6a, 0x8e, 0x52, 0xb3, 0xfc, 0xd2, 0xe7, + 0x3c, 0x5c, 0x47, 0xd3, 0x6a, 0xa6, 0x71, 0x4f, + 0xfe, 0xef, 0x2c, 0x19, 0x60, 0x37, 0x67, 0x6f}; + ASSERT_TRUE(countersig->digest.data); + ASSERT_EQ(countersig->digest.len, 32); + EXPECT_TRUE(std::memcmp(first_countersig_digest, countersig->digest.data, 32) == 0); + + ASSERT_TRUE(countersig->chain); + EXPECT_EQ(countersig->chain->count, 2); + + //**************************// + // Check the 1. certificate // + cert = countersig->chain->certs[0]; + ASSERT_TRUE(cert->sha1.data); + ASSERT_EQ(cert->sha1.len, 20); + unsigned char first_countercert_sha1[20] = {0x9a, 0xb3, 0xfa, 0x0a, 0x1a, 0xdb, 0xcf, + 0x46, 0xb1, 0xee, 0xce, 0x7b, 0x9f, 0x93, + 0xe8, 0xa7, 0x75, 0x42, 0xf2, 0x0c}; + EXPECT_TRUE(std::memcmp(first_countercert_sha1, cert->sha1.data, 20) == 0); + ASSERT_EQ(cert->sha256.len, 32); + unsigned char first_countercert_sha256[32] = {0x8a, 0xaa, 0x18, 0x95, 0xfb, 0x3c, 0x0d, 0x0e, + 0xba, 0x54, 0xec, 0x34, 0x41, 0xec, 0xc8, 0xb9, + 0xef, 0x18, 0xba, 0x18, 0x13, 0x58, 0xb0, 0x68, + 0xe0, 0x66, 0xaa, 0xb6, 0xa9, 0x53, 0x0a, 0x32}; + EXPECT_TRUE(std::memcmp(first_countercert_sha256, cert->sha256.data, 32) == 0); + + EXPECT_EQ(cert->version, 2); + EXPECT_STREQ( + cert->subject, + "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft Operations Puerto " + "Rico/OU=Thales TSS ESN:32BD-E3D5-3B1D/CN=Microsoft Time-Stamp Service"); + EXPECT_STREQ( + cert->issuer, + "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Time-Stamp PCA 2010"); + EXPECT_EQ(cert->not_after, 1649703742); + EXPECT_EQ(cert->not_before, 1610650942); + EXPECT_STREQ( + cert->key, + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74ah1Pa5wvcyvYNCy/" + "YQs1tK8rIGlh1Qq1QFaJmYVXLXykb+m5yCStzmL227wJjsalZX8JA2YcbaZV5Icwm9vAJz8AC/sk/" + "dsUK3pmDvkhtVI04YDV6otuZCILpQB9Ipcs3d0e1Dl2KKFvdibOk0/0rRxU9l+/" + "Yxeb5lVTRERLxzI+Rd6Xv5QQYT6Sp2IE0N1vzIFd3yyO773T5XifNgL5lZbtIUnYUVmUBKlVoemO/" + "54aiFeVBpIG+" + "YzhDTF7cuHNAzxWIbP1wt4VIqAV9JjuqLMvvBSD56pi8NTKM9fxrERAeaTS2HbfBYfmnRZ27Czjeo0ijQ5DSZGi0Er" + "vWfKQIDAQAB"); + EXPECT_STREQ(cert->serial, "33:00:00:01:62:d0:fe:02:f3:01:e5:cd:49:00:00:00:00:01:62"); + EXPECT_STREQ(cert->sig_alg, "sha256WithRSAEncryption"); + EXPECT_STREQ(cert->key_alg, "rsaEncryption"); + + //**************************// + // Check the 2. certificate // + cert = countersig->chain->certs[1]; + ASSERT_TRUE(cert->sha1.data); + ASSERT_EQ(cert->sha1.len, 20); + unsigned char second_countercert_sha1[20] = {0x2a, 0xa7, 0x52, 0xfe, 0x64, 0xc4, 0x9a, + 0xbe, 0x82, 0x91, 0x3c, 0x46, 0x35, 0x29, + 0xcf, 0x10, 0xff, 0x2f, 0x04, 0xee}; + EXPECT_TRUE(std::memcmp(second_countercert_sha1, cert->sha1.data, 20) == 0); + + ASSERT_TRUE(cert->sha256.data); + ASSERT_EQ(cert->sha256.len, 32); + unsigned char second_countercert_sha256[32] = {0x86, 0xec, 0x11, 0x8d, 0x1e, 0xe6, 0x96, 0x70, + 0xa4, 0x6e, 0x2b, 0xe2, 0x9c, 0x4b, 0x42, 0x08, + 0xbe, 0x04, 0x3e, 0x36, 0x60, 0x0d, 0x4e, 0x1d, + 0xd3, 0xf3, 0xd5, 0x15, 0xca, 0x11, 0x90, 0x20}; + EXPECT_TRUE(std::memcmp(second_countercert_sha256, cert->sha256.data, 32) == 0); + + EXPECT_EQ(cert->version, 2); + EXPECT_STREQ( + cert->subject, "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Time-Stamp PCA 2010"); + EXPECT_STREQ( + cert->issuer, + "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2010"); + EXPECT_EQ(cert->not_after, 1751406415); + EXPECT_EQ(cert->not_before, 1278020215); + EXPECT_STREQ( + cert->key, + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR0NvHcRijog7PwTl/X6f2mUa3RUENWlCgCChfvtfGhLLF/Fw+Vhwna3PmYrW/AVUycEMR9BGxqVHc4JE458YTBZsTBED/FgiIRUQwzXTbg4CLNC3ZOs1nMwVyaCo0UN0Or1R4HNvyRgMlhgRvJYR4YyhB50YWeRX4FUsc+TTJLBxKZd0WETbijGGvmGgLvfYfxGwScdJGcSchohiq9LZIlQYrFd/XcfPfBXday9ikJNQFHRD5wGPmd/9WbAA5ZEfu/QS/1u5ZrKsajyeioKMfDaTgaRtogINeh4HLDpmc085y9Euqf03GS9pAHBIAmTeM38vMDJRF1eFpwBBU8iTQIDAQAB"); + EXPECT_STREQ(cert->serial, "61:09:81:2a:00:00:00:00:00:02"); + EXPECT_STREQ(cert->sig_alg, "sha256WithRSAEncryption"); + EXPECT_STREQ(cert->key_alg, "rsaEncryption"); + + authenticode_array_free(auth); +} diff --git a/tests/integration/test.cpp b/tests/integration/test_non_microsoft.cpp similarity index 100% rename from tests/integration/test.cpp rename to tests/integration/test_non_microsoft.cpp