[PATCH 6 of 6] WIP start with tests for Linux binary verification

Wald Commits scm-commit at wald.intevation.org
Thu Jul 10 19:17:07 CEST 2014 

# HG changeset patch
# User Andre Heinecke <andre.heinecke at intevation.de>
# Date 1405012581 -7200
# Node ID 2c69298b418837eb02db957307c7bfe51d2b7f69
# Parent  aec00847d86dfd3d73eb5d56761af43eb3b79e29
WIP start with tests for Linux binary verification

diff -r aec00847d86d -r 2c69298b4188 ui/tests/CMakeLists.txt
--- a/ui/tests/CMakeLists.txt	Thu Jul 10 19:15:48 2014 +0200
+++ b/ui/tests/CMakeLists.txt	Thu Jul 10 19:16:21 2014 +0200
@@ -16,6 +16,7 @@
 include_directories(${Qt5Test_INCLUDE_DIRS})
 find_program(HIAWATHA_EXECUTABLE hiawatha)
 find_program(OSSLSIGNCODE_EXECUTABLE osslsigncode)
+find_program(OPENSSL_EXECUTABLE openssl)
 
 if (NOT HIAWATHA_EXECUTABLE)
    message (STATUS "WARNING: hiawatha webserver not found. Downloader will not be run.")
@@ -27,6 +28,10 @@
    message (STATUS "WARNING: osslsigncode not found. Authenticode tests will not be run.")
 endif()
 
+if (UNIX AND NOT OPENSSL_EXECUTABLE)
+   message (STATUS "WARNING: openssl (the tool) not found. Binary verification tests will not be run.")
+endif()
+
 macro(add_custom_test _source _additional_sources)
   set(_test ${_source})
   get_filename_component(_name ${_source} NAME_WE)
@@ -108,7 +113,40 @@
          )
     endif()
 else ()
-   add_custom_test (binverifytest.cpp "")
+   if (OPENSSL_EXECUTABLE)
+      add_custom_test (binverifytest.cpp "")
+      add_custom_command(
+         TARGET binverifytest
+         POST_BUILD
+         COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/append-sig.sh ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning.key
+                 ${CMAKE_CURRENT_BINARY_DIR}/fakeinst ${CMAKE_CURRENT_BINARY_DIR}/fakeinst-signed
+         )
+#      add_custom_command(
+#         TARGET binverifytest
+#         POST_BUILD
+#         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning.pem
+#         -key ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning-other.key
+#         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/fakeinst.exe
+#         -out ${CMAKE_CURRENT_BINARY_DIR}/fakeinst-other-key.exe
+#         )
+#      add_custom_command(
+#         TARGET binverifytest
+#         POST_BUILD
+#         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning-other.pem
+#         -key ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning-other.key
+#         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/fakeinst.exe
+#         -out ${CMAKE_CURRENT_BINARY_DIR}/fakeinst-other-cert.exe
+#         )
+#      add_custom_command(
+#         TARGET binverifytest
+#         POST_BUILD
+#         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning.pem
+#         -key ${CMAKE_CURRENT_SOURCE_DIR}/data/codesign/codesigning.key
+#         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/fakeinst.exe
+#         -out ${CMAKE_CURRENT_BINARY_DIR}/fakeinst-invalid.exe &&
+#         ${CMAKE_STRIP} ${CMAKE_CURRENT_BINARY_DIR}/fakeinst-invalid.exe
+#         )
+   endif()
 endif ()
 
 if (NSS_FOUND)

More information about the Trustbridge-commits mailing list