public void testTimestampAuthenticode() throws Exception {
File sourceFile = new File("target/test-classes/wineyes.exe");
File targetFile = new File("target/test-classes/wineyes-timestamped-authenticode.exe");
FileUtils.copyFile(sourceFile, targetFile);
PEFile peFile = new PEFile(targetFile);
PESigner signer = new PESigner(getKeyStore(), ALIAS, PRIVATE_KEY_PASSWORD);
signer.withDigestAlgorithm(DigestAlgorithm.SHA1);
signer.withTimestamping(true);
signer.withTimestampingMode(TimestampingMode.AUTHENTICODE);
signer.sign(peFile);
peFile = new PEFile(targetFile);
List<CMSSignedData> signatures = peFile.getSignatures();
assertNotNull(signatures);
assertEquals(1, signatures.size());
CMSSignedData signature = signatures.get(0);
assertNotNull(signature);
peFile.printInfo(System.out);
}
public void testBrokenTimestampingAutority(TimestampingMode mode) throws Exception {
File sourceFile = new File("target/test-classes/wineyes.exe");
File targetFile =
new File(
"target/test-classes/wineyes-timestamped-broken-" + mode.name().toLowerCase() + ".exe");
FileUtils.copyFile(sourceFile, targetFile);
PEFile peFile = new PEFile(targetFile);
PESigner signer = new PESigner(getKeyStore(), ALIAS, PRIVATE_KEY_PASSWORD);
signer.withDigestAlgorithm(DigestAlgorithm.SHA1);
signer.withTimestamping(true);
signer.withTimestampingMode(mode);
signer.withTimestampingAutority("http://github.com");
try {
signer.sign(peFile);
fail("TimestampingException not thrown");
} catch (TimestampingException e) {
// expected
}
peFile = new PEFile(targetFile);
List<CMSSignedData> signatures = peFile.getSignatures();
assertNotNull(signatures);
assertTrue(signatures.isEmpty());
}
public void testInvalidTimestampingURL() throws Exception {
PEFile peFile = new PEFile(new File("target/test-classes/wineyes.exe"));
PESigner signer = new PESigner(getKeyStore(), ALIAS, PRIVATE_KEY_PASSWORD);
signer.withDigestAlgorithm(DigestAlgorithm.SHA1);
signer.withTimestamping(true);
signer.withTimestampingMode(TimestampingMode.RFC3161);
signer.withTimestampingAutority("example://example.com");
try {
signer.sign(peFile);
fail("IllegalArgumentException not thrown");
} catch (IllegalArgumentException e) {
// expected
}
}
/**
* Tests that a custom Timestamper implementation can be provided.
*
* @throws Exception
*/
public void testWithTimestamper() throws Exception {
File sourceFile = new File("target/test-classes/wineyes.exe");
File targetFile = new File("target/test-classes/wineyes-timestamped-authenticode.exe");
FileUtils.copyFile(sourceFile, targetFile);
PEFile peFile = new PEFile(targetFile);
final HashSet<Boolean> called = new HashSet<Boolean>();
PESigner signer = new PESigner(getKeyStore(), ALIAS, PRIVATE_KEY_PASSWORD);
signer.withDigestAlgorithm(DigestAlgorithm.SHA1);
signer.withTimestamping(true);
signer.withTimestamper(
new AuthenticodeTimestamper() {
@Override
protected CMSSignedData timestamp(DigestAlgorithm algo, byte[] encryptedDigest)
throws IOException, TimestampingException {
called.add(true);
return super.timestamp(algo, encryptedDigest);
}
});
signer.sign(peFile);
peFile = new PEFile(targetFile);
List<CMSSignedData> signatures = peFile.getSignatures();
assertNotNull(signatures);
assertEquals(1, signatures.size());
CMSSignedData signature = signatures.get(0);
assertNotNull(signature);
assertTrue("expecting our Timestamper to be used", called.contains(true));
}
