Mono's Security Tools - TESTS
Last updated: August 17, 2006
-------------------------------------------------------------------------------
* AUTHENTICODE
Here's a short description on how to test any changes in the Authenticode tool
set. This set includes makecert, cert2spc, signcode and chktrust.
This is a _minimal_ sequence. Each input/output could be tested under Linux
and Windows to ensure maximum compatibility.
0. Setup
% cd /mcs/tools/security
% make
% mono setreg.exe 1 TRUE
% cp signcode.exe test.exe
1. Create a test certificate for code-signing
% mono makecert.exe -n "CN=careful tester" -sv test.pvk test.cer
Mono MakeCert - version 1.1.15.0
X.509 Certificate Builder
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
2. Convert the test certificate to the SPC format
% mono cert2spc.exe test.cer test.spc
Mono Cert2Spc - version 1.1.15.0
Transform a set of X.509 certificates and CRLs into an Authenticode(TM) "Software Publisher Certificate"
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
3. Sign a PE binary (without a timestamp)
% mono signcode.exe -v test.pvk -spc test.spc test.exe
Mono SignCode - version 1.1.15.0
Sign assemblies and PE files using Authenticode(tm).
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
4. Verify the binary from step 3
% mono chktrust.exe test.exe
Mono CheckTrust - version 1.1.15.0
Verify if an PE executable has a valid Authenticode(tm) signature
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
WARNING! test.exe is not timestamped!
SUCCESS: test.exe signature is valid
and can be traced back to a trusted root!
*** note the warning about the missing timestamp ***
5. Verify the binary from step 3 using MS tools [1]
a. Using Windows Explorer, right click on the test.exe file and select
the "Properties" menu item;
b. From the "test.exe Properties" windows select the "Digital
Signatures" tab;
c. You should see "careful tester" as the "Name of signer", select it
and click on the "Details" button;
d. Unless you have created your test certificate with MS tools you
should see an error (white X on a red circle) with a description
saying "The certificate in the signature cannot be verified.";
e. You should NOT see any countersignature;
6. Add a timestamp the binary from step 3
% mono signcode.exe -x -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
Mono SignCode - version 1.1.15.0
Sign assemblies and PE files using Authenticode(tm).
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
7. Verify the binary from step 6
% mono chktrust.exe test.exe
Mono CheckTrust - version 1.1.15.0
Verify if an PE executable has a valid Authenticode(tm) signature
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
SUCCESS: test.exe signature is valid
and can be traced back to a trusted root!
*** note that there is NO warning this time ***
8. Verify the binary from step 6 on Windows [1]
a. Follow step 5 from 'a' to 'd'
b. This time you should see a countersignature;
9. Sign a PE binary with a timestamp
% mono signcode.exe -v test.pvk -spc test.spc -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
Mono SignCode - version 1.1.15.0
Sign assemblies and PE files using Authenticode(tm).
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
10. Verify the binary from step 9
% mono chktrust.exe test.exe
Mono CheckTrust - version 1.1.15.0
Verify if an PE executable has a valid Authenticode(tm) signature
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
SUCCESS: test.exe signature is valid
and can be traced back to a trusted root!
11. Verify the binary from step 9 on Windows [1]
a. Follow step 5 from 'a' to 'd'
b. This time you should see a countersignature;
12. Add (another) timestamp the binary from step 9
% mono signcode.exe -x -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
Mono SignCode - version 1.1.15.0
Sign assemblies and PE files using Authenticode(tm).
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
Success
13. Verify the binary from step 12
Mono CheckTrust - version 1.1.15.0
Verify if an PE executable has a valid Authenticode(tm) signature
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
SUCCESS: test.exe signature is valid
and can be traced back to a trusted root!
14. Verify the binary from step 12 on Windows [1]
a. Follow step 5 from 'a' to 'd'
b. This time you should see TWO (2) countersignature, the same one as
step 11 and a new one;
15. Clean up
% rm test.*
% mono setreg.exe 1 FALSE
[1] this step must be done on Windows using MS Authenticode(r) tools.
-------------------------------------------------------------------------------
* STRONGNAME
Here's a minimal test sequence for any change in SN source code (or in the
RSA source code). If/when possible all verification should also be done using
the MS runtime and tools to ensure full interoperability.
0. Setup
% cd /mcs/tools/security
% make
% sudo make install
% echo "class Program { static void Main () { System.Console.WriteLine (\"hello world\"); } }" > tmp.cs
% mcs tmp.cs -out:tmp.exe
% sn -v tmp.exe
[...]
tmp.exe is not a strongly named assembly.
1. Create a SNK file (default size is 1024 bits)
% sn -k 1024.snk
[...]
A new 1024 bits strong name keypair has been generated in file '1024.snk'.
% mcs -delaysign+ -keyfile:1024.snk tmp.cs -out:tmp1024.exe
% sn -v tmp1024.exe
[...]
Assembly tmp1024.exe isn't strongnamed
% mcs -keyfile:1024.snk tmp.cs -out:tmp1024.exe
% sn -v tmp1024.exe
[...]
Assembly tmp1024.exe is strongnamed.
2. Create a large SNK file (supported by Fx 2.0 and later)
% sn -k 2048 2048.snk
[...]
A new 2048 bits strong name keypair has been generated in file '2048.snk'.
% mcs -delaysign+ -keyfile:2048.snk tmp.cs -out:tmp2048.exe
% sn -v tmp2048.exe
[...]
Assembly tmp2048.exe isn't strongnamed
% sn -R tmp2048.exe 2048.snk
[...]
Assembly tmp2048.exe signed.
% sn -v tmp2048.exe
[...]
Assembly tmp2048.exe is strongnamed.
3. Create a PFX (PKCS#12) file
% makecert -r -n "CN=mono" -p12 tmp.pfx mono
[...]
Success
% sn -p tmp.pfx tmp.pub
[...]
Enter password for private key (will be visible when typed): mono
Public Key extracted to file tmp.pub
% sn -tp tmp.pub
Public Key:
0024000004800000940000000602000000240000525341310004000011000000137d8a780901ce
3ceeb3aa9c813d9027d96e8be0cae633d0f64e584eb50685adb063b72fe3395f681ffda8a7c940
d0a8c76b1670c3a54cd354af82fe3995f6784a30c14a106d02f4150d0b370479a2cae574f4bce1
bf97a41e59f855a3d0062918861e55afacf9e4934365ea61718ba460dcb46143fee7278414a683
85336ace
Public Key Token: de950f189632e7d9
*** Note: your public won't match this one - but it will identical to
*** the one we'll extract from the EXE in a few steps...
% mcs -delaysign+ -keyfile:tmp.pub tmp.cs -out:tmppfx.exe
% sn -R tmppfx.exe tmp.pfx
[...]
Enter password for private key (will be visible when typed): mono
Assembly tmppfx.exe signed.
% sn -v tmppfx.exe
[...]
Assembly tmppfx.exe is strongnamed.
4. Test using the "well known" files
% sn -tp ../../class/mono.snk
[...]
Public Key:
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
65d016df
Public Key Token: 0738eb9f132ed756
% sn -Tp ../../class/lib/default/Mono.Security.dll
[...]
Public Key:
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
65d016df
Public Key Token: 0738eb9f132ed756
% sn -p ../../class/mono.snk tmp.pub
[...]
Public Key extracted to file tmp.pub
% md5sum tmp.pub
b35461067e0e8e00941d68bd55e38582 tmp.pub
% sn -tp tmp.pub
[...]
Public Key:
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
65d016df
Public Key Token: 0738eb9f132ed756
5. Cleanup
% rm tmp*.*
-------------------------------------------------------------------------------
Send any bug or suggestions to sebastien at ximian.com