331 lines
8.9 KiB
Plaintext
331 lines
8.9 KiB
Plaintext
Mono's Security Tools - TESTS
|
|
Last updated: August 17, 2006
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
* AUTHENTICODE
|
|
|
|
Here's a short description on how to test any changes in the Authenticode tool
|
|
set. This set includes makecert, cert2spc, signcode and chktrust.
|
|
|
|
This is a _minimal_ sequence. Each input/output could be tested under Linux
|
|
and Windows to ensure maximum compatibility.
|
|
|
|
|
|
0. Setup
|
|
|
|
% cd /mcs/tools/security
|
|
% make
|
|
% mono setreg.exe 1 TRUE
|
|
% cp signcode.exe test.exe
|
|
|
|
1. Create a test certificate for code-signing
|
|
|
|
% mono makecert.exe -n "CN=careful tester" -sv test.pvk test.cer
|
|
|
|
Mono MakeCert - version 1.1.15.0
|
|
X.509 Certificate Builder
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
2. Convert the test certificate to the SPC format
|
|
|
|
% mono cert2spc.exe test.cer test.spc
|
|
|
|
Mono Cert2Spc - version 1.1.15.0
|
|
Transform a set of X.509 certificates and CRLs into an Authenticode(TM) "Software Publisher Certificate"
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
3. Sign a PE binary (without a timestamp)
|
|
|
|
% mono signcode.exe -v test.pvk -spc test.spc test.exe
|
|
|
|
Mono SignCode - version 1.1.15.0
|
|
Sign assemblies and PE files using Authenticode(tm).
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
4. Verify the binary from step 3
|
|
|
|
% mono chktrust.exe test.exe
|
|
|
|
Mono CheckTrust - version 1.1.15.0
|
|
Verify if an PE executable has a valid Authenticode(tm) signature
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
WARNING! test.exe is not timestamped!
|
|
SUCCESS: test.exe signature is valid
|
|
and can be traced back to a trusted root!
|
|
|
|
*** note the warning about the missing timestamp ***
|
|
|
|
5. Verify the binary from step 3 using MS tools [1]
|
|
|
|
a. Using Windows Explorer, right click on the test.exe file and select
|
|
the "Properties" menu item;
|
|
b. From the "test.exe Properties" windows select the "Digital
|
|
Signatures" tab;
|
|
c. You should see "careful tester" as the "Name of signer", select it
|
|
and click on the "Details" button;
|
|
d. Unless you have created your test certificate with MS tools you
|
|
should see an error (white X on a red circle) with a description
|
|
saying "The certificate in the signature cannot be verified.";
|
|
e. You should NOT see any countersignature;
|
|
|
|
6. Add a timestamp the binary from step 3
|
|
|
|
% mono signcode.exe -x -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
|
|
|
|
Mono SignCode - version 1.1.15.0
|
|
Sign assemblies and PE files using Authenticode(tm).
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
7. Verify the binary from step 6
|
|
|
|
% mono chktrust.exe test.exe
|
|
|
|
Mono CheckTrust - version 1.1.15.0
|
|
Verify if an PE executable has a valid Authenticode(tm) signature
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
SUCCESS: test.exe signature is valid
|
|
and can be traced back to a trusted root!
|
|
|
|
*** note that there is NO warning this time ***
|
|
|
|
8. Verify the binary from step 6 on Windows [1]
|
|
|
|
a. Follow step 5 from 'a' to 'd'
|
|
b. This time you should see a countersignature;
|
|
|
|
9. Sign a PE binary with a timestamp
|
|
|
|
% mono signcode.exe -v test.pvk -spc test.spc -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
|
|
|
|
Mono SignCode - version 1.1.15.0
|
|
Sign assemblies and PE files using Authenticode(tm).
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
10. Verify the binary from step 9
|
|
|
|
% mono chktrust.exe test.exe
|
|
|
|
Mono CheckTrust - version 1.1.15.0
|
|
Verify if an PE executable has a valid Authenticode(tm) signature
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
SUCCESS: test.exe signature is valid
|
|
and can be traced back to a trusted root!
|
|
|
|
11. Verify the binary from step 9 on Windows [1]
|
|
|
|
a. Follow step 5 from 'a' to 'd'
|
|
b. This time you should see a countersignature;
|
|
|
|
12. Add (another) timestamp the binary from step 9
|
|
|
|
% mono signcode.exe -x -t http://timestamp.verisign.com/scripts/timstamp.dll test.exe
|
|
|
|
Mono SignCode - version 1.1.15.0
|
|
Sign assemblies and PE files using Authenticode(tm).
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
Success
|
|
|
|
13. Verify the binary from step 12
|
|
|
|
Mono CheckTrust - version 1.1.15.0
|
|
Verify if an PE executable has a valid Authenticode(tm) signature
|
|
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. BSD licensed.
|
|
|
|
SUCCESS: test.exe signature is valid
|
|
and can be traced back to a trusted root!
|
|
|
|
14. Verify the binary from step 12 on Windows [1]
|
|
|
|
a. Follow step 5 from 'a' to 'd'
|
|
b. This time you should see TWO (2) countersignature, the same one as
|
|
step 11 and a new one;
|
|
|
|
15. Clean up
|
|
|
|
% rm test.*
|
|
% mono setreg.exe 1 FALSE
|
|
|
|
|
|
[1] this step must be done on Windows using MS Authenticode(r) tools.
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
* STRONGNAME
|
|
|
|
Here's a minimal test sequence for any change in SN source code (or in the
|
|
RSA source code). If/when possible all verification should also be done using
|
|
the MS runtime and tools to ensure full interoperability.
|
|
|
|
0. Setup
|
|
|
|
% cd /mcs/tools/security
|
|
% make
|
|
% sudo make install
|
|
% echo "class Program { static void Main () { System.Console.WriteLine (\"hello world\"); } }" > tmp.cs
|
|
% mcs tmp.cs -out:tmp.exe
|
|
% sn -v tmp.exe
|
|
|
|
[...]
|
|
tmp.exe is not a strongly named assembly.
|
|
|
|
|
|
1. Create a SNK file (default size is 1024 bits)
|
|
|
|
% sn -k 1024.snk
|
|
|
|
[...]
|
|
A new 1024 bits strong name keypair has been generated in file '1024.snk'.
|
|
|
|
% mcs -delaysign+ -keyfile:1024.snk tmp.cs -out:tmp1024.exe
|
|
% sn -v tmp1024.exe
|
|
|
|
[...]
|
|
Assembly tmp1024.exe isn't strongnamed
|
|
|
|
% mcs -keyfile:1024.snk tmp.cs -out:tmp1024.exe
|
|
% sn -v tmp1024.exe
|
|
|
|
[...]
|
|
Assembly tmp1024.exe is strongnamed.
|
|
|
|
|
|
2. Create a large SNK file (supported by Fx 2.0 and later)
|
|
|
|
% sn -k 2048 2048.snk
|
|
|
|
[...]
|
|
A new 2048 bits strong name keypair has been generated in file '2048.snk'.
|
|
|
|
% mcs -delaysign+ -keyfile:2048.snk tmp.cs -out:tmp2048.exe
|
|
% sn -v tmp2048.exe
|
|
|
|
[...]
|
|
Assembly tmp2048.exe isn't strongnamed
|
|
|
|
% sn -R tmp2048.exe 2048.snk
|
|
|
|
[...]
|
|
Assembly tmp2048.exe signed.
|
|
|
|
% sn -v tmp2048.exe
|
|
|
|
[...]
|
|
Assembly tmp2048.exe is strongnamed.
|
|
|
|
|
|
3. Create a PFX (PKCS#12) file
|
|
|
|
% makecert -r -n "CN=mono" -p12 tmp.pfx mono
|
|
|
|
[...]
|
|
Success
|
|
|
|
% sn -p tmp.pfx tmp.pub
|
|
|
|
[...]
|
|
Enter password for private key (will be visible when typed): mono
|
|
Public Key extracted to file tmp.pub
|
|
|
|
% sn -tp tmp.pub
|
|
|
|
Public Key:
|
|
0024000004800000940000000602000000240000525341310004000011000000137d8a780901ce
|
|
3ceeb3aa9c813d9027d96e8be0cae633d0f64e584eb50685adb063b72fe3395f681ffda8a7c940
|
|
d0a8c76b1670c3a54cd354af82fe3995f6784a30c14a106d02f4150d0b370479a2cae574f4bce1
|
|
bf97a41e59f855a3d0062918861e55afacf9e4934365ea61718ba460dcb46143fee7278414a683
|
|
85336ace
|
|
|
|
Public Key Token: de950f189632e7d9
|
|
|
|
*** Note: your public won't match this one - but it will identical to
|
|
*** the one we'll extract from the EXE in a few steps...
|
|
|
|
% mcs -delaysign+ -keyfile:tmp.pub tmp.cs -out:tmppfx.exe
|
|
% sn -R tmppfx.exe tmp.pfx
|
|
|
|
[...]
|
|
Enter password for private key (will be visible when typed): mono
|
|
Assembly tmppfx.exe signed.
|
|
|
|
% sn -v tmppfx.exe
|
|
|
|
[...]
|
|
Assembly tmppfx.exe is strongnamed.
|
|
|
|
|
|
4. Test using the "well known" files
|
|
|
|
% sn -tp ../../class/mono.snk
|
|
|
|
[...]
|
|
|
|
Public Key:
|
|
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
|
|
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
|
|
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
|
|
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
|
|
65d016df
|
|
|
|
Public Key Token: 0738eb9f132ed756
|
|
|
|
|
|
% sn -Tp ../../class/lib/default/Mono.Security.dll
|
|
|
|
[...]
|
|
|
|
Public Key:
|
|
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
|
|
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
|
|
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
|
|
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
|
|
65d016df
|
|
|
|
Public Key Token: 0738eb9f132ed756
|
|
|
|
|
|
% sn -p ../../class/mono.snk tmp.pub
|
|
|
|
[...]
|
|
Public Key extracted to file tmp.pub
|
|
|
|
% md5sum tmp.pub
|
|
|
|
b35461067e0e8e00941d68bd55e38582 tmp.pub
|
|
|
|
|
|
% sn -tp tmp.pub
|
|
|
|
[...]
|
|
|
|
Public Key:
|
|
002400000480000094000000060200000024000052534131000400000100010079159977d2d03a
|
|
8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c
|
|
3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fd
|
|
dafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef00
|
|
65d016df
|
|
|
|
Public Key Token: 0738eb9f132ed756
|
|
|
|
|
|
5. Cleanup
|
|
|
|
% rm tmp*.*
|
|
|
|
-------------------------------------------------------------------------------
|
|
Send any bug or suggestions to sebastien at ximian.com
|