vcsjones
diff --git a/‎AuthenticodeLint/CheckEngine.cs
Lines changed: 1 addition & 1 deletion b/‎AuthenticodeLint/CheckEngine.cs
Lines changed: 1 addition & 1 deletion
diff --git a/‎AuthenticodeLint/Rules/WinCertificatePaddingRule.cs
Lines changed: 1 addition & 1 deletion b/‎AuthenticodeLint/Rules/WinCertificatePaddingRule.cs
Lines changed: 1 addition & 1 deletion
diff --git a/‎AuthenticodeLint/VerboseSignatureTextWriter.cs
Lines changed: 2 additions & 2 deletions b/‎AuthenticodeLint/VerboseSignatureTextWriter.cs
Lines changed: 2 additions & 2 deletions
diff --git a/‎AuthenticodeLintTests/AuthenticodeLintTests.csproj
Lines changed: 4 additions & 0 deletions b/‎AuthenticodeLintTests/AuthenticodeLintTests.csproj
Lines changed: 4 additions & 0 deletions
diff --git a/‎AuthenticodeLintTests/Rules/WinCertificatePaddingRuleTests.cs
Lines changed: 38 additions & 0 deletions b/‎AuthenticodeLintTests/Rules/WinCertificatePaddingRuleTests.cs
Lines changed: 38 additions & 0 deletions
diff --git a/‎AuthenticodeLintTests/inputs/wintrustnonpadded.ex_
36.7 KB b/‎AuthenticodeLintTests/inputs/wintrustnonpadded.ex_
36.7 KB
diff --git a/‎AuthenticodeLintTests/inputs/wintrustpadded.ex_
36.7 KB b/‎AuthenticodeLintTests/inputs/wintrustpadded.ex_
36.7 KB
diff --git a/‎AuthenticodeLintTests/test-signing-keys/selfrsa2048.pfx
2.59 KB b/‎AuthenticodeLintTests/test-signing-keys/selfrsa2048.pfx
2.59 KB
@@ -34,7 +34,7 @@ public RuleEngineResult RunAllRules(string file, Graph<Signature> signatures, Li
             foreach(var rule in rules)
             {
                 RuleResult result;
-                var verboseWriter = verbose ? new VerboseSignatureLogger() : SignatureLogger.Null;
+                var verboseWriter = verbose ? new MemorySignatureLogger() : SignatureLogger.Null;
                 if (signatures.Items.Count == 0)
                 {
                     result = RuleResult.Fail;
 
@@ -14,7 +14,7 @@ public class WinCertificatePaddingRule : IAuthenticodeFileRule
         public RuleResult Validate(string file, SignatureLogger verboseWriter, CheckConfiguration configuration)
         {
             var padding = CertificatePaddingExtractor.ExtractPadding(file);
-            if (padding?.Any(p => p != 0) ?? false)
+            if (padding?.Any(p => p != 0) == true)
             {
                 verboseWriter.LogMessage($"Non-zero data found after PKCS#7 structure: {Convert.ToBase64String(padding)}.");
                 return RuleResult.Fail;
 
@@ -7,7 +7,7 @@
 
 namespace AuthenticodeLint
 {
-    public class VerboseSignatureLogger : SignatureLogger
+    public class MemorySignatureLogger : SignatureLogger
     {
         public override void LogMessage(string message) => Messages.Add(message);
 
@@ -34,7 +34,7 @@ public abstract class SignatureLogger
     {
         public static SignatureLogger Null { get; } = new NullSignatureLogger();
 
-        internal List<string> Messages { get; } = new List<string>();
+        public List<string> Messages { get; } = new List<string>();
 
         public abstract void LogSignatureMessage(SignerInfo signature, string message);
         public abstract void LogMessage(string message);
 
@@ -38,8 +38,11 @@
   <ItemGroup>
     <Compile Include="CommandLineParsingTests.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="Rules\WinCertificatePaddingRuleTests.cs" />
   </ItemGroup>
   <ItemGroup>
+    <None Include="inputs\wintrustnonpadded.ex_" />
+    <None Include="inputs\wintrustpadded.ex_" />
     <None Include="project.json" />
   </ItemGroup>
   <ItemGroup>
@@ -51,6 +54,7 @@
   <ItemGroup>
     <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
   </ItemGroup>
+  <ItemGroup />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
 
@@ -0,0 +1,38 @@
+using AuthenticodeLint;
+using AuthenticodeLint.Rules;
+using System;
+using System.Collections.Generic;
+using Xunit;
+
+namespace AuthenticodeLintTests.Rules
+{
+    public class WinCertificatePaddingRuleTests
+    {
+        private static CheckConfiguration Configuration => new CheckConfiguration(new List<string>(), null, false, new HashSet<int>(), false, RevocationChecking.None);
+
+        [Fact]
+        public void PaddedExecutableShouldFail()
+        {
+            var file = "../../inputs/wintrustpadded.ex_";
+            var rule = new WinCertificatePaddingRule();
+            var logger = new MemorySignatureLogger();
+
+            var result = rule.Validate(file, logger, Configuration);
+            Assert.Equal(RuleResult.Fail, result);
+            var expectedPadding = Convert.ToBase64String(System.Text.Encoding.ASCII.GetBytes("fail"));
+            Assert.Contains($"Non-zero data found after PKCS#7 structure: {expectedPadding}.", logger.Messages);
+        }
+
+        [Fact]
+        public void NonPaddedExecutableShouldPass()
+        {
+            var file = "../../inputs/wintrustnonpadded.ex_";
+            var rule = new WinCertificatePaddingRule();
+            var logger = new MemorySignatureLogger();
+
+            var result = rule.Validate(file, logger, Configuration);
+            Assert.Equal(RuleResult.Pass, result);
+            Assert.Empty(logger.Messages);
+        }
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ public RuleEngineResult RunAllRules(string file, Graph<Signature> signatures, Li`
`34`	`34`	`foreach(var rule in rules)`
`35`	`35`	`{`
`36`	`36`	`RuleResult result;`
`37`		`- var verboseWriter = verbose ? new VerboseSignatureLogger() : SignatureLogger.Null;`
	`37`	`+ var verboseWriter = verbose ? new MemorySignatureLogger() : SignatureLogger.Null;`
`38`	`38`	`if (signatures.Items.Count == 0)`
`39`	`39`	`{`
`40`	`40`	`result = RuleResult.Fail;`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ public class WinCertificatePaddingRule : IAuthenticodeFileRule`
`14`	`14`	`public RuleResult Validate(string file, SignatureLogger verboseWriter, CheckConfiguration configuration)`
`15`	`15`	`{`
`16`	`16`	`var padding = CertificatePaddingExtractor.ExtractPadding(file);`
`17`		`- if (padding?.Any(p => p != 0) ?? false)`
	`17`	`+ if (padding?.Any(p => p != 0) == true)`
`18`	`18`	`{`
`19`	`19`	`verboseWriter.LogMessage($"Non-zero data found after PKCS#7 structure: {Convert.ToBase64String(padding)}.");`
`20`	`20`	`return RuleResult.Fail;`
Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`
`8`	`8`	`namespace AuthenticodeLint`
`9`	`9`	`{`
`10`		`- public class VerboseSignatureLogger : SignatureLogger`
	`10`	`+ public class MemorySignatureLogger : SignatureLogger`
`11`	`11`	`{`
`12`	`12`	`public override void LogMessage(string message) => Messages.Add(message);`
`13`	`13`
`@@ -34,7 +34,7 @@ public abstract class SignatureLogger`
`34`	`34`	`{`
`35`	`35`	`public static SignatureLogger Null { get; } = new NullSignatureLogger();`
`36`	`36`
`37`		`- internal List<string> Messages { get; } = new List<string>();`
	`37`	`+ public List<string> Messages { get; } = new List<string>();`
`38`	`38`
`39`	`39`	`public abstract void LogSignatureMessage(SignerInfo signature, string message);`
`40`	`40`	`public abstract void LogMessage(string message);`