mirror of
https://github.com/Cisco-Talos/clamav.git
synced 2026-05-18 13:34:23 -04:00
d11590f7a4
The clamscan test "assorted_test.py::TC::test_pe_cert_trust" is about to fail because the "test.exe" test file was signed with a cert set to expire after only 2 years, and it has been 23 months. While attempting to generate a new one that will last 73000 days (200 years), I discovered that any signing certificate set to expire after 2038 will fail the trust-check because the `ca.not_after` variable is maxed out `time_t` incapable of expressing a higher number. To fix this, I've upgraded the variables to `uint64_t`. I also had to replace a bunch of generated signatures to match the new "test.exe". Finally, I noticed that "ca.not_before" was being set to the token[8] instead of token[9], which presumably mean the "NotBefore" field for Trusted and Revoked Certificates was non-functional, as it was treating the "CertSign" boolean as the "NotBefore" value. Fixes: https://github.com/Cisco-Talos/clamav/issues/1300