Skip to main content

2.1 Blind Test

  1. Prepare the compressed packages and categorize them into two groups: set1 and set2.
    set1 corresponds to the data utilized in section 3.1 Functionality of the report.
    set2 corresponds to the data utilized in section 3.2 Performance Efficiency.
  2. For each binary file in set1, create a separate directory that contains the compressed package along with a file named manifest.phase1.set1.json.
    This JSON file must include the attribute releaseDate.
  3. For each binary file in set2, create a separate directory that contains the binary file along with a file named manifest.phase1.set2.json.
    This JSON file must include the attribute targetTestLabel.
  4. Rename to hashed file name with 1-rename.py.
  5. User upload Compressed Packages to SourceGuard to the same Project.
  6. User update record and update set2's runTime in manifest.phase2.set2.json.
  7. Download reports with 2-download-reports.py using the Project ID where Compressed Packages are uploaded to.
  8. Show and save file hashes in output folder with 3-show-hash.sh.
  9. Output folder ready for report generation.
tip

See Binary Preparation for preparation of compressed packages.

2.1.1 Report Downloader

This automated the renaming of compressed packages (hence the blindness of Hybrid Engine to the source of the binary).
Then it automated the web page login and download of the reports and preparing them for report generation.

2.1.2 Report Generator

This will read for the data prepared by Report Downloader.
Look up the CWEs (Common Weakness Enumeration) corresponding to the vulnerabilities and generate the report.