OLD | NEW |
1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 #include <vector> | 6 #include <vector> |
7 #include <gtest/gtest.h> | 7 #include <gtest/gtest.h> |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "update_engine/payload_signer.h" | 9 #include "update_engine/payload_signer.h" |
10 #include "update_engine/update_metadata.pb.h" | 10 #include "update_engine/update_metadata.pb.h" |
11 #include "update_engine/utils.h" | 11 #include "update_engine/utils.h" |
12 | 12 |
13 using std::string; | 13 using std::string; |
14 using std::vector; | 14 using std::vector; |
15 | 15 |
16 // Note: the test key was generated with the following command: | 16 // Note: the test key was generated with the following command: |
17 // openssl genrsa -out unittest_key.pem 1024 | 17 // openssl genrsa -out unittest_key.pem 1024 |
18 | 18 |
19 namespace chromeos_update_engine { | 19 namespace chromeos_update_engine { |
20 | 20 |
21 const char* kUnittestPrivateKeyPath = "unittest_key.pem"; | 21 const char* kUnittestPrivateKeyPath = "unittest_key.pem"; |
| 22 const char* kUnittestPublicKeyPath = "unittest_key.pub.pem"; |
| 23 |
| 24 // Some data and its corresponding hash and signature: |
| 25 const char kDataToSign[] = "This is some data to sign."; |
| 26 const char kDataHash[] = { |
| 27 0x7a, 0x07, 0xa6, 0x44, 0x08, 0x86, 0x20, 0xa6, |
| 28 0xc1, 0xf8, 0xd9, 0x02, 0x05, 0x63, 0x0d, 0xb7, |
| 29 0xfc, 0x2b, 0xa0, 0xa9, 0x7c, 0x9d, 0x1d, 0x8c, |
| 30 0x01, 0xf5, 0x78, 0x6d, 0xc5, 0x11, 0xb4, 0x06 |
| 31 }; |
| 32 const char kDataSignature[] = { |
| 33 0xa4, 0xbc, 0x8f, 0xeb, 0x81, 0x05, 0xaa, 0x56, |
| 34 0x1b, 0x56, 0xe5, 0xcb, 0x9b, 0x1a, 0x00, 0xd7, |
| 35 0x1d, 0x87, 0x8e, 0xda, 0x5e, 0x90, 0x09, 0xb8, |
| 36 0x15, 0xf4, 0x25, 0x97, 0x2f, 0x3c, 0xa1, 0xf3, |
| 37 0x02, 0x75, 0xcd, 0x67, 0x4b, 0x0c, 0x1f, 0xf5, |
| 38 0x6e, 0xf1, 0x58, 0xd7, 0x0d, 0x8c, 0x18, 0x91, |
| 39 0x52, 0x30, 0x98, 0x64, 0x58, 0xc0, 0xe2, 0xb5, |
| 40 0x77, 0x3b, 0x96, 0x8f, 0x05, 0xc4, 0x7f, 0x7a, |
| 41 0x9a, 0x44, 0x0f, 0xc7, 0x1b, 0x90, 0x83, 0xf8, |
| 42 0x69, 0x05, 0xa8, 0x02, 0x57, 0xcd, 0x2e, 0x5b, |
| 43 0x96, 0xc7, 0x77, 0xa6, 0x1f, 0x97, 0x97, 0x05, |
| 44 0xb3, 0x30, 0x1c, 0x27, 0xd7, 0x2d, 0x31, 0x60, |
| 45 0x84, 0x7e, 0x99, 0x00, 0xe6, 0xe1, 0x39, 0xa6, |
| 46 0xf3, 0x3a, 0x72, 0xba, 0xc4, 0xfe, 0x68, 0xa9, |
| 47 0x08, 0xfa, 0xbc, 0xa8, 0x44, 0x66, 0xa0, 0x60, |
| 48 0xde, 0xc9, 0xb2, 0xba, 0xbc, 0x80, 0xb5, 0x55 |
| 49 }; |
22 | 50 |
23 //class PayloadSignerTest : public ::testing::Test {}; | 51 //class PayloadSignerTest : public ::testing::Test {}; |
24 | 52 |
25 TEST(PayloadSignerTest, SimpleTest) { | 53 namespace { |
26 // Some data and its corresponding signature: | 54 void SignSampleData(vector<char>* out_signature_blob) { |
27 const string kDataToSign = "This is some data to sign."; | |
28 const char kExpectedSignature[] = { | |
29 0xa4, 0xbc, 0x8f, 0xeb, 0x81, 0x05, 0xaa, 0x56, | |
30 0x1b, 0x56, 0xe5, 0xcb, 0x9b, 0x1a, 0x00, 0xd7, | |
31 0x1d, 0x87, 0x8e, 0xda, 0x5e, 0x90, 0x09, 0xb8, | |
32 0x15, 0xf4, 0x25, 0x97, 0x2f, 0x3c, 0xa1, 0xf3, | |
33 0x02, 0x75, 0xcd, 0x67, 0x4b, 0x0c, 0x1f, 0xf5, | |
34 0x6e, 0xf1, 0x58, 0xd7, 0x0d, 0x8c, 0x18, 0x91, | |
35 0x52, 0x30, 0x98, 0x64, 0x58, 0xc0, 0xe2, 0xb5, | |
36 0x77, 0x3b, 0x96, 0x8f, 0x05, 0xc4, 0x7f, 0x7a, | |
37 0x9a, 0x44, 0x0f, 0xc7, 0x1b, 0x90, 0x83, 0xf8, | |
38 0x69, 0x05, 0xa8, 0x02, 0x57, 0xcd, 0x2e, 0x5b, | |
39 0x96, 0xc7, 0x77, 0xa6, 0x1f, 0x97, 0x97, 0x05, | |
40 0xb3, 0x30, 0x1c, 0x27, 0xd7, 0x2d, 0x31, 0x60, | |
41 0x84, 0x7e, 0x99, 0x00, 0xe6, 0xe1, 0x39, 0xa6, | |
42 0xf3, 0x3a, 0x72, 0xba, 0xc4, 0xfe, 0x68, 0xa9, | |
43 0x08, 0xfa, 0xbc, 0xa8, 0x44, 0x66, 0xa0, 0x60, | |
44 0xde, 0xc9, 0xb2, 0xba, 0xbc, 0x80, 0xb5, 0x55 | |
45 }; | |
46 | |
47 string data_path; | 55 string data_path; |
48 ASSERT_TRUE( | 56 ASSERT_TRUE( |
49 utils::MakeTempFile("/tmp/data.XXXXXX", &data_path, NULL)); | 57 utils::MakeTempFile("/tmp/data.XXXXXX", &data_path, NULL)); |
50 ScopedPathUnlinker data_path_unlinker(data_path); | 58 ScopedPathUnlinker data_path_unlinker(data_path); |
51 ASSERT_TRUE(utils::WriteFile(data_path.c_str(), | 59 ASSERT_TRUE(utils::WriteFile(data_path.c_str(), |
52 kDataToSign.data(), | 60 kDataToSign, |
53 kDataToSign.size())); | 61 strlen(kDataToSign))); |
54 uint64_t length = 0; | 62 uint64_t length = 0; |
55 EXPECT_TRUE(PayloadSigner::SignatureBlobLength(kUnittestPrivateKeyPath, | 63 EXPECT_TRUE(PayloadSigner::SignatureBlobLength(kUnittestPrivateKeyPath, |
56 &length)); | 64 &length)); |
57 EXPECT_GT(length, 0); | 65 EXPECT_GT(length, 0); |
58 vector<char> signature_blob; | |
59 EXPECT_TRUE(PayloadSigner::SignPayload(data_path, | 66 EXPECT_TRUE(PayloadSigner::SignPayload(data_path, |
60 kUnittestPrivateKeyPath, | 67 kUnittestPrivateKeyPath, |
61 &signature_blob)); | 68 out_signature_blob)); |
62 EXPECT_EQ(length, signature_blob.size()); | 69 EXPECT_EQ(length, out_signature_blob->size()); |
| 70 } |
| 71 } |
| 72 |
| 73 TEST(PayloadSignerTest, SimpleTest) { |
| 74 vector<char> signature_blob; |
| 75 SignSampleData(&signature_blob); |
63 | 76 |
64 // Check the signature itself | 77 // Check the signature itself |
65 | |
66 Signatures signatures; | 78 Signatures signatures; |
67 EXPECT_TRUE(signatures.ParseFromArray(&signature_blob[0], | 79 EXPECT_TRUE(signatures.ParseFromArray(&signature_blob[0], |
68 signature_blob.size())); | 80 signature_blob.size())); |
69 EXPECT_EQ(1, signatures.signatures_size()); | 81 EXPECT_EQ(1, signatures.signatures_size()); |
70 const Signatures_Signature& signature = signatures.signatures(0); | 82 const Signatures_Signature& signature = signatures.signatures(0); |
71 EXPECT_EQ(kSignatureMessageVersion, signature.version()); | 83 EXPECT_EQ(kSignatureMessageVersion, signature.version()); |
72 const string sig_data = signature.data(); | 84 const string sig_data = signature.data(); |
73 ASSERT_EQ(sizeof(kExpectedSignature), sig_data.size()); | 85 ASSERT_EQ(arraysize(kDataSignature), sig_data.size()); |
74 for (size_t i = 0; i < sizeof(kExpectedSignature); i++) { | 86 for (size_t i = 0; i < arraysize(kDataSignature); i++) { |
75 EXPECT_EQ(kExpectedSignature[i], sig_data[i]); | 87 EXPECT_EQ(kDataSignature[i], sig_data[i]); |
76 } | 88 } |
77 } | 89 } |
78 | 90 |
| 91 TEST(PayloadSignerTest, RunAsRootVerifySignatureTest) { |
| 92 vector<char> signature_blob; |
| 93 SignSampleData(&signature_blob); |
| 94 |
| 95 vector<char> hash_data; |
| 96 EXPECT_TRUE(PayloadSigner::VerifySignature(signature_blob, |
| 97 kUnittestPublicKeyPath, |
| 98 &hash_data)); |
| 99 ASSERT_EQ(arraysize(kDataHash), hash_data.size()); |
| 100 for (size_t i = 0; i < arraysize(kDataHash); i++) { |
| 101 EXPECT_EQ(kDataHash[i], hash_data[i]); |
| 102 } |
| 103 } |
| 104 |
79 } // namespace chromeos_update_engine | 105 } // namespace chromeos_update_engine |
OLD | NEW |