| Index: delta_performer_unittest.cc
|
| diff --git a/delta_performer_unittest.cc b/delta_performer_unittest.cc
|
| index bd13512c16f7ef8b2426c94b0a599c5d6a55df31..4b273ccd8d8b9a53ad79724c9751ed054a3579de 100755
|
| --- a/delta_performer_unittest.cc
|
| +++ b/delta_performer_unittest.cc
|
| @@ -95,8 +95,80 @@ bool WriteSparseFile(const string& path, off_t size) {
|
| } // namespace {}
|
|
|
| namespace {
|
| +enum SignatureTest {
|
| + kSignatureNone, // No payload signing.
|
| + kSignatureGenerator, // Sign the payload at generation time.
|
| + kSignatureGenerated, // Sign the payload after it's generated.
|
| + kSignatureGeneratedShell, // Sign the generated payload through shell cmds.
|
| +};
|
| +
|
| +size_t GetSignatureSize() {
|
| + const vector<char> data(1, 'x');
|
| + vector<char> hash;
|
| + EXPECT_TRUE(OmahaHashCalculator::RawHashOfData(data, &hash));
|
| + vector<char> signature;
|
| + EXPECT_TRUE(PayloadSigner::SignHash(hash,
|
| + kUnittestPrivateKeyPath,
|
| + &signature));
|
| + return signature.size();
|
| +}
|
| +
|
| +void SignGeneratedPayload(const string& payload_path) {
|
| + int signature_size = GetSignatureSize();
|
| + vector<char> hash;
|
| + ASSERT_TRUE(PayloadSigner::HashPayloadForSigning(payload_path,
|
| + signature_size,
|
| + &hash));
|
| + vector<char> signature;
|
| + ASSERT_TRUE(PayloadSigner::SignHash(hash,
|
| + kUnittestPrivateKeyPath,
|
| + &signature));
|
| + ASSERT_TRUE(PayloadSigner::AddSignatureToPayload(payload_path,
|
| + signature,
|
| + payload_path));
|
| + EXPECT_TRUE(PayloadSigner::VerifySignedPayload(payload_path,
|
| + kUnittestPublicKeyPath));
|
| +}
|
| +
|
| +void SignGeneratedShellPayload(const string& payload_path) {
|
| + int signature_size = GetSignatureSize();
|
| + string hash_file;
|
| + ASSERT_TRUE(utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_file, NULL));
|
| + ScopedPathUnlinker hash_unlinker(hash_file);
|
| +
|
| + ASSERT_EQ(0,
|
| + System(StringPrintf(
|
| + "./delta_generator -in_file %s -signature_size %d "
|
| + "-out_hash_file %s",
|
| + payload_path.c_str(),
|
| + signature_size,
|
| + hash_file.c_str())));
|
| +
|
| + string sig_file;
|
| + ASSERT_TRUE(utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_file, NULL));
|
| + ScopedPathUnlinker sig_unlinker(sig_file);
|
| + ASSERT_EQ(0,
|
| + System(StringPrintf(
|
| + "/usr/bin/openssl rsautl -pkcs -sign -inkey %s -in %s -out %s",
|
| + kUnittestPrivateKeyPath,
|
| + hash_file.c_str(),
|
| + sig_file.c_str())));
|
| + ASSERT_EQ(0,
|
| + System(StringPrintf(
|
| + "./delta_generator -in_file %s -signature_file %s "
|
| + "-out_file %s",
|
| + payload_path.c_str(),
|
| + sig_file.c_str(),
|
| + payload_path.c_str())));
|
| + ASSERT_EQ(0,
|
| + System(StringPrintf(
|
| + "./delta_generator -in_file %s -public_key %s",
|
| + payload_path.c_str(),
|
| + kUnittestPublicKeyPath)));
|
| +}
|
| +
|
| void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| - bool post_sign) {
|
| + SignatureTest signature_test) {
|
| string a_img, b_img;
|
| EXPECT_TRUE(utils::MakeTempFile("/tmp/a_img.XXXXXX", &a_img, NULL));
|
| ScopedPathUnlinker a_img_unlinker(a_img);
|
| @@ -201,7 +273,8 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| string a_mnt, b_mnt;
|
| ScopedLoopMounter a_mounter(a_img, &a_mnt, MS_RDONLY);
|
| ScopedLoopMounter b_mounter(b_img, &b_mnt, MS_RDONLY);
|
| -
|
| + const string private_key =
|
| + signature_test == kSignatureGenerator ? kUnittestPrivateKeyPath : "";
|
| EXPECT_TRUE(
|
| DeltaDiffGenerator::GenerateDeltaUpdateFile(
|
| full_rootfs ? "" : a_mnt,
|
| @@ -211,35 +284,13 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| full_kernel ? "" : old_kernel,
|
| new_kernel,
|
| delta_path,
|
| - post_sign ? "" : kUnittestPrivateKeyPath));
|
| + private_key));
|
| }
|
|
|
| - if (post_sign) {
|
| - int signature_size;
|
| - {
|
| - const vector<char> data(1, 'x');
|
| - vector<char> hash;
|
| - ASSERT_TRUE(OmahaHashCalculator::RawHashOfData(data, &hash));
|
| - vector<char> signature;
|
| - ASSERT_TRUE(PayloadSigner::SignHash(hash,
|
| - kUnittestPrivateKeyPath,
|
| - &signature));
|
| - signature_size = signature.size();
|
| - }
|
| -
|
| - vector<char> hash;
|
| - ASSERT_TRUE(PayloadSigner::HashPayloadForSigning(delta_path,
|
| - signature_size,
|
| - &hash));
|
| - vector<char> signature;
|
| - ASSERT_TRUE(PayloadSigner::SignHash(hash,
|
| - kUnittestPrivateKeyPath,
|
| - &signature));
|
| - ASSERT_TRUE(PayloadSigner::AddSignatureToPayload(delta_path,
|
| - signature,
|
| - delta_path));
|
| - EXPECT_TRUE(PayloadSigner::VerifySignedPayload(delta_path,
|
| - kUnittestPublicKeyPath));
|
| + if (signature_test == kSignatureGenerated) {
|
| + SignGeneratedPayload(delta_path);
|
| + } else if (signature_test == kSignatureGeneratedShell) {
|
| + SignGeneratedShellPayload(delta_path);
|
| }
|
|
|
| // Read delta into memory.
|
| @@ -260,22 +311,28 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| LOG(INFO) << "manifest size: " << manifest_size;
|
| EXPECT_TRUE(manifest.ParseFromArray(&delta[kManifestOffset],
|
| manifest_size));
|
| - EXPECT_TRUE(manifest.has_signatures_offset());
|
| manifest_metadata_size = kManifestOffset + manifest_size;
|
|
|
| - Signatures sigs_message;
|
| - EXPECT_TRUE(sigs_message.ParseFromArray(
|
| - &delta[manifest_metadata_size + manifest.signatures_offset()],
|
| - manifest.signatures_size()));
|
| - EXPECT_EQ(1, sigs_message.signatures_size());
|
| - const Signatures_Signature& signature = sigs_message.signatures(0);
|
| - EXPECT_EQ(1, signature.version());
|
| -
|
| - uint64_t expected_sig_data_length = 0;
|
| - EXPECT_TRUE(PayloadSigner::SignatureBlobLength(kUnittestPrivateKeyPath,
|
| - &expected_sig_data_length));
|
| - EXPECT_EQ(expected_sig_data_length, manifest.signatures_size());
|
| - EXPECT_FALSE(signature.data().empty());
|
| + if (signature_test == kSignatureNone) {
|
| + EXPECT_FALSE(manifest.has_signatures_offset());
|
| + EXPECT_FALSE(manifest.has_signatures_size());
|
| + } else {
|
| + EXPECT_TRUE(manifest.has_signatures_offset());
|
| + EXPECT_TRUE(manifest.has_signatures_size());
|
| + Signatures sigs_message;
|
| + EXPECT_TRUE(sigs_message.ParseFromArray(
|
| + &delta[manifest_metadata_size + manifest.signatures_offset()],
|
| + manifest.signatures_size()));
|
| + EXPECT_EQ(1, sigs_message.signatures_size());
|
| + const Signatures_Signature& signature = sigs_message.signatures(0);
|
| + EXPECT_EQ(1, signature.version());
|
| +
|
| + uint64_t expected_sig_data_length = 0;
|
| + EXPECT_TRUE(PayloadSigner::SignatureBlobLength(
|
| + kUnittestPrivateKeyPath, &expected_sig_data_length));
|
| + EXPECT_EQ(expected_sig_data_length, manifest.signatures_size());
|
| + EXPECT_FALSE(signature.data().empty());
|
| + }
|
|
|
| if (noop) {
|
| EXPECT_EQ(1, manifest.install_operations_size());
|
| @@ -314,8 +371,10 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| .WillRepeatedly(Return(true));
|
| EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSHA256Context, _))
|
| .WillRepeatedly(Return(true));
|
| - EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSignedSHA256Context, _))
|
| - .WillOnce(Return(true));
|
| + if (signature_test != kSignatureNone) {
|
| + EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSignedSHA256Context, _))
|
| + .WillOnce(Return(true));
|
| + }
|
|
|
| // Update the A image in place.
|
| DeltaPerformer performer(&prefs);
|
| @@ -353,10 +412,11 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| strlen(new_data_string)));
|
|
|
| EXPECT_TRUE(utils::FileExists(kUnittestPublicKeyPath));
|
| - EXPECT_TRUE(performer.VerifyPayload(
|
| - kUnittestPublicKeyPath,
|
| - OmahaHashCalculator::OmahaHashOfData(delta),
|
| - delta.size()));
|
| + EXPECT_EQ(signature_test != kSignatureNone,
|
| + performer.VerifyPayload(
|
| + kUnittestPublicKeyPath,
|
| + OmahaHashCalculator::OmahaHashOfData(delta),
|
| + delta.size()));
|
|
|
| uint64_t new_kernel_size;
|
| vector<char> new_kernel_hash;
|
| @@ -382,23 +442,31 @@ void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
|
| }
|
|
|
| TEST(DeltaPerformerTest, RunAsRootSmallImageTest) {
|
| - DoSmallImageTest(false, false, false, false);
|
| + DoSmallImageTest(false, false, false, kSignatureGenerator);
|
| }
|
|
|
| TEST(DeltaPerformerTest, RunAsRootFullKernelSmallImageTest) {
|
| - DoSmallImageTest(true, false, false, false);
|
| + DoSmallImageTest(true, false, false, kSignatureGenerator);
|
| }
|
|
|
| TEST(DeltaPerformerTest, RunAsRootFullSmallImageTest) {
|
| - DoSmallImageTest(true, true, false, false);
|
| + DoSmallImageTest(true, true, false, kSignatureGenerator);
|
| }
|
|
|
| TEST(DeltaPerformerTest, RunAsRootNoopSmallImageTest) {
|
| - DoSmallImageTest(false, false, true, false);
|
| + DoSmallImageTest(false, false, true, kSignatureGenerator);
|
| +}
|
| +
|
| +TEST(DeltaPerformerTest, RunAsRootSmallImageSignNoneTest) {
|
| + DoSmallImageTest(false, false, false, kSignatureNone);
|
| +}
|
| +
|
| +TEST(DeltaPerformerTest, RunAsRootSmallImageSignGeneratedTest) {
|
| + DoSmallImageTest(false, false, false, kSignatureGenerated);
|
| }
|
|
|
| -TEST(DeltaPerformerTest, RunAsRootSmallImagePostSignTest) {
|
| - DoSmallImageTest(false, false, false, true);
|
| +TEST(DeltaPerformerTest, RunAsRootSmallImageSignGeneratedShellTest) {
|
| + DoSmallImageTest(false, false, false, kSignatureGeneratedShell);
|
| }
|
|
|
| TEST(DeltaPerformerTest, BadDeltaMagicTest) {
|
|
|
Chromium Code Reviews
Issue 6332002:
AU: Add more signing unit tests. (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/update_engine.git@master