AU: Add a signing test with a private key that doesn't match the public one.

delta_performer_unittest.cc

 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <sys/mount.h>
 #include <inttypes.h>
 
 #include <algorithm>
 #include <string>
 #include <vector>
@@ skipping 82 matching lines @@
   return true;
 }
 }  // namespace {}
 
 namespace {
 enum SignatureTest {
   kSignatureNone,  // No payload signing.
   kSignatureGenerator,  // Sign the payload at generation time.
   kSignatureGenerated,  // Sign the payload after it's generated.
   kSignatureGeneratedShell,  // Sign the generated payload through shell cmds.
+  kSignatureGeneratedShellBadKey,  // Sign with a bad key through shell cmds.
 };
 
-size_t GetSignatureSize() {
+size_t GetSignatureSize(const string& private_key_path) {
   const vector<char> data(1, 'x');
   vector<char> hash;
   EXPECT_TRUE(OmahaHashCalculator::RawHashOfData(data, &hash));
   vector<char> signature;
   EXPECT_TRUE(PayloadSigner::SignHash(hash,
-                                      kUnittestPrivateKeyPath,
+                                      private_key_path,
                                       &signature));
   return signature.size();
 }
 
 void SignGeneratedPayload(const string& payload_path) {
-  int signature_size = GetSignatureSize();
+  int signature_size = GetSignatureSize(kUnittestPrivateKeyPath);
   vector<char> hash;
   ASSERT_TRUE(PayloadSigner::HashPayloadForSigning(payload_path,
                                                    signature_size,
                                                    &hash));
   vector<char> signature;
   ASSERT_TRUE(PayloadSigner::SignHash(hash,
                                       kUnittestPrivateKeyPath,
                                       &signature));
   ASSERT_TRUE(PayloadSigner::AddSignatureToPayload(payload_path,
                                                    signature,
                                                    payload_path));
   EXPECT_TRUE(PayloadSigner::VerifySignedPayload(payload_path,
                                                  kUnittestPublicKeyPath));
 }
 
-void SignGeneratedShellPayload(const string& payload_path) {
-  int signature_size = GetSignatureSize();
+void SignGeneratedShellPayload(SignatureTest signature_test,
+                               const string& payload_path) {
+  string private_key_path = kUnittestPrivateKeyPath;
+  if (signature_test == kSignatureGeneratedShellBadKey) {
+    ASSERT_TRUE(utils::MakeTempFile("/tmp/key.XXXXXX",
+                                    &private_key_path,
+                                    NULL));
+  } else {
+    ASSERT_EQ(kSignatureGeneratedShell, signature_test);
+  }
+  ScopedPathUnlinker key_unlinker(private_key_path);
+  key_unlinker.set_should_remove(signature_test ==
+                                 kSignatureGeneratedShellBadKey);
+  // Generates a new private key that will not match the public key.
+  if (signature_test == kSignatureGeneratedShellBadKey) {
+    LOG(INFO) << "Generating a mismatched private key.";
+    ASSERT_EQ(0,
+              System(StringPrintf(
+                  "/usr/bin/openssl genrsa -out %s 1024",
+                  private_key_path.c_str())));
+  }
+  int signature_size = GetSignatureSize(private_key_path);
   string hash_file;
   ASSERT_TRUE(utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_file, NULL));
   ScopedPathUnlinker hash_unlinker(hash_file);
-
   ASSERT_EQ(0,
             System(StringPrintf(
                 "./delta_generator -in_file %s -signature_size %d "
                 "-out_hash_file %s",
                 payload_path.c_str(),
                 signature_size,
                 hash_file.c_str())));
 
   string sig_file;
   ASSERT_TRUE(utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_file, NULL));
   ScopedPathUnlinker sig_unlinker(sig_file);
   ASSERT_EQ(0,
             System(StringPrintf(
                 "/usr/bin/openssl rsautl -pkcs -sign -inkey %s -in %s -out %s",
-                kUnittestPrivateKeyPath,
+                private_key_path.c_str(),
                 hash_file.c_str(),
                 sig_file.c_str())));
   ASSERT_EQ(0,
             System(StringPrintf(
                 "./delta_generator -in_file %s -signature_file %s "
                 "-out_file %s",
                 payload_path.c_str(),
                 sig_file.c_str(),
                 payload_path.c_str())));
-  ASSERT_EQ(0,
-            System(StringPrintf(
-                "./delta_generator -in_file %s -public_key %s",
-                payload_path.c_str(),
-                kUnittestPublicKeyPath)));
+  int verify_result =
+      System(StringPrintf("./delta_generator -in_file %s -public_key %s",
+                          payload_path.c_str(),
+                          kUnittestPublicKeyPath));
+  if (signature_test == kSignatureGeneratedShellBadKey) {
+    ASSERT_NE(0, verify_result);
+  } else {
+    ASSERT_EQ(0, verify_result);
+  }
 }
 
 void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
                       SignatureTest signature_test) {
   string a_img, b_img;
   EXPECT_TRUE(utils::MakeTempFile("/tmp/a_img.XXXXXX", &a_img, NULL));
   ScopedPathUnlinker a_img_unlinker(a_img);
   EXPECT_TRUE(utils::MakeTempFile("/tmp/b_img.XXXXXX", &b_img, NULL));
   ScopedPathUnlinker b_img_unlinker(b_img);
 
@@ skipping 104 matching lines @@
             b_mnt,
             b_img,
             full_kernel ? "" : old_kernel,
             new_kernel,
             delta_path,
             private_key));
   }
 
   if (signature_test == kSignatureGenerated) {
     SignGeneratedPayload(delta_path);
-  } else if (signature_test == kSignatureGeneratedShell) {
-    SignGeneratedShellPayload(delta_path);
+  } else if (signature_test == kSignatureGeneratedShell ||
+             signature_test == kSignatureGeneratedShellBadKey) {
+    SignGeneratedShellPayload(signature_test, delta_path);
   }
 
   // Read delta into memory.
   vector<char> delta;
   EXPECT_TRUE(utils::ReadFile(delta_path, &delta));
 
   uint64_t manifest_metadata_size;
 
   // Check the metadata.
   {
@@ skipping 101 matching lines @@
 
   CompareFilesByBlock(old_kernel, new_kernel);
   CompareFilesByBlock(a_img, b_img);
 
   vector<char> updated_kernel_partition;
   EXPECT_TRUE(utils::ReadFile(old_kernel, &updated_kernel_partition));
   EXPECT_EQ(0, strncmp(&updated_kernel_partition[0], new_data_string,
                        strlen(new_data_string)));
 
   EXPECT_TRUE(utils::FileExists(kUnittestPublicKeyPath));
-  EXPECT_EQ(signature_test != kSignatureNone,
+  bool expect_verify_success =
+      signature_test != kSignatureNone &&
+      signature_test != kSignatureGeneratedShellBadKey;
+  EXPECT_EQ(expect_verify_success,
             performer.VerifyPayload(
                 kUnittestPublicKeyPath,
                 OmahaHashCalculator::OmahaHashOfData(delta),
                 delta.size()));
+  EXPECT_TRUE(performer.VerifyPayload(
+      "/public/key/does/not/exists",
+      OmahaHashCalculator::OmahaHashOfData(delta),
+      delta.size()));
 
   uint64_t new_kernel_size;
   vector<char> new_kernel_hash;
   uint64_t new_rootfs_size;
   vector<char> new_rootfs_hash;
   EXPECT_TRUE(performer.GetNewPartitionInfo(&new_kernel_size,
                                             &new_kernel_hash,
                                             &new_rootfs_size,
                                             &new_rootfs_hash));
   EXPECT_EQ(4096, new_kernel_size);
@@ skipping 32 matching lines @@
 }
 
 TEST(DeltaPerformerTest, RunAsRootSmallImageSignGeneratedTest) {
   DoSmallImageTest(false, false, false, kSignatureGenerated);
 }
 
 TEST(DeltaPerformerTest, RunAsRootSmallImageSignGeneratedShellTest) {
   DoSmallImageTest(false, false, false, kSignatureGeneratedShell);
 }
 
+TEST(DeltaPerformerTest, RunAsRootSmallImageSignGeneratedShellBadKeyTest) {
+  DoSmallImageTest(false, false, false, kSignatureGeneratedShellBadKey);
+}
+
 TEST(DeltaPerformerTest, BadDeltaMagicTest) {
   PrefsMock prefs;
   DeltaPerformer performer(&prefs);
   EXPECT_EQ(0, performer.Open("/dev/null", 0, 0));
   EXPECT_TRUE(performer.OpenKernel("/dev/null"));
   EXPECT_EQ(4, performer.Write("junk", 4));
   EXPECT_EQ(8, performer.Write("morejunk", 8));
   EXPECT_LT(performer.Write("morejunk", 8), 0);
   EXPECT_LT(performer.Close(), 0);
 }
 
 TEST(DeltaPerformerTest, IsIdempotentOperationTest) {
   DeltaArchiveManifest_InstallOperation op;
   EXPECT_TRUE(DeltaPerformer::IsIdempotentOperation(op));
   *(op.add_dst_extents()) = ExtentForRange(0, 5);
   EXPECT_TRUE(DeltaPerformer::IsIdempotentOperation(op));
   *(op.add_src_extents()) = ExtentForRange(4, 1);
   EXPECT_FALSE(DeltaPerformer::IsIdempotentOperation(op));
   op.clear_src_extents();
   *(op.add_src_extents()) = ExtentForRange(5, 3);
   EXPECT_TRUE(DeltaPerformer::IsIdempotentOperation(op));
   *(op.add_dst_extents()) = ExtentForRange(20, 6);
   EXPECT_TRUE(DeltaPerformer::IsIdempotentOperation(op));
   *(op.add_src_extents()) = ExtentForRange(19, 2);
   EXPECT_FALSE(DeltaPerformer::IsIdempotentOperation(op));
 }
 
 }  // namespace chromeos_update_engine