blob: 8121cae42658ca0f47d29f04e806e01f0acaec48 [file] [log] [blame]
Andrew de los Reyes0c440052010-08-20 11:25:54 -07001// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include <string>
6#include <vector>
7#include <gtest/gtest.h>
8#include "base/logging.h"
9#include "update_engine/payload_signer.h"
10#include "update_engine/update_metadata.pb.h"
11#include "update_engine/utils.h"
12
13using std::string;
14using std::vector;
15
16// Note: the test key was generated with the following command:
17// openssl genrsa -out unittest_key.pem 1024
18
Andrew de los Reyes0c440052010-08-20 11:25:54 -070019namespace chromeos_update_engine {
20
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -070021const char* kUnittestPrivateKeyPath = "unittest_key.pem";
Darin Petkovd7061ab2010-10-06 14:37:09 -070022const char* kUnittestPublicKeyPath = "unittest_key.pub.pem";
23
24// Some data and its corresponding hash and signature:
25const char kDataToSign[] = "This is some data to sign.";
26const char kDataHash[] = {
27 0x7a, 0x07, 0xa6, 0x44, 0x08, 0x86, 0x20, 0xa6,
28 0xc1, 0xf8, 0xd9, 0x02, 0x05, 0x63, 0x0d, 0xb7,
29 0xfc, 0x2b, 0xa0, 0xa9, 0x7c, 0x9d, 0x1d, 0x8c,
30 0x01, 0xf5, 0x78, 0x6d, 0xc5, 0x11, 0xb4, 0x06
31};
32const char kDataSignature[] = {
33 0xa4, 0xbc, 0x8f, 0xeb, 0x81, 0x05, 0xaa, 0x56,
34 0x1b, 0x56, 0xe5, 0xcb, 0x9b, 0x1a, 0x00, 0xd7,
35 0x1d, 0x87, 0x8e, 0xda, 0x5e, 0x90, 0x09, 0xb8,
36 0x15, 0xf4, 0x25, 0x97, 0x2f, 0x3c, 0xa1, 0xf3,
37 0x02, 0x75, 0xcd, 0x67, 0x4b, 0x0c, 0x1f, 0xf5,
38 0x6e, 0xf1, 0x58, 0xd7, 0x0d, 0x8c, 0x18, 0x91,
39 0x52, 0x30, 0x98, 0x64, 0x58, 0xc0, 0xe2, 0xb5,
40 0x77, 0x3b, 0x96, 0x8f, 0x05, 0xc4, 0x7f, 0x7a,
41 0x9a, 0x44, 0x0f, 0xc7, 0x1b, 0x90, 0x83, 0xf8,
42 0x69, 0x05, 0xa8, 0x02, 0x57, 0xcd, 0x2e, 0x5b,
43 0x96, 0xc7, 0x77, 0xa6, 0x1f, 0x97, 0x97, 0x05,
44 0xb3, 0x30, 0x1c, 0x27, 0xd7, 0x2d, 0x31, 0x60,
45 0x84, 0x7e, 0x99, 0x00, 0xe6, 0xe1, 0x39, 0xa6,
46 0xf3, 0x3a, 0x72, 0xba, 0xc4, 0xfe, 0x68, 0xa9,
47 0x08, 0xfa, 0xbc, 0xa8, 0x44, 0x66, 0xa0, 0x60,
48 0xde, 0xc9, 0xb2, 0xba, 0xbc, 0x80, 0xb5, 0x55
49};
Andrew de los Reyes932bc4c2010-08-23 18:14:09 -070050
Andrew de los Reyes0c440052010-08-20 11:25:54 -070051//class PayloadSignerTest : public ::testing::Test {};
52
Darin Petkovd7061ab2010-10-06 14:37:09 -070053namespace {
54void SignSampleData(vector<char>* out_signature_blob) {
Andrew de los Reyes0c440052010-08-20 11:25:54 -070055 string data_path;
56 ASSERT_TRUE(
57 utils::MakeTempFile("/tmp/data.XXXXXX", &data_path, NULL));
58 ScopedPathUnlinker data_path_unlinker(data_path);
59 ASSERT_TRUE(utils::WriteFile(data_path.c_str(),
Darin Petkovd7061ab2010-10-06 14:37:09 -070060 kDataToSign,
61 strlen(kDataToSign)));
Andrew de los Reyes0c440052010-08-20 11:25:54 -070062 uint64_t length = 0;
63 EXPECT_TRUE(PayloadSigner::SignatureBlobLength(kUnittestPrivateKeyPath,
64 &length));
65 EXPECT_GT(length, 0);
Andrew de los Reyes0c440052010-08-20 11:25:54 -070066 EXPECT_TRUE(PayloadSigner::SignPayload(data_path,
67 kUnittestPrivateKeyPath,
Darin Petkovd7061ab2010-10-06 14:37:09 -070068 out_signature_blob));
69 EXPECT_EQ(length, out_signature_blob->size());
70}
71}
72
73TEST(PayloadSignerTest, SimpleTest) {
74 vector<char> signature_blob;
75 SignSampleData(&signature_blob);
Andrew de los Reyes0c440052010-08-20 11:25:54 -070076
77 // Check the signature itself
Andrew de los Reyes0c440052010-08-20 11:25:54 -070078 Signatures signatures;
79 EXPECT_TRUE(signatures.ParseFromArray(&signature_blob[0],
80 signature_blob.size()));
81 EXPECT_EQ(1, signatures.signatures_size());
82 const Signatures_Signature& signature = signatures.signatures(0);
83 EXPECT_EQ(kSignatureMessageVersion, signature.version());
84 const string sig_data = signature.data();
Darin Petkovd7061ab2010-10-06 14:37:09 -070085 ASSERT_EQ(arraysize(kDataSignature), sig_data.size());
86 for (size_t i = 0; i < arraysize(kDataSignature); i++) {
87 EXPECT_EQ(kDataSignature[i], sig_data[i]);
88 }
89}
90
91TEST(PayloadSignerTest, RunAsRootVerifySignatureTest) {
92 vector<char> signature_blob;
93 SignSampleData(&signature_blob);
94
95 vector<char> hash_data;
96 EXPECT_TRUE(PayloadSigner::VerifySignature(signature_blob,
97 kUnittestPublicKeyPath,
98 &hash_data));
99 ASSERT_EQ(arraysize(kDataHash), hash_data.size());
100 for (size_t i = 0; i < arraysize(kDataHash); i++) {
101 EXPECT_EQ(kDataHash[i], hash_data[i]);
Andrew de los Reyes0c440052010-08-20 11:25:54 -0700102 }
103}
104
105} // namespace chromeos_update_engine