| # Copyright (c) 2013 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| from autotest_lib.client.common_lib import error |
| from autotest_lib.server.cros.update_engine import update_engine_test |
| |
| |
| class autoupdate_CatchBadSignatures(update_engine_test.UpdateEngineTest): |
| """Test to verify that update_engine correctly checks payload signatures.""" |
| version = 1 |
| |
| # The test image to use and the values associated with it. |
| _IMAGE_GS_URL='https://storage.googleapis.com/chromiumos-test-assets-public/autoupdate/autoupdate_CatchBadSignatures.bin' |
| _IMAGE_PUBLIC_KEY2='LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFxZE03Z25kNDNjV2ZRenlydDE2UQpESEUrVDB5eGcxOE9aTys5c2M4aldwakMxekZ0b01Gb2tFU2l1OVRMVXArS1VDMjc0ZitEeElnQWZTQ082VTVECkpGUlBYVXp2ZTF2YVhZZnFsalVCeGMrSlljR2RkNlBDVWw0QXA5ZjAyRGhrckduZi9ya0hPQ0VoRk5wbTUzZG8Kdlo5QTZRNUtCZmNnMUhlUTA4OG9wVmNlUUd0VW1MK2JPTnE1dEx2TkZMVVUwUnUwQW00QURKOFhtdzRycHZxdgptWEphRm1WdWYvR3g3K1RPbmFKdlpUZU9POUFKSzZxNlY4RTcrWlppTUljNUY0RU9zNUFYL2xaZk5PM1JWZ0cyCk83RGh6emErbk96SjNaSkdLNVI0V3daZHVobjlRUllvZ1lQQjBjNjI4NzhxWHBmMkJuM05wVVBpOENmL1JMTU0KbVFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg==' |
| |
| def _check_signature(self, expected_log_messages, |
| failure_message, public_key=None): |
| """Helper function for updating with a Canned Omaha response. |
| |
| @param expected_log_messages: A list of strings that are expected to be |
| in the update_engine log. |
| @param failure_message: The message for exception to raise on error. |
| @param public_key: The public key to be passed to the update_engine. |
| |
| """ |
| |
| # Runs the update on the DUT and expect it to fail. |
| self._run_client_test_and_check_result('autoupdate_CannedOmahaUpdate', |
| image_url=self._IMAGE_GS_URL, |
| allow_failure=True, |
| public_key=public_key) |
| |
| try: |
| self._check_update_engine_log_for_entry(expected_log_messages, |
| raise_error=True, |
| err_str=failure_message) |
| except error.TestFail as e: |
| last_error = self._get_last_error_string() |
| raise error.TestFail( |
| '%s\nLast update_engine.log error: %s' % (e, last_error)) |
| |
| |
| def _check_bad_metadata_signature(self): |
| """Checks that update_engine rejects updates where the payload |
| and Omaha response do not agree on the metadata signature.""" |
| |
| expected_log_messages = [ |
| 'Mandating payload hash checks since Omaha Response for ' |
| 'unofficial build includes public RSA key', |
| 'Mandatory metadata signature validation failed'] |
| |
| self._check_signature(expected_log_messages, |
| 'Check for bad metadata signature failed.', |
| public_key=self._IMAGE_PUBLIC_KEY2) |
| |
| |
| def _check_bad_payload_signature(self): |
| """Checks that update_engine rejects updates where the payload |
| signature does not match what is expected.""" |
| |
| expected_log_messages = [ |
| 'Mandating payload hash checks since Omaha Response for ' |
| 'unofficial build includes public RSA key', |
| 'Metadata hash signature matches value in Omaha response.', |
| 'Public key verification failed, thus update failed'] |
| |
| self._check_signature(expected_log_messages, |
| 'Check for payload signature failed.') |
| |
| |
| def run_once(self): |
| """Runs the test on a DUT.""" |
| |
| self._check_bad_metadata_signature() |
| self._check_bad_payload_signature() |