server/site_tests/autoupdate_CatchBadSignatures/autoupdate_CatchBadSignatures.py

# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

from autotest_lib.client.common_lib import error
from autotest_lib.server.cros.update_engine import update_engine_test


class autoupdate_CatchBadSignatures(update_engine_test.UpdateEngineTest):
    """Test to verify that update_engine correctly checks payload signatures."""
    version = 1

    # The test image to use and the values associated with it.
    _IMAGE_GS_URL='https://storage.googleapis.com/chromiumos-test-assets-public/autoupdate/autoupdate_CatchBadSignatures.bin'

    def _check_signature(self, expected_log_messages,
                         failure_message, public_key=None, tag=None):
        """
        Helper function for updating with a canned Omaha response.

        @param expected_log_messages: A list of strings that are expected to be
                                      in the update_engine log.
        @param failure_message: The message for exception to raise on error.
        @param public_key: The public key to be passed to the update_engine.
        @param tag: String to append to test name to identify it in the logs.

        """
        # Runs the update on the DUT and expect it to fail.
        self._run_client_test_and_check_result('autoupdate_CannedOmahaUpdate',
                                               payload_url=self._IMAGE_GS_URL,
                                               allow_failure=True,
                                               public_key=public_key,
                                               tag=tag)
        if not self._check_update_engine_log_for_entry(expected_log_messages):
            last_error = self._get_last_error_string()
            raise error.TestFail(
                '%s. Last update_engine.log error: %s' % (failure_message,
                                                          last_error))


    def _check_bad_metadata_signature(self):
        """Checks that update_engine rejects updates where the payload
        and Omaha response do not agree on the metadata signature."""
        expected_log_messages = [
                'Mandating payload hash checks since Omaha Response for '
                'unofficial build includes public RSA key',
                'Mandatory metadata signature validation failed']

        self._check_signature(expected_log_messages,
                              'Check for bad metadata signature failed.',
                              public_key=self._IMAGE_PUBLIC_KEY,
                              tag='metadata_signature')


    def _check_bad_payload_signature(self):
        """Checks that update_engine rejects updates where the payload
        signature does not match what is expected."""
        expected_log_messages = [
                'Mandating payload hash checks since Omaha Response for '
                'unofficial build includes public RSA key',
                'Metadata hash signature matches value in Omaha response.',
                'Public key verification failed, thus update failed']

        self._check_signature(expected_log_messages,
                              'Check for payload signature failed.',
                              tag='payload_signature')


    def run_once(self):
        """Runs the test on a DUT."""
        self._check_bad_metadata_signature()
        self._check_bad_payload_signature()