Home | History | Annotate | Download | only in update_engine 
      1 //
      2 // Copyright (C) 2012 The Android Open Source Project
      3 //
      4 // Licensed under the Apache License, Version 2.0 (the "License");
      5 // you may not use this file except in compliance with the License.
      6 // You may obtain a copy of the License at
      7 //
      8 //      http://www.apache.org/licenses/LICENSE-2.0
      9 //
     10 // Unless required by applicable law or agreed to in writing, software
     11 // distributed under the License is distributed on an "AS IS" BASIS,
     12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 // See the License for the specific language governing permissions and
     14 // limitations under the License.
     15 //
     16 
     17 #include "update_engine/certificate_checker.h"
     18 
     19 #include <string>
     20 
     21 #include <base/strings/string_util.h>
     22 #include <base/strings/stringprintf.h>
     23 #include <gmock/gmock.h>
     24 #include <gtest/gtest.h>
     25 
     26 #include "update_engine/common/constants.h"
     27 #include "update_engine/common/mock_prefs.h"
     28 #include "update_engine/mock_certificate_checker.h"
     29 
     30 using ::testing::DoAll;
     31 using ::testing::Return;
     32 using ::testing::SetArgumentPointee;
     33 using ::testing::SetArrayArgument;
     34 using ::testing::_;
     35 using std::string;
     36 
     37 namespace chromeos_update_engine {
     38 
     39 class MockCertificateCheckObserver : public CertificateChecker::Observer {
     40  public:
     41   MOCK_METHOD2(CertificateChecked,
     42                void(ServerToCheck server_to_check,
     43                     CertificateCheckResult result));
     44 };
     45 
     46 class CertificateCheckerTest : public testing::Test {
     47  protected:
     48   void SetUp() override {
     49     cert_key_ = base::StringPrintf("%s-%d-%d",
     50                                    cert_key_prefix_.c_str(),
     51                                    static_cast<int>(server_to_check_),
     52                                    depth_);
     53     cert_checker.Init();
     54     cert_checker.SetObserver(&observer_);
     55   }
     56 
     57   void TearDown() override {
     58     cert_checker.SetObserver(nullptr);
     59   }
     60 
     61   MockPrefs prefs_;
     62   MockOpenSSLWrapper openssl_wrapper_;
     63   // Parameters of our mock certificate digest.
     64   int depth_{0};
     65   unsigned int length_{4};
     66   uint8_t digest_[4]{0x17, 0x7D, 0x07, 0x5F};
     67   string digest_hex_{"177D075F"};
     68   string diff_digest_hex_{"1234ABCD"};
     69   string cert_key_prefix_{kPrefsUpdateServerCertificate};
     70   ServerToCheck server_to_check_{ServerToCheck::kUpdate};
     71   string cert_key_;
     72 
     73   testing::StrictMock<MockCertificateCheckObserver> observer_;
     74   CertificateChecker cert_checker{&prefs_, &openssl_wrapper_};
     75 };
     76 
     77 // check certificate change, new
     78 TEST_F(CertificateCheckerTest, NewCertificate) {
     79   EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
     80       .WillOnce(DoAll(
     81           SetArgumentPointee<1>(depth_),
     82           SetArgumentPointee<2>(length_),
     83           SetArrayArgument<3>(digest_, digest_ + 4),
     84           Return(true)));
     85   EXPECT_CALL(prefs_, GetString(cert_key_, _)).WillOnce(Return(false));
     86   EXPECT_CALL(prefs_, SetString(cert_key_, digest_hex_)).WillOnce(Return(true));
     87   EXPECT_CALL(observer_,
     88               CertificateChecked(server_to_check_,
     89                                  CertificateCheckResult::kValid));
     90   ASSERT_TRUE(
     91       cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
     92 }
     93 
     94 // check certificate change, unchanged
     95 TEST_F(CertificateCheckerTest, SameCertificate) {
     96   EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
     97       .WillOnce(DoAll(
     98           SetArgumentPointee<1>(depth_),
     99           SetArgumentPointee<2>(length_),
    100           SetArrayArgument<3>(digest_, digest_ + 4),
    101           Return(true)));
    102   EXPECT_CALL(prefs_, GetString(cert_key_, _))
    103       .WillOnce(DoAll(SetArgumentPointee<1>(digest_hex_), Return(true)));
    104   EXPECT_CALL(prefs_, SetString(_, _)).Times(0);
    105   EXPECT_CALL(observer_,
    106               CertificateChecked(server_to_check_,
    107                                  CertificateCheckResult::kValid));
    108   ASSERT_TRUE(
    109       cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
    110 }
    111 
    112 // check certificate change, changed
    113 TEST_F(CertificateCheckerTest, ChangedCertificate) {
    114   EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
    115       .WillOnce(DoAll(
    116           SetArgumentPointee<1>(depth_),
    117           SetArgumentPointee<2>(length_),
    118           SetArrayArgument<3>(digest_, digest_ + 4),
    119           Return(true)));
    120   EXPECT_CALL(prefs_, GetString(cert_key_, _))
    121       .WillOnce(DoAll(SetArgumentPointee<1>(diff_digest_hex_), Return(true)));
    122   EXPECT_CALL(observer_,
    123               CertificateChecked(server_to_check_,
    124                                  CertificateCheckResult::kValidChanged));
    125   EXPECT_CALL(prefs_, SetString(cert_key_, digest_hex_)).WillOnce(Return(true));
    126   ASSERT_TRUE(
    127       cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
    128 }
    129 
    130 // check certificate change, failed
    131 TEST_F(CertificateCheckerTest, FailedCertificate) {
    132   EXPECT_CALL(observer_, CertificateChecked(server_to_check_,
    133                                             CertificateCheckResult::kFailed));
    134   EXPECT_CALL(prefs_, GetString(_, _)).Times(0);
    135   EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(_, _, _, _)).Times(0);
    136   ASSERT_FALSE(
    137       cert_checker.CheckCertificateChange(0, nullptr, server_to_check_));
    138 }
    139 
    140 }  // namespace chromeos_update_engine
    141