blob: a3d7465aa5acb3d3ee435f20e57c41bc5195f9e8 [file] [log] [blame]
// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "update_engine/certificate_checker.h"
#include <string>
#include <base/strings/string_util.h>
#include <base/strings/stringprintf.h>
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <metrics/metrics_library_mock.h>
#include "update_engine/constants.h"
#include "update_engine/fake_system_state.h"
#include "update_engine/mock_certificate_checker.h"
#include "update_engine/mock_prefs.h"
using ::testing::DoAll;
using ::testing::Return;
using ::testing::SetArgumentPointee;
using ::testing::SetArrayArgument;
using ::testing::_;
using std::string;
namespace chromeos_update_engine {
class CertificateCheckerTest : public testing::Test {
public:
CertificateCheckerTest() {}
protected:
void SetUp() override {
depth_ = 0;
length_ = 4;
digest_[0] = 0x17;
digest_[1] = 0x7D;
digest_[2] = 0x07;
digest_[3] = 0x5F;
digest_hex_ = "177D075F";
diff_digest_hex_ = "1234ABCD";
cert_key_prefix_ = kPrefsUpdateServerCertificate;
server_to_check_ = CertificateChecker::kUpdate;
cert_key_ = base::StringPrintf("%s-%d-%d",
cert_key_prefix_.c_str(),
server_to_check_,
depth_);
kCertChanged = "Updater.ServerCertificateChanged";
kCertFailed = "Updater.ServerCertificateFailed";
CertificateChecker::set_system_state(&fake_system_state_);
CertificateChecker::set_openssl_wrapper(&openssl_wrapper_);
prefs_ = fake_system_state_.mock_prefs();
}
void TearDown() override {}
FakeSystemState fake_system_state_;
MockPrefs* prefs_; // shortcut to fake_system_state_.mock_prefs()
MockOpenSSLWrapper openssl_wrapper_;
// Parameters of our mock certificate digest.
int depth_;
unsigned int length_;
unsigned char digest_[4];
string digest_hex_;
string diff_digest_hex_;
string cert_key_prefix_;
CertificateChecker::ServerToCheck server_to_check_;
string cert_key_;
string kCertChanged;
string kCertFailed;
};
// check certificate change, new
TEST_F(CertificateCheckerTest, NewCertificate) {
EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(depth_),
SetArgumentPointee<2>(length_),
SetArrayArgument<3>(digest_, digest_ + 4),
Return(true)));
EXPECT_CALL(*prefs_, GetString(cert_key_, _))
.WillOnce(Return(false));
EXPECT_CALL(*prefs_, SetString(cert_key_, digest_hex_))
.WillOnce(Return(true));
ASSERT_TRUE(CertificateChecker::CheckCertificateChange(
server_to_check_, 1, nullptr));
}
// check certificate change, unchanged
TEST_F(CertificateCheckerTest, SameCertificate) {
EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(depth_),
SetArgumentPointee<2>(length_),
SetArrayArgument<3>(digest_, digest_ + 4),
Return(true)));
EXPECT_CALL(*prefs_, GetString(cert_key_, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(digest_hex_),
Return(true)));
EXPECT_CALL(*prefs_, SetString(_, _)).Times(0);
ASSERT_TRUE(CertificateChecker::CheckCertificateChange(
server_to_check_, 1, nullptr));
}
// check certificate change, changed
TEST_F(CertificateCheckerTest, ChangedCertificate) {
EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(depth_),
SetArgumentPointee<2>(length_),
SetArrayArgument<3>(digest_, digest_ + 4),
Return(true)));
EXPECT_CALL(*prefs_, GetString(cert_key_, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(diff_digest_hex_),
Return(true)));
EXPECT_CALL(*prefs_, SetString(kPrefsCertificateReportToSendUpdate,
kCertChanged))
.WillOnce(Return(true));
EXPECT_CALL(*prefs_, SetString(cert_key_, digest_hex_))
.WillOnce(Return(true));
ASSERT_TRUE(CertificateChecker::CheckCertificateChange(
server_to_check_, 1, nullptr));
}
// check certificate change, failed
TEST_F(CertificateCheckerTest, FailedCertificate) {
EXPECT_CALL(*prefs_, SetString(kPrefsCertificateReportToSendUpdate,
kCertFailed))
.WillOnce(Return(true));
EXPECT_CALL(*prefs_, GetString(_, _)).Times(0);
EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(_, _, _, _)).Times(0);
ASSERT_FALSE(CertificateChecker::CheckCertificateChange(
server_to_check_, 0, nullptr));
}
// flush send report
TEST_F(CertificateCheckerTest, FlushReport) {
EXPECT_CALL(*prefs_, GetString(kPrefsCertificateReportToSendUpdate, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(kCertChanged),
Return(true)));
EXPECT_CALL(*prefs_, GetString(kPrefsCertificateReportToSendDownload, _))
.WillOnce(Return(false));
EXPECT_CALL(*fake_system_state_.mock_metrics_lib(),
SendUserActionToUMA(kCertChanged))
.WillOnce(Return(true));
EXPECT_CALL(*prefs_, Delete(kPrefsCertificateReportToSendUpdate))
.WillOnce(Return(true));
EXPECT_CALL(*prefs_, SetString(kPrefsCertificateReportToSendDownload, _))
.Times(0);
CertificateChecker::FlushReport();
}
// flush nothing to report
TEST_F(CertificateCheckerTest, FlushNothingToReport) {
string empty = "";
EXPECT_CALL(*prefs_, GetString(kPrefsCertificateReportToSendUpdate, _))
.WillOnce(DoAll(
SetArgumentPointee<1>(empty),
Return(true)));
EXPECT_CALL(*prefs_, GetString(kPrefsCertificateReportToSendDownload, _))
.WillOnce(Return(false));
EXPECT_CALL(*fake_system_state_.mock_metrics_lib(),
SendUserActionToUMA(_)).Times(0);
EXPECT_CALL(*prefs_, SetString(_, _)).Times(0);
CertificateChecker::FlushReport();
}
} // namespace chromeos_update_engine