Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / 23d52be12fbe9001bb2e35b19e957367c73b4bba / . / certificate_checker_unittest.cc
blob: 20efce9057d9ccaade9c897593261877a4721e8c [file] [log] [blame]
Alex Deymoaea4c1c2015-08-19 20:24:43 -0700[diff] [blame]1//
2// Copyright (C) 2012 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]16
Alex Deymo14c0da82016-07-20 16:45:45 -0700[diff] [blame]17#include "update_engine/certificate_checker.h"
Alex Deymo8427b4a2014-11-05 14:00:32 -0800[diff] [blame]18
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]19#include <string>
20
Alex Vakulenko75039d72014-03-25 12:36:28 -0700[diff] [blame]21#include <base/strings/string_util.h>
22#include <base/strings/stringprintf.h>
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]23#include <gmock/gmock.h>
24#include <gtest/gtest.h>
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]25
Alex Deymo39910dc2015-11-09 17:04:30 -0800[diff] [blame]26#include "update_engine/common/constants.h"
Alex Deymo39910dc2015-11-09 17:04:30 -0800[diff] [blame]27#include "update_engine/common/mock_prefs.h"
Alex Deymo14c0da82016-07-20 16:45:45 -0700[diff] [blame]28#include "update_engine/mock_certificate_checker.h"
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]29
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]30using ::testing::DoAll;
31using ::testing::Return;
32using ::testing::SetArgumentPointee;
33using ::testing::SetArrayArgument;
Alex Deymof329b932014-10-30 01:37:48 -0700[diff] [blame]34using ::testing::_;
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]35using std::string;
36
37namespace chromeos_update_engine {
38
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]39class MockCertificateCheckObserver : public CertificateChecker::Observer {
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]40 public:
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]41 MOCK_METHOD2(CertificateChecked,
42 void(ServerToCheck server_to_check,
43 CertificateCheckResult result));
44};
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]45
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]46class CertificateCheckerTest : public testing::Test {
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]47 protected:
Alex Deymo610277e2014-11-11 21:18:11 -0800[diff] [blame]48 void SetUp() override {
Alex Vakulenko75039d72014-03-25 12:36:28 -0700[diff] [blame]49 cert_key_ = base::StringPrintf("%s-%d-%d",
50 cert_key_prefix_.c_str(),
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]51 static_cast<int>(server_to_check_),
Alex Vakulenko75039d72014-03-25 12:36:28 -0700[diff] [blame]52 depth_);
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]53 cert_checker.Init();
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]54 cert_checker.SetObserver(&observer_);
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]55 }
56
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]57 void TearDown() override {
58 cert_checker.SetObserver(nullptr);
59 }
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]60
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]61 MockPrefs prefs_;
Alex Deymo8427b4a2014-11-05 14:00:32 -0800[diff] [blame]62 MockOpenSSLWrapper openssl_wrapper_;
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]63 // Parameters of our mock certificate digest.
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]64 int depth_{0};
65 unsigned int length_{4};
66 uint8_t digest_[4]{0x17, 0x7D, 0x07, 0x5F};
67 string digest_hex_{"177D075F"};
68 string diff_digest_hex_{"1234ABCD"};
69 string cert_key_prefix_{kPrefsUpdateServerCertificate};
70 ServerToCheck server_to_check_{ServerToCheck::kUpdate};
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]71 string cert_key_;
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]72
73 testing::StrictMock<MockCertificateCheckObserver> observer_;
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]74 CertificateChecker cert_checker{&prefs_, &openssl_wrapper_};
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]75};
76
77// check certificate change, new
78TEST_F(CertificateCheckerTest, NewCertificate) {
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]79 EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]80 .WillOnce(DoAll(
81 SetArgumentPointee<1>(depth_),
82 SetArgumentPointee<2>(length_),
83 SetArrayArgument<3>(digest_, digest_ + 4),
84 Return(true)));
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]85 EXPECT_CALL(prefs_, GetString(cert_key_, _)).WillOnce(Return(false));
86 EXPECT_CALL(prefs_, SetString(cert_key_, digest_hex_)).WillOnce(Return(true));
87 EXPECT_CALL(observer_,
88 CertificateChecked(server_to_check_,
89 CertificateCheckResult::kValid));
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]90 ASSERT_TRUE(
91 cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]92}
93
94// check certificate change, unchanged
95TEST_F(CertificateCheckerTest, SameCertificate) {
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]96 EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]97 .WillOnce(DoAll(
98 SetArgumentPointee<1>(depth_),
99 SetArgumentPointee<2>(length_),
100 SetArrayArgument<3>(digest_, digest_ + 4),
101 Return(true)));
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]102 EXPECT_CALL(prefs_, GetString(cert_key_, _))
103 .WillOnce(DoAll(SetArgumentPointee<1>(digest_hex_), Return(true)));
104 EXPECT_CALL(prefs_, SetString(_, _)).Times(0);
105 EXPECT_CALL(observer_,
106 CertificateChecked(server_to_check_,
107 CertificateCheckResult::kValid));
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]108 ASSERT_TRUE(
109 cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]110}
111
112// check certificate change, changed
113TEST_F(CertificateCheckerTest, ChangedCertificate) {
Alex Vakulenko88b591f2014-08-28 16:48:57 -0700[diff] [blame]114 EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(nullptr, _, _, _))
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]115 .WillOnce(DoAll(
116 SetArgumentPointee<1>(depth_),
117 SetArgumentPointee<2>(length_),
118 SetArrayArgument<3>(digest_, digest_ + 4),
119 Return(true)));
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]120 EXPECT_CALL(prefs_, GetString(cert_key_, _))
121 .WillOnce(DoAll(SetArgumentPointee<1>(diff_digest_hex_), Return(true)));
122 EXPECT_CALL(observer_,
123 CertificateChecked(server_to_check_,
124 CertificateCheckResult::kValidChanged));
125 EXPECT_CALL(prefs_, SetString(cert_key_, digest_hex_)).WillOnce(Return(true));
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]126 ASSERT_TRUE(
127 cert_checker.CheckCertificateChange(1, nullptr, server_to_check_));
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]128}
129
130// check certificate change, failed
131TEST_F(CertificateCheckerTest, FailedCertificate) {
Alex Deymoc1c17b42015-11-23 03:53:15 -0300[diff] [blame]132 EXPECT_CALL(observer_, CertificateChecked(server_to_check_,
133 CertificateCheckResult::kFailed));
134 EXPECT_CALL(prefs_, GetString(_, _)).Times(0);
Alex Vakulenkod2779df2014-06-16 13:19:00 -0700[diff] [blame]135 EXPECT_CALL(openssl_wrapper_, GetCertificateDigest(_, _, _, _)).Times(0);
Alex Deymo33e91e72015-12-01 18:26:08 -0300[diff] [blame]136 ASSERT_FALSE(
137 cert_checker.CheckCertificateChange(0, nullptr, server_to_check_));
Bruno Rocha7f9aea22011-09-12 14:31:24 -0700[diff] [blame]138}
139
140} // namespace chromeos_update_engine