1# Lint as: python2, python3
2# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
3# Use of this source code is governed by a BSD-style license that can be
4# found in the LICENSE file.
5
6from autotest_lib.client.common_lib import error
7from autotest_lib.server.cros.update_engine import update_engine_test
8
9
10class autoupdate_CatchBadSignatures(update_engine_test.UpdateEngineTest):
11    """Test to verify that update_engine correctly checks payload signatures."""
12    version = 1
13
14    # The test image to use and the values associated with it.
15    _IMAGE_GS_URL='https://storage.googleapis.com/chromiumos-test-assets-public/autoupdate/autoupdate_CatchBadSignatures.bin'
16
17    def _check_signature(self, expected_log_messages,
18                         failure_message, public_key=None, tag=None):
19        """
20        Helper function for updating with a canned Omaha response.
21
22        @param expected_log_messages: A list of strings that are expected to be
23                                      in the update_engine log.
24        @param failure_message: The message for exception to raise on error.
25        @param public_key: The public key to be passed to the update_engine.
26        @param tag: String to append to test name to identify it in the logs.
27
28        """
29        # Runs the update on the DUT and expect it to fail.
30        self._run_client_test_and_check_result('autoupdate_CannedOmahaUpdate',
31                                               payload_url=self._IMAGE_GS_URL,
32                                               allow_failure=True,
33                                               public_key=public_key,
34                                               tag=tag)
35        if not self._check_update_engine_log_for_entry(expected_log_messages):
36            last_error = self._get_last_error_string()
37            raise error.TestFail(
38                '%s. Last update_engine.log error: %s' % (failure_message,
39                                                          last_error))
40
41
42    def _check_bad_metadata_signature(self):
43        """Checks that update_engine rejects updates where the payload
44        and Omaha response do not agree on the metadata signature."""
45        expected_log_messages = [
46                'Mandating payload signature checks since Omaha Response for '
47                'unofficial build includes public RSA key',
48                'Mandatory metadata signature validation failed'
49        ]
50
51        self._check_signature(expected_log_messages,
52                              'Check for bad metadata signature failed.',
53                              public_key=self._IMAGE_PUBLIC_KEY,
54                              tag='metadata_signature')
55
56
57    def _check_bad_payload_signature(self):
58        """Checks that update_engine rejects updates where the payload
59        signature does not match what is expected."""
60        expected_log_messages = [
61                'Mandating payload signature checks since Omaha Response for '
62                'unofficial build includes public RSA key',
63                'Metadata hash signature matches value in Omaha response.',
64                'Public key verification failed, thus update failed'
65        ]
66
67        self._check_signature(expected_log_messages,
68                              'Check for payload signature failed.',
69                              tag='payload_signature')
70
71
72    def run_once(self):
73        """Runs the test on a DUT."""
74        self._check_bad_metadata_signature()
75        self._check_bad_payload_signature()
76