diff options
-rw-r--r-- | Android.mk | 5 | ||||
-rw-r--r-- | tests/Android.mk | 1 | ||||
-rw-r--r-- | tests/component/verifier_test.cpp | 57 | ||||
-rw-r--r-- | verifier.cpp | 4 |
4 files changed, 59 insertions, 8 deletions
diff --git a/Android.mk b/Android.mk index f8e5ac24a..58b8a2240 100644 --- a/Android.mk +++ b/Android.mk @@ -144,15 +144,12 @@ include $(BUILD_EXECUTABLE) # libverifier (static library) # =============================== include $(CLEAR_VARS) -LOCAL_CLANG := true LOCAL_MODULE := libverifier LOCAL_MODULE_TAGS := tests LOCAL_SRC_FILES := \ asn1_decoder.cpp \ - verifier.cpp \ - ui.cpp + verifier.cpp LOCAL_STATIC_LIBRARIES := \ - libminui \ libcrypto_utils \ libcrypto \ libbase diff --git a/tests/Android.mk b/tests/Android.mk index 65f736d13..ff6e14c9b 100644 --- a/tests/Android.mk +++ b/tests/Android.mk @@ -120,7 +120,6 @@ LOCAL_STATIC_LIBRARIES := \ libupdater \ libbootloader_message \ libverifier \ - libminui \ libotautil \ libmounts \ libdivsufsort \ diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp index 03829f393..4993716f4 100644 --- a/tests/component/verifier_test.cpp +++ b/tests/component/verifier_test.cpp @@ -58,6 +58,63 @@ class VerifierSuccessTest : public VerifierTest { class VerifierFailureTest : public VerifierTest { }; +TEST(VerifierTest, load_keys_multiple_keys) { + std::string testkey_v4; + ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v4.txt"), &testkey_v4)); + + std::string testkey_v3; + ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v3.txt"), &testkey_v3)); + + std::string keys = testkey_v4 + "," + testkey_v3 + "," + testkey_v4; + TemporaryFile key_file1; + ASSERT_TRUE(android::base::WriteStringToFile(keys, key_file1.path)); + std::vector<Certificate> certs; + ASSERT_TRUE(load_keys(key_file1.path, certs)); + ASSERT_EQ(3U, certs.size()); +} + +TEST(VerifierTest, load_keys_invalid_keys) { + std::vector<Certificate> certs; + ASSERT_FALSE(load_keys("/doesntexist", certs)); + + // Empty file. + TemporaryFile key_file1; + ASSERT_FALSE(load_keys(key_file1.path, certs)); + + // Invalid contents. + ASSERT_TRUE(android::base::WriteStringToFile("invalid", key_file1.path)); + ASSERT_FALSE(load_keys(key_file1.path, certs)); + + std::string testkey_v4; + ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v4.txt"), &testkey_v4)); + + // Invalid key version: "v4 ..." => "v6 ...". + std::string invalid_key2(testkey_v4); + invalid_key2[1] = '6'; + TemporaryFile key_file2; + ASSERT_TRUE(android::base::WriteStringToFile(invalid_key2, key_file2.path)); + ASSERT_FALSE(load_keys(key_file2.path, certs)); + + // Invalid key content: inserted extra bytes ",2209831334". + std::string invalid_key3(testkey_v4); + invalid_key3.insert(invalid_key2.size() - 2, ",2209831334"); + TemporaryFile key_file3; + ASSERT_TRUE(android::base::WriteStringToFile(invalid_key3, key_file3.path)); + ASSERT_FALSE(load_keys(key_file3.path, certs)); + + // Invalid key: the last key must not end with an extra ','. + std::string invalid_key4 = testkey_v4 + ","; + TemporaryFile key_file4; + ASSERT_TRUE(android::base::WriteStringToFile(invalid_key4, key_file4.path)); + ASSERT_FALSE(load_keys(key_file4.path, certs)); + + // Invalid key separator. + std::string invalid_key5 = testkey_v4 + ";" + testkey_v4; + TemporaryFile key_file5; + ASSERT_TRUE(android::base::WriteStringToFile(invalid_key5, key_file5.path)); + ASSERT_FALSE(load_keys(key_file5.path, certs)); +} + TEST_P(VerifierSuccessTest, VerifySucceed) { ASSERT_EQ(verify_file(memmap.addr, memmap.length, certs, nullptr), VERIFY_SUCCESS); } diff --git a/verifier.cpp b/verifier.cpp index 582c498fb..6daeac94e 100644 --- a/verifier.cpp +++ b/verifier.cpp @@ -21,8 +21,8 @@ #include <stdlib.h> #include <string.h> -#include <functional> #include <algorithm> +#include <functional> #include <memory> #include <android-base/logging.h> @@ -31,9 +31,7 @@ #include <openssl/obj_mac.h> #include "asn1_decoder.h" -#include "common.h" #include "print_sha1.h" -#include "ui.h" static constexpr size_t MiB = 1024 * 1024; |