Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build / cde85ce1eb80af5c3a46f677b39f7ac88a78696d / . / tools / releasetools / test_sign_target_files_apks.py
blob: 2b84413cfad13950e3fb67fd93b5b999c1ba09c6 [file] [log] [blame]
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]1#
2# Copyright (C) 2017 The Android Open Source Project
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
Tao Bao66472632017-12-04 17:16:36 -0800[diff] [blame]17import base64
Tao Baobb733882019-07-24 23:31:19 -0700[diff] [blame]18import io
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]19import os.path
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]20import zipfile
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]21
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]22import common
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]23import test_utils
Tao Bao66472632017-12-04 17:16:36 -0800[diff] [blame]24from sign_target_files_apks import (
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]25 CheckApkAndApexKeysAvailable, EditTags, GetApkFileInfo, ReadApexKeysInfo,
Tao Bao19b02fe2019-10-09 00:04:28 -0700[diff] [blame]26 ReplaceCerts, ReplaceVerityKeyId, RewriteAvbProps, RewriteProps,
27 WriteOtacerts)
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]28
29
Tao Bao65b94e92018-10-11 21:57:26 -0700[diff] [blame]30class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase):
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]31
Tao Bao66472632017-12-04 17:16:36 -0800[diff] [blame]32 MAC_PERMISSIONS_XML = """<?xml version="1.0" encoding="iso-8859-1"?>
33<policy>
34 <signer signature="{}"><seinfo value="platform"/></signer>
35 <signer signature="{}"><seinfo value="media"/></signer>
36</policy>"""
37
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]38 # pylint: disable=line-too-long
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]39 APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
40name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]41"""
42
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]43 def setUp(self):
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]44 self.testdata_dir = test_utils.get_testdata_dir()
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]45
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]46 def test_EditTags(self):
47 self.assertEqual(EditTags('dev-keys'), ('release-keys'))
48 self.assertEqual(EditTags('test-keys'), ('release-keys'))
49
50 # Multiple tags.
51 self.assertEqual(EditTags('abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
52
53 # Tags are sorted.
54 self.assertEqual(EditTags('xyz,abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
55
Tao Bao19b02fe2019-10-09 00:04:28 -0700[diff] [blame]56 def test_RewriteAvbProps(self):
57 misc_info = {
58 'avb_boot_add_hash_footer_args':
59 ('--prop com.android.build.boot.os_version:R '
60 '--prop com.android.build.boot.security_patch:2019-09-05'),
61 'avb_system_add_hashtree_footer_args':
62 ('--prop com.android.build.system.os_version:R '
63 '--prop com.android.build.system.security_patch:2019-09-05 '
64 '--prop com.android.build.system.fingerprint:'
65 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/test-keys'),
66 'avb_vendor_add_hashtree_footer_args':
67 ('--prop com.android.build.vendor.os_version:R '
68 '--prop com.android.build.vendor.security_patch:2019-09-05 '
69 '--prop com.android.build.vendor.fingerprint:'
70 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/dev-keys'),
71 }
72 expected_dict = {
73 'avb_boot_add_hash_footer_args':
74 ('--prop com.android.build.boot.os_version:R '
75 '--prop com.android.build.boot.security_patch:2019-09-05'),
76 'avb_system_add_hashtree_footer_args':
77 ('--prop com.android.build.system.os_version:R '
78 '--prop com.android.build.system.security_patch:2019-09-05 '
79 '--prop com.android.build.system.fingerprint:'
80 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/release-keys'),
81 'avb_vendor_add_hashtree_footer_args':
82 ('--prop com.android.build.vendor.os_version:R '
83 '--prop com.android.build.vendor.security_patch:2019-09-05 '
84 '--prop com.android.build.vendor.fingerprint:'
85 'Android/aosp_taimen/taimen:R/QT/foo:userdebug/release-keys'),
86 }
87 RewriteAvbProps(misc_info)
88 self.assertDictEqual(expected_dict, misc_info)
89
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]90 def test_RewriteProps(self):
91 props = (
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]92 ('', ''),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]93 ('ro.build.fingerprint=foo/bar/dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]94 'ro.build.fingerprint=foo/bar/release-keys'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]95 ('ro.build.thumbprint=foo/bar/dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]96 'ro.build.thumbprint=foo/bar/release-keys'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]97 ('ro.vendor.build.fingerprint=foo/bar/dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]98 'ro.vendor.build.fingerprint=foo/bar/release-keys'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]99 ('ro.vendor.build.thumbprint=foo/bar/dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]100 'ro.vendor.build.thumbprint=foo/bar/release-keys'),
101 ('ro.odm.build.fingerprint=foo/bar/test-keys',
102 'ro.odm.build.fingerprint=foo/bar/release-keys'),
103 ('ro.odm.build.thumbprint=foo/bar/test-keys',
104 'ro.odm.build.thumbprint=foo/bar/release-keys'),
105 ('ro.product.build.fingerprint=foo/bar/dev-keys',
106 'ro.product.build.fingerprint=foo/bar/release-keys'),
107 ('ro.product.build.thumbprint=foo/bar/dev-keys',
108 'ro.product.build.thumbprint=foo/bar/release-keys'),
Justin Yun6151e3f2019-06-25 15:58:13 +0900[diff] [blame]109 ('ro.system_ext.build.fingerprint=foo/bar/test-keys',
110 'ro.system_ext.build.fingerprint=foo/bar/release-keys'),
111 ('ro.system_ext.build.thumbprint=foo/bar/test-keys',
112 'ro.system_ext.build.thumbprint=foo/bar/release-keys'),
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]113 ('# comment line 1', '# comment line 1'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]114 ('ro.bootimage.build.fingerprint=foo/bar/dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]115 'ro.bootimage.build.fingerprint=foo/bar/release-keys'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]116 ('ro.build.description='
117 'sailfish-user 8.0.0 OPR6.170623.012 4283428 dev-keys',
118 'ro.build.description='
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]119 'sailfish-user 8.0.0 OPR6.170623.012 4283428 release-keys'),
120 ('ro.build.tags=dev-keys', 'ro.build.tags=release-keys'),
121 ('ro.build.tags=test-keys', 'ro.build.tags=release-keys'),
122 ('ro.system.build.tags=dev-keys',
123 'ro.system.build.tags=release-keys'),
124 ('ro.vendor.build.tags=dev-keys',
125 'ro.vendor.build.tags=release-keys'),
126 ('ro.odm.build.tags=dev-keys',
127 'ro.odm.build.tags=release-keys'),
128 ('ro.product.build.tags=dev-keys',
129 'ro.product.build.tags=release-keys'),
Justin Yun6151e3f2019-06-25 15:58:13 +0900[diff] [blame]130 ('ro.system_ext.build.tags=dev-keys',
131 'ro.system_ext.build.tags=release-keys'),
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]132 ('# comment line 2', '# comment line 2'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]133 ('ro.build.display.id=OPR6.170623.012 dev-keys',
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]134 'ro.build.display.id=OPR6.170623.012'),
135 ('# comment line 3', '# comment line 3'),
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]136 )
137
138 # Assert the case for each individual line.
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]139 for prop, expected in props:
140 self.assertEqual(expected + '\n', RewriteProps(prop))
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]141
142 # Concatenate all the input lines.
Magnus Strandh234f4b42019-05-01 23:09:30 +0200[diff] [blame]143 self.assertEqual(
144 '\n'.join([prop[1] for prop in props]) + '\n',
145 RewriteProps('\n'.join([prop[0] for prop in props])))
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]146
147 def test_ReplaceVerityKeyId(self):
148 BOOT_CMDLINE1 = (
149 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
150 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
151 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
152 "buildvariant=userdebug "
153 "veritykeyid=id:7e4333f9bba00adfe0ede979e28ed1920492b40f\n")
154
155 BOOT_CMDLINE2 = (
156 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
157 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
158 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
159 "buildvariant=userdebug "
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]160 "veritykeyid=id:d24f2590e9abab5cff5f59da4c4f0366e3f43e94\n")
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]161
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]162 input_file = common.MakeTempFile(suffix='.zip')
163 with zipfile.ZipFile(input_file, 'w') as input_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]164 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE1)
165
166 # Test with the first certificate.
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]167 cert_file = os.path.join(self.testdata_dir, 'verity.x509.pem')
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]168
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]169 output_file = common.MakeTempFile(suffix='.zip')
170 with zipfile.ZipFile(input_file, 'r') as input_zip, \
171 zipfile.ZipFile(output_file, 'w') as output_zip:
172 ReplaceVerityKeyId(input_zip, output_zip, cert_file)
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]173
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]174 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoa3705452019-06-24 15:33:41 -0700[diff] [blame]175 self.assertEqual(BOOT_CMDLINE1, output_zip.read('BOOT/cmdline').decode())
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]176
177 # Test with the second certificate.
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]178 cert_file = os.path.join(self.testdata_dir, 'testkey.x509.pem')
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]179
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]180 with zipfile.ZipFile(input_file, 'r') as input_zip, \
181 zipfile.ZipFile(output_file, 'w') as output_zip:
182 ReplaceVerityKeyId(input_zip, output_zip, cert_file)
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]183
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]184 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoa3705452019-06-24 15:33:41 -0700[diff] [blame]185 self.assertEqual(BOOT_CMDLINE2, output_zip.read('BOOT/cmdline').decode())
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]186
187 def test_ReplaceVerityKeyId_no_veritykeyid(self):
188 BOOT_CMDLINE = (
189 "console=ttyHSL0,115200,n8 androidboot.hardware=bullhead boot_cpus=0-5 "
190 "lpm_levels.sleep_disabled=1 msm_poweroff.download_mode=0 "
191 "loop.max_part=7\n")
192
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]193 input_file = common.MakeTempFile(suffix='.zip')
194 with zipfile.ZipFile(input_file, 'w') as input_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]195 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE)
196
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]197 output_file = common.MakeTempFile(suffix='.zip')
198 with zipfile.ZipFile(input_file, 'r') as input_zip, \
199 zipfile.ZipFile(output_file, 'w') as output_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame]200 ReplaceVerityKeyId(input_zip, output_zip, None)
201
Tao Baode1d4792018-02-20 10:05:46 -0800[diff] [blame]202 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoa3705452019-06-24 15:33:41 -0700[diff] [blame]203 self.assertEqual(BOOT_CMDLINE, output_zip.read('BOOT/cmdline').decode())
Tao Bao66472632017-12-04 17:16:36 -0800[diff] [blame]204
205 def test_ReplaceCerts(self):
206 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
207 with open(cert1_path) as cert1_fp:
208 cert1 = cert1_fp.read()
209 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
210 with open(cert2_path) as cert2_fp:
211 cert2 = cert2_fp.read()
212 cert3_path = os.path.join(self.testdata_dir, 'testkey.x509.pem')
213 with open(cert3_path) as cert3_fp:
214 cert3 = cert3_fp.read()
215
216 # Replace cert1 with cert3.
217 input_xml = self.MAC_PERMISSIONS_XML.format(
218 base64.b16encode(common.ParseCertificate(cert1)).lower(),
219 base64.b16encode(common.ParseCertificate(cert2)).lower())
220
221 output_xml = self.MAC_PERMISSIONS_XML.format(
222 base64.b16encode(common.ParseCertificate(cert3)).lower(),
223 base64.b16encode(common.ParseCertificate(cert2)).lower())
224
225 common.OPTIONS.key_map = {
226 cert1_path[:-9] : cert3_path[:-9],
227 }
228
229 self.assertEqual(output_xml, ReplaceCerts(input_xml))
230
231 def test_ReplaceCerts_duplicateEntries(self):
232 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
233 with open(cert1_path) as cert1_fp:
234 cert1 = cert1_fp.read()
235 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
236 with open(cert2_path) as cert2_fp:
237 cert2 = cert2_fp.read()
238
239 # Replace cert1 with cert2, which leads to duplicate entries.
240 input_xml = self.MAC_PERMISSIONS_XML.format(
241 base64.b16encode(common.ParseCertificate(cert1)).lower(),
242 base64.b16encode(common.ParseCertificate(cert2)).lower())
243
244 common.OPTIONS.key_map = {
245 cert1_path[:-9] : cert2_path[:-9],
246 }
247 self.assertRaises(AssertionError, ReplaceCerts, input_xml)
248
249 def test_ReplaceCerts_skipNonExistentCerts(self):
250 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
251 with open(cert1_path) as cert1_fp:
252 cert1 = cert1_fp.read()
253 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
254 with open(cert2_path) as cert2_fp:
255 cert2 = cert2_fp.read()
256 cert3_path = os.path.join(self.testdata_dir, 'testkey.x509.pem')
257 with open(cert3_path) as cert3_fp:
258 cert3 = cert3_fp.read()
259
260 input_xml = self.MAC_PERMISSIONS_XML.format(
261 base64.b16encode(common.ParseCertificate(cert1)).lower(),
262 base64.b16encode(common.ParseCertificate(cert2)).lower())
263
264 output_xml = self.MAC_PERMISSIONS_XML.format(
265 base64.b16encode(common.ParseCertificate(cert3)).lower(),
266 base64.b16encode(common.ParseCertificate(cert2)).lower())
267
268 common.OPTIONS.key_map = {
269 cert1_path[:-9] : cert3_path[:-9],
270 'non-existent' : cert3_path[:-9],
271 cert2_path[:-9] : 'non-existent',
272 }
273 self.assertEqual(output_xml, ReplaceCerts(input_xml))
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]274
Tao Baobb733882019-07-24 23:31:19 -0700[diff] [blame]275 def test_WriteOtacerts(self):
276 certs = [
277 os.path.join(self.testdata_dir, 'platform.x509.pem'),
278 os.path.join(self.testdata_dir, 'media.x509.pem'),
279 os.path.join(self.testdata_dir, 'testkey.x509.pem'),
280 ]
281 entry_name = 'SYSTEM/etc/security/otacerts.zip'
282 output_file = common.MakeTempFile(suffix='.zip')
283 with zipfile.ZipFile(output_file, 'w') as output_zip:
284 WriteOtacerts(output_zip, entry_name, certs)
285 with zipfile.ZipFile(output_file) as input_zip:
286 self.assertIn(entry_name, input_zip.namelist())
287 otacerts_file = io.BytesIO(input_zip.read(entry_name))
288 with zipfile.ZipFile(otacerts_file) as otacerts_zip:
289 self.assertEqual(3, len(otacerts_zip.namelist()))
290
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]291 def test_CheckApkAndApexKeysAvailable(self):
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]292 input_file = common.MakeTempFile(suffix='.zip')
293 with zipfile.ZipFile(input_file, 'w') as input_zip:
294 input_zip.writestr('SYSTEM/app/App1.apk', "App1-content")
295 input_zip.writestr('SYSTEM/app/App2.apk.gz', "App2-content")
296
297 apk_key_map = {
298 'App1.apk' : 'key1',
299 'App2.apk' : 'key2',
300 'App3.apk' : 'key3',
301 }
302 with zipfile.ZipFile(input_file) as input_zip:
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]303 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, {})
304 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, '.gz', {})
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]305
306 # 'App2.apk.gz' won't be considered as an APK.
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]307 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, {})
308 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, '.xz', {})
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]309
310 del apk_key_map['App2.apk']
311 self.assertRaises(
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]312 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]313 '.gz', {})
314
315 def test_CheckApkAndApexKeysAvailable_invalidApexKeys(self):
316 input_file = common.MakeTempFile(suffix='.zip')
317 with zipfile.ZipFile(input_file, 'w') as input_zip:
318 input_zip.writestr('SYSTEM/apex/Apex1.apex', "Apex1-content")
319 input_zip.writestr('SYSTEM/apex/Apex2.apex', "Apex2-content")
320
321 apk_key_map = {
322 'Apex1.apex' : 'key1',
323 'Apex2.apex' : 'key2',
324 'Apex3.apex' : 'key3',
325 }
326 apex_keys = {
327 'Apex1.apex' : ('payload-key1', 'container-key1'),
328 'Apex2.apex' : ('payload-key2', 'container-key2'),
329 }
330 with zipfile.ZipFile(input_file) as input_zip:
331 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, apex_keys)
332
333 # Fine to have both keys as PRESIGNED.
334 apex_keys['Apex2.apex'] = ('PRESIGNED', 'PRESIGNED')
335 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, apex_keys)
336
337 # Having only one of them as PRESIGNED is not allowed.
338 apex_keys['Apex2.apex'] = ('payload-key2', 'PRESIGNED')
339 self.assertRaises(
340 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
341 None, apex_keys)
342
343 apex_keys['Apex2.apex'] = ('PRESIGNED', 'container-key1')
344 self.assertRaises(
345 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
346 None, apex_keys)
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]347
348 def test_GetApkFileInfo(self):
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]349 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
350 "PRODUCT/apps/Chats.apk", None, [])
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]351 self.assertTrue(is_apk)
352 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]353 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]354
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]355 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
356 "PRODUCT/apps/Chats.apk", None, [])
357 self.assertTrue(is_apk)
358 self.assertFalse(is_compressed)
359 self.assertFalse(should_be_skipped)
360
361 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
362 "PRODUCT/apps/Chats.dat", None, [])
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]363 self.assertFalse(is_apk)
364 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]365 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]366
367 def test_GetApkFileInfo_withCompressedApks(self):
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]368 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
369 "PRODUCT/apps/Chats.apk.gz", ".gz", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]370 self.assertTrue(is_apk)
371 self.assertTrue(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]372 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]373
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]374 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
375 "PRODUCT/apps/Chats.apk.gz", ".xz", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]376 self.assertFalse(is_apk)
377 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]378 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]379
380 self.assertRaises(
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]381 AssertionError, GetApkFileInfo, "PRODUCT/apps/Chats.apk", "", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700[diff] [blame]382
383 self.assertRaises(
Tao Bao93c2a012018-06-19 12:19:35 -0700[diff] [blame]384 AssertionError, GetApkFileInfo, "PRODUCT/apps/Chats.apk", "apk", [])
385
386 def test_GetApkFileInfo_withSkippedPrefixes(self):
387 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
388 "PRODUCT/preloads/apps/Chats.apk", None, set())
389 self.assertTrue(is_apk)
390 self.assertFalse(is_compressed)
391 self.assertFalse(should_be_skipped)
392
393 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
394 "PRODUCT/preloads/apps/Chats.apk",
395 None,
396 set(["PRODUCT/preloads/"]))
397 self.assertTrue(is_apk)
398 self.assertFalse(is_compressed)
399 self.assertTrue(should_be_skipped)
400
401 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
402 "SYSTEM_OTHER/preloads/apps/Chats.apk",
403 None,
404 set(["SYSTEM/preloads/", "SYSTEM_OTHER/preloads/"]))
405 self.assertTrue(is_apk)
406 self.assertFalse(is_compressed)
407 self.assertTrue(should_be_skipped)
408
409 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
410 "SYSTEM_OTHER/preloads/apps/Chats.apk.gz",
411 ".gz",
412 set(["PRODUCT/prebuilts/", "SYSTEM_OTHER/preloads/"]))
413 self.assertTrue(is_apk)
414 self.assertTrue(is_compressed)
415 self.assertTrue(should_be_skipped)
416
417 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
418 "SYSTEM_OTHER/preloads/apps/Chats.dat",
419 None,
420 set(["SYSTEM_OTHER/preloads/"]))
421 self.assertFalse(is_apk)
422 self.assertFalse(is_compressed)
423 self.assertFalse(should_be_skipped)
424
425 def test_GetApkFileInfo_checkSkippedPrefixesInput(self):
426 # set
427 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
428 "SYSTEM_OTHER/preloads/apps/Chats.apk",
429 None,
430 set(["SYSTEM_OTHER/preloads/"]))
431 self.assertTrue(is_apk)
432 self.assertFalse(is_compressed)
433 self.assertTrue(should_be_skipped)
434
435 # tuple
436 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
437 "SYSTEM_OTHER/preloads/apps/Chats.apk",
438 None,
439 ("SYSTEM_OTHER/preloads/",))
440 self.assertTrue(is_apk)
441 self.assertFalse(is_compressed)
442 self.assertTrue(should_be_skipped)
443
444 # list
445 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
446 "SYSTEM_OTHER/preloads/apps/Chats.apk",
447 None,
448 ["SYSTEM_OTHER/preloads/"])
449 self.assertTrue(is_apk)
450 self.assertFalse(is_compressed)
451 self.assertTrue(should_be_skipped)
452
453 # str is invalid.
454 self.assertRaises(
455 AssertionError, GetApkFileInfo, "SYSTEM_OTHER/preloads/apps/Chats.apk",
456 None, "SYSTEM_OTHER/preloads/")
457
458 # None is invalid.
459 self.assertRaises(
460 AssertionError, GetApkFileInfo, "SYSTEM_OTHER/preloads/apps/Chats.apk",
461 None, None)
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]462
463 def test_ReadApexKeysInfo(self):
464 target_files = common.MakeTempFile(suffix='.zip')
465 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
466 target_files_zip.writestr('META/apexkeys.txt', self.APEX_KEYS_TXT)
467
468 with zipfile.ZipFile(target_files) as target_files_zip:
469 keys_info = ReadApexKeysInfo(target_files_zip)
470
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]471 self.assertEqual({
472 'apex.apexd_test.apex': (
473 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]474 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]475 'apex.apexd_test_different_app.apex': (
476 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]477 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]478 }, keys_info)
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]479
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]480 def test_ReadApexKeysInfo_mismatchingContainerKeys(self):
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]481 # Mismatching payload public / private keys.
482 apex_keys = self.APEX_KEYS_TXT + (
483 'name="apex.apexd_test_different_app2.apex" '
484 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]485 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]486 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
487 'container_private_key="build/make/target/product/security/testkey2.pk8"')
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]488 target_files = common.MakeTempFile(suffix='.zip')
489 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
490 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
491
492 with zipfile.ZipFile(target_files) as target_files_zip:
493 self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip)
494
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]495 def test_ReadApexKeysInfo_missingPayloadPrivateKey(self):
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]496 # Invalid lines will be skipped.
497 apex_keys = self.APEX_KEYS_TXT + (
498 'name="apex.apexd_test_different_app2.apex" '
499 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]500 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
501 'container_private_key="build/make/target/product/security/testkey.pk8"')
Tao Baoaa7e9932019-03-15 09:37:01 -0700[diff] [blame]502 target_files = common.MakeTempFile(suffix='.zip')
503 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
504 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
505
506 with zipfile.ZipFile(target_files) as target_files_zip:
507 keys_info = ReadApexKeysInfo(target_files_zip)
508
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]509 self.assertEqual({
510 'apex.apexd_test.apex': (
511 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]512 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]513 'apex.apexd_test_different_app.apex': (
514 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]515 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700[diff] [blame]516 }, keys_info)
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]517
518 def test_ReadApexKeysInfo_missingPayloadPublicKey(self):
519 # Invalid lines will be skipped.
520 apex_keys = self.APEX_KEYS_TXT + (
521 'name="apex.apexd_test_different_app2.apex" '
522 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]523 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
524 'container_private_key="build/make/target/product/security/testkey.pk8"')
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]525 target_files = common.MakeTempFile(suffix='.zip')
526 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
527 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
528
529 with zipfile.ZipFile(target_files) as target_files_zip:
530 keys_info = ReadApexKeysInfo(target_files_zip)
531
532 self.assertEqual({
533 'apex.apexd_test.apex': (
534 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]535 'build/make/target/product/security/testkey'),
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]536 'apex.apexd_test_different_app.apex': (
537 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700[diff] [blame]538 'build/make/target/product/security/testkey'),
Tao Bao6d9e3da2019-03-26 12:59:25 -0700[diff] [blame]539 }, keys_info)
Tao Baof454c3a2019-04-24 23:53:42 -0700[diff] [blame]540
541 def test_ReadApexKeysInfo_presignedKeys(self):
542 apex_keys = self.APEX_KEYS_TXT + (
543 'name="apex.apexd_test_different_app2.apex" '
544 'private_key="PRESIGNED" '
545 'public_key="PRESIGNED" '
546 'container_certificate="PRESIGNED" '
547 'container_private_key="PRESIGNED"')
548 target_files = common.MakeTempFile(suffix='.zip')
549 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
550 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
551
552 with zipfile.ZipFile(target_files) as target_files_zip:
553 keys_info = ReadApexKeysInfo(target_files_zip)
554
555 self.assertEqual({
556 'apex.apexd_test.apex': (
557 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
558 'build/make/target/product/security/testkey'),
559 'apex.apexd_test_different_app.apex': (
560 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
561 'build/make/target/product/security/testkey'),
562 }, keys_info)
Tao Bao548db7d2019-04-24 23:53:42 -0700[diff] [blame]563
564 def test_ReadApexKeysInfo_presignedKeys(self):
565 apex_keys = self.APEX_KEYS_TXT + (
566 'name="apex.apexd_test_different_app2.apex" '
567 'private_key="PRESIGNED" '
568 'public_key="PRESIGNED" '
569 'container_certificate="PRESIGNED" '
570 'container_private_key="PRESIGNED"')
571 target_files = common.MakeTempFile(suffix='.zip')
572 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
573 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
574
575 with zipfile.ZipFile(target_files) as target_files_zip:
576 keys_info = ReadApexKeysInfo(target_files_zip)
577
578 self.assertEqual({
579 'apex.apexd_test.apex': (
580 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
581 'build/make/target/product/security/testkey'),
582 'apex.apexd_test_different_app.apex': (
583 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
584 'build/make/target/product/security/testkey'),
585 }, keys_info)