Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build / e838d1446c6c7be2d5b2f5beabf1a5557a131edb / . / tools / releasetools / test_sign_target_files_apks.py
blob: 726d6b9bbeb6cddcc1f415ac3e82bf407d862cec [file] [log] [blame]
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]1#
2# Copyright (C) 2017 The Android Open Source Project
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
17from __future__ import print_function
18
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]19import tempfile
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]20import unittest
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]21import zipfile
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]22
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]23import common
24from sign_target_files_apks import EditTags, ReplaceVerityKeyId, RewriteProps
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]25
26
27class SignTargetFilesApksTest(unittest.TestCase):
28
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]29 def setUp(self):
30 self.tempdir = common.MakeTempDir()
31
32 def tearDown(self):
33 common.Cleanup()
34
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]35 def test_EditTags(self):
36 self.assertEqual(EditTags('dev-keys'), ('release-keys'))
37 self.assertEqual(EditTags('test-keys'), ('release-keys'))
38
39 # Multiple tags.
40 self.assertEqual(EditTags('abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
41
42 # Tags are sorted.
43 self.assertEqual(EditTags('xyz,abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
44
45 def test_RewriteProps(self):
46 props = (
47 ('', '\n'),
48 ('ro.build.fingerprint=foo/bar/dev-keys',
49 'ro.build.fingerprint=foo/bar/release-keys\n'),
50 ('ro.build.thumbprint=foo/bar/dev-keys',
51 'ro.build.thumbprint=foo/bar/release-keys\n'),
52 ('ro.vendor.build.fingerprint=foo/bar/dev-keys',
53 'ro.vendor.build.fingerprint=foo/bar/release-keys\n'),
54 ('ro.vendor.build.thumbprint=foo/bar/dev-keys',
55 'ro.vendor.build.thumbprint=foo/bar/release-keys\n'),
56 ('# comment line 1', '# comment line 1\n'),
57 ('ro.bootimage.build.fingerprint=foo/bar/dev-keys',
58 'ro.bootimage.build.fingerprint=foo/bar/release-keys\n'),
59 ('ro.build.description='
60 'sailfish-user 8.0.0 OPR6.170623.012 4283428 dev-keys',
61 'ro.build.description='
62 'sailfish-user 8.0.0 OPR6.170623.012 4283428 release-keys\n'),
63 ('ro.build.tags=dev-keys', 'ro.build.tags=release-keys\n'),
64 ('# comment line 2', '# comment line 2\n'),
65 ('ro.build.display.id=OPR6.170623.012 dev-keys',
66 'ro.build.display.id=OPR6.170623.012\n'),
67 ('# comment line 3', '# comment line 3\n'),
68 )
69
70 # Assert the case for each individual line.
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]71 for prop, output in props:
72 self.assertEqual(RewriteProps(prop), output)
Tao Baoa7054ee2017-12-08 14:42:16 -0800[diff] [blame]73
74 # Concatenate all the input lines.
75 self.assertEqual(RewriteProps('\n'.join([prop[0] for prop in props])),
76 ''.join([prop[1] for prop in props]))
Tao Baoe838d142017-12-23 23:44:48 -0800[diff] [blame^]77
78 def test_ReplaceVerityKeyId(self):
79 BOOT_CMDLINE1 = (
80 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
81 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
82 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
83 "buildvariant=userdebug "
84 "veritykeyid=id:7e4333f9bba00adfe0ede979e28ed1920492b40f\n")
85
86 BOOT_CMDLINE2 = (
87 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
88 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
89 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
90 "buildvariant=userdebug "
91 "veritykeyid=id:485900563d272c46ae118605a47419ac09ca8c11\n")
92
93 # From build/target/product/security/verity.x509.pem.
94 VERITY_CERTIFICATE1 = """-----BEGIN CERTIFICATE-----
95MIID/TCCAuWgAwIBAgIJAJcPmDkJqolJMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
96VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g
97VmlldzEQMA4GA1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UE
98AwwHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
99Fw0xNDExMDYxOTA3NDBaFw00MjAzMjQxOTA3NDBaMIGUMQswCQYDVQQGEwJVUzET
100MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G
101A1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UEAwwHQW5kcm9p
102ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASIwDQYJKoZI
103hvcNAQEBBQADggEPADCCAQoCggEBAOjreE0vTVSRenuzO9vnaWfk0eQzYab0gqpi
1046xAzi6dmD+ugoEKJmbPiuE5Dwf21isZ9uhUUu0dQM46dK4ocKxMRrcnmGxydFn6o
105fs3ODJMXOkv2gKXL/FdbEPdDbxzdu8z3yk+W67udM/fW7WbaQ3DO0knu+izKak/3
106T41c5uoXmQ81UNtAzRGzGchNVXMmWuTGOkg6U+0I2Td7K8yvUMWhAWPPpKLtVH9r
107AL5TzjYNR92izdKcz3AjRsI3CTjtpiVABGeX0TcjRSuZB7K9EK56HV+OFNS6I1NP
108jdD7FIShyGlqqZdUOkAUZYanbpgeT5N7QL6uuqcGpoTOkalu6kkCAwEAAaNQME4w
109HQYDVR0OBBYEFH5DM/m7oArf4O3peeKO0ZIEkrQPMB8GA1UdIwQYMBaAFH5DM/m7
110oArf4O3peeKO0ZIEkrQPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
111AHO3NSvDE5jFvMehGGtS8BnFYdFKRIglDMc4niWSzhzOVYRH4WajxdtBWc5fx0ix
112NF/+hVKVhP6AIOQa+++sk+HIi7RvioPPbhjcsVlZe7cUEGrLSSveGouQyc+j0+m6
113JF84kszIl5GGNMTnx0XRPO+g8t6h5LWfnVydgZfpGRRg+WHewk1U2HlvTjIceb0N
114dcoJ8WKJAFWdcuE7VIm4w+vF/DYX/A2Oyzr2+QRhmYSv1cusgAeC1tvH4ap+J1Lg
115UnOu5Kh/FqPLLSwNVQp4Bu7b9QFfqK8Moj84bj88NqRGZgDyqzuTrFxn6FW7dmyA
116yttuAJAEAymk1mipd9+zp38=
117-----END CERTIFICATE-----
118"""
119
120 # From build/target/product/security/testkey.x509.pem.
121 VERITY_CERTIFICATE2 = """-----BEGIN CERTIFICATE-----
122MIIEqDCCA5CgAwIBAgIJAJNurL4H8gHfMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
123VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g
124VmlldzEQMA4GA1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UE
125AxMHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
126Fw0wODAyMjkwMTMzNDZaFw0zNTA3MTcwMTMzNDZaMIGUMQswCQYDVQQGEwJVUzET
127MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4G
128A1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9p
129ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASAwDQYJKoZI
130hvcNAQEBBQADggENADCCAQgCggEBANaTGQTexgskse3HYuDZ2CU+Ps1s6x3i/waM
131qOi8qM1r03hupwqnbOYOuw+ZNVn/2T53qUPn6D1LZLjk/qLT5lbx4meoG7+yMLV4
132wgRDvkxyGLhG9SEVhvA4oU6Jwr44f46+z4/Kw9oe4zDJ6pPQp8PcSvNQIg1QCAcy
1334ICXF+5qBTNZ5qaU7Cyz8oSgpGbIepTYOzEJOmc3Li9kEsBubULxWBjf/gOBzAzU
134RNps3cO4JFgZSAGzJWQTT7/emMkod0jb9WdqVA2BVMi7yge54kdVMxHEa5r3b97s
135zI5p58ii0I54JiCUP5lyfTwE/nKZHZnfm644oLIXf6MdW2r+6R8CAQOjgfwwgfkw
136HQYDVR0OBBYEFEhZAFY9JyxGrhGGBaR0GawJyowRMIHJBgNVHSMEgcEwgb6AFEhZ
137AFY9JyxGrhGGBaR0GawJyowRoYGapIGXMIGUMQswCQYDVQQGEwJVUzETMBEGA1UE
138CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4GA1UEChMH
139QW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDEiMCAG
140CSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbYIJAJNurL4H8gHfMAwGA1Ud
141EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHqvlozrUMRBBVEY0NqrrwFbinZa
142J6cVosK0TyIUFf/azgMJWr+kLfcHCHJsIGnlw27drgQAvilFLAhLwn62oX6snb4Y
143LCBOsVMR9FXYJLZW2+TcIkCRLXWG/oiVHQGo/rWuWkJgU134NDEFJCJGjDbiLCpe
144+ZTWHdcwauTJ9pUbo8EvHRkU3cYfGmLaLfgn9gP+pWA7LFQNvXwBnDa6sppCccEX
14531I828XzgXpJ4O+mDL1/dBd+ek8ZPUP0IgdyZm5MTYPhvVqGCHzzTy3sIeJFymwr
146sBbmg2OAUNLEMO6nwmocSdN2ClirfxqCzJOLSDE4QyS9BAH6EhY6UFcOaE0=
147-----END CERTIFICATE-----
148"""
149
150 input_file = tempfile.NamedTemporaryFile(
151 delete=False, suffix='.zip', dir=self.tempdir)
152 with zipfile.ZipFile(input_file.name, 'w') as input_zip:
153 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE1)
154
155 # Test with the first certificate.
156 cert_file = tempfile.NamedTemporaryFile(
157 delete=False, suffix='.x509.pem', dir=self.tempdir)
158 cert_file.write(VERITY_CERTIFICATE1)
159 cert_file.close()
160
161 output_file = tempfile.NamedTemporaryFile(
162 delete=False, suffix='.zip', dir=self.tempdir)
163 with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
164 zipfile.ZipFile(output_file.name, 'w') as output_zip:
165 ReplaceVerityKeyId(input_zip, output_zip, cert_file.name)
166
167 with zipfile.ZipFile(output_file.name) as output_zip:
168 self.assertEqual(BOOT_CMDLINE1, output_zip.read('BOOT/cmdline'))
169
170 # Test with the second certificate.
171 with open(cert_file.name, 'w') as cert_file_fp:
172 cert_file_fp.write(VERITY_CERTIFICATE2)
173
174 with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
175 zipfile.ZipFile(output_file.name, 'w') as output_zip:
176 ReplaceVerityKeyId(input_zip, output_zip, cert_file.name)
177
178 with zipfile.ZipFile(output_file.name) as output_zip:
179 self.assertEqual(BOOT_CMDLINE2, output_zip.read('BOOT/cmdline'))
180
181 def test_ReplaceVerityKeyId_no_veritykeyid(self):
182 BOOT_CMDLINE = (
183 "console=ttyHSL0,115200,n8 androidboot.hardware=bullhead boot_cpus=0-5 "
184 "lpm_levels.sleep_disabled=1 msm_poweroff.download_mode=0 "
185 "loop.max_part=7\n")
186
187 input_file = tempfile.NamedTemporaryFile(
188 delete=False, suffix='.zip', dir=self.tempdir)
189 with zipfile.ZipFile(input_file.name, 'w') as input_zip:
190 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE)
191
192 output_file = tempfile.NamedTemporaryFile(
193 delete=False, suffix='.zip', dir=self.tempdir)
194 with zipfile.ZipFile(input_file.name, 'r') as input_zip, \
195 zipfile.ZipFile(output_file.name, 'w') as output_zip:
196 ReplaceVerityKeyId(input_zip, output_zip, None)
197
198 with zipfile.ZipFile(output_file.name) as output_zip:
199 self.assertEqual(BOOT_CMDLINE, output_zip.read('BOOT/cmdline'))