blob: d745200e542390e664ce2b35e771c165e575d906 [file] [log] [blame]
Tao Baoa7054ee2017-12-08 14:42:16 -08001#
2# Copyright (C) 2017 The Android Open Source Project
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
Tao Bao66472632017-12-04 17:16:36 -080017import base64
Tao Baode1d4792018-02-20 10:05:46 -080018import os.path
Tao Baoe838d142017-12-23 23:44:48 -080019import zipfile
Tao Baoa7054ee2017-12-08 14:42:16 -080020
Tao Baoe838d142017-12-23 23:44:48 -080021import common
Tao Baode1d4792018-02-20 10:05:46 -080022import test_utils
Tao Bao66472632017-12-04 17:16:36 -080023from sign_target_files_apks import (
Tao Baoaa7e9932019-03-15 09:37:01 -070024 CheckApkAndApexKeysAvailable, EditTags, GetApkFileInfo, ReadApexKeysInfo,
25 ReplaceCerts, ReplaceVerityKeyId, RewriteProps)
Tao Baoa7054ee2017-12-08 14:42:16 -080026
27
Tao Bao65b94e92018-10-11 21:57:26 -070028class SignTargetFilesApksTest(test_utils.ReleaseToolsTestCase):
Tao Baoa7054ee2017-12-08 14:42:16 -080029
Tao Bao66472632017-12-04 17:16:36 -080030 MAC_PERMISSIONS_XML = """<?xml version="1.0" encoding="iso-8859-1"?>
31<policy>
32 <signer signature="{}"><seinfo value="platform"/></signer>
33 <signer signature="{}"><seinfo value="media"/></signer>
34</policy>"""
35
Tao Baoe1343992019-03-19 12:24:03 -070036 # pylint: disable=line-too-long
Dan Willemsen0ab1be62019-04-09 21:35:37 -070037 APEX_KEYS_TXT = """name="apex.apexd_test.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
38name="apex.apexd_test_different_app.apex" public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" container_certificate="build/make/target/product/security/testkey.x509.pem" container_private_key="build/make/target/product/security/testkey.pk8"
Tao Baoaa7e9932019-03-15 09:37:01 -070039"""
40
Tao Baoe838d142017-12-23 23:44:48 -080041 def setUp(self):
Tao Baode1d4792018-02-20 10:05:46 -080042 self.testdata_dir = test_utils.get_testdata_dir()
Tao Baoe838d142017-12-23 23:44:48 -080043
Tao Baoa7054ee2017-12-08 14:42:16 -080044 def test_EditTags(self):
45 self.assertEqual(EditTags('dev-keys'), ('release-keys'))
46 self.assertEqual(EditTags('test-keys'), ('release-keys'))
47
48 # Multiple tags.
49 self.assertEqual(EditTags('abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
50
51 # Tags are sorted.
52 self.assertEqual(EditTags('xyz,abc,dev-keys,xyz'), ('abc,release-keys,xyz'))
53
54 def test_RewriteProps(self):
55 props = (
56 ('', '\n'),
57 ('ro.build.fingerprint=foo/bar/dev-keys',
58 'ro.build.fingerprint=foo/bar/release-keys\n'),
59 ('ro.build.thumbprint=foo/bar/dev-keys',
60 'ro.build.thumbprint=foo/bar/release-keys\n'),
61 ('ro.vendor.build.fingerprint=foo/bar/dev-keys',
62 'ro.vendor.build.fingerprint=foo/bar/release-keys\n'),
63 ('ro.vendor.build.thumbprint=foo/bar/dev-keys',
64 'ro.vendor.build.thumbprint=foo/bar/release-keys\n'),
65 ('# comment line 1', '# comment line 1\n'),
66 ('ro.bootimage.build.fingerprint=foo/bar/dev-keys',
67 'ro.bootimage.build.fingerprint=foo/bar/release-keys\n'),
68 ('ro.build.description='
69 'sailfish-user 8.0.0 OPR6.170623.012 4283428 dev-keys',
70 'ro.build.description='
71 'sailfish-user 8.0.0 OPR6.170623.012 4283428 release-keys\n'),
72 ('ro.build.tags=dev-keys', 'ro.build.tags=release-keys\n'),
73 ('# comment line 2', '# comment line 2\n'),
74 ('ro.build.display.id=OPR6.170623.012 dev-keys',
75 'ro.build.display.id=OPR6.170623.012\n'),
76 ('# comment line 3', '# comment line 3\n'),
77 )
78
79 # Assert the case for each individual line.
Tao Baoe838d142017-12-23 23:44:48 -080080 for prop, output in props:
81 self.assertEqual(RewriteProps(prop), output)
Tao Baoa7054ee2017-12-08 14:42:16 -080082
83 # Concatenate all the input lines.
84 self.assertEqual(RewriteProps('\n'.join([prop[0] for prop in props])),
85 ''.join([prop[1] for prop in props]))
Tao Baoe838d142017-12-23 23:44:48 -080086
87 def test_ReplaceVerityKeyId(self):
88 BOOT_CMDLINE1 = (
89 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
90 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
91 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
92 "buildvariant=userdebug "
93 "veritykeyid=id:7e4333f9bba00adfe0ede979e28ed1920492b40f\n")
94
95 BOOT_CMDLINE2 = (
96 "console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 "
97 "androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 "
98 "lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff loop.max_part=7 "
99 "buildvariant=userdebug "
Tao Baode1d4792018-02-20 10:05:46 -0800100 "veritykeyid=id:d24f2590e9abab5cff5f59da4c4f0366e3f43e94\n")
Tao Baoe838d142017-12-23 23:44:48 -0800101
Tao Baode1d4792018-02-20 10:05:46 -0800102 input_file = common.MakeTempFile(suffix='.zip')
103 with zipfile.ZipFile(input_file, 'w') as input_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800104 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE1)
105
106 # Test with the first certificate.
Tao Baode1d4792018-02-20 10:05:46 -0800107 cert_file = os.path.join(self.testdata_dir, 'verity.x509.pem')
Tao Baoe838d142017-12-23 23:44:48 -0800108
Tao Baode1d4792018-02-20 10:05:46 -0800109 output_file = common.MakeTempFile(suffix='.zip')
110 with zipfile.ZipFile(input_file, 'r') as input_zip, \
111 zipfile.ZipFile(output_file, 'w') as output_zip:
112 ReplaceVerityKeyId(input_zip, output_zip, cert_file)
Tao Baoe838d142017-12-23 23:44:48 -0800113
Tao Baode1d4792018-02-20 10:05:46 -0800114 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800115 self.assertEqual(BOOT_CMDLINE1, output_zip.read('BOOT/cmdline'))
116
117 # Test with the second certificate.
Tao Baode1d4792018-02-20 10:05:46 -0800118 cert_file = os.path.join(self.testdata_dir, 'testkey.x509.pem')
Tao Baoe838d142017-12-23 23:44:48 -0800119
Tao Baode1d4792018-02-20 10:05:46 -0800120 with zipfile.ZipFile(input_file, 'r') as input_zip, \
121 zipfile.ZipFile(output_file, 'w') as output_zip:
122 ReplaceVerityKeyId(input_zip, output_zip, cert_file)
Tao Baoe838d142017-12-23 23:44:48 -0800123
Tao Baode1d4792018-02-20 10:05:46 -0800124 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800125 self.assertEqual(BOOT_CMDLINE2, output_zip.read('BOOT/cmdline'))
126
127 def test_ReplaceVerityKeyId_no_veritykeyid(self):
128 BOOT_CMDLINE = (
129 "console=ttyHSL0,115200,n8 androidboot.hardware=bullhead boot_cpus=0-5 "
130 "lpm_levels.sleep_disabled=1 msm_poweroff.download_mode=0 "
131 "loop.max_part=7\n")
132
Tao Baode1d4792018-02-20 10:05:46 -0800133 input_file = common.MakeTempFile(suffix='.zip')
134 with zipfile.ZipFile(input_file, 'w') as input_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800135 input_zip.writestr('BOOT/cmdline', BOOT_CMDLINE)
136
Tao Baode1d4792018-02-20 10:05:46 -0800137 output_file = common.MakeTempFile(suffix='.zip')
138 with zipfile.ZipFile(input_file, 'r') as input_zip, \
139 zipfile.ZipFile(output_file, 'w') as output_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800140 ReplaceVerityKeyId(input_zip, output_zip, None)
141
Tao Baode1d4792018-02-20 10:05:46 -0800142 with zipfile.ZipFile(output_file) as output_zip:
Tao Baoe838d142017-12-23 23:44:48 -0800143 self.assertEqual(BOOT_CMDLINE, output_zip.read('BOOT/cmdline'))
Tao Bao66472632017-12-04 17:16:36 -0800144
145 def test_ReplaceCerts(self):
146 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
147 with open(cert1_path) as cert1_fp:
148 cert1 = cert1_fp.read()
149 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
150 with open(cert2_path) as cert2_fp:
151 cert2 = cert2_fp.read()
152 cert3_path = os.path.join(self.testdata_dir, 'testkey.x509.pem')
153 with open(cert3_path) as cert3_fp:
154 cert3 = cert3_fp.read()
155
156 # Replace cert1 with cert3.
157 input_xml = self.MAC_PERMISSIONS_XML.format(
158 base64.b16encode(common.ParseCertificate(cert1)).lower(),
159 base64.b16encode(common.ParseCertificate(cert2)).lower())
160
161 output_xml = self.MAC_PERMISSIONS_XML.format(
162 base64.b16encode(common.ParseCertificate(cert3)).lower(),
163 base64.b16encode(common.ParseCertificate(cert2)).lower())
164
165 common.OPTIONS.key_map = {
166 cert1_path[:-9] : cert3_path[:-9],
167 }
168
169 self.assertEqual(output_xml, ReplaceCerts(input_xml))
170
171 def test_ReplaceCerts_duplicateEntries(self):
172 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
173 with open(cert1_path) as cert1_fp:
174 cert1 = cert1_fp.read()
175 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
176 with open(cert2_path) as cert2_fp:
177 cert2 = cert2_fp.read()
178
179 # Replace cert1 with cert2, which leads to duplicate entries.
180 input_xml = self.MAC_PERMISSIONS_XML.format(
181 base64.b16encode(common.ParseCertificate(cert1)).lower(),
182 base64.b16encode(common.ParseCertificate(cert2)).lower())
183
184 common.OPTIONS.key_map = {
185 cert1_path[:-9] : cert2_path[:-9],
186 }
187 self.assertRaises(AssertionError, ReplaceCerts, input_xml)
188
189 def test_ReplaceCerts_skipNonExistentCerts(self):
190 cert1_path = os.path.join(self.testdata_dir, 'platform.x509.pem')
191 with open(cert1_path) as cert1_fp:
192 cert1 = cert1_fp.read()
193 cert2_path = os.path.join(self.testdata_dir, 'media.x509.pem')
194 with open(cert2_path) as cert2_fp:
195 cert2 = cert2_fp.read()
196 cert3_path = os.path.join(self.testdata_dir, 'testkey.x509.pem')
197 with open(cert3_path) as cert3_fp:
198 cert3 = cert3_fp.read()
199
200 input_xml = self.MAC_PERMISSIONS_XML.format(
201 base64.b16encode(common.ParseCertificate(cert1)).lower(),
202 base64.b16encode(common.ParseCertificate(cert2)).lower())
203
204 output_xml = self.MAC_PERMISSIONS_XML.format(
205 base64.b16encode(common.ParseCertificate(cert3)).lower(),
206 base64.b16encode(common.ParseCertificate(cert2)).lower())
207
208 common.OPTIONS.key_map = {
209 cert1_path[:-9] : cert3_path[:-9],
210 'non-existent' : cert3_path[:-9],
211 cert2_path[:-9] : 'non-existent',
212 }
213 self.assertEqual(output_xml, ReplaceCerts(input_xml))
Tao Bao11f955c2018-06-19 12:19:35 -0700214
Tao Baoaa7e9932019-03-15 09:37:01 -0700215 def test_CheckApkAndApexKeysAvailable(self):
Tao Bao11f955c2018-06-19 12:19:35 -0700216 input_file = common.MakeTempFile(suffix='.zip')
217 with zipfile.ZipFile(input_file, 'w') as input_zip:
218 input_zip.writestr('SYSTEM/app/App1.apk', "App1-content")
219 input_zip.writestr('SYSTEM/app/App2.apk.gz', "App2-content")
220
221 apk_key_map = {
222 'App1.apk' : 'key1',
223 'App2.apk' : 'key2',
224 'App3.apk' : 'key3',
225 }
226 with zipfile.ZipFile(input_file) as input_zip:
Tao Baoe1343992019-03-19 12:24:03 -0700227 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, {})
228 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, '.gz', {})
Tao Bao11f955c2018-06-19 12:19:35 -0700229
230 # 'App2.apk.gz' won't be considered as an APK.
Tao Baoe1343992019-03-19 12:24:03 -0700231 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, {})
232 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, '.xz', {})
Tao Bao11f955c2018-06-19 12:19:35 -0700233
234 del apk_key_map['App2.apk']
235 self.assertRaises(
Tao Baoaa7e9932019-03-15 09:37:01 -0700236 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
Tao Baoe1343992019-03-19 12:24:03 -0700237 '.gz', {})
238
239 def test_CheckApkAndApexKeysAvailable_invalidApexKeys(self):
240 input_file = common.MakeTempFile(suffix='.zip')
241 with zipfile.ZipFile(input_file, 'w') as input_zip:
242 input_zip.writestr('SYSTEM/apex/Apex1.apex', "Apex1-content")
243 input_zip.writestr('SYSTEM/apex/Apex2.apex', "Apex2-content")
244
245 apk_key_map = {
246 'Apex1.apex' : 'key1',
247 'Apex2.apex' : 'key2',
248 'Apex3.apex' : 'key3',
249 }
250 apex_keys = {
251 'Apex1.apex' : ('payload-key1', 'container-key1'),
252 'Apex2.apex' : ('payload-key2', 'container-key2'),
253 }
254 with zipfile.ZipFile(input_file) as input_zip:
255 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, apex_keys)
256
257 # Fine to have both keys as PRESIGNED.
258 apex_keys['Apex2.apex'] = ('PRESIGNED', 'PRESIGNED')
259 CheckApkAndApexKeysAvailable(input_zip, apk_key_map, None, apex_keys)
260
261 # Having only one of them as PRESIGNED is not allowed.
262 apex_keys['Apex2.apex'] = ('payload-key2', 'PRESIGNED')
263 self.assertRaises(
264 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
265 None, apex_keys)
266
267 apex_keys['Apex2.apex'] = ('PRESIGNED', 'container-key1')
268 self.assertRaises(
269 AssertionError, CheckApkAndApexKeysAvailable, input_zip, apk_key_map,
270 None, apex_keys)
Tao Bao11f955c2018-06-19 12:19:35 -0700271
272 def test_GetApkFileInfo(self):
Tao Bao93c2a012018-06-19 12:19:35 -0700273 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
274 "PRODUCT/apps/Chats.apk", None, [])
Tao Bao11f955c2018-06-19 12:19:35 -0700275 self.assertTrue(is_apk)
276 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700277 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700278
Tao Bao93c2a012018-06-19 12:19:35 -0700279 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
280 "PRODUCT/apps/Chats.apk", None, [])
281 self.assertTrue(is_apk)
282 self.assertFalse(is_compressed)
283 self.assertFalse(should_be_skipped)
284
285 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
286 "PRODUCT/apps/Chats.dat", None, [])
Tao Bao11f955c2018-06-19 12:19:35 -0700287 self.assertFalse(is_apk)
288 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700289 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700290
291 def test_GetApkFileInfo_withCompressedApks(self):
Tao Bao93c2a012018-06-19 12:19:35 -0700292 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
293 "PRODUCT/apps/Chats.apk.gz", ".gz", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700294 self.assertTrue(is_apk)
295 self.assertTrue(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700296 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700297
Tao Bao93c2a012018-06-19 12:19:35 -0700298 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
299 "PRODUCT/apps/Chats.apk.gz", ".xz", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700300 self.assertFalse(is_apk)
301 self.assertFalse(is_compressed)
Tao Bao93c2a012018-06-19 12:19:35 -0700302 self.assertFalse(should_be_skipped)
Tao Bao11f955c2018-06-19 12:19:35 -0700303
304 self.assertRaises(
Tao Bao93c2a012018-06-19 12:19:35 -0700305 AssertionError, GetApkFileInfo, "PRODUCT/apps/Chats.apk", "", [])
Tao Bao11f955c2018-06-19 12:19:35 -0700306
307 self.assertRaises(
Tao Bao93c2a012018-06-19 12:19:35 -0700308 AssertionError, GetApkFileInfo, "PRODUCT/apps/Chats.apk", "apk", [])
309
310 def test_GetApkFileInfo_withSkippedPrefixes(self):
311 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
312 "PRODUCT/preloads/apps/Chats.apk", None, set())
313 self.assertTrue(is_apk)
314 self.assertFalse(is_compressed)
315 self.assertFalse(should_be_skipped)
316
317 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
318 "PRODUCT/preloads/apps/Chats.apk",
319 None,
320 set(["PRODUCT/preloads/"]))
321 self.assertTrue(is_apk)
322 self.assertFalse(is_compressed)
323 self.assertTrue(should_be_skipped)
324
325 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
326 "SYSTEM_OTHER/preloads/apps/Chats.apk",
327 None,
328 set(["SYSTEM/preloads/", "SYSTEM_OTHER/preloads/"]))
329 self.assertTrue(is_apk)
330 self.assertFalse(is_compressed)
331 self.assertTrue(should_be_skipped)
332
333 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
334 "SYSTEM_OTHER/preloads/apps/Chats.apk.gz",
335 ".gz",
336 set(["PRODUCT/prebuilts/", "SYSTEM_OTHER/preloads/"]))
337 self.assertTrue(is_apk)
338 self.assertTrue(is_compressed)
339 self.assertTrue(should_be_skipped)
340
341 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
342 "SYSTEM_OTHER/preloads/apps/Chats.dat",
343 None,
344 set(["SYSTEM_OTHER/preloads/"]))
345 self.assertFalse(is_apk)
346 self.assertFalse(is_compressed)
347 self.assertFalse(should_be_skipped)
348
349 def test_GetApkFileInfo_checkSkippedPrefixesInput(self):
350 # set
351 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
352 "SYSTEM_OTHER/preloads/apps/Chats.apk",
353 None,
354 set(["SYSTEM_OTHER/preloads/"]))
355 self.assertTrue(is_apk)
356 self.assertFalse(is_compressed)
357 self.assertTrue(should_be_skipped)
358
359 # tuple
360 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
361 "SYSTEM_OTHER/preloads/apps/Chats.apk",
362 None,
363 ("SYSTEM_OTHER/preloads/",))
364 self.assertTrue(is_apk)
365 self.assertFalse(is_compressed)
366 self.assertTrue(should_be_skipped)
367
368 # list
369 (is_apk, is_compressed, should_be_skipped) = GetApkFileInfo(
370 "SYSTEM_OTHER/preloads/apps/Chats.apk",
371 None,
372 ["SYSTEM_OTHER/preloads/"])
373 self.assertTrue(is_apk)
374 self.assertFalse(is_compressed)
375 self.assertTrue(should_be_skipped)
376
377 # str is invalid.
378 self.assertRaises(
379 AssertionError, GetApkFileInfo, "SYSTEM_OTHER/preloads/apps/Chats.apk",
380 None, "SYSTEM_OTHER/preloads/")
381
382 # None is invalid.
383 self.assertRaises(
384 AssertionError, GetApkFileInfo, "SYSTEM_OTHER/preloads/apps/Chats.apk",
385 None, None)
Tao Baoaa7e9932019-03-15 09:37:01 -0700386
387 def test_ReadApexKeysInfo(self):
388 target_files = common.MakeTempFile(suffix='.zip')
389 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
390 target_files_zip.writestr('META/apexkeys.txt', self.APEX_KEYS_TXT)
391
392 with zipfile.ZipFile(target_files) as target_files_zip:
393 keys_info = ReadApexKeysInfo(target_files_zip)
394
Tao Baoe1343992019-03-19 12:24:03 -0700395 self.assertEqual({
396 'apex.apexd_test.apex': (
397 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700398 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700399 'apex.apexd_test_different_app.apex': (
400 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700401 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700402 }, keys_info)
Tao Baoaa7e9932019-03-15 09:37:01 -0700403
Tao Bao6d9e3da2019-03-26 12:59:25 -0700404 def test_ReadApexKeysInfo_mismatchingContainerKeys(self):
Tao Baoaa7e9932019-03-15 09:37:01 -0700405 # Mismatching payload public / private keys.
406 apex_keys = self.APEX_KEYS_TXT + (
407 'name="apex.apexd_test_different_app2.apex" '
408 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
Tao Bao6d9e3da2019-03-26 12:59:25 -0700409 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700410 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
411 'container_private_key="build/make/target/product/security/testkey2.pk8"')
Tao Baoaa7e9932019-03-15 09:37:01 -0700412 target_files = common.MakeTempFile(suffix='.zip')
413 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
414 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
415
416 with zipfile.ZipFile(target_files) as target_files_zip:
417 self.assertRaises(ValueError, ReadApexKeysInfo, target_files_zip)
418
Tao Bao6d9e3da2019-03-26 12:59:25 -0700419 def test_ReadApexKeysInfo_missingPayloadPrivateKey(self):
Tao Baoaa7e9932019-03-15 09:37:01 -0700420 # Invalid lines will be skipped.
421 apex_keys = self.APEX_KEYS_TXT + (
422 'name="apex.apexd_test_different_app2.apex" '
423 'public_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.avbpubkey" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700424 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
425 'container_private_key="build/make/target/product/security/testkey.pk8"')
Tao Baoaa7e9932019-03-15 09:37:01 -0700426 target_files = common.MakeTempFile(suffix='.zip')
427 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
428 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
429
430 with zipfile.ZipFile(target_files) as target_files_zip:
431 keys_info = ReadApexKeysInfo(target_files_zip)
432
Tao Baoe1343992019-03-19 12:24:03 -0700433 self.assertEqual({
434 'apex.apexd_test.apex': (
435 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700436 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700437 'apex.apexd_test_different_app.apex': (
438 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700439 'build/make/target/product/security/testkey'),
Tao Baoe1343992019-03-19 12:24:03 -0700440 }, keys_info)
Tao Bao6d9e3da2019-03-26 12:59:25 -0700441
442 def test_ReadApexKeysInfo_missingPayloadPublicKey(self):
443 # Invalid lines will be skipped.
444 apex_keys = self.APEX_KEYS_TXT + (
445 'name="apex.apexd_test_different_app2.apex" '
446 'private_key="system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem" '
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700447 'container_certificate="build/make/target/product/security/testkey.x509.pem" '
448 'container_private_key="build/make/target/product/security/testkey.pk8"')
Tao Bao6d9e3da2019-03-26 12:59:25 -0700449 target_files = common.MakeTempFile(suffix='.zip')
450 with zipfile.ZipFile(target_files, 'w') as target_files_zip:
451 target_files_zip.writestr('META/apexkeys.txt', apex_keys)
452
453 with zipfile.ZipFile(target_files) as target_files_zip:
454 keys_info = ReadApexKeysInfo(target_files_zip)
455
456 self.assertEqual({
457 'apex.apexd_test.apex': (
458 'system/apex/apexd/apexd_testdata/com.android.apex.test_package.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700459 'build/make/target/product/security/testkey'),
Tao Bao6d9e3da2019-03-26 12:59:25 -0700460 'apex.apexd_test_different_app.apex': (
461 'system/apex/apexd/apexd_testdata/com.android.apex.test_package_2.pem',
Dan Willemsen0ab1be62019-04-09 21:35:37 -0700462 'build/make/target/product/security/testkey'),
Tao Bao6d9e3da2019-03-26 12:59:25 -0700463 }, keys_info)