blob: 9ff0ae3698d5f41deb6b39703d430b1cdb78c60d [file] [log] [blame]
Victor Hsieh88ac6ca2020-11-13 15:20:24 -08001/*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17//! This crate implements AuthFS, a FUSE-based, non-generic filesystem where file access is
18//! authenticated. This filesystem assumes the underlying layer is not trusted, e.g. file may be
19//! provided by an untrusted host/VM, so that the content can't be simply trusted. However, with a
Victor Hsieh5deba522022-01-10 17:18:40 -080020//! known file hash from trusted party, this filesystem can still verify a (read-only) file even if
21//! the host/VM as the blob provider is malicious. With the Merkle tree, each read of file block can
22//! be verified individually only when needed.
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080023//!
Victor Hsieh5deba522022-01-10 17:18:40 -080024//! AuthFS only serve files that are specifically configured. Each remote file can be configured to
25//! appear as a local file at the mount point. A file configuration may include its remote file
26//! identifier and its verification method (e.g. by known digest).
27//!
28//! AuthFS also support remote directories. A remote directory may be defined by a manifest file,
29//! which contains file paths and their corresponding digests.
30//!
31//! AuthFS can also be configured for write, in which case the remote file server is treated as a
32//! (untrusted) storage. The file/directory integrity is maintained in memory in the VM. Currently,
33//! the state is not persistent, thus only new file/directory are supported.
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080034
Victor Hsieh99782572022-01-05 15:38:33 -080035use anyhow::{anyhow, bail, Result};
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070036use clap::Parser;
Alan Stokese1b6e1c2021-10-01 12:44:49 +010037use log::error;
Victor Hsieh99782572022-01-05 15:38:33 -080038use protobuf::Message;
Victor Hsieh50d75ac2021-09-03 14:46:55 -070039use std::convert::TryInto;
Victor Hsieh99782572022-01-05 15:38:33 -080040use std::fs::File;
Victor Hsieh963d5132022-03-09 21:58:17 +000041use std::num::NonZeroU8;
Victor Hsiehd18b9752021-11-09 16:03:34 -080042use std::path::{Path, PathBuf};
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080043
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080044mod common;
Victor Hsieh09e26262021-03-03 16:00:55 -080045mod file;
Victor Hsiehf7fc3d32021-11-22 10:20:33 -080046mod fsstat;
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080047mod fsverity;
48mod fusefs;
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080049
Victor Hsiehe8137e32022-02-11 22:14:12 +000050use file::{Attr, InMemoryDir, RemoteDirEditor, RemoteFileEditor, RemoteFileReader};
Victor Hsiehf7fc3d32021-11-22 10:20:33 -080051use fsstat::RemoteFsStatsReader;
Victor Hsiehe8137e32022-02-11 22:14:12 +000052use fsverity::VerifiedFileEditor;
Victor Hsieh99782572022-01-05 15:38:33 -080053use fsverity_digests_proto::fsverity_digests::FSVerityDigests;
Victor Hsiehe8137e32022-02-11 22:14:12 +000054use fusefs::{AuthFs, AuthFsEntry, LazyVerifiedReadonlyFile};
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080055
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070056#[derive(Parser)]
Victor Hsiehf01f3232020-12-11 13:31:31 -080057struct Args {
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080058 /// Mount point of AuthFS.
Victor Hsieh88ac6ca2020-11-13 15:20:24 -080059 mount_point: PathBuf,
60
Victor Hsieh2445e332021-06-04 16:44:53 -070061 /// CID of the VM where the service runs.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070062 #[clap(long)]
Victor Hsieh1a8cd042021-09-03 16:29:45 -070063 cid: u32,
Victor Hsieh2445e332021-06-04 16:44:53 -070064
Victor Hsieh4cc3b792021-08-04 12:00:04 -070065 /// Extra options to FUSE
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070066 #[clap(short = 'o')]
Victor Hsieh4cc3b792021-08-04 12:00:04 -070067 extra_options: Option<String>,
68
Victor Hsieh963d5132022-03-09 21:58:17 +000069 /// Number of threads to serve FUSE requests.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070070 #[clap(short = 'j')]
Victor Hsieh963d5132022-03-09 21:58:17 +000071 thread_number: Option<NonZeroU8>,
72
Victor Hsieh09e26262021-03-03 16:00:55 -080073 /// A read-only remote file with integrity check. Can be multiple.
Victor Hsiehf01f3232020-12-11 13:31:31 -080074 ///
Victor Hsieh5deba522022-01-10 17:18:40 -080075 /// For example, `--remote-ro-file 5:sha256-1234abcd` tells the filesystem to associate the
76 /// file $MOUNTPOINT/5 with a remote FD 5, and has a fs-verity digest with sha256 of the hex
77 /// value 1234abcd.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070078 #[clap(long, value_parser = parse_remote_ro_file_option)]
Victor Hsieh09e26262021-03-03 16:00:55 -080079 remote_ro_file: Vec<OptionRemoteRoFile>,
Victor Hsiehf01f3232020-12-11 13:31:31 -080080
Victor Hsieh09e26262021-03-03 16:00:55 -080081 /// A read-only remote file without integrity check. Can be multiple.
Victor Hsiehf01f3232020-12-11 13:31:31 -080082 ///
Victor Hsiehb3588ce2021-11-02 15:02:32 -070083 /// For example, `--remote-ro-file-unverified 5` tells the filesystem to associate the file
84 /// $MOUNTPOINT/5 with a remote FD 5.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070085 #[clap(long)]
Victor Hsiehb3588ce2021-11-02 15:02:32 -070086 remote_ro_file_unverified: Vec<i32>,
Victor Hsiehf01f3232020-12-11 13:31:31 -080087
Victor Hsieh6a47e7f2021-03-03 15:53:49 -080088 /// A new read-writable remote file with integrity check. Can be multiple.
89 ///
Victor Hsiehb3588ce2021-11-02 15:02:32 -070090 /// For example, `--remote-new-rw-file 5` tells the filesystem to associate the file
91 /// $MOUNTPOINT/5 with a remote FD 5.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -070092 #[clap(long)]
Victor Hsiehb3588ce2021-11-02 15:02:32 -070093 remote_new_rw_file: Vec<i32>,
Victor Hsieh6a47e7f2021-03-03 15:53:49 -080094
Victor Hsiehd18b9752021-11-09 16:03:34 -080095 /// A read-only directory that represents a remote directory. The directory view is constructed
96 /// and finalized during the filesystem initialization based on the provided mapping file
97 /// (which is a serialized protobuf of android.security.fsverity.FSVerityDigests, which
98 /// essentially provides <file path, fs-verity digest> mappings of exported files). The mapping
99 /// file is supposed to come from a trusted location in order to provide a trusted view as well
100 /// as verified access of included files with their fs-verity digest. Not all files on the
101 /// remote host may be included in the mapping file, so the directory view may be partial. The
102 /// directory structure won't change throughout the filesystem lifetime.
103 ///
Victor Hsieh99782572022-01-05 15:38:33 -0800104 /// For example, `--remote-ro-dir 5:/path/to/mapping:prefix/` tells the filesystem to
Victor Hsiehd18b9752021-11-09 16:03:34 -0800105 /// construct a directory structure defined in the mapping file at $MOUNTPOINT/5, which may
Victor Hsieh99782572022-01-05 15:38:33 -0800106 /// include a file like /5/system/framework/framework.jar. "prefix/" tells the filesystem to
107 /// strip the path (e.g. "system/") from the mount point to match the expected location of the
Victor Hsiehd18b9752021-11-09 16:03:34 -0800108 /// remote FD (e.g. a directory FD of "/system" in the remote).
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700109 #[clap(long, value_parser = parse_remote_new_ro_dir_option)]
Victor Hsiehd18b9752021-11-09 16:03:34 -0800110 remote_ro_dir: Vec<OptionRemoteRoDir>,
111
Victor Hsieh45636232021-10-15 17:52:51 -0700112 /// A new directory that is assumed empty in the backing filesystem. New files created in this
113 /// directory are integrity-protected in the same way as --remote-new-verified-file. Can be
114 /// multiple.
115 ///
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700116 /// For example, `--remote-new-rw-dir 5` tells the filesystem to associate $MOUNTPOINT/5
117 /// with a remote dir FD 5.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700118 #[clap(long)]
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700119 remote_new_rw_dir: Vec<i32>,
Victor Hsieh45636232021-10-15 17:52:51 -0700120
Victor Hsieh9d0ab622021-04-26 17:07:02 -0700121 /// Enable debugging features.
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700122 #[clap(long)]
Victor Hsieh9d0ab622021-04-26 17:07:02 -0700123 debug: bool,
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800124}
125
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700126#[derive(Clone)]
Victor Hsieh09e26262021-03-03 16:00:55 -0800127struct OptionRemoteRoFile {
Victor Hsiehf01f3232020-12-11 13:31:31 -0800128 /// ID to refer to the remote file.
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700129 remote_fd: i32,
Victor Hsiehf01f3232020-12-11 13:31:31 -0800130
Victor Hsieh5deba522022-01-10 17:18:40 -0800131 /// Expected fs-verity digest (with sha256) for the remote file.
132 digest: String,
Victor Hsiehf01f3232020-12-11 13:31:31 -0800133}
134
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700135#[derive(Clone)]
Victor Hsiehd18b9752021-11-09 16:03:34 -0800136struct OptionRemoteRoDir {
137 /// ID to refer to the remote dir.
138 remote_dir_fd: i32,
139
140 /// A mapping file that describes the expecting file/directory structure and integrity metadata
141 /// in the remote directory. The file contains serialized protobuf of
142 /// android.security.fsverity.FSVerityDigests.
Victor Hsiehd18b9752021-11-09 16:03:34 -0800143 mapping_file_path: PathBuf,
144
Victor Hsieh99782572022-01-05 15:38:33 -0800145 prefix: String,
Victor Hsiehd18b9752021-11-09 16:03:34 -0800146}
147
Victor Hsieh09e26262021-03-03 16:00:55 -0800148fn parse_remote_ro_file_option(option: &str) -> Result<OptionRemoteRoFile> {
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800149 let strs: Vec<&str> = option.split(':').collect();
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700150 if strs.len() != 2 {
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800151 bail!("Invalid option: {}", option);
152 }
Victor Hsieh5deba522022-01-10 17:18:40 -0800153 if let Some(digest) = strs[1].strip_prefix("sha256-") {
154 Ok(OptionRemoteRoFile { remote_fd: strs[0].parse::<i32>()?, digest: String::from(digest) })
155 } else {
156 bail!("Unsupported hash algorithm or invalid format: {}", strs[1]);
157 }
Victor Hsieh45636232021-10-15 17:52:51 -0700158}
159
Victor Hsiehd18b9752021-11-09 16:03:34 -0800160fn parse_remote_new_ro_dir_option(option: &str) -> Result<OptionRemoteRoDir> {
161 let strs: Vec<&str> = option.split(':').collect();
162 if strs.len() != 3 {
163 bail!("Invalid option: {}", option);
164 }
165 Ok(OptionRemoteRoDir {
166 remote_dir_fd: strs[0].parse::<i32>().unwrap(),
167 mapping_file_path: PathBuf::from(strs[1]),
Victor Hsieh99782572022-01-05 15:38:33 -0800168 prefix: String::from(strs[2]),
Victor Hsiehd18b9752021-11-09 16:03:34 -0800169 })
170}
171
Victor Hsieh5deba522022-01-10 17:18:40 -0800172fn from_hex_string(s: &str) -> Result<Vec<u8>> {
173 if s.len() % 2 == 1 {
174 bail!("Incomplete hex string: {}", s);
175 } else {
176 let results = (0..s.len())
177 .step_by(2)
178 .map(|i| {
179 u8::from_str_radix(&s[i..i + 2], 16)
180 .map_err(|e| anyhow!("Cannot parse hex {}: {}", &s[i..i + 2], e))
181 })
182 .collect::<Result<Vec<_>>>();
183 Ok(results?)
184 }
185}
186
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700187fn new_remote_verified_file_entry(
Victor Hsieh2445e332021-06-04 16:44:53 -0700188 service: file::VirtFdService,
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700189 remote_fd: i32,
Victor Hsieh5deba522022-01-10 17:18:40 -0800190 expected_digest: &str,
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700191) -> Result<AuthFsEntry> {
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700192 Ok(AuthFsEntry::VerifiedReadonly {
Victor Hsiehe8137e32022-02-11 22:14:12 +0000193 reader: LazyVerifiedReadonlyFile::prepare_by_fd(
194 service,
195 remote_fd,
196 from_hex_string(expected_digest)?,
197 ),
Victor Hsieh1bcf4112021-03-19 14:26:57 -0700198 })
Victor Hsiehf01f3232020-12-11 13:31:31 -0800199}
200
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700201fn new_remote_unverified_file_entry(
Victor Hsieh2445e332021-06-04 16:44:53 -0700202 service: file::VirtFdService,
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700203 remote_fd: i32,
Victor Hsieh2445e332021-06-04 16:44:53 -0700204 file_size: u64,
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700205) -> Result<AuthFsEntry> {
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700206 let reader = RemoteFileReader::new(service, remote_fd);
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700207 Ok(AuthFsEntry::UnverifiedReadonly { reader, file_size })
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800208}
209
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700210fn new_remote_new_verified_file_entry(
Victor Hsieh2445e332021-06-04 16:44:53 -0700211 service: file::VirtFdService,
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700212 remote_fd: i32,
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700213) -> Result<AuthFsEntry> {
Victor Hsiehf393a722021-12-08 13:04:27 -0800214 let remote_file = RemoteFileEditor::new(service.clone(), remote_fd);
215 Ok(AuthFsEntry::VerifiedNew {
216 editor: VerifiedFileEditor::new(remote_file),
217 attr: Attr::new_file(service, remote_fd),
218 })
Victor Hsieh6a47e7f2021-03-03 15:53:49 -0800219}
220
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700221fn new_remote_new_verified_dir_entry(
Victor Hsieh45636232021-10-15 17:52:51 -0700222 service: file::VirtFdService,
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700223 remote_fd: i32,
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700224) -> Result<AuthFsEntry> {
Victor Hsiehf393a722021-12-08 13:04:27 -0800225 let dir = RemoteDirEditor::new(service.clone(), remote_fd);
226 let attr = Attr::new_dir(service, remote_fd);
227 Ok(AuthFsEntry::VerifiedNewDirectory { dir, attr })
Victor Hsieh45636232021-10-15 17:52:51 -0700228}
229
Victor Hsiehf7fc3d32021-11-22 10:20:33 -0800230fn prepare_root_dir_entries(
231 service: file::VirtFdService,
232 authfs: &mut AuthFs,
233 args: &Args,
234) -> Result<()> {
Victor Hsieh88e50172021-10-15 13:27:13 -0700235 for config in &args.remote_ro_file {
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800236 authfs.add_entry_at_root_dir(
Victor Hsieh60c2f412021-11-03 13:02:19 -0700237 remote_fd_to_path_buf(config.remote_fd),
Victor Hsiehe8137e32022-02-11 22:14:12 +0000238 new_remote_verified_file_entry(service.clone(), config.remote_fd, &config.digest)?,
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800239 )?;
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800240 }
241
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700242 for remote_fd in &args.remote_ro_file_unverified {
243 let remote_fd = *remote_fd;
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800244 authfs.add_entry_at_root_dir(
Victor Hsieh60c2f412021-11-03 13:02:19 -0700245 remote_fd_to_path_buf(remote_fd),
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700246 new_remote_unverified_file_entry(
Victor Hsieh88e50172021-10-15 13:27:13 -0700247 service.clone(),
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700248 remote_fd,
249 service.getFileSize(remote_fd)?.try_into()?,
Victor Hsieh88e50172021-10-15 13:27:13 -0700250 )?,
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800251 )?;
Victor Hsieh88e50172021-10-15 13:27:13 -0700252 }
253
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700254 for remote_fd in &args.remote_new_rw_file {
255 let remote_fd = *remote_fd;
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800256 authfs.add_entry_at_root_dir(
Victor Hsieh60c2f412021-11-03 13:02:19 -0700257 remote_fd_to_path_buf(remote_fd),
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700258 new_remote_new_verified_file_entry(service.clone(), remote_fd)?,
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800259 )?;
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800260 }
261
Victor Hsiehb3588ce2021-11-02 15:02:32 -0700262 for remote_fd in &args.remote_new_rw_dir {
263 let remote_fd = *remote_fd;
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800264 authfs.add_entry_at_root_dir(
Victor Hsieh60c2f412021-11-03 13:02:19 -0700265 remote_fd_to_path_buf(remote_fd),
Victor Hsieh26cea2f2021-11-03 10:28:33 -0700266 new_remote_new_verified_dir_entry(service.clone(), remote_fd)?,
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800267 )?;
Victor Hsieh45636232021-10-15 17:52:51 -0700268 }
269
Victor Hsiehd18b9752021-11-09 16:03:34 -0800270 for config in &args.remote_ro_dir {
271 let dir_root_inode = authfs.add_entry_at_root_dir(
272 remote_fd_to_path_buf(config.remote_dir_fd),
273 AuthFsEntry::ReadonlyDirectory { dir: InMemoryDir::new() },
274 )?;
275
Victor Hsieh99782572022-01-05 15:38:33 -0800276 // Build the directory tree based on the mapping file.
277 let mut reader = File::open(&config.mapping_file_path)?;
278 let proto = FSVerityDigests::parse_from_reader(&mut reader)?;
Victor Hsieh5deba522022-01-10 17:18:40 -0800279 for (path_str, digest) in &proto.digests {
280 if digest.hash_alg != "sha256" {
281 bail!("Unsupported hash algorithm: {}", digest.hash_alg);
282 }
283
Victor Hsiehd18b9752021-11-09 16:03:34 -0800284 let file_entry = {
Victor Hsieh99782572022-01-05 15:38:33 -0800285 let remote_path_str = path_str.strip_prefix(&config.prefix).ok_or_else(|| {
286 anyhow!("Expect path {} to match prefix {}", path_str, config.prefix)
287 })?;
Victor Hsieh5deba522022-01-10 17:18:40 -0800288 AuthFsEntry::VerifiedReadonly {
Victor Hsiehe8137e32022-02-11 22:14:12 +0000289 reader: LazyVerifiedReadonlyFile::prepare_by_path(
290 service.clone(),
291 config.remote_dir_fd,
292 PathBuf::from(remote_path_str),
293 digest.digest.clone(),
294 ),
Victor Hsieh5deba522022-01-10 17:18:40 -0800295 }
Victor Hsiehd18b9752021-11-09 16:03:34 -0800296 };
Victor Hsieh99782572022-01-05 15:38:33 -0800297 authfs.add_entry_at_ro_dir_by_path(dir_root_inode, Path::new(path_str), file_entry)?;
Victor Hsiehd18b9752021-11-09 16:03:34 -0800298 }
299 }
300
Victor Hsieh4d6b9d42021-11-08 15:53:49 -0800301 Ok(())
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800302}
303
Victor Hsieh60c2f412021-11-03 13:02:19 -0700304fn remote_fd_to_path_buf(fd: i32) -> PathBuf {
305 PathBuf::from(fd.to_string())
306}
307
Alan Stokese1b6e1c2021-10-01 12:44:49 +0100308fn try_main() -> Result<()> {
Victor Hsiehb5bcfab2022-09-12 13:06:26 -0700309 let args = Args::parse();
Victor Hsieh9d0ab622021-04-26 17:07:02 -0700310
311 let log_level = if args.debug { log::Level::Debug } else { log::Level::Info };
312 android_logger::init_once(
313 android_logger::Config::default().with_tag("authfs").with_min_level(log_level),
314 );
315
Victor Hsiehf7fc3d32021-11-22 10:20:33 -0800316 let service = file::get_rpc_binder_service(args.cid)?;
317 let mut authfs = AuthFs::new(RemoteFsStatsReader::new(service.clone()));
318 prepare_root_dir_entries(service, &mut authfs, &args)?;
319
Victor Hsieh963d5132022-03-09 21:58:17 +0000320 fusefs::mount_and_enter_message_loop(
321 authfs,
322 &args.mount_point,
323 &args.extra_options,
324 args.thread_number,
325 )?;
Victor Hsiehf01f3232020-12-11 13:31:31 -0800326 bail!("Unexpected exit after the handler loop")
Victor Hsieh88ac6ca2020-11-13 15:20:24 -0800327}
Alan Stokese1b6e1c2021-10-01 12:44:49 +0100328
329fn main() {
330 if let Err(e) = try_main() {
331 error!("failed with {:?}", e);
332 std::process::exit(1);
333 }
334}
Victor Hsieh5deba522022-01-10 17:18:40 -0800335
336#[cfg(test)]
337mod tests {
338 use super::*;
339
340 #[test]
341 fn parse_hex_string() {
342 assert_eq!(from_hex_string("deadbeef").unwrap(), vec![0xde, 0xad, 0xbe, 0xef]);
343 assert_eq!(from_hex_string("DEADBEEF").unwrap(), vec![0xde, 0xad, 0xbe, 0xef]);
344 assert_eq!(from_hex_string("").unwrap(), Vec::<u8>::new());
345
346 assert!(from_hex_string("deadbee").is_err());
347 assert!(from_hex_string("X").is_err());
348 }
349}