commit d7061ab058db55cb715617e8fa5f8e70ff4a5d67
author Darin Petkov <petkov@chromium.org> Wed Oct 06 14:37:09 2010 -0700
committer Darin Petkov <petkov@chromium.org> Wed Oct 06 14:37:09 2010 -0700
tree ff9080fda84ab5b6b34903eb5ade2d7463e50439
parent cc92cd3b109b59b30ff8b5e6b410a1d2ca9c1774

AU: Verify delta payload signature and signed hash.

The signature and hash are verified only if the public key file exists.
This means that currently this feature is desabled until we install a public
key.

BUG=5663
TEST=unit tests, applied a signed delta update on the server

Change-Id: I5be72f7fde88400587f8aae0c7d5745c79fc4428

Review URL: http://codereview.chromium.org/3592008

omaha_hash_calculator_unittest.cc

diff --git a/omaha_hash_calculator_unittest.cc b/omaha_hash_calculator_unittest.cc
index d228f12..449cb90 100644
--- a/omaha_hash_calculator_unittest.cc
+++ b/omaha_hash_calculator_unittest.cc
@@ -4,22 +4,40 @@
 
 #include <math.h>
 #include <unistd.h>
+
+#include <vector>
+
 #include <glib.h>
 #include <gtest/gtest.h>
+
 #include "update_engine/libcurl_http_fetcher.h"
 #include "update_engine/omaha_hash_calculator.h"
 
+using std::vector;
+
 namespace chromeos_update_engine {
 
 class OmahaHashCalculatorTest : public ::testing::Test { };
 
+// Generated by running this on a linux shell:
+// $ echo -n hi | openssl dgst -sha256 -binary | openssl base64
+static const char kExpectedHash[] =
+    "j0NDRmSPa5bfid2pAcUXaxCm2Dlh3TwayItZstwyeqQ=";
+static const char kExpectedRawHash[] = {
+  0x8f, 0x43, 0x43, 0x46, 0x64, 0x8f, 0x6b, 0x96,
+  0xdf, 0x89, 0xdd, 0xa9, 0x01, 0xc5, 0x17, 0x6b,
+  0x10, 0xa6, 0xd8, 0x39, 0x61, 0xdd, 0x3c, 0x1a,
+  0xc8, 0x8b, 0x59, 0xb2, 0xdc, 0x32, 0x7a, 0xa4
+};
+
 TEST(OmahaHashCalculatorTest, SimpleTest) {
   OmahaHashCalculator calc;
   calc.Update("hi", 2);
   calc.Finalize();
-  // Generated by running this on a linux shell:
-  // $ echo -n hi | openssl dgst -sha256 -binary | openssl base64
-  EXPECT_EQ("j0NDRmSPa5bfid2pAcUXaxCm2Dlh3TwayItZstwyeqQ=", calc.hash());
+  EXPECT_EQ(kExpectedHash, calc.hash());
+  vector<char> raw_hash(kExpectedRawHash,
+                        kExpectedRawHash + arraysize(kExpectedRawHash));
+  EXPECT_TRUE(raw_hash == calc.raw_hash());
 }
 
 TEST(OmahaHashCalculatorTest, MultiUpdateTest) {
@@ -27,9 +45,10 @@
   calc.Update("h", 1);
   calc.Update("i", 1);
   calc.Finalize();
-  // Generated by running this on a linux shell:
-  // $ echo -n hi | openssl dgst -sha256 -binary | openssl base64
-  EXPECT_EQ("j0NDRmSPa5bfid2pAcUXaxCm2Dlh3TwayItZstwyeqQ=", calc.hash());
+  EXPECT_EQ(kExpectedHash, calc.hash());
+  vector<char> raw_hash(kExpectedRawHash,
+                        kExpectedRawHash + arraysize(kExpectedRawHash));
+  EXPECT_TRUE(raw_hash == calc.raw_hash());
 }
 
 TEST(OmahaHashCalculatorTest, BigTest) {