summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorandroid-build-team Robot <android-build-team-robot@google.com>2018-10-21 05:01:58 +0200
committerandroid-build-team Robot <android-build-team-robot@google.com>2018-10-21 05:01:58 +0200
commit48def4135304b9cabbdb313bdb8c57eb64d70dcb (patch)
tree3478ed3e8ba6c1ae95fb634241ee3034ae7252b5
parentSnap for 5073180 from 0d84eaf474f46bc1cccf6c5ce1ea2647c9b96f11 to qt-release (diff)
parentMerge "Fix instrumentation_for to refer to name of module" am: 24ead5672b am: 3463839772 (diff)
downloadandroid_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar.gz
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar.bz2
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar.lz
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar.xz
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.tar.zst
android_bootable_recovery-48def4135304b9cabbdb313bdb8c57eb64d70dcb.zip
-rw-r--r--Android.bp1
-rw-r--r--tests/component/verifier_test.cpp91
-rw-r--r--updater_sample/tests/Android.bp2
-rw-r--r--verifier.cpp55
-rw-r--r--verifier.h4
5 files changed, 145 insertions, 8 deletions
diff --git a/Android.bp b/Android.bp
index 76e69859c..c28dc3be1 100644
--- a/Android.bp
+++ b/Android.bp
@@ -201,6 +201,7 @@ cc_library_static {
"libbase",
"libcrypto",
"libcrypto_utils",
+ "libziparchive",
],
static_libs: [
diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp
index c460cbe6f..d110c37e0 100644
--- a/tests/component/verifier_test.cpp
+++ b/tests/component/verifier_test.cpp
@@ -26,9 +26,11 @@
#include <android-base/file.h>
#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
#include <android-base/test_utils.h>
#include <android-base/unique_fd.h>
#include <gtest/gtest.h>
+#include <ziparchive/zip_writer.h>
#include "common/test_constants.h"
#include "otautil/sysutil.h"
@@ -43,16 +45,43 @@ static void LoadKeyFromFile(const std::string& file_name, Certificate* cert) {
std::vector<uint8_t>(testkey_string.begin(), testkey_string.end()), cert));
}
-static void VerifyPackageWithCertificate(const std::string& name, Certificate&& cert) {
+static void VerifyPackageWithCertificates(const std::string& name,
+ const std::vector<Certificate>& certs) {
std::string package = from_testdata_base(name);
MemMapping memmap;
if (!memmap.MapFile(package)) {
FAIL() << "Failed to mmap " << package << ": " << strerror(errno) << "\n";
}
+ ASSERT_EQ(VERIFY_SUCCESS, verify_file(memmap.addr, memmap.length, certs));
+}
+
+static void VerifyPackageWithSingleCertificate(const std::string& name, Certificate&& cert) {
std::vector<Certificate> certs;
certs.emplace_back(std::move(cert));
- ASSERT_EQ(VERIFY_SUCCESS, verify_file(memmap.addr, memmap.length, certs));
+ VerifyPackageWithCertificates(name, certs);
+}
+
+static void BuildCertificateArchive(const std::vector<std::string>& file_names, int fd) {
+ FILE* zip_file_ptr = fdopen(fd, "wb");
+ ZipWriter zip_writer(zip_file_ptr);
+
+ for (const auto& name : file_names) {
+ std::string content;
+ ASSERT_TRUE(android::base::ReadFileToString(name, &content));
+
+ // Makes sure the zip entry name has the correct suffix.
+ std::string entry_name = name;
+ if (!android::base::EndsWith(entry_name, "x509.pem")) {
+ entry_name += "x509.pem";
+ }
+ ASSERT_EQ(0, zip_writer.StartEntry(entry_name.c_str(), ZipWriter::kCompress));
+ ASSERT_EQ(0, zip_writer.WriteBytes(content.data(), content.size()));
+ ASSERT_EQ(0, zip_writer.FinishEntry());
+ }
+
+ ASSERT_EQ(0, zip_writer.Finish());
+ ASSERT_EQ(0, fclose(zip_file_ptr));
}
TEST(VerifierTest, LoadCertificateFromBuffer_failure) {
@@ -72,7 +101,7 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha1_exponent3) {
ASSERT_EQ(Certificate::KEY_TYPE_RSA, cert.key_type);
ASSERT_EQ(nullptr, cert.ec);
- VerifyPackageWithCertificate("otasigned_v1.zip", std::move(cert));
+ VerifyPackageWithSingleCertificate("otasigned_v1.zip", std::move(cert));
}
TEST(VerifierTest, LoadCertificateFromBuffer_sha1_exponent65537) {
@@ -83,7 +112,7 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha1_exponent65537) {
ASSERT_EQ(Certificate::KEY_TYPE_RSA, cert.key_type);
ASSERT_EQ(nullptr, cert.ec);
- VerifyPackageWithCertificate("otasigned_v2.zip", std::move(cert));
+ VerifyPackageWithSingleCertificate("otasigned_v2.zip", std::move(cert));
}
TEST(VerifierTest, LoadCertificateFromBuffer_sha256_exponent3) {
@@ -94,7 +123,7 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha256_exponent3) {
ASSERT_EQ(Certificate::KEY_TYPE_RSA, cert.key_type);
ASSERT_EQ(nullptr, cert.ec);
- VerifyPackageWithCertificate("otasigned_v3.zip", std::move(cert));
+ VerifyPackageWithSingleCertificate("otasigned_v3.zip", std::move(cert));
}
TEST(VerifierTest, LoadCertificateFromBuffer_sha256_exponent65537) {
@@ -105,7 +134,7 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha256_exponent65537) {
ASSERT_EQ(Certificate::KEY_TYPE_RSA, cert.key_type);
ASSERT_EQ(nullptr, cert.ec);
- VerifyPackageWithCertificate("otasigned_v4.zip", std::move(cert));
+ VerifyPackageWithSingleCertificate("otasigned_v4.zip", std::move(cert));
}
TEST(VerifierTest, LoadCertificateFromBuffer_sha256_ec256bits) {
@@ -116,7 +145,55 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha256_ec256bits) {
ASSERT_EQ(Certificate::KEY_TYPE_EC, cert.key_type);
ASSERT_EQ(nullptr, cert.rsa);
- VerifyPackageWithCertificate("otasigned_v5.zip", std::move(cert));
+ VerifyPackageWithSingleCertificate("otasigned_v5.zip", std::move(cert));
+}
+
+TEST(VerifierTest, LoadKeysFromZipfile_empty_archive) {
+ TemporaryFile otacerts;
+ BuildCertificateArchive({}, otacerts.release());
+ std::vector<Certificate> certs = LoadKeysFromZipfile(otacerts.path);
+ ASSERT_TRUE(certs.empty());
+}
+
+TEST(VerifierTest, LoadKeysFromZipfile_single_key) {
+ TemporaryFile otacerts;
+ BuildCertificateArchive({ from_testdata_base("testkey_v1.x509.pem") }, otacerts.release());
+ std::vector<Certificate> certs = LoadKeysFromZipfile(otacerts.path);
+ ASSERT_EQ(1, certs.size());
+
+ VerifyPackageWithCertificates("otasigned_v1.zip", certs);
+}
+
+TEST(VerifierTest, LoadKeysFromZipfile_corrupted_key) {
+ TemporaryFile corrupted_key;
+ std::string content;
+ ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v1.x509.pem"), &content));
+ content = "random-contents" + content;
+ ASSERT_TRUE(android::base::WriteStringToFd(content, corrupted_key.release()));
+
+ TemporaryFile otacerts;
+ BuildCertificateArchive({ from_testdata_base("testkey_v2.x509.pem"), corrupted_key.path },
+ otacerts.release());
+ std::vector<Certificate> certs = LoadKeysFromZipfile(otacerts.path);
+ ASSERT_EQ(0, certs.size());
+}
+
+TEST(VerifierTest, LoadKeysFromZipfile_multiple_key) {
+ TemporaryFile otacerts;
+ BuildCertificateArchive(
+ {
+ from_testdata_base("testkey_v3.x509.pem"),
+ from_testdata_base("testkey_v4.x509.pem"),
+ from_testdata_base("testkey_v5.x509.pem"),
+
+ },
+ otacerts.release());
+ std::vector<Certificate> certs = LoadKeysFromZipfile(otacerts.path);
+ ASSERT_EQ(3, certs.size());
+
+ VerifyPackageWithCertificates("otasigned_v3.zip", certs);
+ VerifyPackageWithCertificates("otasigned_v4.zip", certs);
+ VerifyPackageWithCertificates("otasigned_v5.zip", certs);
}
class VerifierTest : public testing::TestWithParam<std::vector<std::string>> {
diff --git a/updater_sample/tests/Android.bp b/updater_sample/tests/Android.bp
index c2783ef88..7867770a0 100644
--- a/updater_sample/tests/Android.bp
+++ b/updater_sample/tests/Android.bp
@@ -28,7 +28,7 @@ android_test {
"guava",
],
- instrumentation_for: "com.example.android.systemupdatersample",
+ instrumentation_for: "SystemUpdaterSample",
optimize: {
enabled: false,
diff --git a/verifier.cpp b/verifier.cpp
index 1dc52a0ef..2101dcb41 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -34,6 +34,7 @@
#include <openssl/obj_mac.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
+#include <ziparchive/zip_archive.h>
#include "asn1_decoder.h"
#include "otautil/print_sha1.h"
@@ -445,6 +446,60 @@ std::unique_ptr<EC_KEY, ECKEYDeleter> parse_ec_key(FILE* file) {
return key;
}
+static std::vector<Certificate> IterateZipEntriesAndSearchForKeys(const ZipArchiveHandle& handle) {
+ void* cookie;
+ ZipString suffix("x509.pem");
+ int32_t iter_status = StartIteration(handle, &cookie, nullptr, &suffix);
+ if (iter_status != 0) {
+ LOG(ERROR) << "Failed to iterate over entries in the certificate zipfile: "
+ << ErrorCodeString(iter_status);
+ return {};
+ }
+
+ std::vector<Certificate> result;
+
+ ZipString name;
+ ZipEntry entry;
+ while ((iter_status = Next(cookie, &entry, &name)) == 0) {
+ std::vector<uint8_t> pem_content(entry.uncompressed_length);
+ if (int32_t extract_status =
+ ExtractToMemory(handle, &entry, pem_content.data(), pem_content.size());
+ extract_status != 0) {
+ LOG(ERROR) << "Failed to extract " << std::string(name.name, name.name + name.name_length);
+ return {};
+ }
+
+ Certificate cert(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
+ // Aborts the parsing if we fail to load one of the key file.
+ if (!LoadCertificateFromBuffer(pem_content, &cert)) {
+ LOG(ERROR) << "Failed to load keys from "
+ << std::string(name.name, name.name + name.name_length);
+ return {};
+ }
+
+ result.emplace_back(std::move(cert));
+ }
+
+ if (iter_status != -1) {
+ LOG(ERROR) << "Error while iterating over zip entries: " << ErrorCodeString(iter_status);
+ return {};
+ }
+
+ return result;
+}
+
+std::vector<Certificate> LoadKeysFromZipfile(const std::string& zip_name) {
+ ZipArchiveHandle handle;
+ if (int32_t open_status = OpenArchive(zip_name.c_str(), &handle); open_status != 0) {
+ LOG(ERROR) << "Failed to open " << zip_name << ": " << ErrorCodeString(open_status);
+ return {};
+ }
+
+ std::vector<Certificate> result = IterateZipEntriesAndSearchForKeys(handle);
+ CloseArchive(handle);
+ return result;
+}
+
bool LoadCertificateFromBuffer(const std::vector<uint8_t>& pem_content, Certificate* cert) {
std::unique_ptr<BIO, decltype(&BIO_free)> content(
BIO_new_mem_buf(pem_content.data(), pem_content.size()), BIO_free);
diff --git a/verifier.h b/verifier.h
index b13424126..b7924c71f 100644
--- a/verifier.h
+++ b/verifier.h
@@ -76,6 +76,10 @@ bool load_keys(const char* filename, std::vector<Certificate>& certs);
// false if there is a parsing failure or the signature's encryption algorithm is not supported.
bool LoadCertificateFromBuffer(const std::vector<uint8_t>& pem_content, Certificate* cert);
+// Iterates over the zip entries with the suffix "x509.pem" and returns a list of recognized
+// certificates. Returns an empty list if we fail to parse any of the entries.
+std::vector<Certificate> LoadKeysFromZipfile(const std::string& zip_name);
+
#define VERIFY_SUCCESS 0
#define VERIFY_FAILURE 1