1# Copyright 2021 The Pigweed Authors 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); you may not 4# use this file except in compliance with the License. You may obtain a copy of 5# the License at 6# 7# https://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12# License for the specific language governing permissions and limitations under 13# the License. 14"""Unit tests for pw_software_update/dev_sign.py.""" 15 16import unittest 17 18from pw_software_update.dev_sign import sign_root_metadata, sign_update_bundle 19from pw_software_update.root_metadata import ( 20 gen_root_metadata, 21 RootKeys, 22 TargetsKeys, 23) 24from pw_software_update.tuf_pb2 import SignedRootMetadata, SignedTargetsMetadata 25from pw_software_update.update_bundle_pb2 import UpdateBundle 26 27 28class RootMetadataSigningTest(unittest.TestCase): 29 """Test Root Metadata signing.""" 30 31 def setUp(self) -> None: 32 self.root_key = ( 33 b'-----BEGIN PRIVATE KEY-----\n' 34 b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyk3DEQdl346MS5N/' 35 b'quNEneJa4HxkJBETGzlEEKkCmZOhRANCAAThdY5PejbtM2p6HtgXs/7YSsvPMWZz' 36 b'9Ui1gAEKrDseHnPzC02MbKjQadRIFZ4hKDcsyz9aM6QKLCNrCOqYjw6t' 37 b'\n-----END PRIVATE KEY-----\n' 38 ) 39 40 self.root_key_public = ( 41 b'-----BEGIN PUBLIC KEY-----\n' 42 b'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4XWOT3o27TNqeh7YF7P+2ErLzzFm' 43 b'c/VItYABCqw7Hh5z8wtNjGyo0GnUSBWeISg3LMs/WjOkCiwjawjqmI8OrQ==' 44 b'\n-----END PUBLIC KEY-----\n' 45 ) 46 47 self.targets_key_public = ( 48 b'-----BEGIN PUBLIC KEY-----\n' 49 b'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9UM6qRZJ0gIWwLjo8tjbrrBTlKXg' 50 b'ukwVjOlnguSSiYMrN4MDqMlNDnaJgLvcCuiNUKHu9Oj1DG1i6ckNdE4VTA==' 51 b'\n-----END PUBLIC KEY-----\n' 52 ) 53 54 root_metadata = gen_root_metadata( 55 RootKeys([self.root_key_public]), 56 TargetsKeys([self.targets_key_public]), 57 ) 58 self.root_metadata = SignedRootMetadata( 59 serialized_root_metadata=root_metadata.SerializeToString() 60 ) 61 62 self.another_signing_key = ( 63 b'-----BEGIN PRIVATE KEY-----\n' 64 b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg5OIalt8DcZYeEf/4' 65 b'5/iIX6jqM0I5t4dScAdcmgNF9vKhRANCAAQdMBqcn//pXIwss9nLEVjz+4Mz4oVt' 66 b'hKTFLqlzwKHZngL/0IyH6FC+4bq5CnR43WADPAyJHo18V0NCO/8QFQ2c' 67 b'\n-----END PRIVATE KEY-----\n' 68 ) 69 70 def test_typical_signing(self): 71 signed = sign_root_metadata(self.root_metadata, self.root_key) 72 self.assertEqual(len(signed.signatures), 1) 73 signed = sign_root_metadata(signed, self.another_signing_key) 74 self.assertEqual(len(signed.signatures), 2) 75 76 77class BundleSigningTest(unittest.TestCase): 78 """Test UpdateBundle signing.""" 79 80 def setUp(self): 81 self.targets_key = ( 82 b'-----BEGIN PRIVATE KEY-----\n' 83 b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgkMEZ0u84HzC51nhh' 84 b'f2ZykPj6WfAjBxXVWndjVdn6bh6hRANCAAT1QzqpFknSAhbAuOjy2NuusFOUpeC6' 85 b'TBWM6WeC5JKJgys3gwOoyU0OdomAu9wK6I1Qoe706PUMbWLpyQ10ThVM' 86 b'\n-----END PRIVATE KEY-----\n' 87 ) 88 89 self.update_bundle = UpdateBundle( 90 targets_metadata=dict( 91 targets=SignedTargetsMetadata( 92 serialized_targets_metadata=b'blahblah' 93 ) 94 ) 95 ) 96 97 def test_typical_signing(self): 98 signed = sign_update_bundle(self.update_bundle, self.targets_key) 99 self.assertEqual(len(signed.targets_metadata['targets'].signatures), 1) 100 101 102if __name__ == '__main__': 103 unittest.main() 104