third_party.pigweed.src/pw_software_update/py/dev_sign_test.py

# Copyright 2021 The Pigweed Authors
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy of
# the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.
"""Unit tests for pw_software_update/dev_sign.py."""

import unittest

from pw_software_update.dev_sign import sign_root_metadata, sign_update_bundle
from pw_software_update.root_metadata import (gen_root_metadata, RootKeys,
                                              TargetsKeys)
from pw_software_update.tuf_pb2 import SignedRootMetadata, SignedTargetsMetadata
from pw_software_update.update_bundle_pb2 import UpdateBundle


class RootMetadataSigningTest(unittest.TestCase):
    """Test Root Metadata signing."""
    def setUp(self) -> None:
        self.root_key = (
            b'-----BEGIN PRIVATE KEY-----\n'
            b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgyk3DEQdl346MS5N/'
            b'quNEneJa4HxkJBETGzlEEKkCmZOhRANCAAThdY5PejbtM2p6HtgXs/7YSsvPMWZz'
            b'9Ui1gAEKrDseHnPzC02MbKjQadRIFZ4hKDcsyz9aM6QKLCNrCOqYjw6t'
            b'\n-----END PRIVATE KEY-----\n')

        self.root_key_public = (
            b'-----BEGIN PUBLIC KEY-----\n'
            b'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4XWOT3o27TNqeh7YF7P+2ErLzzFm'
            b'c/VItYABCqw7Hh5z8wtNjGyo0GnUSBWeISg3LMs/WjOkCiwjawjqmI8OrQ=='
            b'\n-----END PUBLIC KEY-----\n')

        self.targets_key_public = (
            b'-----BEGIN PUBLIC KEY-----\n'
            b'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9UM6qRZJ0gIWwLjo8tjbrrBTlKXg'
            b'ukwVjOlnguSSiYMrN4MDqMlNDnaJgLvcCuiNUKHu9Oj1DG1i6ckNdE4VTA=='
            b'\n-----END PUBLIC KEY-----\n')

        root_metadata = gen_root_metadata(
            RootKeys([self.root_key_public]),
            TargetsKeys([self.targets_key_public]))
        self.root_metadata = SignedRootMetadata(
            serialized_root_metadata=root_metadata.SerializeToString())

        self.another_signing_key = (
            b'-----BEGIN PRIVATE KEY-----\n'
            b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg5OIalt8DcZYeEf/4'
            b'5/iIX6jqM0I5t4dScAdcmgNF9vKhRANCAAQdMBqcn//pXIwss9nLEVjz+4Mz4oVt'
            b'hKTFLqlzwKHZngL/0IyH6FC+4bq5CnR43WADPAyJHo18V0NCO/8QFQ2c'
            b'\n-----END PRIVATE KEY-----\n')

    def test_typical_signing(self):
        signed = sign_root_metadata(self.root_metadata, self.root_key)
        self.assertEqual(len(signed.signatures), 1)
        signed = sign_root_metadata(signed, self.another_signing_key)
        self.assertEqual(len(signed.signatures), 2)


class BundleSigningTest(unittest.TestCase):
    """Test UpdateBundle signing."""
    def setUp(self):
        self.targets_key = (
            b'-----BEGIN PRIVATE KEY-----\n'
            b'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgkMEZ0u84HzC51nhh'
            b'f2ZykPj6WfAjBxXVWndjVdn6bh6hRANCAAT1QzqpFknSAhbAuOjy2NuusFOUpeC6'
            b'TBWM6WeC5JKJgys3gwOoyU0OdomAu9wK6I1Qoe706PUMbWLpyQ10ThVM'
            b'\n-----END PRIVATE KEY-----\n')

        self.update_bundle = UpdateBundle(targets_metadata=dict(
            targets=SignedTargetsMetadata(
                serialized_targets_metadata=b'blahblah')))

    def test_typical_signing(self):
        signed = sign_update_bundle(self.update_bundle, self.targets_key)
        self.assertEqual(len(signed.targets_metadata['targets'].signatures), 1)


if __name__ == '__main__':
    unittest.main()