commit b18bb2f4f2d5f1d064ab81eebe27a24d147c9366
author Treehugger Robot <treehugger-gerrit@google.com> Thu Feb 13 17:23:37 2020 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Feb 13 17:23:37 2020 +0000
tree cb9c602b452819b888e93414517408f72945fcc7
parent 14392488ac24a4487411644343d249eaf292fa2a
parent 90c7e586881fae3a227644c43d20426d4a46a09d

Merge "Added unit test for AftlIcpEntry.verify_icp()."

aftltool

diff --git a/aftltool b/aftltool
index 473ecf5..d7cabcb 100755
--- a/aftltool
+++ b/aftltool
@@ -46,8 +46,6 @@
 import proto.api_pb2
 import proto.crypto.sigpb
 
-# Android Firmware Transparency Log Data Structures
-
 
 class AftlError(Exception):
   """Application-specific errors.
@@ -973,15 +971,15 @@
     if not self.is_valid():
       raise AftlError('Malformed AFTLDescriptor')
 
-  def add_icp_entry(self, avb_icp_entry):
+  def add_icp_entry(self, icp_entry):
     """Adds a new AftlIcpEntry to the AftlDescriptor, updating fields as needed.
 
     Arguments:
-      avb_icp_entry: An AftlIcpEntry structure.
+      icp_entry: An AftlIcpEntry structure.
     """
-    self.icp_entries.append(avb_icp_entry)
+    self.icp_entries.append(icp_entry)
     self.icp_header.icp_count += 1
-    self.icp_header.aftl_descriptor_size += avb_icp_entry.get_expected_size()
+    self.icp_header.aftl_descriptor_size += icp_entry.get_expected_size()
 
   def save(self, output):
     """Serializes the AftlDescriptor to disk.

aftltool_test.py

diff --git a/aftltool_test.py b/aftltool_test.py
index 802a4e6..ffd0912 100755
--- a/aftltool_test.py
+++ b/aftltool_test.py
@@ -54,6 +54,23 @@
     self.null = open(os.devnull, 'wb')
     sys.stderr = self.null
 
+    # AFTL public key.
+    self.test_aftl_pub_key = (
+        '-----BEGIN PUBLIC KEY-----\n'
+        'MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4ilqCNsenNA013iCdwgD\n'
+        'YPxZ853nbHG9lMBp9boXiwRcqT/8bUKHIL7YX5z7s+QoRYVY3rkMKppRabclXzyx\n'
+        'H59YnPMaU4uv7NqwWzjgaZo7E+vo7IF+KBjV3cJulId5Av0yIYUCsrwd7MpGtWdC\n'
+        'Q3S+7Vd4zwzCKEhcvliNIhnNlp1U3wNkPCxOyCAsMEn6k8O5ar12ke5TvxDv15db\n'
+        'rPDeHh8G2OYWoCkWL+lSN35L2kOJqKqVbLKWrrOd96RCYrrtbPCi580OADJRcUlG\n'
+        'lgcjwmNwmypBWvQMZ6ITj0P0ksHnl1zZz1DE2rXe1goLI1doghb5KxLaezlR8c2C\n'
+        'E3w/uo9KJgNmNgUVzzqZZ6FE0moyIDNOpP7KtZAL0DvEZj6jqLbB0ccPQElrg52m\n'
+        'Dv2/A3nYSr0mYBKeskT4+Bg7PGgoC8p7WyLSxMyzJEDYdtrj9OFx6eZaA23oqTQx\n'
+        'k3Qq5H8RfNBeeSUEeKF7pKH/7gyqZ2bNzBFMA2EBZgBozwRfaeN/HCv3qbaCnwvu\n'
+        '6caacmAsK+RxiYxSL1QsJqyhCWWGxVyenmxdc1KG/u5ypi7OIioztyzR3t2tAzD3\n'
+        'Nb+2t8lgHBRxbV24yiPlnvPmB1ZYEctXnlRR9Evpl1o9xA9NnybPHKr9rozN39CZ\n'
+        'V/USB8K6ao1y5xPZxa8CZksCAwEAAQ==\n'
+        '-----END PUBLIC KEY-----\n')
+
     # Test AftlIcpEntry #1
     self.test_tl_url_1 = 'aftl-test-server.google.com'
 
@@ -169,7 +186,6 @@
         + self.test_entry_1_bytes
         + self.test_entry_2_bytes)
 
-    # Sets up test data.
     # pylint: disable=no-member
     self.test_afi_resp = proto.api_pb2.AddFirmwareInfoResponse()
     self.test_afi_resp.fw_info_proof.proof.leaf_index = 6263
@@ -591,10 +607,26 @@
     self.assertEqual(entry.proofs,
                      self.test_afi_resp.fw_info_proof.proof.hashes)
 
-  # TODO(jpm): Add unit test for verify_icp.
   def test_verify_icp(self):
     """Tests verify_icp method."""
-    pass
+    key_file = 'transparency_log_pub_key.pem'
+    with open(key_file, 'w') as f:
+      f.write(self.test_aftl_pub_key)
+
+    # Valid ICP.
+    entry = aftltool.AftlIcpEntry()
+    entry.translate_response(self.test_tl_url_1, self.test_afi_resp)
+    self.assertTrue(entry.verify_icp(key_file))
+
+    # Invalid ICP where fw_info_leaf is not matching up with proofs.
+    entry = aftltool.AftlIcpEntry()
+    entry.translate_response(self.test_tl_url_1, self.test_afi_resp)
+    fw_info_leaf_bytes = entry.fw_info_leaf._fw_info_leaf_bytes.replace(
+        'ViNzEQS', '1234567')
+    entry.fw_info_leaf._fw_info_leaf_bytes = fw_info_leaf_bytes
+    self.assertFalse(entry.verify_icp(key_file))
+
+    os.remove(key_file)
 
   def test_print_desc(self):
     """Tests print_desc method."""