Aktualizr
C++ SOTA Client
All Classes Namespaces Files Functions Variables Enumerations Enumerator Pages
uptane_test.cc
1 #include <gmock/gmock.h>
2 #include <gtest/gtest.h>
3 
4 #include <unistd.h>
5 
6 #include <algorithm>
7 #include <fstream>
8 #include <iostream>
9 #include <memory>
10 #include <string>
11 #include <vector>
12 
13 #include <boost/filesystem.hpp>
14 #include "json/json.h"
15 
16 #include "crypto/p11engine.h"
17 #include "httpfake.h"
18 #include "primary/initializer.h"
19 #include "primary/sotauptaneclient.h"
20 #include "storage/fsstorage_read.h"
21 #include "storage/invstorage.h"
22 #include "test_utils.h"
23 #include "uptane/secondaryinterface.h"
24 #include "uptane/tuf.h"
25 #include "uptane/uptanerepository.h"
26 #include "uptane_test_common.h"
27 #include "utilities/utils.h"
28 
29 #ifdef BUILD_P11
30 #ifndef TEST_PKCS11_MODULE_PATH
31 #define TEST_PKCS11_MODULE_PATH "/usr/local/softhsm/libsofthsm2.so"
32 #endif
33 #endif
34 
35 static Config config_common() {
36  Config config;
37  config.uptane.key_type = KeyType::kED25519;
38  return config;
39 }
40 
41 TEST(Uptane, Verify) {
42  TemporaryDirectory temp_dir;
43  auto http = std::make_shared<HttpFake>(temp_dir.Path());
44  Config config = config_common();
45  config.uptane.director_server = http->tls_server + "/director";
46  config.uptane.repo_server = http->tls_server + "/repo";
47 
48  config.storage.path = temp_dir.Path();
49  auto storage = INvStorage::newStorage(config.storage);
50  HttpResponse response = http->get(http->tls_server + "/director/root.json", HttpInterface::kNoLimit);
51  Uptane::Root root(Uptane::Root::Policy::kAcceptAll);
52  Uptane::Root(Uptane::RepositoryType::Director(), response.getJson(), root);
53 }
54 
55 /* Throw an exception if a TUF root is unsigned. */
56 TEST(Uptane, VerifyDataBad) {
57  TemporaryDirectory temp_dir;
58  auto http = std::make_shared<HttpFake>(temp_dir.Path());
59  Config config = config_common();
60  config.uptane.director_server = http->tls_server + "/director";
61  config.uptane.repo_server = http->tls_server + "/repo";
62 
63  config.storage.path = temp_dir.Path();
64  auto storage = INvStorage::newStorage(config.storage);
65  Json::Value data_json = http->get(http->tls_server + "/director/root.json", HttpInterface::kNoLimit).getJson();
66  data_json.removeMember("signatures");
67 
68  Uptane::Root root(Uptane::Root::Policy::kAcceptAll);
69  EXPECT_THROW(Uptane::Root(Uptane::RepositoryType::Director(), data_json, root), Uptane::UnmetThreshold);
70 }
71 
72 /* Throw an exception if a TUF root has unknown signature types. */
73 TEST(Uptane, VerifyDataUnknownType) {
74  TemporaryDirectory temp_dir;
75  auto http = std::make_shared<HttpFake>(temp_dir.Path());
76  Config config = config_common();
77  config.uptane.director_server = http->tls_server + "/director";
78  config.uptane.repo_server = http->tls_server + "/repo";
79 
80  config.storage.path = temp_dir.Path();
81  auto storage = INvStorage::newStorage(config.storage);
82  Json::Value data_json = http->get(http->tls_server + "/director/root.json", HttpInterface::kNoLimit).getJson();
83  data_json["signatures"][0]["method"] = "badsignature";
84  data_json["signatures"][1]["method"] = "badsignature";
85 
86  Uptane::Root root(Uptane::Root::Policy::kAcceptAll);
87  EXPECT_THROW(Uptane::Root(Uptane::RepositoryType::Director(), data_json, root), Uptane::SecurityException);
88 }
89 
90 /* Throw an exception if a TUF root has invalid key IDs. */
91 TEST(Uptane, VerifyDataBadKeyId) {
92  TemporaryDirectory temp_dir;
93  auto http = std::make_shared<HttpFake>(temp_dir.Path());
94  Config config = config_common();
95  config.uptane.director_server = http->tls_server + "/director";
96  config.uptane.repo_server = http->tls_server + "/repo";
97 
98  config.storage.path = temp_dir.Path();
99  auto storage = INvStorage::newStorage(config.storage);
100  Json::Value data_json = http->get(http->tls_server + "/director/root.json", HttpInterface::kNoLimit).getJson();
101 
102  data_json["signatures"][0]["keyid"] = "badkeyid";
103 
104  Uptane::Root root(Uptane::Root::Policy::kAcceptAll);
105  EXPECT_THROW(Uptane::Root(Uptane::RepositoryType::Director(), data_json, root), Uptane::BadKeyId);
106 }
107 
108 /* Throw an exception if a TUF root signature threshold is invalid. */
109 TEST(Uptane, VerifyDataBadThreshold) {
110  TemporaryDirectory temp_dir;
111  auto http = std::make_shared<HttpFake>(temp_dir.Path());
112  Config config = config_common();
113  config.uptane.director_server = http->tls_server + "/director";
114  config.uptane.repo_server = http->tls_server + "/repo";
115 
116  config.storage.path = temp_dir.Path();
117  auto storage = INvStorage::newStorage(config.storage);
118  Json::Value data_json = http->get(http->tls_server + "/director/root.json", HttpInterface::kNoLimit).getJson();
119  data_json["signed"]["roles"]["root"]["threshold"] = -1;
120  try {
121  Uptane::Root root(Uptane::Root::Policy::kAcceptAll);
122  Uptane::Root(Uptane::RepositoryType::Director(), data_json, root);
123  FAIL() << "Illegal threshold should have thrown an error.";
124  } catch (const Uptane::IllegalThreshold &ex) {
125  } catch (const Uptane::UnmetThreshold &ex) {
126  }
127 }
128 
129 /* Get manifest from primary.
130  * Get manifest from secondaries. */
131 TEST(Uptane, AssembleManifestGood) {
132  TemporaryDirectory temp_dir;
133  auto http = std::make_shared<HttpFake>(temp_dir.Path());
134  Config config = config_common();
135  config.storage.path = temp_dir.Path();
136  boost::filesystem::copy_file("tests/test_data/cred.zip", (temp_dir / "cred.zip").string());
137  boost::filesystem::copy_file("tests/test_data/firmware.txt", (temp_dir / "firmware.txt").string());
138  boost::filesystem::copy_file("tests/test_data/firmware_name.txt", (temp_dir / "firmware_name.txt").string());
139  config.provision.provision_path = temp_dir / "cred.zip";
140  config.provision.mode = ProvisionMode::kSharedCred;
141  config.uptane.director_server = http->tls_server + "/director";
142  config.uptane.repo_server = http->tls_server + "/repo";
143  config.provision.primary_ecu_serial = "testecuserial";
144  config.pacman.type = PackageManager::kNone;
145  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
146 
147  auto storage = INvStorage::newStorage(config.storage);
148  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
149  EXPECT_NO_THROW(sota_client->initialize());
150 
151  Json::Value manifest = sota_client->AssembleManifest()["ecu_version_manifests"];
152  EXPECT_EQ(manifest.size(), 2);
153  EXPECT_EQ(manifest["testecuserial"]["signed"]["ecu_serial"].asString(), config.provision.primary_ecu_serial);
154  EXPECT_EQ(manifest["secondary_ecu_serial"]["signed"]["ecu_serial"].asString(), "secondary_ecu_serial");
155  // Manifest should not have an installation result yet.
156  EXPECT_FALSE(manifest["testecuserial"]["signed"].isMember("custom"));
157  EXPECT_FALSE(manifest["secondary_ecu_serial"]["signed"].isMember("custom"));
158 
159  std::string counter_str = manifest["testecuserial"]["signed"]["report_counter"].asString();
160  int64_t primary_ecu_report_counter = std::stoll(counter_str);
161  Json::Value manifest2 = sota_client->AssembleManifest()["ecu_version_manifests"];
162  std::string counter_str2 = manifest2["testecuserial"]["signed"]["report_counter"].asString();
163  int64_t primary_ecu_report_counter2 = std::stoll(counter_str2);
164  EXPECT_EQ(primary_ecu_report_counter2, primary_ecu_report_counter + 1);
165 }
166 
167 /* Bad signatures are ignored when assembling the manifest. */
168 TEST(Uptane, AssembleManifestBad) {
169  TemporaryDirectory temp_dir;
170  auto http = std::make_shared<HttpFake>(temp_dir.Path());
171  Config config = config_common();
172  config.storage.path = temp_dir.Path();
173  boost::filesystem::copy_file("tests/test_data/cred.zip", (temp_dir / "cred.zip").string());
174  boost::filesystem::copy_file("tests/test_data/firmware.txt", (temp_dir / "firmware.txt").string());
175  boost::filesystem::copy_file("tests/test_data/firmware_name.txt", (temp_dir / "firmware_name.txt").string());
176  config.provision.provision_path = temp_dir / "cred.zip";
177  config.provision.mode = ProvisionMode::kSharedCred;
178  config.uptane.director_server = http->tls_server + "/director";
179  config.uptane.repo_server = http->tls_server + "/repo";
180  config.provision.primary_ecu_serial = "testecuserial";
181  config.pacman.type = PackageManager::kNone;
182  Primary::VirtualSecondaryConfig ecu_config =
183  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
184 
185  /* Overwrite the secondary's keys on disk. */
186  std::string private_key, public_key;
187  ASSERT_TRUE(Crypto::generateKeyPair(ecu_config.key_type, &public_key, &private_key));
188  Utils::writeFile(ecu_config.full_client_dir / ecu_config.ecu_private_key, private_key);
189  public_key = Utils::readFile("tests/test_data/public.key");
190  Utils::writeFile(ecu_config.full_client_dir / ecu_config.ecu_public_key, public_key);
191 
192  auto storage = INvStorage::newStorage(config.storage);
193  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
194  EXPECT_NO_THROW(sota_client->initialize());
195 
196  Json::Value manifest = sota_client->AssembleManifest()["ecu_version_manifests"];
197  EXPECT_EQ(manifest.size(), 1);
198  EXPECT_EQ(manifest["testecuserial"]["signed"]["ecu_serial"].asString(), config.provision.primary_ecu_serial);
199  // Manifest should not have an installation result yet.
200  EXPECT_FALSE(manifest["testecuserial"]["signed"].isMember("custom"));
201  EXPECT_FALSE(manifest["secondary_ecu_serial"]["signed"].isMember("custom"));
202 }
203 
204 /* Get manifest from primary.
205  * Get manifest from secondaries.
206  * Send manifest to the server. */
207 TEST(Uptane, PutManifest) {
208  TemporaryDirectory temp_dir;
209  auto http = std::make_shared<HttpFake>(temp_dir.Path());
210  Config config = config_common();
211  config.storage.path = temp_dir.Path();
212  boost::filesystem::copy_file("tests/test_data/cred.zip", (temp_dir / "cred.zip").string());
213  boost::filesystem::copy_file("tests/test_data/firmware.txt", (temp_dir / "firmware.txt").string());
214  boost::filesystem::copy_file("tests/test_data/firmware_name.txt", (temp_dir / "firmware_name.txt").string());
215  config.provision.provision_path = temp_dir / "cred.zip";
216  config.provision.mode = ProvisionMode::kSharedCred;
217  config.uptane.director_server = http->tls_server + "/director";
218  config.uptane.repo_server = http->tls_server + "/repo";
219  config.provision.primary_ecu_serial = "testecuserial";
220  config.pacman.type = PackageManager::kNone;
221  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
222 
223  auto storage = INvStorage::newStorage(config.storage);
224 
225  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
226  EXPECT_NO_THROW(sota_client->initialize());
227  EXPECT_TRUE(sota_client->putManifestSimple());
228 
229  Json::Value json = http->last_manifest;
230 
231  EXPECT_EQ(json["signatures"].size(), 1u);
232  EXPECT_EQ(json["signed"]["primary_ecu_serial"].asString(), "testecuserial");
233  EXPECT_EQ(
234  json["signed"]["ecu_version_manifests"]["testecuserial"]["signed"]["installed_image"]["filepath"].asString(),
235  "unknown");
236  EXPECT_EQ(json["signed"]["ecu_version_manifests"].size(), 2u);
237  EXPECT_EQ(json["signed"]["ecu_version_manifests"]["secondary_ecu_serial"]["signed"]["ecu_serial"].asString(),
238  "secondary_ecu_serial");
239  EXPECT_EQ(json["signed"]["ecu_version_manifests"]["secondary_ecu_serial"]["signed"]["installed_image"]["filepath"]
240  .asString(),
241  "test-package");
242 }
243 
244 class HttpPutManifestFail : public HttpFake {
245  public:
246  HttpPutManifestFail(const boost::filesystem::path &test_dir_in, std::string flavor = "")
247  : HttpFake(test_dir_in, flavor) {}
248  HttpResponse put(const std::string &url, const Json::Value &data) override {
249  (void)data;
250  return HttpResponse(url, 504, CURLE_OK, "");
251  }
252 };
253 
254 int num_events_PutManifestError = 0;
255 void process_events_PutManifestError(const std::shared_ptr<event::BaseEvent> &event) {
256  std::cout << event->variant << "\n";
257  if (event->variant == "PutManifestComplete") {
258  EXPECT_FALSE(std::static_pointer_cast<event::PutManifestComplete>(event)->success);
259  num_events_PutManifestError++;
260  }
261 }
262 
263 /*
264  * Send PutManifestComplete event if send is unsuccessful
265  */
266 TEST(Uptane, PutManifestError) {
267  TemporaryDirectory temp_dir;
268  auto http = std::make_shared<HttpPutManifestFail>(temp_dir.Path());
269 
270  Config conf("tests/config/basic.toml");
271  conf.storage.path = temp_dir.Path();
272 
273  auto storage = INvStorage::newStorage(conf.storage);
274  auto events_channel = std::make_shared<event::Channel>();
275  std::function<void(std::shared_ptr<event::BaseEvent> event)> f_cb = process_events_PutManifestError;
276  events_channel->connect(f_cb);
277  num_events_PutManifestError = 0;
278  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(conf, storage, http, events_channel);
279  EXPECT_NO_THROW(sota_client->initialize());
280  auto result = sota_client->putManifest();
281  EXPECT_FALSE(result);
282  EXPECT_EQ(num_events_PutManifestError, 1);
283 }
284 
285 /*
286  * Verify that failing to send the manifest will not prevent checking for
287  * updates (which is the only way to recover if something goes wrong with
288  * sending the manifest).
289  */
290 TEST(Uptane, FetchMetaFail) {
291  TemporaryDirectory temp_dir;
292  auto http = std::make_shared<HttpPutManifestFail>(temp_dir.Path(), "noupdates");
293 
294  Config conf("tests/config/basic.toml");
295  conf.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
296  conf.provision.primary_ecu_hardware_id = "primary_hw";
297  conf.uptane.director_server = http->tls_server + "/director";
298  conf.uptane.repo_server = http->tls_server + "/repo";
299  conf.storage.path = temp_dir.Path();
300  conf.tls.server = http->tls_server;
301 
302  auto storage = INvStorage::newStorage(conf.storage);
303  auto up = std_::make_unique<UptaneTestCommon::TestUptaneClient>(conf, storage, http);
304 
305  EXPECT_NO_THROW(up->initialize());
306  result::UpdateCheck result = up->fetchMeta();
307  EXPECT_EQ(result.status, result::UpdateStatus::kNoUpdatesAvailable);
308 }
309 
310 unsigned int num_events_InstallTarget = 0;
311 unsigned int num_events_AllInstalls = 0;
312 void process_events_Install(const std::shared_ptr<event::BaseEvent> &event) {
313  if (event->variant == "InstallTargetComplete") {
314  auto concrete_event = std::static_pointer_cast<event::InstallTargetComplete>(event);
315  if (num_events_InstallTarget <= 1) {
316  EXPECT_TRUE(concrete_event->success);
317  } else {
318  EXPECT_FALSE(concrete_event->success);
319  }
320  num_events_InstallTarget++;
321  }
322  if (event->variant == "AllInstallsComplete") {
323  auto concrete_event = std::static_pointer_cast<event::AllInstallsComplete>(event);
324  if (num_events_AllInstalls == 0) {
325  EXPECT_TRUE(concrete_event->result.dev_report.isSuccess());
326  } else {
327  EXPECT_FALSE(concrete_event->result.dev_report.isSuccess());
328  EXPECT_EQ(concrete_event->result.dev_report.result_code, data::ResultCode::Numeric::kAlreadyProcessed);
329  }
330  num_events_AllInstalls++;
331  }
332 }
333 
334 /*
335  * Verify successful installation of a package.
336  *
337  * Identify ECU for each target.
338  * Check if there are updates to install for the primary.
339  * Install a binary update on the primary.
340  * Store installation result for primary.
341  * Store installation result for device.
342  * Check if an update is already installed.
343  */
344 TEST(Uptane, InstallFakeGood) {
345  Config conf("tests/config/basic.toml");
346  TemporaryDirectory temp_dir;
347  auto http = std::make_shared<HttpFake>(temp_dir.Path(), "hasupdates");
348  conf.uptane.director_server = http->tls_server + "director";
349  conf.uptane.repo_server = http->tls_server + "repo";
350  conf.pacman.type = PackageManager::kNone;
351  conf.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
352  conf.provision.primary_ecu_hardware_id = "primary_hw";
353  conf.storage.path = temp_dir.Path();
354  conf.tls.server = http->tls_server;
355  UptaneTestCommon::addDefaultSecondary(conf, temp_dir, "secondary_ecu_serial", "secondary_hw");
356  conf.postUpdateValues();
357 
358  auto storage = INvStorage::newStorage(conf.storage);
359  auto events_channel = std::make_shared<event::Channel>();
360  std::function<void(std::shared_ptr<event::BaseEvent> event)> f_cb = process_events_Install;
361  events_channel->connect(f_cb);
362  auto up = std_::make_unique<UptaneTestCommon::TestUptaneClient>(conf, storage, http, events_channel);
363  EXPECT_NO_THROW(up->initialize());
364 
365  result::UpdateCheck update_result = up->fetchMeta();
366  EXPECT_EQ(update_result.status, result::UpdateStatus::kUpdatesAvailable);
367  result::Download download_result = up->downloadImages(update_result.updates);
368  EXPECT_EQ(download_result.status, result::DownloadStatus::kSuccess);
369  result::Install install_result1 = up->uptaneInstall(download_result.updates);
370  EXPECT_TRUE(install_result1.dev_report.isSuccess());
371  EXPECT_EQ(install_result1.dev_report.result_code, data::ResultCode::Numeric::kOk);
372 
373  // Make sure operation_result and filepath were correctly written and formatted.
374  Json::Value manifest = up->AssembleManifest();
375  EXPECT_EQ(manifest["ecu_version_manifests"]["CA:FE:A6:D2:84:9D"]["signed"]["installed_image"]["filepath"].asString(),
376  "primary_firmware.txt");
377  EXPECT_EQ(
378  manifest["ecu_version_manifests"]["secondary_ecu_serial"]["signed"]["installed_image"]["filepath"].asString(),
379  "secondary_firmware.txt");
380 
381  EXPECT_EQ(num_events_InstallTarget, 2);
382  EXPECT_EQ(num_events_AllInstalls, 1);
383  Json::Value installation_report = manifest["installation_report"]["report"];
384  EXPECT_EQ(installation_report["result"]["success"].asBool(), true);
385  EXPECT_EQ(installation_report["result"]["code"].asString(), "OK");
386  EXPECT_EQ(installation_report["items"][0]["ecu"].asString(), "CA:FE:A6:D2:84:9D");
387  EXPECT_EQ(installation_report["items"][0]["result"]["success"].asBool(), true);
388  EXPECT_EQ(installation_report["items"][0]["result"]["code"].asString(), "OK");
389  EXPECT_EQ(installation_report["items"][1]["ecu"].asString(), "secondary_ecu_serial");
390  EXPECT_EQ(installation_report["items"][1]["result"]["success"].asBool(), true);
391  EXPECT_EQ(installation_report["items"][1]["result"]["code"].asString(), "OK");
392 
393  // second install
394  result::Install install_result2 = up->uptaneInstall(download_result.updates);
395  EXPECT_FALSE(install_result2.dev_report.isSuccess());
396  EXPECT_EQ(install_result2.dev_report.result_code, data::ResultCode::Numeric::kAlreadyProcessed);
397  EXPECT_EQ(num_events_InstallTarget, 2);
398  EXPECT_EQ(num_events_AllInstalls, 2);
399  manifest = up->AssembleManifest();
400  installation_report = manifest["installation_report"]["report"];
401  EXPECT_EQ(installation_report["result"]["success"].asBool(), false);
402 }
403 
404 /*
405  * Verify that installation will fail if the underlying data does not match the
406  * target.
407  */
408 TEST(Uptane, InstallFakeBad) {
409  Config conf("tests/config/basic.toml");
410  TemporaryDirectory temp_dir;
411  auto http = std::make_shared<HttpFake>(temp_dir.Path(), "hasupdates");
412  conf.uptane.director_server = http->tls_server + "director";
413  conf.uptane.repo_server = http->tls_server + "repo";
414  conf.pacman.type = PackageManager::kNone;
415  conf.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
416  conf.provision.primary_ecu_hardware_id = "primary_hw";
417  conf.storage.path = temp_dir.Path();
418  conf.tls.server = http->tls_server;
419  UptaneTestCommon::addDefaultSecondary(conf, temp_dir, "secondary_ecu_serial", "secondary_hw");
420  conf.postUpdateValues();
421 
422  auto storage = INvStorage::newStorage(conf.storage);
423  std::function<void(std::shared_ptr<event::BaseEvent> event)> f_cb = process_events_Install;
424  auto up = std_::make_unique<UptaneTestCommon::TestUptaneClient>(conf, storage, http);
425  EXPECT_NO_THROW(up->initialize());
426 
427  result::UpdateCheck update_result = up->fetchMeta();
428  EXPECT_EQ(update_result.status, result::UpdateStatus::kUpdatesAvailable);
429  result::Download download_result = up->downloadImages(update_result.updates);
430  EXPECT_EQ(download_result.status, result::DownloadStatus::kSuccess);
431 
432  std::string hash = download_result.updates[0].sha256Hash();
433  std::transform(hash.begin(), hash.end(), hash.begin(), ::toupper);
434  boost::filesystem::path image = temp_dir / "images" / hash;
435 
436  // Overwrite the file on disk with garbage so that the target verification
437  // fails. First read the existing data so we can re-write it later.
438  auto rhandle = storage->openTargetFile(download_result.updates[0]);
439  const uint64_t length = download_result.updates[0].length();
440  uint8_t content[length];
441  EXPECT_EQ(rhandle->rread(content, length), length);
442  rhandle->rclose();
443  auto whandle = storage->allocateTargetFile(false, download_result.updates[0]);
444  uint8_t content_bad[length + 1];
445  memset(content_bad, 0, length + 1);
446  EXPECT_EQ(whandle->wfeed(content_bad, 3), 3);
447  whandle->wcommit();
448 
449  result::Install install_result = up->uptaneInstall(download_result.updates);
450  EXPECT_FALSE(install_result.dev_report.isSuccess());
451  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kInternalError);
452 
453  // Try again with oversized data.
454  whandle = storage->allocateTargetFile(false, download_result.updates[0]);
455  EXPECT_EQ(whandle->wfeed(content_bad, length + 1), length + 1);
456  whandle->wcommit();
457 
458  install_result = up->uptaneInstall(download_result.updates);
459  EXPECT_FALSE(install_result.dev_report.isSuccess());
460  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kInternalError);
461 
462  // Try again with equally long data to make sure the hash check actually gets
463  // triggered.
464  whandle = storage->allocateTargetFile(false, download_result.updates[0]);
465  EXPECT_EQ(whandle->wfeed(content_bad, length), length);
466  whandle->wcommit();
467 
468  install_result = up->uptaneInstall(download_result.updates);
469  EXPECT_FALSE(install_result.dev_report.isSuccess());
470  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kInternalError);
471 
472  // Try with the real data, but incomplete.
473  whandle = storage->allocateTargetFile(false, download_result.updates[0]);
474  EXPECT_EQ(whandle->wfeed(reinterpret_cast<uint8_t *>(content), length - 1), length - 1);
475  whandle->wcommit();
476 
477  install_result = up->uptaneInstall(download_result.updates);
478  EXPECT_FALSE(install_result.dev_report.isSuccess());
479  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kInternalError);
480 
481  // Restore the original data to the file so that verification succeeds.
482  whandle = storage->allocateTargetFile(false, download_result.updates[0]);
483  EXPECT_EQ(whandle->wfeed(reinterpret_cast<uint8_t *>(content), length), length);
484  whandle->wcommit();
485 
486  install_result = up->uptaneInstall(download_result.updates);
487  EXPECT_TRUE(install_result.dev_report.isSuccess());
488  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kOk);
489 }
490 
491 bool EcuInstallationStartedReportGot = false;
492 class HttpFakeEvents : public HttpFake {
493  public:
494  HttpFakeEvents(const boost::filesystem::path &test_dir_in, std::string flavor = "")
495  : HttpFake(test_dir_in, std::move(flavor)) {}
496 
497  virtual HttpResponse handle_event(const std::string &url, const Json::Value &data) override {
498  for (const auto &event : data) {
499  if (event["eventType"]["id"].asString() == "EcuInstallationStarted") {
500  if (event["event"]["ecu"].asString() == "secondary_ecu_serial") {
501  EcuInstallationStartedReportGot = true;
502  }
503  }
504  }
505  return HttpResponse(url, 200, CURLE_OK, "");
506  }
507 };
508 
509 class SecondaryInterfaceMock : public Uptane::SecondaryInterface {
510  public:
511  explicit SecondaryInterfaceMock(Primary::VirtualSecondaryConfig &sconfig_in) : sconfig(std::move(sconfig_in)) {
512  std::string private_key, public_key;
513  if (!Crypto::generateKeyPair(sconfig.key_type, &public_key, &private_key)) {
514  throw std::runtime_error("Key generation failure");
515  }
516  public_key_ = PublicKey(public_key, sconfig.key_type);
517  Json::Value manifest_unsigned;
518  manifest_unsigned["key"] = "value";
519 
520  std::string b64sig = Utils::toBase64(
521  Crypto::Sign(sconfig.key_type, nullptr, private_key, Utils::jsonToCanonicalStr(manifest_unsigned)));
522  Json::Value signature;
523  signature["method"] = "rsassa-pss";
524  signature["sig"] = b64sig;
525  signature["keyid"] = public_key_.KeyId();
526  manifest_["signed"] = manifest_unsigned;
527  manifest_["signatures"].append(signature);
528  }
529  PublicKey getPublicKey() const override { return public_key_; }
530 
531  Uptane::HardwareIdentifier getHwId() const override { return Uptane::HardwareIdentifier(sconfig.ecu_hardware_id); }
532  Uptane::EcuSerial getSerial() const override {
533  if (!sconfig.ecu_serial.empty()) {
534  return Uptane::EcuSerial(sconfig.ecu_serial);
535  }
536  return Uptane::EcuSerial(public_key_.KeyId());
537  }
538  Uptane::Manifest getManifest() const override { return manifest_; }
539  MOCK_METHOD1(putMetadataMock, bool(const Uptane::RawMetaPack &));
540  MOCK_CONST_METHOD1(getRootVersionMock, int32_t(bool));
541 
542  bool putMetadata(const Uptane::RawMetaPack &meta_pack) override { return putMetadataMock(meta_pack); }
543  int32_t getRootVersion(bool director) const override { return getRootVersionMock(director); }
544 
545  bool putRoot(const std::string &, bool) override { return true; }
546  bool sendFirmware(const std::string &) override { return true; }
547  virtual data::ResultCode::Numeric install(const std::string &) override { return data::ResultCode::Numeric::kOk; }
548 
549  PublicKey public_key_;
550  Json::Value manifest_;
551 
552  Primary::VirtualSecondaryConfig sconfig;
553 };
554 
555 MATCHER_P(matchMeta, meta, "") {
556  return (arg.director_root == meta.director_root) && (arg.image_root == meta.image_root) &&
557  (arg.director_targets == meta.director_targets) && (arg.image_timestamp == meta.image_timestamp) &&
558  (arg.image_snapshot == meta.image_snapshot) && (arg.image_targets == meta.image_targets);
559 }
560 
561 /*
562  * Send metadata to secondary ECUs
563  * Send EcuInstallationStartedReport to server for secondaries
564  */
565 TEST(Uptane, SendMetadataToSeconadry) {
566  Config conf("tests/config/basic.toml");
567  TemporaryDirectory temp_dir;
568  auto http = std::make_shared<HttpFakeEvents>(temp_dir.Path(), "hasupdates");
569  conf.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
570  conf.provision.primary_ecu_hardware_id = "primary_hw";
571  conf.uptane.director_server = http->tls_server + "/director";
572  conf.uptane.repo_server = http->tls_server + "/repo";
573  conf.storage.path = temp_dir.Path();
574  conf.tls.server = http->tls_server;
575 
576  Primary::VirtualSecondaryConfig ecu_config;
577  ecu_config.partial_verifying = false;
578  ecu_config.full_client_dir = temp_dir.Path();
579  ecu_config.ecu_serial = "secondary_ecu_serial";
580  ecu_config.ecu_hardware_id = "secondary_hw";
581  ecu_config.ecu_private_key = "sec.priv";
582  ecu_config.ecu_public_key = "sec.pub";
583  ecu_config.firmware_path = temp_dir / "firmware.txt";
584  ecu_config.target_name_path = temp_dir / "firmware_name.txt";
585  ecu_config.metadata_path = temp_dir / "secondary_metadata";
586 
587  auto sec = std::make_shared<SecondaryInterfaceMock>(ecu_config);
588  auto storage = INvStorage::newStorage(conf.storage);
589  auto up = std_::make_unique<UptaneTestCommon::TestUptaneClient>(conf, storage, http);
590  up->addNewSecondary(sec);
591  EXPECT_NO_THROW(up->initialize());
592  result::UpdateCheck update_result = up->fetchMeta();
593  EXPECT_EQ(update_result.status, result::UpdateStatus::kUpdatesAvailable);
594 
595  Uptane::RawMetaPack meta;
596  storage->loadLatestRoot(&meta.director_root, Uptane::RepositoryType::Director());
597  storage->loadNonRoot(&meta.director_targets, Uptane::RepositoryType::Director(), Uptane::Role::Targets());
598  storage->loadLatestRoot(&meta.image_root, Uptane::RepositoryType::Image());
599  storage->loadNonRoot(&meta.image_timestamp, Uptane::RepositoryType::Image(), Uptane::Role::Timestamp());
600  storage->loadNonRoot(&meta.image_snapshot, Uptane::RepositoryType::Image(), Uptane::Role::Snapshot());
601  storage->loadNonRoot(&meta.image_targets, Uptane::RepositoryType::Image(), Uptane::Role::Targets());
602 
603  EXPECT_CALL(*sec, putMetadataMock(matchMeta(meta)));
604  result::Download download_result = up->downloadImages(update_result.updates);
605  EXPECT_EQ(download_result.status, result::DownloadStatus::kSuccess);
606  result::Install install_result = up->uptaneInstall(download_result.updates);
607  EXPECT_TRUE(install_result.dev_report.isSuccess());
608  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kOk);
609  EXPECT_TRUE(EcuInstallationStartedReportGot);
610 }
611 
612 /* Register secondary ECUs with director. */
613 TEST(Uptane, UptaneSecondaryAdd) {
614  TemporaryDirectory temp_dir;
615  auto http = std::make_shared<HttpFake>(temp_dir.Path());
616  Config config = config_common();
617  boost::filesystem::copy_file("tests/test_data/cred.zip", temp_dir / "cred.zip");
618  config.provision.provision_path = temp_dir / "cred.zip";
619  config.provision.mode = ProvisionMode::kSharedCred;
620  config.uptane.director_server = http->tls_server + "/director";
621  config.uptane.repo_server = http->tls_server + "/repo";
622  config.tls.server = http->tls_server;
623  config.provision.primary_ecu_serial = "testecuserial";
624  config.storage.path = temp_dir.Path();
625  config.pacman.type = PackageManager::kNone;
626  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
627 
628  auto storage = INvStorage::newStorage(config.storage);
629  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
630  EXPECT_NO_THROW(sota_client->initialize());
631 
632  /* Verify the correctness of the metadata sent to the server about the
633  * secondary. */
634  Json::Value ecu_data = Utils::parseJSONFile(temp_dir / "post.json");
635  EXPECT_EQ(ecu_data["ecus"].size(), 2);
636  EXPECT_EQ(ecu_data["primary_ecu_serial"].asString(), config.provision.primary_ecu_serial);
637  EXPECT_EQ(ecu_data["ecus"][1]["ecu_serial"].asString(), "secondary_ecu_serial");
638  EXPECT_EQ(ecu_data["ecus"][1]["hardware_identifier"].asString(), "secondary_hardware");
639  EXPECT_EQ(ecu_data["ecus"][1]["clientKey"]["keytype"].asString(), "RSA");
640  EXPECT_TRUE(ecu_data["ecus"][1]["clientKey"]["keyval"]["public"].asString().size() > 0);
641 }
642 
643 /* Adding multiple secondaries with the same serial throws an error */
644 TEST(Uptane, UptaneSecondaryAddSameSerial) {
645  TemporaryDirectory temp_dir;
646  auto http = std::make_shared<HttpFake>(temp_dir.Path());
647  boost::filesystem::copy_file("tests/test_data/cred.zip", temp_dir / "cred.zip");
648  Config config = config_common();
649  config.provision.provision_path = temp_dir / "cred.zip";
650  config.provision.mode = ProvisionMode::kSharedCred;
651  config.pacman.type = PackageManager::kNone;
652  config.storage.path = temp_dir.Path();
653 
654  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
655 
656  auto storage = INvStorage::newStorage(config.storage);
657  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
658  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware_new");
659  EXPECT_THROW(sota_client->addNewSecondary(std::make_shared<Primary::VirtualSecondary>(
660  Primary::VirtualSecondaryConfig::create_from_file(config.uptane.secondary_config_file)[0])),
661  std::runtime_error);
662 }
663 
664 /*
665  * Identify previously unknown secondaries
666  * Identify currently unavailable secondaries
667  */
668 TEST(Uptane, UptaneSecondaryMisconfigured) {
669  TemporaryDirectory temp_dir;
670  boost::filesystem::copy_file("tests/test_data/cred.zip", temp_dir / "cred.zip");
671  auto http = std::make_shared<HttpFake>(temp_dir.Path());
672  {
673  Config config = config_common();
674  config.provision.provision_path = temp_dir / "cred.zip";
675  config.provision.mode = ProvisionMode::kSharedCred;
676  config.pacman.type = PackageManager::kNone;
677  config.storage.path = temp_dir.Path();
678  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
679 
680  auto storage = INvStorage::newStorage(config.storage);
681  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
682  EXPECT_NO_THROW(sota_client->initialize());
683 
684  std::vector<MisconfiguredEcu> ecus;
685  storage->loadMisconfiguredEcus(&ecus);
686  EXPECT_EQ(ecus.size(), 0);
687  }
688  {
689  Config config = config_common();
690  config.provision.provision_path = temp_dir / "cred.zip";
691  config.provision.mode = ProvisionMode::kSharedCred;
692  config.pacman.type = PackageManager::kNone;
693  config.storage.path = temp_dir.Path();
694  auto storage = INvStorage::newStorage(config.storage);
695  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "new_secondary_ecu_serial", "new_secondary_hardware");
696  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
697  EXPECT_NO_THROW(sota_client->initialize());
698 
699  std::vector<MisconfiguredEcu> ecus;
700  storage->loadMisconfiguredEcus(&ecus);
701  EXPECT_EQ(ecus.size(), 2);
702  if (ecus[0].serial.ToString() == "new_secondary_ecu_serial") {
703  EXPECT_EQ(ecus[0].state, EcuState::kNotRegistered);
704  EXPECT_EQ(ecus[1].serial.ToString(), "secondary_ecu_serial");
705  EXPECT_EQ(ecus[1].state, EcuState::kOld);
706  } else if (ecus[0].serial.ToString() == "secondary_ecu_serial") {
707  EXPECT_EQ(ecus[0].state, EcuState::kOld);
708  EXPECT_EQ(ecus[1].serial.ToString(), "new_secondary_ecu_serial");
709  EXPECT_EQ(ecus[1].state, EcuState::kNotRegistered);
710  } else {
711  FAIL() << "Unexpected secondary serial in storage: " << ecus[0].serial.ToString();
712  }
713  }
714  {
715  Config config = config_common();
716  config.provision.provision_path = temp_dir / "cred.zip";
717  config.provision.mode = ProvisionMode::kSharedCred;
718  config.pacman.type = PackageManager::kNone;
719  config.storage.path = temp_dir.Path();
720  auto storage = INvStorage::newStorage(config.storage);
721  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hardware");
722  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
723  EXPECT_NO_THROW(sota_client->initialize());
724 
725  std::vector<MisconfiguredEcu> ecus;
726  storage->loadMisconfiguredEcus(&ecus);
727  EXPECT_EQ(ecus.size(), 0);
728  }
729 }
730 
731 /**
732  * Check that basic device info sent by aktualizr during provisioning matches
733  * our expectations.
734  *
735  * Ideally, we would compare what we have with what the server reports, but in
736  * lieu of that, we can check what we send via http.
737  */
738 class HttpFakeProv : public HttpFake {
739  public:
740  HttpFakeProv(const boost::filesystem::path &test_dir_in, std::string flavor = "")
741  : HttpFake(test_dir_in, std::move(flavor)) {}
742 
743  HttpResponse post(const std::string &url, const Json::Value &data) override {
744  std::cout << "post " << url << "\n";
745 
746  if (url.find("/devices") != std::string::npos) {
747  devices_count++;
748  EXPECT_EQ(data["deviceId"].asString(), "tst149_device_id");
749  return HttpResponse(Utils::readFile("tests/test_data/cred.p12"), 200, CURLE_OK, "");
750  } else if (url.find("/director/ecus") != std::string::npos) {
751  /* Register primary ECU with director. */
752  ecus_count++;
753  EXPECT_EQ(data["primary_ecu_serial"].asString(), "CA:FE:A6:D2:84:9D");
754  EXPECT_EQ(data["ecus"][0]["hardware_identifier"].asString(), "primary_hw");
755  EXPECT_EQ(data["ecus"][0]["ecu_serial"].asString(), "CA:FE:A6:D2:84:9D");
756  if (ecus_count == 1) {
757  return HttpResponse("{}", 200, CURLE_OK, "");
758  } else {
759  return HttpResponse(R"({"code":"ecu_already_registered"})", 409, CURLE_OK, "");
760  }
761  } else if (url.find("/events") != std::string::npos) {
762  return handle_event(url, data);
763  }
764  EXPECT_EQ(0, 1) << "Unexpected post to URL: " << url;
765  return HttpResponse("", 400, CURLE_OK, "");
766  }
767 
768  HttpResponse handle_event_single(const Json::Value &event) {
769  if (event["eventType"]["id"] == "DownloadProgressReport") {
770  return HttpResponse("", 200, CURLE_OK, "");
771  }
772  const std::string event_type = event["eventType"]["id"].asString();
773  const std::string serial = event["event"]["ecu"].asString();
774  std::cout << "Got " << event_type << " event\n";
775  ++events_seen;
776  switch (events_seen) {
777  case 0:
778  EXPECT_EQ(event_type, "SendDeviceDataComplete");
779  break;
780  case 1:
781  case 2:
782  case 3:
783  case 4:
784  if (event_type == "EcuDownloadStarted") {
785  if (serial == "CA:FE:A6:D2:84:9D") {
786  ++primary_download_start;
787  } else if (serial == "secondary_ecu_serial") {
788  ++secondary_download_start;
789  }
790  } else if (event_type == "EcuDownloadCompleted") {
791  if (serial == "CA:FE:A6:D2:84:9D") {
792  ++primary_download_complete;
793  } else if (serial == "secondary_ecu_serial") {
794  ++secondary_download_complete;
795  }
796  }
797  if (events_seen == 4) {
798  EXPECT_EQ(primary_download_start, 1);
799  EXPECT_EQ(primary_download_complete, 1);
800  EXPECT_EQ(secondary_download_start, 1);
801  EXPECT_EQ(secondary_download_complete, 1);
802  }
803  break;
804  case 5:
805  /* Send EcuInstallationStartedReport to server for primary. */
806  EXPECT_EQ(event_type, "EcuInstallationStarted");
807  EXPECT_EQ(serial, "CA:FE:A6:D2:84:9D");
808  break;
809  case 6:
810  /* Send EcuInstallationCompletedReport to server for primary. */
811  EXPECT_EQ(event_type, "EcuInstallationCompleted");
812  EXPECT_EQ(serial, "CA:FE:A6:D2:84:9D");
813  break;
814  case 7:
815  /* Send EcuInstallationStartedReport to server for secondaries. */
816  EXPECT_EQ(event_type, "EcuInstallationStarted");
817  EXPECT_EQ(serial, "secondary_ecu_serial");
818  break;
819  case 8:
820  /* Send EcuInstallationCompletedReport to server for secondaries. */
821  EXPECT_EQ(event_type, "EcuInstallationCompleted");
822  EXPECT_EQ(serial, "secondary_ecu_serial");
823  break;
824  default:
825  std::cout << "Unexpected event: " << event_type;
826  EXPECT_EQ(0, 1);
827  }
828  return HttpResponse("", 200, CURLE_OK, "");
829  }
830 
831  HttpResponse handle_event(const std::string &url, const Json::Value &data) override {
832  (void)url;
833  for (const Json::Value &ev : data) {
834  handle_event_single(ev);
835  }
836  return HttpResponse("", 200, CURLE_OK, "");
837  }
838 
839  HttpResponse put(const std::string &url, const Json::Value &data) override {
840  std::cout << "put " << url << "\n";
841  if (url.find("core/installed") != std::string::npos) {
842  /* Send a list of installed packages to the server. */
843  installed_count++;
844  EXPECT_EQ(data.size(), 1);
845  EXPECT_EQ(data[0]["name"].asString(), "fake-package");
846  EXPECT_EQ(data[0]["version"].asString(), "1.0");
847  } else if (url.find("/director/manifest") != std::string::npos) {
848  /* Get manifest from primary.
849  * Get primary installation result.
850  * Send manifest to the server. */
851  manifest_count++;
852  std::string file_primary;
853  std::string file_secondary;
854  std::string hash_primary;
855  std::string hash_secondary;
856  if (manifest_count <= 2) {
857  file_primary = "unknown";
858  file_secondary = "noimage";
859  // Check for default initial value of packagemanagerfake.
860  hash_primary = boost::algorithm::to_lower_copy(boost::algorithm::hex(Crypto::sha256digest("")));
861  hash_secondary = boost::algorithm::to_lower_copy(boost::algorithm::hex(Crypto::sha256digest("")));
862  } else {
863  file_primary = "primary_firmware.txt";
864  file_secondary = "secondary_firmware.txt";
865  const Json::Value json = Utils::parseJSON(Utils::readFile(meta_dir / "director/targets_hasupdates.json"));
866  const Json::Value targets_list = json["signed"]["targets"];
867  hash_primary = targets_list["primary_firmware.txt"]["hashes"]["sha256"].asString();
868  hash_secondary = targets_list["secondary_firmware.txt"]["hashes"]["sha256"].asString();
869  }
870  const Json::Value manifest = data["signed"]["ecu_version_manifests"];
871  const Json::Value manifest_primary = manifest["CA:FE:A6:D2:84:9D"]["signed"]["installed_image"];
872  const Json::Value manifest_secondary = manifest["secondary_ecu_serial"]["signed"]["installed_image"];
873  EXPECT_EQ(file_primary, manifest_primary["filepath"].asString());
874  EXPECT_EQ(file_secondary, manifest_secondary["filepath"].asString());
875  EXPECT_EQ(manifest_primary["fileinfo"]["hashes"]["sha256"].asString(), hash_primary);
876  EXPECT_EQ(manifest_secondary["fileinfo"]["hashes"]["sha256"].asString(), hash_secondary);
877  } else if (url.find("/system_info/network") != std::string::npos) {
878  /* Send networking info to the server. */
879  network_count++;
880  Json::Value nwinfo = Utils::getNetworkInfo();
881  EXPECT_EQ(nwinfo["local_ipv4"].asString(), data["local_ipv4"].asString());
882  EXPECT_EQ(nwinfo["mac"].asString(), data["mac"].asString());
883  EXPECT_EQ(nwinfo["hostname"].asString(), data["hostname"].asString());
884  } else if (url.find("/system_info") != std::string::npos) {
885  /* Send hardware info to the server. */
886  system_info_count++;
887  Json::Value hwinfo = Utils::getHardwareInfo();
888  EXPECT_EQ(hwinfo["id"].asString(), data["id"].asString());
889  EXPECT_EQ(hwinfo["description"].asString(), data["description"].asString());
890  EXPECT_EQ(hwinfo["class"].asString(), data["class"].asString());
891  EXPECT_EQ(hwinfo["product"].asString(), data["product"].asString());
892  } else {
893  EXPECT_EQ(0, 1) << "Unexpected put to URL: " << url;
894  }
895 
896  return HttpFake::put(url, data);
897  }
898 
899  size_t events_seen{0};
900  int devices_count{0};
901  int ecus_count{0};
902  int manifest_count{0};
903  int installed_count{0};
904  int system_info_count{0};
905  int network_count{0};
906 
907  private:
908  int primary_download_start{0};
909  int primary_download_complete{0};
910  int secondary_download_start{0};
911  int secondary_download_complete{0};
912 };
913 
914 /* Provision with a fake server and check for the exact number of expected
915  * calls to each endpoint.
916  * Use a provided hardware ID
917  * Send SendDeviceDataComplete event
918  */
919 TEST(Uptane, ProvisionOnServer) {
920  RecordProperty("zephyr_key", "OTA-984,TST-149");
921  TemporaryDirectory temp_dir;
922  Config config("tests/config/basic.toml");
923  auto http = std::make_shared<HttpFakeProv>(temp_dir.Path(), "hasupdates");
924  const std::string &server = http->tls_server;
925  config.provision.server = server;
926  config.tls.server = server;
927  config.uptane.director_server = server + "/director";
928  config.uptane.repo_server = server + "/repo";
929  config.provision.ecu_registration_endpoint = server + "/director/ecus";
930  config.provision.device_id = "tst149_device_id";
931  config.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
932  config.provision.primary_ecu_hardware_id = "primary_hw";
933  config.storage.path = temp_dir.Path();
934  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hw");
935 
936  auto storage = INvStorage::newStorage(config.storage);
937  auto events_channel = std::make_shared<event::Channel>();
938  auto up = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http, events_channel);
939 
940  EXPECT_EQ(http->devices_count, 0);
941  EXPECT_EQ(http->ecus_count, 0);
942  EXPECT_EQ(http->manifest_count, 0);
943  EXPECT_EQ(http->installed_count, 0);
944  EXPECT_EQ(http->system_info_count, 0);
945  EXPECT_EQ(http->network_count, 0);
946 
947  EXPECT_NO_THROW(up->initialize());
948  EcuSerials serials;
949  storage->loadEcuSerials(&serials);
950  EXPECT_EQ(serials[0].second.ToString(), "primary_hw");
951 
952  EXPECT_EQ(http->devices_count, 1);
953  EXPECT_EQ(http->ecus_count, 1);
954 
955  EXPECT_NO_THROW(up->sendDeviceData());
956  EXPECT_EQ(http->manifest_count, 1);
957  EXPECT_EQ(http->installed_count, 1);
958  EXPECT_EQ(http->system_info_count, 1);
959  EXPECT_EQ(http->network_count, 1);
960 
961  result::UpdateCheck update_result = up->fetchMeta();
962  EXPECT_EQ(update_result.status, result::UpdateStatus::kUpdatesAvailable);
963  EXPECT_EQ(http->manifest_count, 2);
964 
965  // Test installation to make sure the metadata put to the server is correct.
966  result::Download download_result = up->downloadImages(update_result.updates);
967  EXPECT_EQ(download_result.status, result::DownloadStatus::kSuccess);
968  result::Install install_result = up->uptaneInstall(download_result.updates);
969  EXPECT_TRUE(install_result.dev_report.isSuccess());
970  EXPECT_EQ(install_result.dev_report.result_code, data::ResultCode::Numeric::kOk);
971  up->putManifest();
972 
973  EXPECT_EQ(http->devices_count, 1);
974  EXPECT_EQ(http->ecus_count, 1);
975  EXPECT_EQ(http->manifest_count, 3);
976  EXPECT_EQ(http->installed_count, 1);
977  EXPECT_EQ(http->system_info_count, 1);
978  EXPECT_EQ(http->network_count, 1);
979  EXPECT_EQ(http->events_seen, 8);
980 }
981 
982 /* Migrate from the legacy filesystem storage. */
983 TEST(Uptane, FsToSqlFull) {
984  TemporaryDirectory temp_dir;
985  Utils::copyDir("tests/test_data/prov", temp_dir.Path());
986  ASSERT_GE(chmod(temp_dir.Path().c_str(), S_IRWXU), 0);
987  StorageConfig config;
988  config.type = StorageType::kSqlite;
989  config.path = temp_dir.Path();
990 
991  FSStorageRead fs_storage(config);
992 
993  std::string public_key;
994  std::string private_key;
995  fs_storage.loadPrimaryKeys(&public_key, &private_key);
996 
997  std::string ca;
998  std::string cert;
999  std::string pkey;
1000  fs_storage.loadTlsCreds(&ca, &cert, &pkey);
1001 
1002  std::string device_id;
1003  fs_storage.loadDeviceId(&device_id);
1004 
1005  EcuSerials serials;
1006  fs_storage.loadEcuSerials(&serials);
1007 
1008  bool ecu_registered = fs_storage.loadEcuRegistered();
1009 
1010  std::vector<Uptane::Target> fs_installed_versions;
1011  std::vector<Uptane::Target> fixed_installed_versions;
1012  fs_storage.loadInstalledVersions(&fs_installed_versions, nullptr);
1013  // Add the serial/hwid mapping to match what the SQL storage will do when
1014  // reading it back after it has been copied from FS storage.
1015  for (auto &target : fs_installed_versions) {
1016  Json::Value dump = target.toDebugJson();
1017  dump["custom"]["ecuIdentifiers"][serials[0].first.ToString()]["hardwareId"] = serials[0].second.ToString();
1018  fixed_installed_versions.emplace_back(Uptane::Target(target.filename(), dump));
1019  }
1020 
1021  std::string director_root;
1022  std::string director_targets;
1023  std::string images_root;
1024  std::string images_targets;
1025  std::string images_timestamp;
1026  std::string images_snapshot;
1027 
1028  EXPECT_TRUE(fs_storage.loadLatestRoot(&director_root, Uptane::RepositoryType::Director()));
1029  EXPECT_TRUE(fs_storage.loadNonRoot(&director_targets, Uptane::RepositoryType::Director(), Uptane::Role::Targets()));
1030  EXPECT_TRUE(fs_storage.loadLatestRoot(&images_root, Uptane::RepositoryType::Image()));
1031  EXPECT_TRUE(fs_storage.loadNonRoot(&images_targets, Uptane::RepositoryType::Image(), Uptane::Role::Targets()));
1032  EXPECT_TRUE(fs_storage.loadNonRoot(&images_timestamp, Uptane::RepositoryType::Image(), Uptane::Role::Timestamp()));
1033  EXPECT_TRUE(fs_storage.loadNonRoot(&images_snapshot, Uptane::RepositoryType::Image(), Uptane::Role::Snapshot()));
1034 
1035  EXPECT_TRUE(boost::filesystem::exists(config.uptane_public_key_path.get(config.path)));
1036  EXPECT_TRUE(boost::filesystem::exists(config.uptane_private_key_path.get(config.path)));
1037  EXPECT_TRUE(boost::filesystem::exists(config.tls_cacert_path.get(config.path)));
1038  EXPECT_TRUE(boost::filesystem::exists(config.tls_clientcert_path.get(config.path)));
1039  EXPECT_TRUE(boost::filesystem::exists(config.tls_pkey_path.get(config.path)));
1040 
1041  boost::filesystem::path image_path = config.uptane_metadata_path.get(config.path) / "repo";
1042  boost::filesystem::path director_path = config.uptane_metadata_path.get(config.path) / "director";
1043  EXPECT_TRUE(boost::filesystem::exists(director_path / "1.root.json"));
1044  EXPECT_TRUE(boost::filesystem::exists(director_path / "targets.json"));
1045  EXPECT_TRUE(boost::filesystem::exists(image_path / "1.root.json"));
1046  EXPECT_TRUE(boost::filesystem::exists(image_path / "targets.json"));
1047  EXPECT_TRUE(boost::filesystem::exists(image_path / "timestamp.json"));
1048  EXPECT_TRUE(boost::filesystem::exists(image_path / "snapshot.json"));
1049  EXPECT_TRUE(boost::filesystem::exists(Utils::absolutePath(config.path, "device_id")));
1050  EXPECT_TRUE(boost::filesystem::exists(Utils::absolutePath(config.path, "is_registered")));
1051  EXPECT_TRUE(boost::filesystem::exists(Utils::absolutePath(config.path, "primary_ecu_serial")));
1052  EXPECT_TRUE(boost::filesystem::exists(Utils::absolutePath(config.path, "primary_ecu_hardware_id")));
1053  EXPECT_TRUE(boost::filesystem::exists(Utils::absolutePath(config.path, "secondaries_list")));
1054  auto sql_storage = INvStorage::newStorage(config);
1055 
1056  EXPECT_FALSE(boost::filesystem::exists(config.uptane_public_key_path.get(config.path)));
1057  EXPECT_FALSE(boost::filesystem::exists(config.uptane_private_key_path.get(config.path)));
1058  EXPECT_FALSE(boost::filesystem::exists(config.tls_cacert_path.get(config.path)));
1059  EXPECT_FALSE(boost::filesystem::exists(config.tls_clientcert_path.get(config.path)));
1060  EXPECT_FALSE(boost::filesystem::exists(config.tls_pkey_path.get(config.path)));
1061 
1062  EXPECT_FALSE(boost::filesystem::exists(director_path / "root.json"));
1063  EXPECT_FALSE(boost::filesystem::exists(director_path / "targets.json"));
1064  EXPECT_FALSE(boost::filesystem::exists(director_path / "root.json"));
1065  EXPECT_FALSE(boost::filesystem::exists(director_path / "targets.json"));
1066  EXPECT_FALSE(boost::filesystem::exists(image_path / "timestamp.json"));
1067  EXPECT_FALSE(boost::filesystem::exists(image_path / "snapshot.json"));
1068  EXPECT_FALSE(boost::filesystem::exists(Utils::absolutePath(config.path, "device_id")));
1069  EXPECT_FALSE(boost::filesystem::exists(Utils::absolutePath(config.path, "is_registered")));
1070  EXPECT_FALSE(boost::filesystem::exists(Utils::absolutePath(config.path, "primary_ecu_serial")));
1071  EXPECT_FALSE(boost::filesystem::exists(Utils::absolutePath(config.path, "primary_ecu_hardware_id")));
1072  EXPECT_FALSE(boost::filesystem::exists(Utils::absolutePath(config.path, "secondaries_list")));
1073 
1074  std::string sql_public_key;
1075  std::string sql_private_key;
1076  sql_storage->loadPrimaryKeys(&sql_public_key, &sql_private_key);
1077 
1078  std::string sql_ca;
1079  std::string sql_cert;
1080  std::string sql_pkey;
1081  sql_storage->loadTlsCreds(&sql_ca, &sql_cert, &sql_pkey);
1082 
1083  std::string sql_device_id;
1084  sql_storage->loadDeviceId(&sql_device_id);
1085 
1086  EcuSerials sql_serials;
1087  sql_storage->loadEcuSerials(&sql_serials);
1088 
1089  bool sql_ecu_registered = sql_storage->loadEcuRegistered();
1090 
1091  std::vector<Uptane::Target> sql_installed_versions;
1092  sql_storage->loadPrimaryInstallationLog(&sql_installed_versions, true);
1093 
1094  std::string sql_director_root;
1095  std::string sql_director_targets;
1096  std::string sql_images_root;
1097  std::string sql_images_targets;
1098  std::string sql_images_timestamp;
1099  std::string sql_images_snapshot;
1100 
1101  sql_storage->loadLatestRoot(&sql_director_root, Uptane::RepositoryType::Director());
1102  sql_storage->loadNonRoot(&sql_director_targets, Uptane::RepositoryType::Director(), Uptane::Role::Targets());
1103  sql_storage->loadLatestRoot(&sql_images_root, Uptane::RepositoryType::Image());
1104  sql_storage->loadNonRoot(&sql_images_targets, Uptane::RepositoryType::Image(), Uptane::Role::Targets());
1105  sql_storage->loadNonRoot(&sql_images_timestamp, Uptane::RepositoryType::Image(), Uptane::Role::Timestamp());
1106  sql_storage->loadNonRoot(&sql_images_snapshot, Uptane::RepositoryType::Image(), Uptane::Role::Snapshot());
1107 
1108  EXPECT_EQ(sql_public_key, public_key);
1109  EXPECT_EQ(sql_private_key, private_key);
1110  EXPECT_EQ(sql_ca, ca);
1111  EXPECT_EQ(sql_cert, cert);
1112  EXPECT_EQ(sql_pkey, pkey);
1113  EXPECT_EQ(sql_device_id, device_id);
1114  EXPECT_EQ(sql_serials, serials);
1115  EXPECT_EQ(sql_ecu_registered, ecu_registered);
1116  EXPECT_TRUE(Uptane::MatchTargetVector(sql_installed_versions, fixed_installed_versions));
1117 
1118  EXPECT_EQ(sql_director_root, director_root);
1119  EXPECT_EQ(sql_director_targets, director_targets);
1120  EXPECT_EQ(sql_images_root, images_root);
1121  EXPECT_EQ(sql_images_targets, images_targets);
1122  EXPECT_EQ(sql_images_timestamp, images_timestamp);
1123  EXPECT_EQ(sql_images_snapshot, images_snapshot);
1124 }
1125 
1126 /* Import a list of installed packages into the storage. */
1127 TEST(Uptane, InstalledVersionImport) {
1128  Config config = config_common();
1129 
1130  TemporaryDirectory temp_dir;
1131  Utils::createDirectories(temp_dir / "import", S_IRWXU);
1132  config.storage.path = temp_dir.Path();
1133  config.import.base_path = temp_dir / "import";
1134  config.postUpdateValues();
1135 
1136  boost::filesystem::copy_file("tests/test_data/prov/installed_versions",
1137  temp_dir.Path() / "import/installed_versions");
1138 
1139  // test basic import
1140  auto storage = INvStorage::newStorage(config.storage);
1141  storage->importData(config.import);
1142 
1143  boost::optional<Uptane::Target> current_version;
1144  storage->loadPrimaryInstalledVersions(&current_version, nullptr);
1145  EXPECT_TRUE(!!current_version);
1146  EXPECT_EQ(current_version->filename(), "master-863de625f305413dc3be306afab7c3f39d8713045cfff812b3af83f9722851f0");
1147 
1148  // check that data is not re-imported later: store new data, reload a new
1149  // storage with import and see that the new data is still there
1150  Json::Value target_json;
1151  target_json["hashes"]["sha256"] = "a0fb2e119cf812f1aa9e993d01f5f07cb41679096cb4492f1265bff5ac901d0d";
1152  target_json["length"] = 123;
1153  Uptane::Target new_installed_version{"filename", target_json};
1154  storage->savePrimaryInstalledVersion(new_installed_version, InstalledVersionUpdateMode::kCurrent);
1155 
1156  auto new_storage = INvStorage::newStorage(config.storage);
1157  new_storage->importData(config.import);
1158 
1159  current_version = boost::none;
1160  new_storage->loadPrimaryInstalledVersions(&current_version, nullptr);
1161  EXPECT_TRUE(!!current_version);
1162  EXPECT_EQ(current_version->filename(), "filename");
1163 }
1164 
1165 /* Store a list of installed package versions. */
1166 TEST(Uptane, SaveAndLoadVersion) {
1167  TemporaryDirectory temp_dir;
1168  Config config = config_common();
1169  config.storage.path = temp_dir.Path();
1170  config.provision.device_id = "device_id";
1171  config.postUpdateValues();
1172  auto storage = INvStorage::newStorage(config.storage);
1173 
1174  Json::Value target_json;
1175  target_json["hashes"]["sha256"] = "a0fb2e119cf812f1aa9e993d01f5f07cb41679096cb4492f1265bff5ac901d0d";
1176  target_json["length"] = 123;
1177 
1178  Uptane::Target t("target_name", target_json);
1179  storage->savePrimaryInstalledVersion(t, InstalledVersionUpdateMode::kCurrent);
1180 
1181  boost::optional<Uptane::Target> current_version;
1182  storage->loadPrimaryInstalledVersions(&current_version, nullptr);
1183 
1184  EXPECT_TRUE(!!current_version);
1185  EXPECT_EQ(current_version->sha256Hash(), "a0fb2e119cf812f1aa9e993d01f5f07cb41679096cb4492f1265bff5ac901d0d");
1186  EXPECT_EQ(current_version->length(), 123);
1187  EXPECT_TRUE(current_version->MatchTarget(t));
1188 }
1189 
1190 class HttpFakeUnstable : public HttpFake {
1191  public:
1192  HttpFakeUnstable(const boost::filesystem::path &test_dir_in) : HttpFake(test_dir_in, "hasupdates") {}
1193  HttpResponse get(const std::string &url, int64_t maxsize) override {
1194  if (unstable_valid_count >= unstable_valid_num) {
1195  return HttpResponse({}, 503, CURLE_OK, "");
1196  } else {
1197  // This if is a hack only required as long as we have to explicitly fetch
1198  // this to make the Director recognize new devices as "online".
1199  if (url.find("director/root.json") == std::string::npos) {
1200  ++unstable_valid_count;
1201  }
1202  return HttpFake::get(url, maxsize);
1203  }
1204  }
1205 
1206  void setUnstableValidNum(int num) {
1207  unstable_valid_num = num;
1208  unstable_valid_count = 0;
1209  }
1210 
1211  int unstable_valid_num{0};
1212  int unstable_valid_count{0};
1213 };
1214 
1215 /* Recover from an interrupted Uptane iteration.
1216  * Fetch metadata from the director.
1217  * Check metadata from the director.
1218  * Identify targets for known ECUs.
1219  * Fetch metadata from the images repo.
1220  * Check metadata from the images repo.
1221  *
1222  * This is a bit fragile because it depends upon a precise number of HTTP get
1223  * requests being made. If that changes, this test will need to be adjusted. */
1224 TEST(Uptane, restoreVerify) {
1225  TemporaryDirectory temp_dir;
1226  auto http = std::make_shared<HttpFakeUnstable>(temp_dir.Path());
1227  Config config("tests/config/basic.toml");
1228  config.storage.path = temp_dir.Path();
1229  config.pacman.type = PackageManager::kNone;
1230  config.uptane.director_server = http->tls_server + "director";
1231  config.uptane.repo_server = http->tls_server + "repo";
1232  config.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
1233  config.provision.primary_ecu_hardware_id = "primary_hw";
1234  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hw");
1235  config.postUpdateValues();
1236 
1237  auto storage = INvStorage::newStorage(config.storage);
1238  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
1239 
1240  EXPECT_NO_THROW(sota_client->initialize());
1241  sota_client->AssembleManifest();
1242  // 1st attempt, don't get anything
1243  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1244  EXPECT_FALSE(storage->loadLatestRoot(nullptr, Uptane::RepositoryType::Director()));
1245 
1246  // 2nd attempt, get director root.json
1247  http->setUnstableValidNum(1);
1248  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1249  EXPECT_TRUE(storage->loadLatestRoot(nullptr, Uptane::RepositoryType::Director()));
1250  EXPECT_FALSE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Director(), Uptane::Role::Targets()));
1251 
1252  // 3rd attempt, get director targets.json
1253  http->setUnstableValidNum(2);
1254  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1255  EXPECT_TRUE(storage->loadLatestRoot(nullptr, Uptane::RepositoryType::Director()));
1256  EXPECT_TRUE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Director(), Uptane::Role::Targets()));
1257  EXPECT_FALSE(storage->loadLatestRoot(nullptr, Uptane::RepositoryType::Image()));
1258 
1259  // 4th attempt, get images root.json
1260  http->setUnstableValidNum(3);
1261  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1262  EXPECT_TRUE(storage->loadLatestRoot(nullptr, Uptane::RepositoryType::Image()));
1263  EXPECT_FALSE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Timestamp()));
1264 
1265  // 5th attempt, get images timestamp.json
1266  http->setUnstableValidNum(4);
1267  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1268  EXPECT_TRUE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Timestamp()));
1269  EXPECT_FALSE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Snapshot()));
1270 
1271  // 6th attempt, get images snapshot.json
1272  http->setUnstableValidNum(5);
1273  EXPECT_FALSE(sota_client->uptaneIteration(nullptr, nullptr));
1274  EXPECT_TRUE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Snapshot()));
1275  EXPECT_FALSE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Targets()));
1276 
1277  // 7th attempt, get images targets.json, successful iteration
1278  http->setUnstableValidNum(6);
1279  EXPECT_TRUE(sota_client->uptaneIteration(nullptr, nullptr));
1280  EXPECT_TRUE(storage->loadNonRoot(nullptr, Uptane::RepositoryType::Image(), Uptane::Role::Targets()));
1281 }
1282 
1283 /* Fetch metadata from the director.
1284  * Check metadata from the director.
1285  * Identify targets for known ECUs.
1286  * Fetch metadata from the images repo.
1287  * Check metadata from the images repo. */
1288 TEST(Uptane, offlineIteration) {
1289  TemporaryDirectory temp_dir;
1290  auto http = std::make_shared<HttpFake>(temp_dir.Path(), "hasupdates");
1291  Config config("tests/config/basic.toml");
1292  config.storage.path = temp_dir.Path();
1293  config.uptane.director_server = http->tls_server + "director";
1294  config.uptane.repo_server = http->tls_server + "repo";
1295  config.pacman.type = PackageManager::kNone;
1296  config.provision.primary_ecu_serial = "CA:FE:A6:D2:84:9D";
1297  config.provision.primary_ecu_hardware_id = "primary_hw";
1298  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hw");
1299  config.postUpdateValues();
1300 
1301  auto storage = INvStorage::newStorage(config.storage);
1302  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
1303  EXPECT_NO_THROW(sota_client->initialize());
1304 
1305  std::vector<Uptane::Target> targets_online;
1306  EXPECT_TRUE(sota_client->uptaneIteration(&targets_online, nullptr));
1307 
1308  std::vector<Uptane::Target> targets_offline;
1309  EXPECT_TRUE(sota_client->uptaneOfflineIteration(&targets_offline, nullptr));
1310  EXPECT_TRUE(Uptane::MatchTargetVector(targets_online, targets_offline));
1311 }
1312 
1313 /*
1314  * Ignore updates for unrecognized ECUs.
1315  * Reject targets which do not match a known ECU.
1316  */
1317 TEST(Uptane, IgnoreUnknownUpdate) {
1318  TemporaryDirectory temp_dir;
1319  auto http = std::make_shared<HttpFake>(temp_dir.Path(), "hasupdates");
1320  Config config("tests/config/basic.toml");
1321  config.storage.path = temp_dir.Path();
1322  config.uptane.director_server = http->tls_server + "director";
1323  config.uptane.repo_server = http->tls_server + "repo";
1324  config.pacman.type = PackageManager::kNone;
1325  config.provision.primary_ecu_serial = "primary_ecu";
1326  config.provision.primary_ecu_hardware_id = "primary_hw";
1327  UptaneTestCommon::addDefaultSecondary(config, temp_dir, "secondary_ecu_serial", "secondary_hw");
1328  config.postUpdateValues();
1329 
1330  auto storage = INvStorage::newStorage(config.storage);
1331  auto sota_client = std_::make_unique<UptaneTestCommon::TestUptaneClient>(config, storage, http);
1332 
1333  EXPECT_NO_THROW(sota_client->initialize());
1334  auto result = sota_client->fetchMeta();
1335  EXPECT_EQ(result.status, result::UpdateStatus::kError);
1336  EXPECT_STREQ(sota_client->getLastException().what(),
1337  "The target had an ECU ID that did not match the client's configured ECU id.");
1338  sota_client->last_exception = Uptane::Exception{"", ""};
1339  result = sota_client->checkUpdates();
1340  EXPECT_EQ(result.status, result::UpdateStatus::kError);
1341  EXPECT_STREQ(sota_client->getLastException().what(),
1342  "The target had an ECU ID that did not match the client's configured ECU id.");
1343  std::vector<Uptane::Target> packages_to_install = UptaneTestCommon::makePackage("testecuserial", "testecuhwid");
1344  sota_client->last_exception = Uptane::Exception{"", ""};
1345  auto report = sota_client->uptaneInstall(packages_to_install);
1346  EXPECT_STREQ(sota_client->getLastException().what(),
1347  "The target had an ECU ID that did not match the client's configured ECU id.");
1348  EXPECT_EQ(report.ecu_reports.size(), 0);
1349 }
1350 
1351 #ifdef BUILD_P11
1352 TEST(Uptane, Pkcs11Provision) {
1353  Config config;
1354  TemporaryDirectory temp_dir;
1355  Utils::createDirectories(temp_dir / "import", S_IRWXU);
1356  boost::filesystem::copy_file("tests/test_data/device_cred_prov/ca.pem", temp_dir / "import/root.crt");
1357  config.tls.cert_source = CryptoSource::kPkcs11;
1358  config.tls.pkey_source = CryptoSource::kPkcs11;
1359  config.p11.module = TEST_PKCS11_MODULE_PATH;
1360  config.p11.pass = "1234";
1361  config.p11.tls_clientcert_id = "01";
1362  config.p11.tls_pkey_id = "02";
1363  config.import.base_path = (temp_dir / "import").string();
1364  config.import.tls_cacert_path = BasedPath("root.crt");
1365 
1366  config.storage.path = temp_dir.Path();
1367  config.postUpdateValues();
1368 
1369  auto storage = INvStorage::newStorage(config.storage);
1370  storage->importData(config.import);
1371  auto http = std::make_shared<HttpFake>(temp_dir.Path(), "hasupdates");
1372  KeyManager keys(storage, config.keymanagerConfig());
1373  Initializer initializer(config.provision, storage, http, keys, {});
1374 
1375  EXPECT_TRUE(initializer.isSuccessful());
1376 }
1377 #endif
1378 
1379 #ifndef __NO_MAIN__
1380 int main(int argc, char **argv) {
1381  ::testing::InitGoogleTest(&argc, argv);
1382 
1383  logger_init();
1384  logger_set_threshold(boost::log::trivial::trace);
1385 
1386  return RUN_ALL_TESTS();
1387 }
1388 #endif
1389 
1390 // vim: set tabstop=2 shiftwidth=2 expandtab:
Uptane::UnmetThreshold
Definition: exceptions.h:53
HttpFake
Definition: httpfake.h:22
KeyManager
Definition: keymanager.h:13
data::ResultCode::Numeric::kAlreadyProcessed
Operation has already been processed.
SecondaryInterfaceMock
Definition: uptane_test.cc:509
BasedPath
Definition: utils.h:101
HttpFakeProv
Check that basic device info sent by aktualizr during provisioning matches our expectations.
Definition: uptane_test.cc:738
HttpFakeEvents
Definition: uptane_test.cc:492
StorageConfig
Definition: storage_config.h:15
result::UpdateCheck
Container for information about available updates.
Definition: results.h:38
data
General data structures.
Definition: types.cc:44
Uptane::HardwareIdentifier
Definition: tuf.h:143
HttpResponse
Definition: httpinterface.h:17
Config
Configuration object for an aktualizr instance running on a primary ECU.
Definition: config.h:73
Uptane::RawMetaPack
Definition: tuf.h:532
Uptane::EcuSerial
Definition: tuf.h:174
result::Download
Container for information about downloading an update.
Definition: results.h:117
PublicKey
Definition: crypto.h:26
Uptane::Exception
Definition: exceptions.h:10
Uptane::IllegalThreshold
Definition: exceptions.h:41
Primary::VirtualSecondaryConfig
Definition: virtualsecondary.h:11
HttpFakeUnstable
Definition: uptane_test.cc:1190
Uptane::BadKeyId
Definition: exceptions.h:88
TemporaryDirectory
Definition: utils.h:82
result
Results of libaktualizr API calls.
Definition: results.h:13
Initializer
Definition: initializer.h:13
result::Install
Container for information about installing an update.
Definition: results.h:130
data::ResultCode::Numeric::kInternalError
SWM Internal integrity error.
Uptane::Target
Definition: tuf.h:238
data::ResultCode::Numeric
Numeric
Definition: types.h:125
Uptane::Root
Definition: tuf.h:382
Uptane
Base data types that are used in The Update Framework (TUF), part of UPTANE.
Definition: secondary_tcp_server.h:8
HttpPutManifestFail
Definition: aktualizr_test.cc:2113
Uptane::SecondaryInterface
Definition: secondaryinterface.h:12
Uptane::Manifest
Definition: manifest.h:13
FSStorageRead
Definition: fsstorage_read.h:7
event
Aktualizr status events.
Definition: events.h:18
Uptane::SecurityException
Definition: exceptions.h:21
Generated by   doxygen 1.8.16