From c4ca53b5dacf428a14032456ab8e9f8c755c1076 Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Mon, 15 Jul 2019 14:50:17 +0200 Subject: [PATCH 01/11] Use the types we have defined to make things easier. Signed-off-by: Patrick Vacek --- src/aktualizr_info/aktualizr_info_test.cc | 83 ++++++++++------------- 1 file changed, 37 insertions(+), 46 deletions(-) diff --git a/src/aktualizr_info/aktualizr_info_test.cc b/src/aktualizr_info/aktualizr_info_test.cc index c3999cff23..0a0734c58f 100644 --- a/src/aktualizr_info/aktualizr_info_test.cc +++ b/src/aktualizr_info/aktualizr_info_test.cc @@ -32,8 +32,8 @@ class AktualizrInfoTest : public ::testing::Test { virtual void SetUp() { device_id = "aktualizr-info-test-device_ID-fd1fc55c-3abc-4de8-a2ca-32d455ae9c11"; - primary_ecu_serial = "82697cac-f54c-40ea-a8f2-76c203b7bf2f"; - primary_ecu_id = "primary-hdwr-e96c08e0-38a0-4903-a021-143cf5427bc9"; + primary_ecu_serial = Uptane::EcuSerial("82697cac-f54c-40ea-a8f2-76c203b7bf2f"); + primary_hw_id = Uptane::HardwareIdentifier("primary-hdwr-e96c08e0-38a0-4903-a021-143cf5427bc9"); db_storage_->storeDeviceId(device_id); } @@ -76,8 +76,8 @@ class AktualizrInfoTest : public ::testing::Test { AktualizrInfoProcess aktualizr_info_process_{*this, test_conf_file_}; std::string device_id; - std::string primary_ecu_serial; - std::string primary_ecu_id; + Uptane::EcuSerial primary_ecu_serial = Uptane::EcuSerial::Unknown(); + Uptane::HardwareIdentifier primary_hw_id = Uptane::HardwareIdentifier::Unknown(); }; /** @@ -96,17 +96,15 @@ class AktualizrInfoTest : public ::testing::Test { * - [x] Print whether metadata has been fetched from the server, if they were fetched */ TEST_F(AktualizrInfoTest, PrintPrimaryAndSecondaryInfo) { - const std::string secondary_ecu_serial = "c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"; - const std::string secondary_ecu_id = "secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"; + const Uptane::EcuSerial secondary_ecu_serial{"c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"}; + const Uptane::HardwareIdentifier secondary_hw_id{"secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"}; const std::string provisioning_status = "Provisioned on server: yes"; const std::string fetched_metadata = "Fetched metadata: yes"; Json::Value meta_root; std::string director_root = Utils::jsonToStr(meta_root); - db_storage_->storeEcuSerials( - {{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}, - {Uptane::EcuSerial(secondary_ecu_serial), Uptane::HardwareIdentifier(secondary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); db_storage_->storeEcuRegistered(); db_storage_->storeRoot(director_root, Uptane::RepositoryType::Director(), Uptane::Version(1)); @@ -114,11 +112,11 @@ TEST_F(AktualizrInfoTest, PrintPrimaryAndSecondaryInfo) { ASSERT_FALSE(aktualizr_info_output.empty()); EXPECT_NE(aktualizr_info_output.find(device_id), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(primary_ecu_serial), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(primary_ecu_id), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(primary_ecu_serial.ToString()), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(primary_hw_id.ToString()), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(secondary_ecu_serial), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(secondary_ecu_id), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(secondary_ecu_serial.ToString()), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(secondary_hw_id.ToString()), std::string::npos); EXPECT_NE(aktualizr_info_output.find(provisioning_status), std::string::npos); EXPECT_NE(aktualizr_info_output.find(fetched_metadata), std::string::npos); @@ -136,7 +134,7 @@ TEST_F(AktualizrInfoTest, PrintProvisioningAndMetadataNegative) { const std::string provisioning_status = "Provisioned on server: no"; const std::string fetched_metadata = "Fetched metadata: no"; - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); aktualizr_info_process_.run(); ASSERT_FALSE(aktualizr_info_output.empty()); @@ -156,24 +154,21 @@ TEST_F(AktualizrInfoTest, PrintProvisioningAndMetadataNegative) { TEST_F(AktualizrInfoTest, PrintSecondaryNotRegisteredOrRemoved) { const std::string provisioning_status = "Provisioned on server: yes"; - const std::string secondary_ecu_serial = "c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"; - const std::string secondary_ecu_id = "secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"; + const Uptane::EcuSerial secondary_ecu_serial{"c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"}; + const Uptane::HardwareIdentifier secondary_hw_id{"secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"}; - const std::string secondary_ecu_serial_not_reg = "18b018a1-fdda-4461-a281-42237256cc2f"; - const std::string secondary_ecu_id_not_reg = "secondary-hdwr-cbce3a7a-7cbb-4da4-9fff-8e10e5c3de98"; + const Uptane::EcuSerial secondary_ecu_serial_not_reg{"18b018a1-fdda-4461-a281-42237256cc2f"}; + const Uptane::HardwareIdentifier secondary_hw_id_not_reg{"secondary-hdwr-cbce3a7a-7cbb-4da4-9fff-8e10e5c3de98"}; - const std::string secondary_ecu_serial_old = "c2191c12-7298-4be3-b781-d223dac7f75e"; - const std::string secondary_ecu_id_old = "secondary-hdwr-0ded1c51-d280-49c3-a92b-7ff2c2e91d8c"; + const Uptane::EcuSerial secondary_ecu_serial_old{"c2191c12-7298-4be3-b781-d223dac7f75e"}; + const Uptane::HardwareIdentifier secondary_hw_id_old{"secondary-hdwr-0ded1c51-d280-49c3-a92b-7ff2c2e91d8c"}; - db_storage_->storeEcuSerials( - {{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}, - {Uptane::EcuSerial(secondary_ecu_serial), Uptane::HardwareIdentifier(secondary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); db_storage_->storeEcuRegistered(); - db_storage_->storeMisconfiguredEcus({{Uptane::EcuSerial(secondary_ecu_serial_not_reg), - Uptane::HardwareIdentifier(secondary_ecu_id_not_reg), EcuState::kNotRegistered}, - {Uptane::EcuSerial(secondary_ecu_serial_old), - Uptane::HardwareIdentifier(secondary_ecu_id_old), EcuState::kOld}}); + db_storage_->storeMisconfiguredEcus( + {{secondary_ecu_serial_not_reg, secondary_hw_id_not_reg, EcuState::kNotRegistered}, + {secondary_ecu_serial_old, secondary_hw_id_old, EcuState::kOld}}); aktualizr_info_process_.run(); ASSERT_FALSE(aktualizr_info_output.empty()); @@ -197,7 +192,7 @@ TEST_F(AktualizrInfoTest, PrintSecondaryNotRegisteredOrRemoved) { * - [x] Print root metadata from images repository */ TEST_F(AktualizrInfoTest, PrintImageRootMetadata) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); Json::Value images_root_json; @@ -221,7 +216,7 @@ TEST_F(AktualizrInfoTest, PrintImageRootMetadata) { * - [x] Print targets metadata from images repository */ TEST_F(AktualizrInfoTest, PrintImageTargetsMetadata) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); Json::Value images_root_json; @@ -250,7 +245,7 @@ TEST_F(AktualizrInfoTest, PrintImageTargetsMetadata) { * - [x] Print root metadata from director repository */ TEST_F(AktualizrInfoTest, PrintDirectorRootMetadata) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); Json::Value director_root_json; @@ -273,7 +268,7 @@ TEST_F(AktualizrInfoTest, PrintDirectorRootMetadata) { * - [x] Print targets metadata from director repository */ TEST_F(AktualizrInfoTest, PrintDirectorTargetsMetadata) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); Json::Value director_root_json; @@ -303,7 +298,7 @@ TEST_F(AktualizrInfoTest, PrintDirectorTargetsMetadata) { * - [x] Print ECU private key */ TEST_F(AktualizrInfoTest, PrintPrimaryEcuKeys) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); const std::string public_key = "public-key-1dc766fe-136d-4c6c-bdf4-daa79c49b3c8"; @@ -339,7 +334,7 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuKeys) { * - [x] Print TLS client private key */ TEST_F(AktualizrInfoTest, PrintTlsCredentials) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); const std::string ca = "ca-ee532748-8837-44f5-9afb-08ba9f534fec"; @@ -381,7 +376,7 @@ TEST_F(AktualizrInfoTest, PrintTlsCredentials) { * - [x] Print primary ECU current and pending versions */ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersions) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); const std::string current_ecu_version = "639a4e39-e6ba-4832-ace4-8b12cf20d562"; @@ -410,7 +405,7 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersions) { * - [x] Print primary ECU current and pending versions */ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); const std::string pending_ecu_version = "9636753d-2a09-4c80-8b25-64b2c2d0c4df"; @@ -419,8 +414,8 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { ASSERT_FALSE(aktualizr_info_output.empty()); EXPECT_NE(aktualizr_info_output.find(device_id), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(primary_ecu_serial), std::string::npos); - EXPECT_NE(aktualizr_info_output.find(primary_ecu_id), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(primary_ecu_serial.ToString()), std::string::npos); + EXPECT_NE(aktualizr_info_output.find(primary_hw_id.ToString()), std::string::npos); EXPECT_NE(aktualizr_info_output.find("No currently running version on primary ecu"), std::string::npos); EXPECT_EQ(aktualizr_info_output.find("Pending primary ecu version:"), std::string::npos); @@ -456,16 +451,14 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { * - [x] Print secondary ECU current and pending versions */ TEST_F(AktualizrInfoTest, PrintSecondaryEcuCurrentAndPendingVersions) { - const std::string secondary_ecu_serial = "c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"; - const std::string secondary_ecu_id = "secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"; + const Uptane::EcuSerial secondary_ecu_serial{"c6998d3e-2a68-4ac2-817e-4ea6ef87d21f"}; + const Uptane::HardwareIdentifier secondary_hw_id{"secondary-hdwr-af250269-bd6f-4148-9426-4101df7f613a"}; const std::string secondary_ecu_filename = "secondary.file"; const std::string secondary_ecu_filename_update = "secondary.file.update"; const std::string current_ecu_version = "639a4e39-e6ba-4832-ace4-8b12cf20d562"; const std::string pending_ecu_version = "9636753d-2a09-4c80-8b25-64b2c2d0c4df"; - db_storage_->storeEcuSerials( - {{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}, - {Uptane::EcuSerial(secondary_ecu_serial), Uptane::HardwareIdentifier(secondary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); db_storage_->storeEcuRegistered(); db_storage_->saveInstalledVersion(secondary_ecu_serial, @@ -487,9 +480,7 @@ TEST_F(AktualizrInfoTest, PrintSecondaryEcuCurrentAndPendingVersions) { // negative test, no any installed images db_storage_->clearInstalledVersions(); db_storage_->clearEcuSerials(); - db_storage_->storeEcuSerials( - {{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}, - {Uptane::EcuSerial(secondary_ecu_serial), Uptane::HardwareIdentifier(secondary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); aktualizr_info_process_.run(); ASSERT_FALSE(aktualizr_info_output.empty()); @@ -503,7 +494,7 @@ TEST_F(AktualizrInfoTest, PrintDeviceNameOnly) { Json::Value meta_root; std::string director_root = Utils::jsonToStr(meta_root); - db_storage_->storeEcuSerials({{Uptane::EcuSerial(primary_ecu_serial), Uptane::HardwareIdentifier(primary_ecu_id)}}); + db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}}); db_storage_->storeEcuRegistered(); db_storage_->storeRoot(director_root, Uptane::RepositoryType::Director(), Uptane::Version(1)); From fb4c3efb9efc6ed2e87d82a822c4fd05e747162b Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Tue, 16 Jul 2019 17:17:25 +0200 Subject: [PATCH 02/11] Document net-tools as a requirement for running the tests. Signed-off-by: Patrick Vacek --- README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index 0b2a54d78b..094a776033 100644 --- a/README.adoc +++ b/README.adoc @@ -54,7 +54,7 @@ The default versions packaged in recent Debian/Ubuntu releases are generally new Additional packages are used for non-essential components: -* To build the test suite, you will need `python3-dev python3-openssl python3-venv sqlite3 valgrind`. +* To build the test suite, you will need `net-tools python3-dev python3-openssl python3-venv sqlite3 valgrind`. * To run the linting tools, you will need `clang clang-format-6.0 clang-tidy-6.0`. * To build additional documentation, you will need `doxygen graphviz`. * To build with code coverage, you will need `lcov`. From 4644b1c00ae7bb995870b6389c1215b5c0f69c7f Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 12 Jul 2019 11:15:18 +0200 Subject: [PATCH 03/11] Improve Target metadata matching logic. Added a check for HW IDs. The Director sends a map of serials to HWIDs, but the Image repo sends us a vector of HWIDs. If the map and vector match, the comparison succeeds. Otherwise, we expect that every HWID in the map can be found in the vector. Added tests for all of these cases. Also added explanations for the rest of the fields we use for why we don't check them. Signed-off-by: Patrick Vacek --- src/libaktualizr/uptane/tuf.cc | 24 ++-- src/libaktualizr/uptane/tuf.h | 36 +++++- src/libaktualizr/uptane/tuf_test.cc | 189 ++++++++++++++++++++++++++++ 3 files changed, 238 insertions(+), 11 deletions(-) diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index 9c01812bf9..7332fa8c2a 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -120,11 +120,15 @@ Target::Target(std::string filename, const Json::Value &content) : filename_(std if (content.isMember("custom")) { custom_ = content["custom"]; - Json::Value hwids = custom_["hardwareIds"]; - for (Json::ValueIterator i = hwids.begin(); i != hwids.end(); ++i) { - hwids_.emplace_back(HardwareIdentifier((*i).asString())); + // Images repo provides an array of hardware IDs. + if (custom_.isMember("hardwareIds")) { + Json::Value hwids = custom_["hardwareIds"]; + for (Json::ValueIterator i = hwids.begin(); i != hwids.end(); ++i) { + hwids_.emplace_back(HardwareIdentifier((*i).asString())); + } } + // Director provides a map of ECU serials to hardware IDs. Json::Value ecus = custom_["ecuIdentifiers"]; for (Json::ValueIterator i = ecus.begin(); i != ecus.end(); ++i) { ecus_.insert({EcuSerial(i.key().asString()), HardwareIdentifier((*i)["hardwareId"].asString())}); @@ -226,15 +230,19 @@ Json::Value Target::toDebugJson() const { std::ostream &Uptane::operator<<(std::ostream &os, const Target &t) { os << "Target(" << t.filename_; os << " ecu_identifiers: ("; - - for (auto it = t.ecus_.begin(); it != t.ecus_.end(); ++it) { - os << it->first; + for (const auto &ecu : t.ecus_) { + os << ecu.first << " (hw_id: " << ecu.second << "), "; + } + os << ")" + << " hw_ids: ("; + for (const auto &hwid : t.hwids_) { + os << hwid << ", "; } os << ")" << " length:" << t.length(); os << " hashes: ("; - for (auto it = t.hashes_.begin(); it != t.hashes_.end(); ++it) { - os << *it << ", "; + for (const auto &hash : t.hashes_) { + os << hash << ", "; } os << "))"; diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index 84a35e7d54..6ba4daf87e 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -6,6 +6,7 @@ */ #include +#include #include #include #include @@ -259,7 +260,11 @@ class Target { bool IsOstree() const; bool operator==(const Target &t2) const { - // if (type_ != t2.type_) return false; // Director doesn't include targetFormat + // type_ (targetFormat) is only provided by the Images repo. + // ecus_ is only provided by the Images repo. + // correlation_id_ is only provided by the Director. + // uri_ is unchecked because Uptane mentions it should be provided by the + // Director, although it can be provided by the Image repository as well. if (filename_ != t2.filename_) { return false; } @@ -267,6 +272,31 @@ class Target { return false; } + // If the HWID vector and ECU->HWID map match, we're good. Otherwise, assume + // we have a Target from the Director (ECU->HWID map populated, HWID vector + // empty) and a Target from the Images repo (HWID vector populated, + // ECU->HWID map empty). Figure out which Target has the map, and then for + // every item in the map, make sure it's in the other Target's HWID vector. + if (hwids_ != t2.hwids_ || ecus_ != t2.ecus_) { + std::shared_ptr> ecu_map; // Director + std::shared_ptr> hwid_vector; // Image repo + if (!hwids_.empty() && ecus_.empty() && t2.hwids_.empty() && !t2.ecus_.empty()) { + ecu_map = std::make_shared>(t2.ecus_); + hwid_vector = std::make_shared>(hwids_); + } else if (!t2.hwids_.empty() && t2.ecus_.empty() && hwids_.empty() && !ecus_.empty()) { + ecu_map = std::make_shared>(ecus_); + hwid_vector = std::make_shared>(t2.hwids_); + } else { + return false; + } + for (auto map_it = ecu_map->cbegin(); map_it != ecu_map->cend(); ++map_it) { + auto vec_it = find(hwid_vector->cbegin(), hwid_vector->cend(), map_it->second); + if (vec_it == hwid_vector->end()) { + return false; + } + } + } + // requirements: // - all hashes of the same type should match // - at least one pair of hashes should match @@ -291,9 +321,9 @@ class Target { bool valid{true}; std::string filename_; std::string type_; - std::map ecus_; + std::map ecus_; // Director only std::vector hashes_; - std::vector hwids_; + std::vector hwids_; // Images repo only Json::Value custom_; uint64_t length_{0}; std::string correlation_id_; diff --git a/src/libaktualizr/uptane/tuf_test.cc b/src/libaktualizr/uptane/tuf_test.cc index dd1be58f1a..a638873daf 100644 --- a/src/libaktualizr/uptane/tuf_test.cc +++ b/src/libaktualizr/uptane/tuf_test.cc @@ -1,5 +1,8 @@ #include +#include +#include + #include #include "logging/logging.h" @@ -85,6 +88,192 @@ TEST(Role, InvalidDelegationName) { EXPECT_THROW(Uptane::Role::Delegation("timestamp"), Uptane::Exception); } +Json::Value generateTarget(const std::string& hash, const int length) { + Json::Value target; + Json::Value hashes; + hashes["sha256"] = hash; + target["hashes"] = hashes; + target["length"] = length; + return target; +} + +Json::Value generateDirectorTarget(const std::string& hash, const int length, + const std::map& ecu_map) { + Json::Value target = generateTarget(hash, length); + Json::Value custom; + Json::Value ecus; + for (auto it = ecu_map.cbegin(); it != ecu_map.cend(); ++it) { + Json::Value current; + current["hardwareId"] = it->second.ToString(); + ecus[it->first.ToString()] = current; + } + custom["ecuIdentifiers"] = ecus; + target["custom"] = custom; + return target; +} + +Json::Value generateImagesTarget(const std::string& hash, const int length, + const std::vector& hardwareIds) { + Json::Value target = generateTarget(hash, length); + Json::Value custom; + Json::Value hwids; + for (Json::Value::ArrayIndex i = 0; i < hardwareIds.size(); ++i) { + hwids[i] = hardwareIds[i].ToString(); + } + custom["hardwareIds"] = hwids; + target["custom"] = custom; + return target; +} + +/* Equivalent metadata generated by both repos should match. */ +TEST(Target, Match) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_TRUE(target1 == target2); + EXPECT_TRUE(target2 == target1); +} + +/* Two Target objects created by the Director should match. */ +TEST(Target, MatchDirector) { + Uptane::HardwareIdentifier hwid("first-test"); + Uptane::HardwareIdentifier hwid2("second-test"); + std::map ecu_map; + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + ecu_map.insert({Uptane::EcuSerial("serial2"), hwid2}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + EXPECT_TRUE(target1 == target2); + EXPECT_TRUE(target2 == target1); +} + +/* Two Target objects created by the Images repo should match. */ +TEST(Target, MatchImages) { + Uptane::HardwareIdentifier hwid("first-test"); + Uptane::HardwareIdentifier hwid2("second-test"); + std::vector hardwareIds; + hardwareIds.emplace_back(hwid); + hardwareIds.emplace_back(hwid2); + Uptane::Target target1("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_TRUE(target1 == target2); + EXPECT_TRUE(target2 == target1); +} + +/* Extra hardware IDs in the Images Target metadata should still match. */ +TEST(Target, MatchExtraHwId) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + hardwareIds.emplace_back(Uptane::HardwareIdentifier("extra")); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_TRUE(target1 == target2); + EXPECT_TRUE(target2 == target1); +} + +/* Multiple ECUs should still match. */ +TEST(Target, MatchTwo) { + Uptane::HardwareIdentifier hwid("first-test"); + Uptane::HardwareIdentifier hwid2("second-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + hardwareIds.emplace_back(hwid2); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + ecu_map.insert({Uptane::EcuSerial("serial2"), hwid2}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_TRUE(target1 == target2); + EXPECT_TRUE(target2 == target1); +} + +/* Reject inconsistent sets of multiple hardware IDs. */ +TEST(Target, MultipleHwIdMismatch) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + hardwareIds.emplace_back(hwid); + hardwareIds.emplace_back(Uptane::HardwareIdentifier("extra")); + Uptane::Target target1("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + hardwareIds.emplace_back(Uptane::HardwareIdentifier("extra2")); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + +/* Reject a missing hardware ID. */ +TEST(Target, MissingHwId) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + hardwareIds.clear(); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + +/* Reject mismatched filenames. */ +TEST(Target, FilenameMismatch) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("xyz", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + +/* Reject mismatched lengths. */ +TEST(Target, LengthMismatch) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 1, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + +/* Reject mismatched hardware IDs. */ +TEST(Target, HardwareIdMismatch) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + hardwareIds[0] = Uptane::HardwareIdentifier("alt-test"); + Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + +/* Reject mismatched hashes. */ +TEST(Target, HashMismatch) { + Uptane::HardwareIdentifier hwid("fake-test"); + std::vector hardwareIds; + std::map ecu_map; + hardwareIds.emplace_back(hwid); + ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); + Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); + Uptane::Target target2("abc", generateImagesTarget("hash_bad", 739, hardwareIds)); + EXPECT_FALSE(target1 == target2); + EXPECT_FALSE(target2 == target1); +} + #ifndef __NO_MAIN__ int main(int argc, char** argv) { ::testing::InitGoogleTest(&argc, argv); From a38e24af50e8b188c2e635ef67ff47a58586b332 Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 12 Jul 2019 17:09:40 +0200 Subject: [PATCH 04/11] Update tuf-test-vectors and fix related issues. Mostly just better error handling and messaging for Target mismatches. Signed-off-by: Patrick Vacek --- src/libaktualizr/primary/sotauptaneclient.cc | 2 +- src/libaktualizr/uptane/exceptions.h | 5 ++--- tests/run_vector_tests.sh | 2 +- tests/tuf-test-vectors | 2 +- tests/uptane_vector_tests.cc | 2 ++ 5 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/libaktualizr/primary/sotauptaneclient.cc b/src/libaktualizr/primary/sotauptaneclient.cc index 57f5d7e91e..a3d8f51640 100644 --- a/src/libaktualizr/primary/sotauptaneclient.cc +++ b/src/libaktualizr/primary/sotauptaneclient.cc @@ -537,7 +537,7 @@ result::Download SotaUptaneClient::downloadImages(const std::vectorfilename()); + last_exception = Uptane::TargetMismatch(it->filename()); LOG_ERROR << "No matching target in images targets metadata for " << *it; result = result::Download(downloaded_targets, result::DownloadStatus::kError, "Target hash mismatch."); sendEvent(result); diff --git a/src/libaktualizr/uptane/exceptions.h b/src/libaktualizr/uptane/exceptions.h index 64944467b0..9dca73fe4d 100644 --- a/src/libaktualizr/uptane/exceptions.h +++ b/src/libaktualizr/uptane/exceptions.h @@ -71,11 +71,10 @@ class InvalidMetadata : public Exception { ~InvalidMetadata() noexcept override = default; }; -// Currently unused. class TargetMismatch : public Exception { public: - explicit TargetMismatch(const std::string& reponame) - : Exception(reponame, "The target metadata in image and director do not match.") {} + explicit TargetMismatch(const std::string& targetname) + : Exception(targetname, "The target metadata in image and director do not match.") {} ~TargetMismatch() noexcept override = default; }; diff --git a/tests/run_vector_tests.sh b/tests/run_vector_tests.sh index 4af3cdb40e..73babbfa7c 100755 --- a/tests/run_vector_tests.sh +++ b/tests/run_vector_tests.sh @@ -29,7 +29,7 @@ HARDWARE_ID=test_primary_hardware_id "$TTV_DIR/generator.py" --signature-encoding base64 -o vectors --cjson json-subset \ --ecu-identifier $ECU_SERIAL --hardware-id $HARDWARE_ID "$TTV_DIR/server.py" --signature-encoding base64 -P 0 \ - --ecu-identifier $ECU_SERIAL --hardware-id $HARDWARE_ID & + --ecu-identifier $ECU_SERIAL --hardware-id $HARDWARE_ID & PORT=$("$TESTS_SRC_DIR/find_listening_port.sh" $!) trap 'kill %1' EXIT diff --git a/tests/tuf-test-vectors b/tests/tuf-test-vectors index 9b4c5927e5..1eaa85c4f2 160000 --- a/tests/tuf-test-vectors +++ b/tests/tuf-test-vectors @@ -1 +1 @@ -Subproject commit 9b4c5927e53fa317628ee9e34c89cf2cb0dc65ff +Subproject commit 1eaa85c4f221997956393d64985dd8cae98a989c diff --git a/tests/uptane_vector_tests.cc b/tests/uptane_vector_tests.cc index 32ac08a354..561ab17e70 100644 --- a/tests/uptane_vector_tests.cc +++ b/tests/uptane_vector_tests.cc @@ -63,6 +63,8 @@ class VectorWrapper { } else if (!vector_["image_repo"]["update"]["is_success"].asBool()) { std::cout << "exception from image_repo: '" << vector_["image_repo"]["update"]["err"] << " with message: " << vector_["image_repo"]["update"]["err_msg"] << "\n"; + } else { + std::cout << "an exception while fetching targets metadata.\n"; } } From 6594d413af99280036071b7038852157d7b961d5 Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 12 Jul 2019 17:10:33 +0200 Subject: [PATCH 05/11] Fix tests for matching Target metadata. This required adding functionality to aktualizr-repo to add HWIDs to the image repo. Signed-off-by: Patrick Vacek --- docs/aktualizr-repo.adoc | 2 +- src/aktualizr_info/aktualizr_info_test.cc | 21 ++++--- src/aktualizr_lite/test_lite.sh | 3 +- src/aktualizr_repo/director_repo.cc | 1 + src/aktualizr_repo/image_repo.cc | 14 +++-- src/aktualizr_repo/image_repo.h | 9 +-- src/aktualizr_repo/main.cc | 15 +++-- src/aktualizr_repo/repo_test.cc | 60 +++++++++---------- src/aktualizr_repo/uptane_repo.cc | 9 +-- src/aktualizr_repo/uptane_repo.h | 5 +- .../package_manager/debianmanager_test.cc | 2 + .../packagemanagerfake_test.cc | 7 ++- .../primary/aktualizr_fullostree_test.cc | 2 +- src/libaktualizr/primary/aktualizr_test.cc | 4 +- .../primary/empty_targets_test.cc | 4 +- src/libaktualizr/storage/sqlstorage.cc | 15 ++++- .../storage/storage_common_test.cc | 13 ++-- src/libaktualizr/uptane/director_test.cc | 2 +- src/libaktualizr/uptane/tuf.cc | 19 ++++-- src/libaktualizr/uptane/tuf.h | 6 +- src/libaktualizr/uptane/uptane_test.cc | 14 ++++- tests/ipsecondary_test.py | 8 +-- tests/memory_usage_test.sh | 6 +- tests/metafake.h | 31 ++++++---- tests/run_expired_test.sh | 6 +- .../delegation_basic.sh | 4 +- .../delegation_nested.sh | 20 +++---- .../full_no_correlation_id.sh | 4 +- tests/uptane_vector_tests.cc | 3 +- 29 files changed, 185 insertions(+), 124 deletions(-) diff --git a/docs/aktualizr-repo.adoc b/docs/aktualizr-repo.adoc index 778f61bdc3..1bf5e089a0 100644 --- a/docs/aktualizr-repo.adoc +++ b/docs/aktualizr-repo.adoc @@ -43,7 +43,7 @@ aktualizr-repo --path --command generate 2. Add a target to the images metadata: + ``` -aktualizr-repo --path --command image --filename --targetname +aktualizr-repo --path --command image --filename --targetname --hwid ``` + This step can be repeated as many times as necessary for each target. `--targetname` is optional. If it is not provided, it is assumed to be the same as the image name provided to `--filename`. diff --git a/src/aktualizr_info/aktualizr_info_test.cc b/src/aktualizr_info/aktualizr_info_test.cc index 0a0734c58f..f1e9163bf2 100644 --- a/src/aktualizr_info/aktualizr_info_test.cc +++ b/src/aktualizr_info/aktualizr_info_test.cc @@ -382,11 +382,12 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersions) { const std::string current_ecu_version = "639a4e39-e6ba-4832-ace4-8b12cf20d562"; const std::string pending_ecu_version = "9636753d-2a09-4c80-8b25-64b2c2d0c4df"; + std::map ecu_map{{primary_ecu_serial, primary_hw_id}}; db_storage_->savePrimaryInstalledVersion( - {"update.bin", {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1, "corrid"}, + {"update.bin", ecu_map, {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1, "corrid"}, InstalledVersionUpdateMode::kCurrent); db_storage_->savePrimaryInstalledVersion( - {"update-01.bin", {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, + {"update-01.bin", ecu_map, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, InstalledVersionUpdateMode::kPending); aktualizr_info_process_.run(); @@ -420,8 +421,9 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { EXPECT_NE(aktualizr_info_output.find("No currently running version on primary ecu"), std::string::npos); EXPECT_EQ(aktualizr_info_output.find("Pending primary ecu version:"), std::string::npos); + std::map ecu_map{{primary_ecu_serial, primary_hw_id}}; db_storage_->savePrimaryInstalledVersion( - {"update-01.bin", {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, + {"update-01.bin", ecu_map, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, InstalledVersionUpdateMode::kPending); aktualizr_info_process_.run(); @@ -431,7 +433,7 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { EXPECT_NE(aktualizr_info_output.find("Pending primary ecu version: " + pending_ecu_version), std::string::npos); db_storage_->savePrimaryInstalledVersion( - {"update-01.bin", {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, + {"update-01.bin", ecu_map, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, InstalledVersionUpdateMode::kCurrent); aktualizr_info_process_.run(); @@ -461,12 +463,15 @@ TEST_F(AktualizrInfoTest, PrintSecondaryEcuCurrentAndPendingVersions) { db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); db_storage_->storeEcuRegistered(); - db_storage_->saveInstalledVersion(secondary_ecu_serial, - {secondary_ecu_filename, {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1}, - InstalledVersionUpdateMode::kCurrent); + std::map ecu_map{{secondary_ecu_serial, secondary_hw_id}}; + db_storage_->saveInstalledVersion( + secondary_ecu_serial.ToString(), + {secondary_ecu_filename, ecu_map, {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1}, + InstalledVersionUpdateMode::kCurrent); db_storage_->saveInstalledVersion( - secondary_ecu_serial, {secondary_ecu_filename_update, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1}, + secondary_ecu_serial.ToString(), + {secondary_ecu_filename_update, ecu_map, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1}, InstalledVersionUpdateMode::kPending); aktualizr_info_process_.run(); diff --git a/src/aktualizr_lite/test_lite.sh b/src/aktualizr_lite/test_lite.sh index a17e68b1c5..a93f37d4d6 100755 --- a/src/aktualizr_lite/test_lite.sh +++ b/src/aktualizr_lite/test_lite.sh @@ -40,7 +40,8 @@ add_target() { } EOF akrepo --command image \ - --targetname $name --targetsha256 $sha --targetlength 0 --targetcustom $custom_json + --targetname $name --targetsha256 $sha --targetlength 0 \ + --hwid hwid-for-test --targetcustom $custom_json } akrepo --command generate --expires 2021-07-04T16:33:27Z diff --git a/src/aktualizr_repo/director_repo.cc b/src/aktualizr_repo/director_repo.cc index 268b25b747..92ba87bcc5 100644 --- a/src/aktualizr_repo/director_repo.cc +++ b/src/aktualizr_repo/director_repo.cc @@ -15,6 +15,7 @@ void DirectorRepo::addTarget(const std::string &target_name, const Json::Value & "!"); } director_targets["targets"][target_name] = target; + director_targets["targets"][target_name]["custom"].removeMember("hardwareIds"); director_targets["targets"][target_name]["custom"]["ecuIdentifiers"][ecu_serial]["hardwareId"] = hardware_id; director_targets["version"] = (Utils::parseJSONFile(current)["signed"]["version"].asUInt()) + 1; Utils::writeFile(staging, Utils::jsonToCanonicalStr(director_targets)); diff --git a/src/aktualizr_repo/image_repo.cc b/src/aktualizr_repo/image_repo.cc index 3c3f548fcb..a2954e6935 100644 --- a/src/aktualizr_repo/image_repo.cc +++ b/src/aktualizr_repo/image_repo.cc @@ -1,11 +1,14 @@ #include "image_repo.h" -void ImageRepo::addImage(const std::string &name, const Json::Value &target, const Delegation &delegation) { +void ImageRepo::addImage(const std::string &name, Json::Value &target, const std::string &hardware_id, + const Delegation &delegation) { boost::filesystem::path repo_dir(path_ / "repo/image"); boost::filesystem::path targets_path = delegation ? ((repo_dir / "delegations") / delegation.name).string() + ".json" : repo_dir / "targets.json"; Json::Value targets = Utils::parseJSONFile(targets_path)["signed"]; + // TODO: support multiple hardware IDs. + target["custom"]["hardwareIds"][0] = hardware_id; targets["targets"][name] = target; targets["version"] = (targets["version"].asUInt()) + 1; @@ -16,7 +19,7 @@ void ImageRepo::addImage(const std::string &name, const Json::Value &target, con } void ImageRepo::addBinaryImage(const boost::filesystem::path &image_path, const boost::filesystem::path &targetname, - const Delegation &delegation) { + const std::string &hardware_id, const Delegation &delegation) { boost::filesystem::path repo_dir(path_ / "repo/image"); boost::filesystem::path targets_path = repo_dir / "targets"; @@ -34,11 +37,12 @@ void ImageRepo::addBinaryImage(const boost::filesystem::path &image_path, const target["hashes"]["sha256"] = boost::algorithm::to_lower_copy(boost::algorithm::hex(Crypto::sha256digest(image))); target["hashes"]["sha512"] = boost::algorithm::to_lower_copy(boost::algorithm::hex(Crypto::sha512digest(image))); target["custom"]["targetFormat"] = "BINARY"; - addImage(targetname.string(), target, delegation); + addImage(targetname.string(), target, hardware_id, delegation); } void ImageRepo::addCustomImage(const std::string &name, const Uptane::Hash &hash, const uint64_t length, - const Delegation &delegation, const Json::Value &custom) { + const std::string &hardware_id, const Delegation &delegation, + const Json::Value &custom) { Json::Value target; target["length"] = Json::UInt(length); if (hash.type() == Uptane::Hash::Type::kSha256) { @@ -47,7 +51,7 @@ void ImageRepo::addCustomImage(const std::string &name, const Uptane::Hash &hash target["hashes"]["sha512"] = hash.HashString(); } target["custom"] = custom; - addImage(name, target, delegation); + addImage(name, target, hardware_id, delegation); } void ImageRepo::addDelegation(const Uptane::Role &name, const Uptane::Role &parent_role, const std::string &path, diff --git a/src/aktualizr_repo/image_repo.h b/src/aktualizr_repo/image_repo.h index 5c0d59dc60..2aec88db7c 100644 --- a/src/aktualizr_repo/image_repo.h +++ b/src/aktualizr_repo/image_repo.h @@ -8,16 +8,17 @@ class ImageRepo : public Repo { ImageRepo(boost::filesystem::path path, const std::string &expires, std::string correlation_id) : Repo(Uptane::RepositoryType::Image(), std::move(path), expires, std::move(correlation_id)) {} void addBinaryImage(const boost::filesystem::path &image_path, const boost::filesystem::path &targetname, - const Delegation &delegation = {}); - void addCustomImage(const std::string &name, const Uptane::Hash &hash, uint64_t length, const Delegation &delegation, - const Json::Value &custom = {}); + const std::string &hardware_id, const Delegation &delegation = {}); + void addCustomImage(const std::string &name, const Uptane::Hash &hash, uint64_t length, + const std::string &hardware_id, const Delegation &delegation, const Json::Value &custom = {}); void addDelegation(const Uptane::Role &name, const Uptane::Role &parent_role, const std::string &path, bool terminating, KeyType key_type); void revokeDelegation(const Uptane::Role &name); std::vector getDelegationTargets(const Uptane::Role &name); private: - void addImage(const std::string &name, const Json::Value &target, const Delegation &delegation = {}); + void addImage(const std::string &name, Json::Value &target, const std::string &hardware_id, + const Delegation &delegation = {}); void removeDelegationRecursive(const Uptane::Role &name, const Uptane::Role &parent_name); }; diff --git a/src/aktualizr_repo/main.cc b/src/aktualizr_repo/main.cc index e42b550e0c..04d32fe7a6 100644 --- a/src/aktualizr_repo/main.cc +++ b/src/aktualizr_repo/main.cc @@ -98,8 +98,13 @@ int main(int argc, char **argv) { std::cerr << "image command requires --targetname or --filename\n"; exit(EXIT_FAILURE); } + if (vm.count("hwid") == 0) { + std::cerr << "image command requires --hwid\n"; + exit(EXIT_FAILURE); + } auto targetname = (vm.count("targetname") > 0) ? vm["targetname"].as() : vm["filename"].as(); + const std::string hwid = vm["hwid"].as(); Delegation delegation; if (vm.count("dname") != 0) { @@ -111,7 +116,7 @@ int main(int argc, char **argv) { std::cout << "Added a target " << targetname << " to a delegated role " << dname << std::endl; } if (vm.count("filename") > 0) { - repo.addImage(vm["filename"].as(), targetname, delegation); + repo.addImage(vm["filename"].as(), targetname, hwid, delegation); std::cout << "Added a target " << targetname << " to the images metadata" << std::endl; } else { if ((vm.count("targetsha256") == 0 && vm.count("targetsha512") == 0) || vm.count("targetlength") == 0) { @@ -137,7 +142,7 @@ int main(int argc, char **argv) { custom = Json::Value(); custom["targetFormat"] = vm["targetformat"].as(); } - repo.addCustomImage(targetname.string(), *hash, vm["targetlength"].as(), delegation, custom); + repo.addCustomImage(targetname.string(), *hash, vm["targetlength"].as(), hwid, delegation, custom); std::cout << "Added a custom image target " << targetname.string() << std::endl; } } else if (command == "addtarget") { @@ -145,9 +150,9 @@ int main(int argc, char **argv) { std::cerr << "addtarget command requires --targetname, --hwid, and --serial\n"; exit(EXIT_FAILURE); } - std::string targetname = vm["targetname"].as(); - std::string hwid = vm["hwid"].as(); - std::string serial = vm["serial"].as(); + const std::string targetname = vm["targetname"].as(); + const std::string hwid = vm["hwid"].as(); + const std::string serial = vm["serial"].as(); repo.addTarget(targetname, hwid, serial); std::cout << "Added target " << targetname << " to director targets metadata for ECU with serial " << serial << " and hardware ID " << hwid << std::endl; diff --git a/src/aktualizr_repo/repo_test.cc b/src/aktualizr_repo/repo_test.cc index 4d0cdf7f98..fd1f05b037 100644 --- a/src/aktualizr_repo/repo_test.cc +++ b/src/aktualizr_repo/repo_test.cc @@ -105,7 +105,7 @@ TEST(aktualizr_repo, add_image) { TemporaryDirectory temp_dir; UptaneRepo repo(temp_dir.Path(), "", ""); repo.generateRepo(key_type); - repo.addImage(temp_dir.Path() / "repo/director/manifest", "repo/director/manifest", {}); + repo.addImage(temp_dir.Path() / "repo/director/manifest", "repo/director/manifest", "test-hw", {}); Json::Value image_targets = Utils::parseJSONFile(temp_dir.Path() / "repo/image/targets.json"); EXPECT_EQ(image_targets["signed"]["targets"].size(), 1); Json::Value director_targets = Utils::parseJSONFile(temp_dir.Path() / "repo/director/targets.json"); @@ -120,7 +120,7 @@ TEST(aktualizr_repo, copy_image) { TemporaryDirectory temp_dir; UptaneRepo repo(temp_dir.Path(), "", ""); repo.generateRepo(key_type); - repo.addImage(temp_dir.Path() / "repo/director/manifest", "manifest", {}); + repo.addImage(temp_dir.Path() / "repo/director/manifest", "manifest", "test-hw", {}); repo.addTarget("manifest", "test-hw", "test-serial"); repo.signTargets(); Json::Value image_targets = Utils::parseJSONFile(temp_dir.Path() / "repo/image/targets.json"); @@ -144,8 +144,8 @@ TEST(aktualizr_repo, delegation) { if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; } - cmd = generate_repo_exec + " adddelegation " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += " --dname test_delegate --dpattern 'tests/test_data/*.txt' "; + cmd = generate_repo_exec + " adddelegation " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate --dpattern 'tests/test_data/*.txt' --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -156,8 +156,8 @@ TEST(aktualizr_repo, delegation) { EXPECT_EQ(targets["signed"]["delegations"]["roles"][0]["name"].asString(), "test_delegate"); EXPECT_EQ(targets["signed"]["delegations"]["roles"][0]["paths"][0].asString(), "tests/test_data/*.txt"); - cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += " --dname test_delegate --filename tests/test_data/firmware.txt"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate --filename tests/test_data/firmware.txt --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << output << "' exited with error code " << retval << "\n"; @@ -171,10 +171,9 @@ TEST(aktualizr_repo, delegation) { EXPECT_EQ(delegate_targets.targets[0].sha256Hash(), "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033"); } - cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += - " --dname test_delegate --targetname tests/test_data/firmware2.txt --targetsha256 " - "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033 --targetlength 17"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate --targetname tests/test_data/firmware2.txt --targetsha256 " + "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033 --targetlength 17 --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -213,8 +212,8 @@ TEST(aktualizr_repo, delegation_revoke) { EXPECT_EQ(targets["signed"]["delegations"]["roles"][0]["name"].asString(), "test_delegate"); EXPECT_EQ(targets["signed"]["delegations"]["roles"][0]["paths"][0].asString(), "tests/test_data/*.txt"); - cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += " --dname test_delegate --filename tests/test_data/firmware.txt"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate --filename tests/test_data/firmware.txt --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << output << "' exited with error code " << retval << "\n"; @@ -228,17 +227,16 @@ TEST(aktualizr_repo, delegation_revoke) { EXPECT_EQ(delegate_targets.targets[0].sha256Hash(), "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033"); } - cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += - " --dname test_delegate --targetname tests/test_data/firmware2.txt --targetsha256 " - "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033 --targetlength 17"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate --targetname tests/test_data/firmware2.txt --targetsha256 " + "d8e9caba8c1697fcbade1057f9c2488044192ff76bb64d4aba2c20e53dc33033 --targetlength 17 --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; } - cmd = generate_repo_exec + " addtarget " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += " --hwid primary_hw --serial CA:FE:A6:D2:84:9D --targetname tests/test_data/firmware.txt"; + cmd = generate_repo_exec + " addtarget " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --hwid primary_hw --serial CA:FE:A6:D2:84:9D --targetname tests/test_data/firmware.txt"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -269,8 +267,8 @@ TEST(aktualizr_repo, delegation_revoke) { } check_repo(temp_dir); - cmd = generate_repo_exec + " revokedelegation " + temp_dir.Path().string() + " --keytype " + keytype_stream.str(); - cmd += " --dname test_delegate"; + cmd = generate_repo_exec + " revokedelegation " + temp_dir.Path().string() + " --keytype " + keytype_stream.str() + + " --dname test_delegate"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -328,10 +326,9 @@ TEST(aktualizr_repo, image_custom) { if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; } - cmd = generate_repo_exec + " image " + temp_dir.Path().string(); - cmd += - " --targetname target1 --targetsha256 8ab755c16de6ee9b6224169b36cbf0f2a545f859be385501ad82cdccc240d0a6 " - "--targetlength 123"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + + " --targetname target1 --targetsha256 8ab755c16de6ee9b6224169b36cbf0f2a545f859be385501ad82cdccc240d0a6 " + "--targetlength 123 --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -356,17 +353,16 @@ TEST(aktualizr_repo, emptytargets) { if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; } - cmd = generate_repo_exec + " image " + temp_dir.Path().string(); - cmd += - " --targetname target1 --targetsha256 8ab755c16de6ee9b6224169b36cbf0f2a545f859be385501ad82cdccc240d0a6 " - "--targetlength 123"; + cmd = generate_repo_exec + " image " + temp_dir.Path().string() + + " --targetname target1 --targetsha256 8ab755c16de6ee9b6224169b36cbf0f2a545f859be385501ad82cdccc240d0a6 " + "--targetlength 123 --hwid primary_hw"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; } - cmd = generate_repo_exec + " addtarget " + temp_dir.Path().string(); - cmd += " --targetname target1 --hwid hwid123 --serial serial123"; + cmd = generate_repo_exec + " addtarget " + temp_dir.Path().string() + + " --targetname target1 --hwid primary_hw --serial serial123"; retval = Utils::shell(cmd, &output); if (retval) { FAIL() << "'" << cmd << "' exited with error code " << retval << "\n"; @@ -398,8 +394,8 @@ TEST(aktualizr_repo, oldtargets) { UptaneRepo repo(temp_dir.Path(), "", ""); repo.generateRepo(key_type); Uptane::Hash hash(Uptane::Hash::Type::kSha256, "8ab755c16de6ee9b6224169b36cbf0f2a545f859be385501ad82cdccc240d0a6"); - repo.addCustomImage("target1", hash, 123); - repo.addCustomImage("target2", hash, 321); + repo.addCustomImage("target1", hash, 123, "test-hw"); + repo.addCustomImage("target2", hash, 321, "test-hw"); repo.addTarget("target1", "test-hw", "test-serial"); repo.signTargets(); repo.addTarget("target2", "test-hw", "test-serial"); diff --git a/src/aktualizr_repo/uptane_repo.cc b/src/aktualizr_repo/uptane_repo.cc index 88b4b39b4f..9444cbcb0a 100644 --- a/src/aktualizr_repo/uptane_repo.cc +++ b/src/aktualizr_repo/uptane_repo.cc @@ -29,12 +29,13 @@ void UptaneRepo::revokeDelegation(const Uptane::Role &name) { } void UptaneRepo::addImage(const boost::filesystem::path &image_path, const boost::filesystem::path &targetname, - const Delegation &delegation) { - image_repo_.addBinaryImage(image_path, targetname, delegation); + const std::string &hardware_id, const Delegation &delegation) { + image_repo_.addBinaryImage(image_path, targetname, hardware_id, delegation); } void UptaneRepo::addCustomImage(const std::string &name, const Uptane::Hash &hash, uint64_t length, - const Delegation &delegation, const Json::Value &custom) { - image_repo_.addCustomImage(name, hash, length, delegation, custom); + const std::string &hardware_id, const Delegation &delegation, + const Json::Value &custom) { + image_repo_.addCustomImage(name, hash, length, hardware_id, delegation, custom); } void UptaneRepo::signTargets() { director_repo_.signTargets(); } diff --git a/src/aktualizr_repo/uptane_repo.h b/src/aktualizr_repo/uptane_repo.h index 31e75d7eb0..f8ec94f8a0 100644 --- a/src/aktualizr_repo/uptane_repo.h +++ b/src/aktualizr_repo/uptane_repo.h @@ -10,12 +10,13 @@ class UptaneRepo { void generateRepo(KeyType key_type = KeyType::kRSA2048); void addTarget(const std::string &target_name, const std::string &hardware_id, const std::string &ecu_serial); void addImage(const boost::filesystem::path &image_path, const boost::filesystem::path &targetname, - const Delegation &delegation); + const std::string &hardware_id, const Delegation &delegation); void addDelegation(const Uptane::Role &name, const Uptane::Role &parent_role, const std::string &path, bool terminating, KeyType key_type); void revokeDelegation(const Uptane::Role &name); void addCustomImage(const std::string &name, const Uptane::Hash &hash, uint64_t length, - const Delegation &delegation = {}, const Json::Value &custom = {}); + const std::string &hardware_id, const Delegation &delegation = {}, + const Json::Value &custom = {}); void signTargets(); void emptyTargets(); void oldTargets(); diff --git a/src/libaktualizr/package_manager/debianmanager_test.cc b/src/libaktualizr/package_manager/debianmanager_test.cc index 5affef8e2a..9b0515a68b 100644 --- a/src/libaktualizr/package_manager/debianmanager_test.cc +++ b/src/libaktualizr/package_manager/debianmanager_test.cc @@ -22,6 +22,7 @@ TEST(PackageManagerFactory, Debian_Install_Good) { Json::Value target_json; target_json["hashes"]["sha256"] = "hash"; target_json["length"] = 2; + target_json["custom"]["ecuIdentifiers"]["primary_serial"]["hardwareId"] = "primary_hwid"; Uptane::Target target("good.deb", target_json); storage->storeEcuSerials({{Uptane::EcuSerial("primary_serial"), Uptane::HardwareIdentifier("primary_hwid")}}); @@ -51,6 +52,7 @@ TEST(PackageManagerFactory, Debian_Install_Bad) { Json::Value target_json; target_json["hashes"]["sha256"] = "hash"; target_json["length"] = 2; + target_json["custom"]["ecuIdentifiers"]["primary_serial"]["hardwareId"] = "primary_hwid"; Uptane::Target target("bad.deb", target_json); std::unique_ptr fhandle = storage->allocateTargetFile(false, target); diff --git a/src/libaktualizr/package_manager/packagemanagerfake_test.cc b/src/libaktualizr/package_manager/packagemanagerfake_test.cc index a0cb443533..57d258ccd6 100644 --- a/src/libaktualizr/package_manager/packagemanagerfake_test.cc +++ b/src/libaktualizr/package_manager/packagemanagerfake_test.cc @@ -26,7 +26,8 @@ TEST(PackageManagerFake, FinalizeAfterReboot) { PackageManagerFake fakepm(config.pacman, storage, bootloader, nullptr); - Uptane::Target target("pkg", {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); + std::map primary_ecu; + Uptane::Target target("pkg", primary_ecu, {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); auto result = fakepm.install(target); EXPECT_EQ(result.result_code, data::ResultCode::Numeric::kNeedCompletion); storage->savePrimaryInstalledVersion(target, InstalledVersionUpdateMode::kPending); @@ -51,7 +52,9 @@ TEST(PackageManagerFake, FailureInjection) { fiu_init(0); // no fault - Uptane::Target target("pkg", {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); + std::map primary_ecu{ + {Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; + Uptane::Target target("pkg", primary_ecu, {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); auto result = fakepm.install(target); EXPECT_EQ(result.result_code, data::ResultCode::Numeric::kOk); diff --git a/src/libaktualizr/primary/aktualizr_fullostree_test.cc b/src/libaktualizr/primary/aktualizr_fullostree_test.cc index 22eed5b5e2..93c8698f46 100644 --- a/src/libaktualizr/primary/aktualizr_fullostree_test.cc +++ b/src/libaktualizr/primary/aktualizr_fullostree_test.cc @@ -149,7 +149,7 @@ int main(int argc, char **argv) { Process akt_repo(aktualizr_repo_path.string()); akt_repo.run({"generate", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); akt_repo.run({"image", "--path", meta_dir.PathString(), "--targetname", "update_1.0", "--targetsha256", new_rev, - "--targetlength", "0", "--targetformat", "OSTREE"}); + "--targetlength", "0", "--targetformat", "OSTREE", "--hwid", "primary_hw"}); akt_repo.run({"addtarget", "--path", meta_dir.PathString(), "--targetname", "update_1.0", "--hwid", "primary_hw", "--serial", "CA:FE:A6:D2:84:9D"}); akt_repo.run({"signtargets", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); diff --git a/src/libaktualizr/primary/aktualizr_test.cc b/src/libaktualizr/primary/aktualizr_test.cc index 457c0900d6..c8364608da 100644 --- a/src/libaktualizr/primary/aktualizr_test.cc +++ b/src/libaktualizr/primary/aktualizr_test.cc @@ -1003,11 +1003,11 @@ TEST(Aktualizr, FullMultipleSecondaries) { conf.uptane.repo_server = http->tls_server + "/repo"; TemporaryDirectory temp_dir2; - UptaneTestCommon::addDefaultSecondary(conf, temp_dir, "sec_serial1", "sec_hwid1"); + UptaneTestCommon::addDefaultSecondary(conf, temp_dir, "sec_serial1", "sec_hw1"); auto storage = INvStorage::newStorage(conf.storage); UptaneTestCommon::TestAktualizr aktualizr(conf, storage, http); - UptaneTestCommon::addDefaultSecondary(conf, temp_dir2, "sec_serial2", "sec_hwid2"); + UptaneTestCommon::addDefaultSecondary(conf, temp_dir2, "sec_serial2", "sec_hw2"); ASSERT_NO_THROW(aktualizr.AddSecondary(std::make_shared( Primary::VirtualSecondaryConfig::create_from_file(conf.uptane.secondary_config_file)))); diff --git a/src/libaktualizr/primary/empty_targets_test.cc b/src/libaktualizr/primary/empty_targets_test.cc index a48f573461..160e2a463e 100644 --- a/src/libaktualizr/primary/empty_targets_test.cc +++ b/src/libaktualizr/primary/empty_targets_test.cc @@ -46,7 +46,7 @@ TEST(Aktualizr, EmptyTargets) { Process akt_repo(aktualizr_repo_path.string()); akt_repo.run({"generate", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); akt_repo.run({"image", "--path", meta_dir.PathString(), "--filename", "tests/test_data/firmware.txt", "--targetname", - "firmware.txt"}); + "firmware.txt", "--hwid", "primary_hw"}); akt_repo.run({"addtarget", "--path", meta_dir.PathString(), "--targetname", "firmware.txt", "--hwid", "primary_hw", "--serial", "CA:FE:A6:D2:84:9D"}); akt_repo.run({"signtargets", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); @@ -111,7 +111,7 @@ TEST(Aktualizr, EmptyTargetsAfterInstall) { Process akt_repo(aktualizr_repo_path.string()); akt_repo.run({"generate", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); akt_repo.run({"image", "--path", meta_dir.PathString(), "--filename", "tests/test_data/firmware.txt", "--targetname", - "firmware.txt"}); + "firmware.txt", "--hwid", "primary_hw"}); akt_repo.run({"addtarget", "--path", meta_dir.PathString(), "--targetname", "firmware.txt", "--hwid", "primary_hw", "--serial", "CA:FE:A6:D2:84:9D"}); akt_repo.run({"signtargets", "--path", meta_dir.PathString(), "--correlationid", "abc123"}); diff --git a/src/libaktualizr/storage/sqlstorage.cc b/src/libaktualizr/storage/sqlstorage.cc index e50f926866..5f15d742b3 100644 --- a/src/libaktualizr/storage/sqlstorage.cc +++ b/src/libaktualizr/storage/sqlstorage.cc @@ -2,6 +2,7 @@ #include #include +#include #include #include #include @@ -978,9 +979,19 @@ bool SQLStorage::loadInstalledVersions(const std::string& ecu_serial, std::vecto } } + std::map ecu_map; + auto statement = + db.prepareStatement("SELECT hardware_id FROM ecu_serials WHERE serial = ?;", ecu_serial_real); + if (statement.step() == SQLITE_ROW) { + ecu_map.insert( + {Uptane::EcuSerial(ecu_serial_real), Uptane::HardwareIdentifier(statement.get_result_col_str(0).value())}); + } else { + LOG_WARNING << "Could not find hardware_id for serial " << ecu_serial_real << ": " << db.errmsg(); + } + size_t current_index = SIZE_MAX; size_t pending_index = SIZE_MAX; - auto statement = db.prepareStatement( + statement = db.prepareStatement( "SELECT sha256, name, hashes, length, correlation_id, is_current, is_pending FROM installed_versions WHERE " "ecu_serial = ?;", ecu_serial_real); @@ -1008,7 +1019,7 @@ bool SQLStorage::loadInstalledVersions(const std::string& ecu_serial, std::vecto hashes.emplace_back(Uptane::Hash::Type::kSha256, sha256); } - new_installed_versions.emplace_back(filename, hashes, length, correlation_id); + new_installed_versions.emplace_back(filename, ecu_map, hashes, length, correlation_id); if (is_current) { current_index = new_installed_versions.size() - 1; } diff --git a/src/libaktualizr/storage/storage_common_test.cc b/src/libaktualizr/storage/storage_common_test.cc index a3749a30d9..368d77bf2d 100644 --- a/src/libaktualizr/storage/storage_common_test.cc +++ b/src/libaktualizr/storage/storage_common_test.cc @@ -299,7 +299,9 @@ TEST(storage, load_store_installed_versions) { Uptane::Hash{Uptane::Hash::Type::kSha256, "2561"}, Uptane::Hash{Uptane::Hash::Type::kSha512, "5121"}, }; - Uptane::Target t1{"update.bin", hashes, 1, "corrid"}; + std::map primary_ecu{ + {Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; + Uptane::Target t1{"update.bin", primary_ecu, hashes, 1, "corrid"}; storage->savePrimaryInstalledVersion(t1, InstalledVersionUpdateMode::kCurrent); EcuSerials serials{{Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}, @@ -315,12 +317,13 @@ TEST(storage, load_store_installed_versions) { EXPECT_EQ(installed_versions.at(current).filename(), "update.bin"); EXPECT_EQ(installed_versions.at(current).sha256Hash(), "2561"); EXPECT_EQ(installed_versions.at(current).hashes(), hashes); + EXPECT_EQ(installed_versions.at(current).ecus(), primary_ecu); EXPECT_EQ(installed_versions.at(current).correlation_id(), "corrid"); EXPECT_EQ(installed_versions.at(current).length(), 1); } // Set t2 as a pending version - Uptane::Target t2{"update2.bin", {Uptane::Hash{Uptane::Hash::Type::kSha256, "2562"}}, 2}; + Uptane::Target t2{"update2.bin", primary_ecu, {Uptane::Hash{Uptane::Hash::Type::kSha256, "2562"}}, 2}; storage->savePrimaryInstalledVersion(t2, InstalledVersionUpdateMode::kPending); { @@ -332,7 +335,7 @@ TEST(storage, load_store_installed_versions) { } // Set t3 as the new pending - Uptane::Target t3{"update3.bin", {Uptane::Hash{Uptane::Hash::Type::kSha256, "2563"}}, 3}; + Uptane::Target t3{"update3.bin", primary_ecu, {Uptane::Hash{Uptane::Hash::Type::kSha256, "2563"}}, 3}; storage->savePrimaryInstalledVersion(t3, InstalledVersionUpdateMode::kPending); { @@ -373,7 +376,9 @@ TEST(storage, load_store_installed_versions) { } // Add a secondary installed version - Uptane::Target tsec{"secondary.bin", {Uptane::Hash{Uptane::Hash::Type::kSha256, "256s"}}, 4}; + std::map secondary_ecu{ + {Uptane::EcuSerial("secondary1"), Uptane::HardwareIdentifier("secondary_hw")}}; + Uptane::Target tsec{"secondary.bin", secondary_ecu, {Uptane::Hash{Uptane::Hash::Type::kSha256, "256s"}}, 4}; storage->saveInstalledVersion("secondary_1", tsec, InstalledVersionUpdateMode::kCurrent); { diff --git a/src/libaktualizr/uptane/director_test.cc b/src/libaktualizr/uptane/director_test.cc index 38a2afd94e..a6e5834dfa 100644 --- a/src/libaktualizr/uptane/director_test.cc +++ b/src/libaktualizr/uptane/director_test.cc @@ -26,7 +26,7 @@ TEST(Director, EmptyTargets) { EXPECT_TRUE(director.latest_targets.targets.empty()); akt_repo.run({"image", "--path", meta_dir.PathString(), "--filename", "tests/test_data/firmware.txt", "--targetname", - "firmware.txt"}); + "firmware.txt", "--hwid", "primary_hw"}); akt_repo.run({"addtarget", "--path", meta_dir.PathString(), "--targetname", "firmware.txt", "--hwid", "primary_hw", "--serial", "CA:FE:A6:D2:84:9D"}); akt_repo.run({"signtargets", "--path", meta_dir.PathString()}); diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index 7332fa8c2a..16b5fa3a8f 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -160,8 +160,10 @@ Target::Target(std::string filename, const Json::Value &content) : filename_(std std::sort(hashes_.begin(), hashes_.end(), [](const Hash &l, const Hash &r) { return l.type() < r.type(); }); } -Target::Target(std::string filename, std::vector hashes, uint64_t length, std::string correlation_id) +Target::Target(std::string filename, std::map ecus, std::vector hashes, + uint64_t length, std::string correlation_id) : filename_(std::move(filename)), + ecus_(std::move(ecus)), hashes_(std::move(hashes)), length_(length), correlation_id_(std::move(correlation_id)) { @@ -215,13 +217,20 @@ bool Target::IsOstree() const { Json::Value Target::toDebugJson() const { Json::Value res; - for (auto it = ecus_.begin(); it != ecus_.cend(); ++it) { - res["custom"]["ecuIdentifiers"][it->first.ToString()]["hardwareId"] = it->second.ToString(); + for (const auto &ecu : ecus_) { + res["custom"]["ecuIdentifiers"][ecu.first.ToString()]["hardwareId"] = ecu.second.ToString(); + } + if (!hwids_.empty()) { + Json::Value hwids; + for (Json::Value::ArrayIndex i = 0; i < hwids_.size(); ++i) { + hwids[i] = hwids_[i].ToString(); + } + res["custom"]["hardwareIds"] = hwids; } res["custom"]["targetFormat"] = type_; - for (auto it = hashes_.cbegin(); it != hashes_.cend(); ++it) { - res["hashes"][it->TypeString()] = it->HashString(); + for (const auto &hash : hashes_) { + res["hashes"][hash.TypeString()] = hash.HashString(); } res["length"] = Json::Value(static_cast(length_)); return res; diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index 6ba4daf87e..a3d55daabc 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -224,8 +224,10 @@ class Target { public: // From Uptane metadata Target(std::string filename, const Json::Value &content); - // Internal, does not have type or ecu types informations - Target(std::string filename, std::vector hashes, uint64_t length, std::string correlation_id = ""); + // Internal, does not have type. Only used for reading installation_versions + // list and by various tests. + Target(std::string filename, std::map ecus, std::vector hashes, uint64_t length, + std::string correlation_id = ""); static Target Unknown(); diff --git a/src/libaktualizr/uptane/uptane_test.cc b/src/libaktualizr/uptane/uptane_test.cc index 07ab944656..e40f0641ec 100644 --- a/src/libaktualizr/uptane/uptane_test.cc +++ b/src/libaktualizr/uptane/uptane_test.cc @@ -830,8 +830,16 @@ TEST(Uptane, FsToSqlFull) { bool ecu_registered = fs_storage.loadEcuRegistered(); - std::vector installed_versions; - fs_storage.loadInstalledVersions(&installed_versions, nullptr); + std::vector fs_installed_versions; + std::vector fixed_installed_versions; + fs_storage.loadInstalledVersions(&fs_installed_versions, nullptr); + // Add the serial/hwid mapping to match what the SQL storage will do when + // reading it back after it has been copied from FS storage. + for (auto &target : fs_installed_versions) { + Json::Value dump = target.toDebugJson(); + dump["custom"]["ecuIdentifiers"][serials[0].first.ToString()]["hardwareId"] = serials[0].second.ToString(); + fixed_installed_versions.emplace_back(Uptane::Target(target.filename(), dump)); + } std::string director_root; std::string director_targets; @@ -928,7 +936,7 @@ TEST(Uptane, FsToSqlFull) { EXPECT_EQ(sql_device_id, device_id); EXPECT_EQ(sql_serials, serials); EXPECT_EQ(sql_ecu_registered, ecu_registered); - EXPECT_EQ(sql_installed_versions, installed_versions); + EXPECT_EQ(sql_installed_versions, fixed_installed_versions); EXPECT_EQ(sql_director_root, director_root); EXPECT_EQ(sql_director_targets, director_targets); diff --git a/tests/ipsecondary_test.py b/tests/ipsecondary_test.py index f13ef3ab71..6d8d6e7337 100755 --- a/tests/ipsecondary_test.py +++ b/tests/ipsecondary_test.py @@ -53,7 +53,7 @@ def add_image(self, id, image_filename, target_name=None, image_size=1024): image_file.write(urandom(image_size)) subprocess.run([self._repo_manager_exe, '--path', self.root_dir, - '--command', 'image', '--filename', image_filename, '--targetname', targetname], + '--command', 'image', '--filename', image_filename, '--targetname', targetname, '--hwid', id[0]], cwd=self.image_dir, check=True) # update the director metadata @@ -168,7 +168,7 @@ def __init__(self, aktualizr_primary_exe, aktualizr_info_exe, id, tls_pkey_path = "{pkey_path}" tls_clientcert_path = "{cert_path}" - [provision] + [provision] primary_ecu_serial = "{serial}" primary_ecu_hardware_id = "{hw_ID}" @@ -182,7 +182,7 @@ def __init__(self, aktualizr_primary_exe, aktualizr_info_exe, id, [uptane] secondary_config_file = "{secondary_cfg_file}" - + [logger] loglevel = 1 @@ -193,7 +193,7 @@ def __init__(self, aktualizr_primary_exe, aktualizr_info_exe, id, "IP": {{ "secondaries_wait_port": {port}, "secondaries_wait_timeout": {timeout}, - "secondaries": [] + "secondaries": [] }} }} ''' diff --git a/tests/memory_usage_test.sh b/tests/memory_usage_test.sh index 692b72916d..f4020c4238 100755 --- a/tests/memory_usage_test.sh +++ b/tests/memory_usage_test.sh @@ -27,9 +27,9 @@ EOF dpkg-deb -Znone -b $TEMP_DIR/deb $TEMP_DIR/good.deb PATH="tests/test_data/fake_dpkg":$PATH -$1/src/aktualizr_repo/aktualizr-repo image --filename $TEMP_DIR/good.deb --targetname good.deb --path $TEMP_DIR/uptane -$1/src/aktualizr_repo/aktualizr-repo addtarget --targetname good.deb --path $TEMP_DIR/uptane --hwid desktop --serial serial1 -$1/src/aktualizr_repo/aktualizr-repo signtargets --path $TEMP_DIR/uptane +$1/src/aktualizr_repo/aktualizr-repo image --path $TEMP_DIR/uptane --filename $TEMP_DIR/good.deb --targetname good.deb --hwid desktop +$1/src/aktualizr_repo/aktualizr-repo addtarget --path $TEMP_DIR/uptane --targetname good.deb --hwid desktop --serial serial1 +$1/src/aktualizr_repo/aktualizr-repo signtargets --path $TEMP_DIR/uptane sed -i 's/\[provision\]/\[provision\]\nprimary_ecu_serial = serial1/g' "$TEMP_DIR/sota.toml" diff --git a/tests/metafake.h b/tests/metafake.h index 5d0391903f..c0e5bc8247 100644 --- a/tests/metafake.h +++ b/tests/metafake.h @@ -26,19 +26,22 @@ class MetaFake { private: void create_testData(void) { boost::filesystem::path file_name; + std::string hwid; Delegation delegation; // add image for "has update" meta file_name = "dummy_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); + repo.addImage(work_dir / file_name, file_name, "dummy", delegation); file_name = "primary_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); - repo.addTarget(file_name.string(), "primary_hw", "CA:FE:A6:D2:84:9D"); + hwid = "primary_hw"; + repo.addImage(work_dir / file_name, file_name, hwid, delegation); + repo.addTarget(file_name.string(), hwid, "CA:FE:A6:D2:84:9D"); file_name = "secondary_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); - repo.addTarget(file_name.string(), "secondary_hw", "secondary_ecu_serial"); + hwid = "secondary_hw"; + repo.addImage(work_dir / file_name, file_name, hwid, delegation); + repo.addTarget(file_name.string(), hwid, "secondary_ecu_serial"); repo.signTargets(); rename("_hasupdates"); @@ -47,7 +50,7 @@ class MetaFake { restore(); file_name = "dummy_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); + repo.addImage(work_dir / file_name, file_name, "dummy", delegation); repo.signTargets(); rename("_noupdates"); @@ -56,16 +59,18 @@ class MetaFake { restore(); file_name = "dummy_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); + repo.addImage(work_dir / file_name, file_name, "dummy", delegation); file_name = "secondary_firmware.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); - repo.addTarget(file_name.string(), "sec_hwid1", "sec_serial1"); + hwid = "sec_hw1"; + repo.addImage(work_dir / file_name, file_name, hwid, delegation); + repo.addTarget(file_name.string(), hwid, "sec_serial1"); file_name = "secondary_firmware2.txt"; - repo.addImage(work_dir / file_name, file_name, delegation); - repo.addTarget(file_name.string(), "sec_hwid2", "sec_serial2"); - + hwid = "sec_hw2"; + repo.addImage(work_dir / file_name, file_name, hwid, delegation); + repo.addTarget(file_name.string(), hwid, "sec_serial2"); + repo.signTargets(); rename("_multisec"); @@ -111,7 +116,7 @@ class MetaFake { void rename(const std::string &appendix) { for (unsigned int i=0; i < backup_files.size(); i++) { - boost::filesystem::rename(backup_files[i], + boost::filesystem::rename(backup_files[i], (backup_files[i].parent_path() / backup_files[i].stem()).string() + appendix + ".json"); } } diff --git a/tests/run_expired_test.sh b/tests/run_expired_test.sh index 68c6db17a5..73b309a5a3 100755 --- a/tests/run_expired_test.sh +++ b/tests/run_expired_test.sh @@ -2,8 +2,8 @@ set -xeuo pipefail TEMP_DIR=/tmp/temp_aktualizr_expire_repo/$(mktemp -d)/$1 -$2/src/aktualizr_repo/aktualizr-repo generate $TEMP_DIR --expires=$1 -$2/src/aktualizr_repo/aktualizr-repo image $TEMP_DIR ./tests/test_data/credentials.zip +"$2/src/aktualizr_repo/aktualizr-repo" generate $TEMP_DIR --expires=$1 +"$2/src/aktualizr_repo/aktualizr-repo" image $TEMP_DIR ./tests/test_data/credentials.zip --hwid test_hwid cp ./tests/test_data/credentials.zip $TEMP_DIR @@ -35,4 +35,4 @@ function finish { trap finish EXIT sleep 2 -$2/src/sota_tools/garage-check -j $TEMP_DIR/credentials.zip -r 714581b2ffbbf7a750cb0a210fa7d74fd9128bd627cd4913e365d5bf2f66eba9 \ No newline at end of file +"$2/src/sota_tools/garage-check" -j $TEMP_DIR/credentials.zip -r 714581b2ffbbf7a750cb0a210fa7d74fd9128bd627cd4913e365d5bf2f66eba9 diff --git a/tests/uptane_repo_generation/delegation_basic.sh b/tests/uptane_repo_generation/delegation_basic.sh index bee1feccdc..c4eb9c1b4f 100755 --- a/tests/uptane_repo_generation/delegation_basic.sh +++ b/tests/uptane_repo_generation/delegation_basic.sh @@ -32,8 +32,8 @@ if [[ "$REVOKE" = "revoke" ]]; then else akrepo --command generate --expires 2021-07-04T16:33:27Z akrepo --command adddelegation --dname new-role --dpattern "abc/*" --keytype ed25519 - akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt - akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname "abc/secondary.txt" --dname new-role + akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt --hwid primary_hw + akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname "abc/secondary.txt" --dname new-role --hwid secondary_hw akrepo --command addtarget --hwid primary_hw --serial CA:FE:A6:D2:84:9D --targetname primary.txt akrepo --command addtarget --hwid secondary_hw --serial secondary_ecu_serial --targetname "abc/secondary.txt" akrepo --command signtargets diff --git a/tests/uptane_repo_generation/delegation_nested.sh b/tests/uptane_repo_generation/delegation_nested.sh index 3f946116b4..1e008c9d7e 100755 --- a/tests/uptane_repo_generation/delegation_nested.sh +++ b/tests/uptane_repo_generation/delegation_nested.sh @@ -39,18 +39,18 @@ else akrepo --command adddelegation --dname role-bcd --dpattern "bcd/*" --dparent delegation-top akrepo --command adddelegation --dname role-cde --dpattern "cde/*" --dparent role-bcd akrepo --command adddelegation --dname role-def --dpattern "def/*" --dparent delegation-top - akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt - akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname "abc/secondary.txt" --dname role-abc + akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt --hwid primary_hw + akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname "abc/secondary.txt" --dname role-abc --hwid secondary_hw # extra images for allTargets testing - akrepo --command image --targetname "abracadabra" --dname delegation-top --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "abc/target0" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "abc/target1" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "abc/target2" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "bcd/target0" --dname role-bcd --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "cde/target0" --dname role-cde --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "cde/target1" --dname role-cde --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 - akrepo --command image --targetname "def/target0" --dname role-def --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 + akrepo --command image --targetname "abracadabra" --dname delegation-top --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "abc/target0" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "abc/target1" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "abc/target2" --dname role-abc --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "bcd/target0" --dname role-bcd --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "cde/target0" --dname role-cde --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "cde/target1" --dname role-cde --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw + akrepo --command image --targetname "def/target0" --dname role-def --targetsha256 40c1fb5a90ea02744126187dc8372f9a289c59f1af4afd9855fd2285f9648bb3 --targetsha512 671718e0c9025135aba25bca6b794920cee047a8031e1f955d5c4d82072422467af5d367243f4113d1b9ca79321091f738e68f27f136f633a5fc9cd6f430c689 --targetlength 100 --hwid secondary_hw akrepo --command addtarget --hwid primary_hw --serial CA:FE:A6:D2:84:9D --targetname primary.txt akrepo --command addtarget --hwid secondary_hw --serial secondary_ecu_serial --targetname "abc/secondary.txt" akrepo --command signtargets diff --git a/tests/uptane_repo_generation/full_no_correlation_id.sh b/tests/uptane_repo_generation/full_no_correlation_id.sh index 53775a153c..e52c5f9b80 100755 --- a/tests/uptane_repo_generation/full_no_correlation_id.sh +++ b/tests/uptane_repo_generation/full_no_correlation_id.sh @@ -29,8 +29,8 @@ SECONDARY_FIRMWARE="$IMAGES/secondary.txt" echo "secondary" > "$SECONDARY_FIRMWARE" akrepo --command generate --expires 2021-07-04T16:33:27Z -akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt -akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname secondary.txt +akrepo --command image --filename "$PRIMARY_FIRMWARE" --targetname primary.txt --hwid primary_hw +akrepo --command image --filename "$SECONDARY_FIRMWARE" --targetname secondary.txt --hwid secondary_hw akrepo --command addtarget --hwid primary_hw --serial CA:FE:A6:D2:84:9D --targetname primary.txt akrepo --command addtarget --hwid secondary_hw --serial secondary_ecu_serial --targetname secondary.txt akrepo --command signtargets diff --git a/tests/uptane_vector_tests.cc b/tests/uptane_vector_tests.cc index 561ab17e70..d990db0513 100644 --- a/tests/uptane_vector_tests.cc +++ b/tests/uptane_vector_tests.cc @@ -101,7 +101,8 @@ TEST_P(UptaneVector, Test) { Uptane::EcuSerial ecu_serial(config.provision.primary_ecu_serial); Uptane::HardwareIdentifier hw_id(config.provision.primary_ecu_hardware_id); uptane_client->hw_ids.insert(std::make_pair(ecu_serial, hw_id)); - Uptane::Target target("test_filename", {{Uptane::Hash::Type::kSha256, "sha256"}}, 1, ""); + std::map ecu_map{{ecu_serial, hw_id}}; + Uptane::Target target("test_filename", ecu_map, {{Uptane::Hash::Type::kSha256, "sha256"}}, 1, ""); storage->saveInstalledVersion(ecu_serial.ToString(), target, InstalledVersionUpdateMode::kCurrent); HttpClient http_client; From 9d8bb9765342f0e0e673fdb84050ccf5d5ac45fb Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Wed, 17 Jul 2019 14:41:43 +0200 Subject: [PATCH 06/11] Minor refactor to move Target equality function out of header file. Signed-off-by: Patrick Vacek --- src/libaktualizr/uptane/tuf.cc | 55 ++++++++++++++++++++++++++++++++ src/libaktualizr/uptane/tuf.h | 57 +--------------------------------- 2 files changed, 56 insertions(+), 56 deletions(-) diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index 16b5fa3a8f..975b6e0fff 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -215,6 +215,61 @@ bool Target::IsOstree() const { } } +bool Target::operator==(const Target &t2) const { + // type_ (targetFormat) is only provided by the Images repo. + // ecus_ is only provided by the Images repo. + // correlation_id_ is only provided by the Director. + // uri_ is unchecked because Uptane mentions it should be provided by the + // Director, although it can be provided by the Image repository as well. + if (filename_ != t2.filename_) { + return false; + } + if (length_ != t2.length_) { + return false; + } + + // If the HWID vector and ECU->HWID map match, we're good. Otherwise, assume + // we have a Target from the Director (ECU->HWID map populated, HWID vector + // empty) and a Target from the Images repo (HWID vector populated, + // ECU->HWID map empty). Figure out which Target has the map, and then for + // every item in the map, make sure it's in the other Target's HWID vector. + if (hwids_ != t2.hwids_ || ecus_ != t2.ecus_) { + std::shared_ptr> ecu_map; // Director + std::shared_ptr> hwid_vector; // Image repo + if (!hwids_.empty() && ecus_.empty() && t2.hwids_.empty() && !t2.ecus_.empty()) { + ecu_map = std::make_shared>(t2.ecus_); + hwid_vector = std::make_shared>(hwids_); + } else if (!t2.hwids_.empty() && t2.ecus_.empty() && hwids_.empty() && !ecus_.empty()) { + ecu_map = std::make_shared>(ecus_); + hwid_vector = std::make_shared>(t2.hwids_); + } else { + return false; + } + for (auto map_it = ecu_map->cbegin(); map_it != ecu_map->cend(); ++map_it) { + auto vec_it = find(hwid_vector->cbegin(), hwid_vector->cend(), map_it->second); + if (vec_it == hwid_vector->end()) { + return false; + } + } + } + + // requirements: + // - all hashes of the same type should match + // - at least one pair of hashes should match + bool oneMatchingHash = false; + for (const Hash &hash : hashes_) { + for (const Hash &hash2 : t2.hashes_) { + if (hash.type() == hash2.type() && !(hash == hash2)) { + return false; + } + if (hash == hash2) { + oneMatchingHash = true; + } + } + } + return oneMatchingHash; +} + Json::Value Target::toDebugJson() const { Json::Value res; for (const auto &ecu : ecus_) { diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index a3d55daabc..a1bbc0f8e6 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -244,7 +244,6 @@ class Target { uint64_t length() const { return length_; } bool IsValid() const { return valid; } std::string uri() const { return uri_; }; - bool MatchWith(const Hash &hash) const; bool IsForSecondary(const EcuSerial &ecuIdentifier) const { @@ -261,61 +260,7 @@ class Target { */ bool IsOstree() const; - bool operator==(const Target &t2) const { - // type_ (targetFormat) is only provided by the Images repo. - // ecus_ is only provided by the Images repo. - // correlation_id_ is only provided by the Director. - // uri_ is unchecked because Uptane mentions it should be provided by the - // Director, although it can be provided by the Image repository as well. - if (filename_ != t2.filename_) { - return false; - } - if (length_ != t2.length_) { - return false; - } - - // If the HWID vector and ECU->HWID map match, we're good. Otherwise, assume - // we have a Target from the Director (ECU->HWID map populated, HWID vector - // empty) and a Target from the Images repo (HWID vector populated, - // ECU->HWID map empty). Figure out which Target has the map, and then for - // every item in the map, make sure it's in the other Target's HWID vector. - if (hwids_ != t2.hwids_ || ecus_ != t2.ecus_) { - std::shared_ptr> ecu_map; // Director - std::shared_ptr> hwid_vector; // Image repo - if (!hwids_.empty() && ecus_.empty() && t2.hwids_.empty() && !t2.ecus_.empty()) { - ecu_map = std::make_shared>(t2.ecus_); - hwid_vector = std::make_shared>(hwids_); - } else if (!t2.hwids_.empty() && t2.ecus_.empty() && hwids_.empty() && !ecus_.empty()) { - ecu_map = std::make_shared>(ecus_); - hwid_vector = std::make_shared>(t2.hwids_); - } else { - return false; - } - for (auto map_it = ecu_map->cbegin(); map_it != ecu_map->cend(); ++map_it) { - auto vec_it = find(hwid_vector->cbegin(), hwid_vector->cend(), map_it->second); - if (vec_it == hwid_vector->end()) { - return false; - } - } - } - - // requirements: - // - all hashes of the same type should match - // - at least one pair of hashes should match - bool oneMatchingHash = false; - for (const Hash &hash : hashes_) { - for (const Hash &hash2 : t2.hashes_) { - if (hash.type() == hash2.type() && !(hash == hash2)) { - return false; - } - if (hash == hash2) { - oneMatchingHash = true; - } - } - } - return oneMatchingHash; - } - + bool operator==(const Target &t2) const; Json::Value toDebugJson() const; friend std::ostream &operator<<(std::ostream &os, const Target &t); From 76e842d2a7e61b779a9110d4437c8d698a7d1c48 Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Wed, 17 Jul 2019 15:04:35 +0200 Subject: [PATCH 07/11] Update changelog. Signed-off-by: Patrick Vacek --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6963df00a2..a7f5ec07de 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ Our versioning scheme is `YEAR.N` where `N` is incremented whenever a new releas ## [??? (unreleased)] +### Added + +- aktualizr-info --wait-until-provisioned flag: [PR](https://github.com/advancedtelematic/aktualizr/pull/1253) +- Target object equality requires that hardware IDs match: [PR](https://github.com/advancedtelematic/aktualizr/pull/1258) +- aktualizr-repo image command now requires a hardware ID: [PR](https://github.com/advancedtelematic/aktualizr/pull/1258) + + ## [2019.5] - 2019-07-12 ### Added From a4a8feeee12e93f1b3ccef4e0c3ec4d2359b5c3d Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Thu, 18 Jul 2019 14:56:45 +0200 Subject: [PATCH 08/11] Create EcuMap type to improve readability. Signed-off-by: Patrick Vacek --- src/aktualizr_info/aktualizr_info_test.cc | 6 +++--- .../packagemanagerfake_test.cc | 5 ++--- src/libaktualizr/primary/sotauptaneclient.h | 2 +- src/libaktualizr/storage/sqlstorage.cc | 2 +- .../storage/storage_common_test.cc | 6 ++---- src/libaktualizr/uptane/tuf.cc | 11 +++++----- src/libaktualizr/uptane/tuf.h | 9 ++++---- src/libaktualizr/uptane/tuf_test.cc | 21 +++++++++---------- tests/uptane_vector_tests.cc | 2 +- 9 files changed, 30 insertions(+), 34 deletions(-) diff --git a/src/aktualizr_info/aktualizr_info_test.cc b/src/aktualizr_info/aktualizr_info_test.cc index f1e9163bf2..7a75a46292 100644 --- a/src/aktualizr_info/aktualizr_info_test.cc +++ b/src/aktualizr_info/aktualizr_info_test.cc @@ -382,7 +382,7 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersions) { const std::string current_ecu_version = "639a4e39-e6ba-4832-ace4-8b12cf20d562"; const std::string pending_ecu_version = "9636753d-2a09-4c80-8b25-64b2c2d0c4df"; - std::map ecu_map{{primary_ecu_serial, primary_hw_id}}; + Uptane::EcuMap ecu_map{{primary_ecu_serial, primary_hw_id}}; db_storage_->savePrimaryInstalledVersion( {"update.bin", ecu_map, {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1, "corrid"}, InstalledVersionUpdateMode::kCurrent); @@ -421,7 +421,7 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuCurrentAndPendingVersionsNegative) { EXPECT_NE(aktualizr_info_output.find("No currently running version on primary ecu"), std::string::npos); EXPECT_EQ(aktualizr_info_output.find("Pending primary ecu version:"), std::string::npos); - std::map ecu_map{{primary_ecu_serial, primary_hw_id}}; + Uptane::EcuMap ecu_map{{primary_ecu_serial, primary_hw_id}}; db_storage_->savePrimaryInstalledVersion( {"update-01.bin", ecu_map, {{Uptane::Hash::Type::kSha256, pending_ecu_version}}, 1, "corrid-01"}, InstalledVersionUpdateMode::kPending); @@ -463,7 +463,7 @@ TEST_F(AktualizrInfoTest, PrintSecondaryEcuCurrentAndPendingVersions) { db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}}); db_storage_->storeEcuRegistered(); - std::map ecu_map{{secondary_ecu_serial, secondary_hw_id}}; + Uptane::EcuMap ecu_map{{secondary_ecu_serial, secondary_hw_id}}; db_storage_->saveInstalledVersion( secondary_ecu_serial.ToString(), {secondary_ecu_filename, ecu_map, {{Uptane::Hash::Type::kSha256, current_ecu_version}}, 1}, diff --git a/src/libaktualizr/package_manager/packagemanagerfake_test.cc b/src/libaktualizr/package_manager/packagemanagerfake_test.cc index 57d258ccd6..38a2cf7dd0 100644 --- a/src/libaktualizr/package_manager/packagemanagerfake_test.cc +++ b/src/libaktualizr/package_manager/packagemanagerfake_test.cc @@ -26,7 +26,7 @@ TEST(PackageManagerFake, FinalizeAfterReboot) { PackageManagerFake fakepm(config.pacman, storage, bootloader, nullptr); - std::map primary_ecu; + Uptane::EcuMap primary_ecu; Uptane::Target target("pkg", primary_ecu, {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); auto result = fakepm.install(target); EXPECT_EQ(result.result_code, data::ResultCode::Numeric::kNeedCompletion); @@ -52,8 +52,7 @@ TEST(PackageManagerFake, FailureInjection) { fiu_init(0); // no fault - std::map primary_ecu{ - {Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; + Uptane::EcuMap primary_ecu{{Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; Uptane::Target target("pkg", primary_ecu, {Uptane::Hash(Uptane::Hash::Type::kSha256, "hash")}, 1, ""); auto result = fakepm.install(target); EXPECT_EQ(result.result_code, data::ResultCode::Numeric::kOk); diff --git a/src/libaktualizr/primary/sotauptaneclient.h b/src/libaktualizr/primary/sotauptaneclient.h index 529b8477d5..c8f4ed231f 100644 --- a/src/libaktualizr/primary/sotauptaneclient.h +++ b/src/libaktualizr/primary/sotauptaneclient.h @@ -146,7 +146,7 @@ class SotaUptaneClient { std::shared_ptr bootloader; std::shared_ptr report_queue; Json::Value last_network_info_reported; - std::map hw_ids; + Uptane::EcuMap hw_ids; std::shared_ptr events_channel; boost::signals2::connection conn; Uptane::Exception last_exception{"", ""}; diff --git a/src/libaktualizr/storage/sqlstorage.cc b/src/libaktualizr/storage/sqlstorage.cc index 5f15d742b3..f2c9292ca7 100644 --- a/src/libaktualizr/storage/sqlstorage.cc +++ b/src/libaktualizr/storage/sqlstorage.cc @@ -979,7 +979,7 @@ bool SQLStorage::loadInstalledVersions(const std::string& ecu_serial, std::vecto } } - std::map ecu_map; + Uptane::EcuMap ecu_map; auto statement = db.prepareStatement("SELECT hardware_id FROM ecu_serials WHERE serial = ?;", ecu_serial_real); if (statement.step() == SQLITE_ROW) { diff --git a/src/libaktualizr/storage/storage_common_test.cc b/src/libaktualizr/storage/storage_common_test.cc index 368d77bf2d..6a13d4d7df 100644 --- a/src/libaktualizr/storage/storage_common_test.cc +++ b/src/libaktualizr/storage/storage_common_test.cc @@ -299,8 +299,7 @@ TEST(storage, load_store_installed_versions) { Uptane::Hash{Uptane::Hash::Type::kSha256, "2561"}, Uptane::Hash{Uptane::Hash::Type::kSha512, "5121"}, }; - std::map primary_ecu{ - {Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; + Uptane::EcuMap primary_ecu{{Uptane::EcuSerial("primary"), Uptane::HardwareIdentifier("primary_hw")}}; Uptane::Target t1{"update.bin", primary_ecu, hashes, 1, "corrid"}; storage->savePrimaryInstalledVersion(t1, InstalledVersionUpdateMode::kCurrent); @@ -376,8 +375,7 @@ TEST(storage, load_store_installed_versions) { } // Add a secondary installed version - std::map secondary_ecu{ - {Uptane::EcuSerial("secondary1"), Uptane::HardwareIdentifier("secondary_hw")}}; + Uptane::EcuMap secondary_ecu{{Uptane::EcuSerial("secondary1"), Uptane::HardwareIdentifier("secondary_hw")}}; Uptane::Target tsec{"secondary.bin", secondary_ecu, {Uptane::Hash{Uptane::Hash::Type::kSha256, "256s"}}, 4}; storage->saveInstalledVersion("secondary_1", tsec, InstalledVersionUpdateMode::kCurrent); diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index 975b6e0fff..1b3cb9481e 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -160,8 +160,7 @@ Target::Target(std::string filename, const Json::Value &content) : filename_(std std::sort(hashes_.begin(), hashes_.end(), [](const Hash &l, const Hash &r) { return l.type() < r.type(); }); } -Target::Target(std::string filename, std::map ecus, std::vector hashes, - uint64_t length, std::string correlation_id) +Target::Target(std::string filename, EcuMap ecus, std::vector hashes, uint64_t length, std::string correlation_id) : filename_(std::move(filename)), ecus_(std::move(ecus)), hashes_(std::move(hashes)), @@ -234,13 +233,13 @@ bool Target::operator==(const Target &t2) const { // ECU->HWID map empty). Figure out which Target has the map, and then for // every item in the map, make sure it's in the other Target's HWID vector. if (hwids_ != t2.hwids_ || ecus_ != t2.ecus_) { - std::shared_ptr> ecu_map; // Director - std::shared_ptr> hwid_vector; // Image repo + std::shared_ptr ecu_map; // Director + std::shared_ptr> hwid_vector; // Image repo if (!hwids_.empty() && ecus_.empty() && t2.hwids_.empty() && !t2.ecus_.empty()) { - ecu_map = std::make_shared>(t2.ecus_); + ecu_map = std::make_shared(t2.ecus_); hwid_vector = std::make_shared>(hwids_); } else if (!t2.hwids_.empty() && t2.ecus_.empty() && hwids_.empty() && !ecus_.empty()) { - ecu_map = std::make_shared>(ecus_); + ecu_map = std::make_shared(ecus_); hwid_vector = std::make_shared>(t2.hwids_); } else { return false; diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index a1bbc0f8e6..77ed78b7c2 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -220,18 +220,19 @@ class Hash { std::ostream &operator<<(std::ostream &os, const Hash &h); +using EcuMap = std::map; + class Target { public: // From Uptane metadata Target(std::string filename, const Json::Value &content); // Internal, does not have type. Only used for reading installation_versions // list and by various tests. - Target(std::string filename, std::map ecus, std::vector hashes, uint64_t length, - std::string correlation_id = ""); + Target(std::string filename, EcuMap ecus, std::vector hashes, uint64_t length, std::string correlation_id = ""); static Target Unknown(); - const std::map &ecus() const { return ecus_; } + const EcuMap &ecus() const { return ecus_; } std::string filename() const { return filename_; } std::string sha256Hash() const; std::string sha512Hash() const; @@ -268,7 +269,7 @@ class Target { bool valid{true}; std::string filename_; std::string type_; - std::map ecus_; // Director only + EcuMap ecus_; // Director only std::vector hashes_; std::vector hwids_; // Images repo only Json::Value custom_; diff --git a/src/libaktualizr/uptane/tuf_test.cc b/src/libaktualizr/uptane/tuf_test.cc index a638873daf..477318a7a7 100644 --- a/src/libaktualizr/uptane/tuf_test.cc +++ b/src/libaktualizr/uptane/tuf_test.cc @@ -97,8 +97,7 @@ Json::Value generateTarget(const std::string& hash, const int length) { return target; } -Json::Value generateDirectorTarget(const std::string& hash, const int length, - const std::map& ecu_map) { +Json::Value generateDirectorTarget(const std::string& hash, const int length, const Uptane::EcuMap& ecu_map) { Json::Value target = generateTarget(hash, length); Json::Value custom; Json::Value ecus; @@ -129,7 +128,7 @@ Json::Value generateImagesTarget(const std::string& hash, const int length, TEST(Target, Match) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -142,7 +141,7 @@ TEST(Target, Match) { TEST(Target, MatchDirector) { Uptane::HardwareIdentifier hwid("first-test"); Uptane::HardwareIdentifier hwid2("second-test"); - std::map ecu_map; + Uptane::EcuMap ecu_map; ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); ecu_map.insert({Uptane::EcuSerial("serial2"), hwid2}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -168,7 +167,7 @@ TEST(Target, MatchImages) { TEST(Target, MatchExtraHwId) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -183,7 +182,7 @@ TEST(Target, MatchTwo) { Uptane::HardwareIdentifier hwid("first-test"); Uptane::HardwareIdentifier hwid2("second-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); hardwareIds.emplace_back(hwid2); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); @@ -211,7 +210,7 @@ TEST(Target, MultipleHwIdMismatch) { TEST(Target, MissingHwId) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -225,7 +224,7 @@ TEST(Target, MissingHwId) { TEST(Target, FilenameMismatch) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -238,7 +237,7 @@ TEST(Target, FilenameMismatch) { TEST(Target, LengthMismatch) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -251,7 +250,7 @@ TEST(Target, LengthMismatch) { TEST(Target, HardwareIdMismatch) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); @@ -265,7 +264,7 @@ TEST(Target, HardwareIdMismatch) { TEST(Target, HashMismatch) { Uptane::HardwareIdentifier hwid("fake-test"); std::vector hardwareIds; - std::map ecu_map; + Uptane::EcuMap ecu_map; hardwareIds.emplace_back(hwid); ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); diff --git a/tests/uptane_vector_tests.cc b/tests/uptane_vector_tests.cc index d990db0513..c8fa9898e7 100644 --- a/tests/uptane_vector_tests.cc +++ b/tests/uptane_vector_tests.cc @@ -101,7 +101,7 @@ TEST_P(UptaneVector, Test) { Uptane::EcuSerial ecu_serial(config.provision.primary_ecu_serial); Uptane::HardwareIdentifier hw_id(config.provision.primary_ecu_hardware_id); uptane_client->hw_ids.insert(std::make_pair(ecu_serial, hw_id)); - std::map ecu_map{{ecu_serial, hw_id}}; + Uptane::EcuMap ecu_map{{ecu_serial, hw_id}}; Uptane::Target target("test_filename", ecu_map, {{Uptane::Hash::Type::kSha256, "sha256"}}, 1, ""); storage->saveInstalledVersion(ecu_serial.ToString(), target, InstalledVersionUpdateMode::kCurrent); From 38537a4a30640ac3235efaae74780f3beecbc95a Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Thu, 18 Jul 2019 14:10:04 +0200 Subject: [PATCH 09/11] Generate fake_root for selfupdate test dynamically. Fixes OTA-2706 (Remove tests/test_data/fake_root). Also fixes the last broken test due to the Target matching changes. Signed-off-by: Patrick Vacek --- scripts/build_ubuntu.sh | 2 +- scripts/selfupdate_server.py | 9 ++++-- scripts/test_install_aktualizr_and_update.sh | 5 ++++ tests/config/selfupdate.toml | 2 +- .../fake_root/keys/director/key_type | 1 - .../fake_root/keys/director/private.key | 27 ------------------ .../fake_root/keys/director/public.key | 9 ------ tests/test_data/fake_root/keys/image/key_type | 1 - .../fake_root/keys/image/private.key | 27 ------------------ .../test_data/fake_root/keys/image/public.key | 9 ------ .../fake_root/repo/director/1.root.json | 1 - .../fake_root/repo/director/manifest | 0 .../fake_root/repo/director/root.json | 1 - .../fake_root/repo/director/snapshot.json | 1 - .../fake_root/repo/director/targets.json | 1 - .../fake_root/repo/director/timestamp.json | 1 - .../test_data/fake_root/repo/repo/1.root.json | 1 - tests/test_data/fake_root/repo/repo/root.json | 1 - .../fake_root/repo/repo/snapshot.json | 1 - .../fake_root/repo/repo/targets.json | 1 - .../fake_root/repo/repo/timestamp.json | 1 - .../repo/repo/targets => }/selfupdate_2.0 | Bin 22 files changed, 14 insertions(+), 88 deletions(-) delete mode 100644 tests/test_data/fake_root/keys/director/key_type delete mode 100644 tests/test_data/fake_root/keys/director/private.key delete mode 100644 tests/test_data/fake_root/keys/director/public.key delete mode 100644 tests/test_data/fake_root/keys/image/key_type delete mode 100644 tests/test_data/fake_root/keys/image/private.key delete mode 100644 tests/test_data/fake_root/keys/image/public.key delete mode 100644 tests/test_data/fake_root/repo/director/1.root.json delete mode 100644 tests/test_data/fake_root/repo/director/manifest delete mode 100644 tests/test_data/fake_root/repo/director/root.json delete mode 100644 tests/test_data/fake_root/repo/director/snapshot.json delete mode 100644 tests/test_data/fake_root/repo/director/targets.json delete mode 100644 tests/test_data/fake_root/repo/director/timestamp.json delete mode 100644 tests/test_data/fake_root/repo/repo/1.root.json delete mode 100644 tests/test_data/fake_root/repo/repo/root.json delete mode 100644 tests/test_data/fake_root/repo/repo/snapshot.json delete mode 100644 tests/test_data/fake_root/repo/repo/targets.json delete mode 100644 tests/test_data/fake_root/repo/repo/timestamp.json rename tests/test_data/{fake_root/repo/repo/targets => }/selfupdate_2.0 (100%) diff --git a/scripts/build_ubuntu.sh b/scripts/build_ubuntu.sh index 8b6b5f0c13..9c14684667 100755 --- a/scripts/build_ubuntu.sh +++ b/scripts/build_ubuntu.sh @@ -20,7 +20,7 @@ LDFLAGS="-s" "$GITREPO_ROOT/scripts/test.sh" cp -rf "$GITREPO_ROOT/tests/test_data/prov_selfupdate" "$TEST_INSTALL_DESTDIR" cp -rf "$GITREPO_ROOT/tests/config/selfupdate.toml" "$TEST_INSTALL_DESTDIR" cp -rf "$GITREPO_ROOT/scripts/selfupdate_server.py" "$TEST_INSTALL_DESTDIR" -cp -rf "$GITREPO_ROOT/tests/test_data/fake_root" "$TEST_INSTALL_DESTDIR" +cp -rf "$GITREPO_ROOT/tests/test_data/selfupdate_2.0" "$TEST_INSTALL_DESTDIR" cp -rf "$GITREPO_ROOT/src/aktualizr_repo/run/create_repo.sh" "$TEST_INSTALL_DESTDIR" cp -rf "$GITREPO_ROOT/src/aktualizr_repo/run/serve_repo.py" "$TEST_INSTALL_DESTDIR" diff --git a/scripts/selfupdate_server.py b/scripts/selfupdate_server.py index 93073fac1b..852c62ba7c 100755 --- a/scripts/selfupdate_server.py +++ b/scripts/selfupdate_server.py @@ -7,10 +7,15 @@ class Handler(BaseHTTPRequestHandler): def do_GET(self): - print("GET: " + self.path) + local_path = self.path + print("GET: " + local_path) + # Fix annoying issue where aktualizr-repo generates metadata for the + # images repository in /image but aktualizr expects /repo. + if local_path.startswith("/repo/"): + local_path = local_path.replace('/repo/', '/image/', 1) self.send_response(200) self.end_headers() - with open(self.server.base_dir + "/fake_root/repo/" + self.path, "rb") as fl: + with open(self.server.base_dir + "/fake_root/repo/" + local_path, "rb") as fl: self.wfile.write(bytearray(fl.read())) def do_POST(self): diff --git a/scripts/test_install_aktualizr_and_update.sh b/scripts/test_install_aktualizr_and_update.sh index c9c7ab705d..cf6ddf3d64 100755 --- a/scripts/test_install_aktualizr_and_update.sh +++ b/scripts/test_install_aktualizr_and_update.sh @@ -10,6 +10,11 @@ dpkg-deb -I "$TEST_INSTALL_DESTDIR"/aktualizr*.deb && dpkg -i "$TEST_INSTALL_DES akt_version=$(aktualizr --version) (grep "$(cat "$TEST_INSTALL_DESTDIR"/aktualizr-version)" <<< "$akt_version") || (echo "$akt_version"; false) +aktualizr-repo generate --path "$TEST_INSTALL_DESTDIR/fake_root" +aktualizr-repo image --path "$TEST_INSTALL_DESTDIR/fake_root" --targetname selfupdate_2.0 --filename "$TEST_INSTALL_DESTDIR/selfupdate_2.0" --hwid selfupdate-device +aktualizr-repo addtarget --path "$TEST_INSTALL_DESTDIR/fake_root" --targetname selfupdate_2.0 --hwid selfupdate-device --serial 723f79763eda1c753ce565c16862c79acdde32eb922d6662f088083c51ffde66 +aktualizr-repo signtargets --path "$TEST_INSTALL_DESTDIR/fake_root" + TEMP_DIR=$(mktemp -d) mkdir -m 700 -p "$TEMP_DIR/import" cp "$TEST_INSTALL_DESTDIR"/prov_selfupdate/* "$TEMP_DIR/import" diff --git a/tests/config/selfupdate.toml b/tests/config/selfupdate.toml index 0dfba2a07e..8d67d24c47 100644 --- a/tests/config/selfupdate.toml +++ b/tests/config/selfupdate.toml @@ -13,7 +13,7 @@ key_source = "file" [provision] primary_ecu_serial = "723f79763eda1c753ce565c16862c79acdde32eb922d6662f088083c51ffde66" -primary_ecu_hardware_id = "patriotyk-laptop" +primary_ecu_hardware_id = "selfupdate-device" [pacman] type = "debian" diff --git a/tests/test_data/fake_root/keys/director/key_type b/tests/test_data/fake_root/keys/director/key_type deleted file mode 100644 index 3605ceee18..0000000000 --- a/tests/test_data/fake_root/keys/director/key_type +++ /dev/null @@ -1 +0,0 @@ -"RSA2048" \ No newline at end of file diff --git a/tests/test_data/fake_root/keys/director/private.key b/tests/test_data/fake_root/keys/director/private.key deleted file mode 100644 index 71088a11fd..0000000000 --- a/tests/test_data/fake_root/keys/director/private.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA4DDXRbYcvBYBEsv2lrtB8ysG9PBpNLrnW+8FttncyZed3Zp1 -s/tcbDF+qKa7b987Pn6mYqqFhzhq7S3VVFib/KHDf4v8mLUTsj2kZNm2yhZKmARa -2qOTlbYvEcFsKAlqW7TrmtRu4LselCcfc+O1h56/Xomqnz3Lb23K5I9mTeo7hBGp -C1mSFwNzL/Rgl75Dq+aOarXkxTjIJWA2AFiU26/tA57ac0N/fy04+rxmKLkgEBT/ -b2qH5sBgz7B7SQ8f1nT+LsWpbKL9r+RIS9s3Wj8XmzyDz15GWfx4EVxDjE1Zr6L3 -Ix9EAm1HZGTClgrgCsrOuU8O3UrT0q+idoJqNQIDAQABAoIBAG+tJK8fJnUy6Nn6 -LB2trg55kn+U+nM/31vWVxxcrjTlh8gJ1zQOtF1Y0mUkmR4DLznUUQG5O8a9/dWk -DS507U8NLZttmihfmy4gsrFiGkHUlNfg43kiHrRnCk9n8H6JIigImYyI4aqky3i1 -fF94QMcL9vway5mDaMFbCcSNAkMwycQwt/FBao2H4vnumyTaW9dy6jzwmDt1nQrE -9v12wtmiFyPWu2aXKF8FcX818fyfYMnSECVZcprlMpqkSIosnNj6t4V+HQBXnC8f -MIXcq9jcaFkurgRhGSG+CeFE0M0mbluIbJVyKlN7feDmsFxLfpXOfdiS7FQejrtU -MhfMjIECgYEA/49frloVv+ZjYwGW/ohOsLugrytX9c1XG5WsTKECjczuFX2K3FAx -ffcUomTwIwCEGiHIm0TC2JorAbNUg3iH9DHZKz5AQtrIjAXfPRkSNVXd5kCdOLr/ -hSDgEdw9rvuzKk1zJ9b+gt7PjaOmvs9Ijv6e02a+wTtqASrDXac34DECgYEA4JOk -gZXjAkyV1Wq3vggtpreCQW07/ERy9gj3ekCRMtOvqKWKPFu65JQkcNiE+NA2bHGb -1/Yyf7KG7lk0L4i4bItIjpLw8BQBRZ6TY5TsKBmc6901tApK60uHnSbfnGglKNQC -vBoXkNZIYbAE8NrBqqr9M23o1DQOYF85Hzd4jUUCgYEA/ao3Y91hN1CcmBps4Qs1 -aHFkxlq0fXQroWLIWmt7GHswWz54xcQHzCujXKnqPiP1++ZKs+vlp5AnXhG9sp3B -/N453JV2vaViaLIvavrmuvAXSMQcCsJ6fI8sOi4tP/HwXe3wfrwFdqtowwOMsFsZ -f243Akk60JyD1NK4hs5DRRECgYEAo8+OI2ftmnO6p12cgWT9x6n7vTWsl6pmIMkR -m38Vanm2m9GEL9rJTIoyuo11EPjvedK01qai1zql6Z3vzuxved1vI3BThwtQkjPF -VtH+IJHuQK2uypDnbRI+7Ya5fSEKWemrxQFTRzbGvVrjf7xRn+fxoV3+gyslgW50 -AC06JfECgYBs+S+eNn7Rt6HvbP4nJhGfm1yfP6A58j82oYG3po6s1pHLR3Qz7izg -7mxYI+Ml+cLBjUBMfq2Ny//Y56e7IeXCf8wSUTZSwHWi2tlwk7qIJlIvBeIzixYM -vPwYlGPzqbeCcdP5ClkDB2VN+wx/omzPP3NeZjDIUudwBYfLdGgTNg== ------END RSA PRIVATE KEY----- diff --git a/tests/test_data/fake_root/keys/director/public.key b/tests/test_data/fake_root/keys/director/public.key deleted file mode 100644 index b52ec521c6..0000000000 --- a/tests/test_data/fake_root/keys/director/public.key +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DDXRbYcvBYBEsv2lrtB -8ysG9PBpNLrnW+8FttncyZed3Zp1s/tcbDF+qKa7b987Pn6mYqqFhzhq7S3VVFib -/KHDf4v8mLUTsj2kZNm2yhZKmARa2qOTlbYvEcFsKAlqW7TrmtRu4LselCcfc+O1 -h56/Xomqnz3Lb23K5I9mTeo7hBGpC1mSFwNzL/Rgl75Dq+aOarXkxTjIJWA2AFiU -26/tA57ac0N/fy04+rxmKLkgEBT/b2qH5sBgz7B7SQ8f1nT+LsWpbKL9r+RIS9s3 -Wj8XmzyDz15GWfx4EVxDjE1Zr6L3Ix9EAm1HZGTClgrgCsrOuU8O3UrT0q+idoJq -NQIDAQAB ------END PUBLIC KEY----- diff --git a/tests/test_data/fake_root/keys/image/key_type b/tests/test_data/fake_root/keys/image/key_type deleted file mode 100644 index 3605ceee18..0000000000 --- a/tests/test_data/fake_root/keys/image/key_type +++ /dev/null @@ -1 +0,0 @@ -"RSA2048" \ No newline at end of file diff --git a/tests/test_data/fake_root/keys/image/private.key b/tests/test_data/fake_root/keys/image/private.key deleted file mode 100644 index dce3eba834..0000000000 --- a/tests/test_data/fake_root/keys/image/private.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAwGUC3ZtRuS1GgM0/3iC55qSvXLtOSjU+TrEE8Xa9OZdxm1pJ -KePuU2ivTCXyOUX6xsshJRqdO4eCC/LIY68AD48z++yMJPWet+7cd0rFxXluMZJP -tUGksQXleH3bFOwQ+0X2qHaSwgo+J2Emnu3T4+UiS5v3HCIzpF7XPLkoRqO6ZNtU -ksvIPVzUmpKt8gEboHTPT1DI/nyBv6Or+4enz5hD+8kVLS1J8Bqz/5HTmacRtMJG -Dqj3GX3YI6gDRzred3HdECJA1mrqDnSsU9Fbzq6v7LjVRIBPNbMwgpt+c5B9OymV -Mp5iUSHctwFeZUo3ToaqfWBVGmqUSvE4WMb5OQIDAQABAoIBABBmzBa+Tfo+XNtQ -JBi4q4B5G6YJJcR3w4cL2kMHf1wwh/PZf5E9qCyeKQuR1JODXryhxoKWQT847yI7 -oU+2NIgfCix43v2rnstJZqwYyMFr97PsKDVokjSxLv3VpN6kvVHehgeYjCxUmTXc -N2GnHsA34XOWqTtRwxtJJoo7sq5K0sJPYYTO7MINB025cIaIprujmkmA2LniMTel -VyfRp6sLz8I6a3Z4Ku1xlKWD5Iw+r8NRZmR45AEnT29CsBzvyyAhENjqzN/TI1zx -MGtYVUQTTvIE5MishFFbWOm7TQBS9G/CRNEp47k+4dokGcneKk50lD2VIa8q4RzL -n6nD47ECgYEA/hh/rSgDmTEVpA14Syxg5l4jNhU1m7wIu6A65QQH6ONznrMN8oMn -W9gw+W4xH7W621sGu1rjmdy24fuUHnWRM1piiBpiJezzAsVOJdB9J+1dHPqx+BeU -y4Hgf2jKdIPjqjN2CkDyu69ODmnS1280k6F8vlky06eLuoZ88upq5tUCgYEAwdYi -YtCe9w5lRw95f4C0FPzuTv4e7G+LI0iTlTLA+Np671QWGoNeEiBSGqY/S+q9Pus0 -qLh6PggRqwfEvpNxTmBFIFvPJNOQxoUyMXIFIk/nROXYjF4eGdESanzTQB0KIEv8 -1FQyx/u+3IE8dbvwsy5CHMuinGxiTBrWlNIKQtUCgYEA+8nvCvkxx6XaGfy3DVbm -lqEGJ1uRCcekp7g5ZCNAa0iok8Q+t+e7IsnyjdjhmNiOVzu2SgXgr+EE4J5Zwm0h -+08/gDsUsxxAGqjFrbcRrnUJ5eOOY5eKfLcwbVC7/gWLnmbsO3Dsl4s5wBKhOZYa -9Yf6gu0E7rOCRM1sF5KvaBkCgYEAgGIi7k39K+dV/yXptCB7pfcMpDc+Jh2PC3ST -g1tVYr3adM+9wBvIX7sWhl4cSF0WsSi5/RIKrTFM+nmvvwYLIv0ya8dDQMH7/vDT -mNpLOjmwFPsjXX0s9K58QxmgFbPmNBQARmXqKHi+JnBWqigruZHm6gmaD37d8EhK -XdFsSG0CgYB4wtOO6cxiE1pi1+fAcVmG63pD9xvcvemAbqU8gHvsX5VtxwhvvMq7 -E37t1feiTp2dJZ3gRibe4Y66y8+eXH00wb++y0qk5vOUbNPJ0CWbsY7BgOMoC7Dn -Y5cfxd2cV7kCfhglWSwkg2K6zU421tO+f7PAH0iSw+1+yErUENlyfQ== ------END RSA PRIVATE KEY----- diff --git a/tests/test_data/fake_root/keys/image/public.key b/tests/test_data/fake_root/keys/image/public.key deleted file mode 100644 index 7175c60d71..0000000000 --- a/tests/test_data/fake_root/keys/image/public.key +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGUC3ZtRuS1GgM0/3iC5 -5qSvXLtOSjU+TrEE8Xa9OZdxm1pJKePuU2ivTCXyOUX6xsshJRqdO4eCC/LIY68A -D48z++yMJPWet+7cd0rFxXluMZJPtUGksQXleH3bFOwQ+0X2qHaSwgo+J2Emnu3T -4+UiS5v3HCIzpF7XPLkoRqO6ZNtUksvIPVzUmpKt8gEboHTPT1DI/nyBv6Or+4en -z5hD+8kVLS1J8Bqz/5HTmacRtMJGDqj3GX3YI6gDRzred3HdECJA1mrqDnSsU9Fb -zq6v7LjVRIBPNbMwgpt+c5B9OymVMp5iUSHctwFeZUo3ToaqfWBVGmqUSvE4WMb5 -OQIDAQAB ------END PUBLIC KEY----- diff --git a/tests/test_data/fake_root/repo/director/1.root.json b/tests/test_data/fake_root/repo/director/1.root.json deleted file mode 100644 index a6a51c860b..0000000000 --- a/tests/test_data/fake_root/repo/director/1.root.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4","method":"rsassa-pss","sig":"at/p7q75XY/wAAwhkQyjNp42D/XvVdSD/nlRB6SWX0LEaZoQs5no7EANxrRTfr9NISdSsTYq8JWR/lyQSMF1UIAU5alRDvfsEuipY+gSgoK3JfAA8c+WLY/l0+GIc+M+WfE36kXHuC8hwjp1cHRb+/qsLGTyMt3A650Us1p5+VMEdxn/ebeUiQoREZpifQ0F4iFxN33ZbgZFhduO1dO/0HyyBMDR6brcgrSNBluAz9mA5r64kftZ2lKF+3AvbeiPVcn7HV+ug4gFrT+l2sgxaw1+flpEusCtDaa/0u7sEX7htv+Gbx4TvYFuAhsl8sAXdtgxc2J1qrhZ58ys58+z/w=="}],"signed":{"_type":"Root","expires":"3019-02-10T13:33:02Z","keys":{"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4":{"keytype":"RSA","keyval":{"public":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DDXRbYcvBYBEsv2lrtB\n8ysG9PBpNLrnW+8FttncyZed3Zp1s/tcbDF+qKa7b987Pn6mYqqFhzhq7S3VVFib\n/KHDf4v8mLUTsj2kZNm2yhZKmARa2qOTlbYvEcFsKAlqW7TrmtRu4LselCcfc+O1\nh56/Xomqnz3Lb23K5I9mTeo7hBGpC1mSFwNzL/Rgl75Dq+aOarXkxTjIJWA2AFiU\n26/tA57ac0N/fy04+rxmKLkgEBT/b2qH5sBgz7B7SQ8f1nT+LsWpbKL9r+RIS9s3\nWj8XmzyDz15GWfx4EVxDjE1Zr6L3Ix9EAm1HZGTClgrgCsrOuU8O3UrT0q+idoJq\nNQIDAQAB\n-----END PUBLIC KEY-----\n"}}},"roles":{"root":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"snapshot":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"targets":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"timestamp":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1}}}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/director/manifest b/tests/test_data/fake_root/repo/director/manifest deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/tests/test_data/fake_root/repo/director/root.json b/tests/test_data/fake_root/repo/director/root.json deleted file mode 100644 index a6a51c860b..0000000000 --- a/tests/test_data/fake_root/repo/director/root.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4","method":"rsassa-pss","sig":"at/p7q75XY/wAAwhkQyjNp42D/XvVdSD/nlRB6SWX0LEaZoQs5no7EANxrRTfr9NISdSsTYq8JWR/lyQSMF1UIAU5alRDvfsEuipY+gSgoK3JfAA8c+WLY/l0+GIc+M+WfE36kXHuC8hwjp1cHRb+/qsLGTyMt3A650Us1p5+VMEdxn/ebeUiQoREZpifQ0F4iFxN33ZbgZFhduO1dO/0HyyBMDR6brcgrSNBluAz9mA5r64kftZ2lKF+3AvbeiPVcn7HV+ug4gFrT+l2sgxaw1+flpEusCtDaa/0u7sEX7htv+Gbx4TvYFuAhsl8sAXdtgxc2J1qrhZ58ys58+z/w=="}],"signed":{"_type":"Root","expires":"3019-02-10T13:33:02Z","keys":{"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4":{"keytype":"RSA","keyval":{"public":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DDXRbYcvBYBEsv2lrtB\n8ysG9PBpNLrnW+8FttncyZed3Zp1s/tcbDF+qKa7b987Pn6mYqqFhzhq7S3VVFib\n/KHDf4v8mLUTsj2kZNm2yhZKmARa2qOTlbYvEcFsKAlqW7TrmtRu4LselCcfc+O1\nh56/Xomqnz3Lb23K5I9mTeo7hBGpC1mSFwNzL/Rgl75Dq+aOarXkxTjIJWA2AFiU\n26/tA57ac0N/fy04+rxmKLkgEBT/b2qH5sBgz7B7SQ8f1nT+LsWpbKL9r+RIS9s3\nWj8XmzyDz15GWfx4EVxDjE1Zr6L3Ix9EAm1HZGTClgrgCsrOuU8O3UrT0q+idoJq\nNQIDAQAB\n-----END PUBLIC KEY-----\n"}}},"roles":{"root":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"snapshot":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"targets":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1},"timestamp":{"keyids":["884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4"],"threshold":1}}}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/director/snapshot.json b/tests/test_data/fake_root/repo/director/snapshot.json deleted file mode 100644 index ef0d60be1c..0000000000 --- a/tests/test_data/fake_root/repo/director/snapshot.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4","method":"rsassa-pss","sig":"1Cz2PeWdYfsqDVn6ufpj2p496dCz4Gkc1d6KnyNXyNvVNRoRtRvWLmma3Rc8xLT/uA3VPyNNTgOTIRKIHX+s+UeDEEdU6hle8RiBDtMqLgchYUCvS4RRl94UCfP8XvFh2+IGRrLs0d8T1rWixSpoReHjVKsgt4ivjMYqYcSHW77j0DsBjn/JrHY8AXf8Dfsb99TbQ13ePUCOP9HajU9jqnZxfeE7jlpdM1fP5sakDnH/qgj2bbID+u6pPcQy44FQWtywTFLc4dDCUgI18qpLEuRIStEd7FkiJLfccv/4uohDQTn2x9OWKWx8R3JQEeTOD936caZy96tkFGvR6yrFMA=="}],"signed":{"_type":"Snapshot","expires":"3019-02-10T13:33:02Z","meta":{"root.json":{"hashes":{"sha256":"00b3e60e5d4fb4264c2b92dbd8355cb567d6a8b625af8e3ebed508cd24adf83c"},"length":1530,"version":1},"targets.json":{"hashes":{"sha256":"a186be62fcae18ff70f00b53532f9191a92ea9c795ac03012e6565bf7be0f4c8"},"length":555,"version":1}},"version":1}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/director/targets.json b/tests/test_data/fake_root/repo/director/targets.json deleted file mode 100644 index a4165416d4..0000000000 --- a/tests/test_data/fake_root/repo/director/targets.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4","method":"rsassa-pss","sig":"xDfwpi1DQQbAM5c/ew9na1yN+oiAdIha6voMq/WtqaoklR02a+y8JBEYgoVbKyXfUQMPdl4aEV1Y5IRjXF1r/My0E62ArbtVx9KdqzK29k6LlHoibYDqeedzgJ9wJlmNsqgM3xYaNrjYJxcfCj+NV8oQ/JvIC4xcqO1PuCZxE9dw+79z+ZOAqNvqu1zbRwIoG0DaiAa36VifSoYDtt6SUor9noDeJ94TnwbyYS7FIINI4yUcBjbRoBFR/3Ad87TPnlAOTLwRNCNDB5+Wnpf6WBEkQ/hGWS7+4uuTZRGH+mwv2BHiA1qGgD1w3ushyob9CgDB82eqf6dgBhM5Lo4tNA=="}],"signed":{"_type":"Targets","expires":"3019-02-10T13:33:02Z","targets":{"selfupdate_2.0":{"custom":{"ecuIdentifiers":{"723f79763eda1c753ce565c16862c79acdde32eb922d6662f088083c51ffde66":{"hardwareId":"patriotyk-laptop"}}},"hashes":{"sha256":"1fc3289584041fb01b7022a7c37da8bac3f92fdf58d6d27114d0ad93d135cb34"},"length":1753258}},"version":2}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/director/timestamp.json b/tests/test_data/fake_root/repo/director/timestamp.json deleted file mode 100644 index ff2226fe2a..0000000000 --- a/tests/test_data/fake_root/repo/director/timestamp.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"884b1b03a6b0500c32a4f97f92077a054e1e356f52d993863d0b72ee76bb3ac4","method":"rsassa-pss","sig":"3WP9ve4xQhUuZz2avpHA5lw0g83RjKdp51tCx2t0MUvUuyLFh+GSzeLiWG20q5NSPLVMwGUcyxvDeLjurKNXLZYEx2LpA6XAhoZ7h91XOE1/X1LMRm3ocGOIUYwMy5aDd7yqO1Oer1nsQMgFNsP2zJUcjHpZxZ5Zoibauq0B82Owdh+rjZ7blE7IeN7YwiCVK2Tyl4cuG4dMqDFJ3i0WKlrBWdM3tjlvSRZgGxjp4lrLoZxA0pKg64AbnIEwy5wrCiQw7gva8sola4xzdUM0+OAso1YV38ExkJ48DVyN09X5lqYLFDaPGxqPoTmF/jjlUZhe4amTW797isj/RAKYLQ=="}],"signed":{"_type":"Timestamp","expires":"3019-02-10T13:33:02Z","meta":{"snapshot.json":{"hashes":{"sha256":"db8b5558effee4d081575ac08c48789b26fa0e7b0bd73d70a88e954417737b0f"},"length":808,"version":1}},"version":1}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/1.root.json b/tests/test_data/fake_root/repo/repo/1.root.json deleted file mode 100644 index 2f26c6c609..0000000000 --- a/tests/test_data/fake_root/repo/repo/1.root.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b","method":"rsassa-pss","sig":"FiK0+Uh8SEemKCzhOTVbu7T2AMezaAwd26klbmHcynOifSqrORE4CeYnLE6YMygcENGjbEUN0ykJDlGCO5qUkon++ic5W8PPsTpf0J/2buXxm/wvnut360kJ24Sko3+XfF6jM3NKOvVdtcGr20MlxIlmHzTCcFPi+1yNOFnm5jktIjohTOrsttGYoIqBLZaDVA+WXQ0MyBGH/Vp5fLbWMNSsQfgibw5+dHIilujBwgh4mJcDEWufU5nzg0+nczT2onmJ+uGpZqsetGVV+jw0gPqAuGTCiy7lAcpzaajB4GPBjas3KnFavIJjZlTbOGMRPYcaMc9VkuY9gIGjIdvSFA=="}],"signed":{"_type":"Root","expires":"3019-02-10T13:33:02Z","keys":{"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b":{"keytype":"RSA","keyval":{"public":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGUC3ZtRuS1GgM0/3iC5\n5qSvXLtOSjU+TrEE8Xa9OZdxm1pJKePuU2ivTCXyOUX6xsshJRqdO4eCC/LIY68A\nD48z++yMJPWet+7cd0rFxXluMZJPtUGksQXleH3bFOwQ+0X2qHaSwgo+J2Emnu3T\n4+UiS5v3HCIzpF7XPLkoRqO6ZNtUksvIPVzUmpKt8gEboHTPT1DI/nyBv6Or+4en\nz5hD+8kVLS1J8Bqz/5HTmacRtMJGDqj3GX3YI6gDRzred3HdECJA1mrqDnSsU9Fb\nzq6v7LjVRIBPNbMwgpt+c5B9OymVMp5iUSHctwFeZUo3ToaqfWBVGmqUSvE4WMb5\nOQIDAQAB\n-----END PUBLIC KEY-----\n"}}},"roles":{"root":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"snapshot":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"targets":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"timestamp":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1}}}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/root.json b/tests/test_data/fake_root/repo/repo/root.json deleted file mode 100644 index 2f26c6c609..0000000000 --- a/tests/test_data/fake_root/repo/repo/root.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b","method":"rsassa-pss","sig":"FiK0+Uh8SEemKCzhOTVbu7T2AMezaAwd26klbmHcynOifSqrORE4CeYnLE6YMygcENGjbEUN0ykJDlGCO5qUkon++ic5W8PPsTpf0J/2buXxm/wvnut360kJ24Sko3+XfF6jM3NKOvVdtcGr20MlxIlmHzTCcFPi+1yNOFnm5jktIjohTOrsttGYoIqBLZaDVA+WXQ0MyBGH/Vp5fLbWMNSsQfgibw5+dHIilujBwgh4mJcDEWufU5nzg0+nczT2onmJ+uGpZqsetGVV+jw0gPqAuGTCiy7lAcpzaajB4GPBjas3KnFavIJjZlTbOGMRPYcaMc9VkuY9gIGjIdvSFA=="}],"signed":{"_type":"Root","expires":"3019-02-10T13:33:02Z","keys":{"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b":{"keytype":"RSA","keyval":{"public":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGUC3ZtRuS1GgM0/3iC5\n5qSvXLtOSjU+TrEE8Xa9OZdxm1pJKePuU2ivTCXyOUX6xsshJRqdO4eCC/LIY68A\nD48z++yMJPWet+7cd0rFxXluMZJPtUGksQXleH3bFOwQ+0X2qHaSwgo+J2Emnu3T\n4+UiS5v3HCIzpF7XPLkoRqO6ZNtUksvIPVzUmpKt8gEboHTPT1DI/nyBv6Or+4en\nz5hD+8kVLS1J8Bqz/5HTmacRtMJGDqj3GX3YI6gDRzred3HdECJA1mrqDnSsU9Fb\nzq6v7LjVRIBPNbMwgpt+c5B9OymVMp5iUSHctwFeZUo3ToaqfWBVGmqUSvE4WMb5\nOQIDAQAB\n-----END PUBLIC KEY-----\n"}}},"roles":{"root":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"snapshot":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"targets":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1},"timestamp":{"keyids":["108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b"],"threshold":1}}}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/snapshot.json b/tests/test_data/fake_root/repo/repo/snapshot.json deleted file mode 100644 index 4a363b0fbd..0000000000 --- a/tests/test_data/fake_root/repo/repo/snapshot.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b","method":"rsassa-pss","sig":"RdtFwQ1E2iyNfjvJrFZIKVAXbAho0dj673oYuVpD4NexDYzHV325RuJ4urKNTp6MhJDRrw3xg88vxY3oOPKdZlrlGBa8MKVl7YFIHWOXhDPMuUheM/Hs8cCWW36Yhwi1aAaRjQ1azUEtRNRo38RPP6+AaT885fumoAt8hCt3f1q5mWedS8gyCLLdigwwFYfjfVGfNZLQJkdiuaC+/3Y0bbCA2JA1dkTBR5nbNGkGTteaOlzwIgJmk1xHZc7N+malumhtERI+b2JGNkZ9X/BP13ht3NcmcoPq0Xn/0W0apK4nJ6gIS9FbWkNfxg3+RBoBIjoC5TBexHmtRfTJfZ4mIQ=="}],"signed":{"_type":"Snapshot","expires":"3019-02-10T13:33:02Z","meta":{"root.json":{"hashes":{"sha256":"b0d2b6d06e8d2353d1a7baf691ea850be94bb725b1094fbb267ad9a35693fb29"},"length":1530,"version":1},"targets.json":{"hashes":{"sha256":"0a17985a5ae768ec7623be343ce2a455ec58db45e2fe8a9299359f37f683703d"},"length":677,"version":2}},"version":2}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/targets.json b/tests/test_data/fake_root/repo/repo/targets.json deleted file mode 100644 index 1ffcba52fb..0000000000 --- a/tests/test_data/fake_root/repo/repo/targets.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b","method":"rsassa-pss","sig":"u+bdktKaBxKIkMDyyyXCOVkT3xbpISKy0x5l1ZGqBbef5jesJOWnCgIqylicjsxQErbnqIIYP5pEyWONoI36zq8wanJKjIIbOwJyJZNbxWRKO7kZ9oNB/AZsfSDz3Lx6vPAyS46lQJTYKFNDd5TjMhD7v2Hjos2KPjomWTqSUzAvg6do21bKoOFqDoOjCvmNjIn9WSz0M2ywIzOO9JUb0MWbrNqhMubWL/LwR2ePbBqmgzAuh/zhQN/b8vT1IcEwHodW7FjcKtSEd30RsnMLkAObqHNXRnPTWE1KjZYui4PcAQj90n0P3PknLu0tIxX2QaveHzAj8J9g0lrqWPp4aw=="}],"signed":{"_type":"Targets","expires":"3019-02-10T13:33:02Z","targets":{"selfupdate_2.0":{"hashes":{"sha256":"1fc3289584041fb01b7022a7c37da8bac3f92fdf58d6d27114d0ad93d135cb34"},"length":1753258}},"version":2}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/timestamp.json b/tests/test_data/fake_root/repo/repo/timestamp.json deleted file mode 100644 index dd298cd60d..0000000000 --- a/tests/test_data/fake_root/repo/repo/timestamp.json +++ /dev/null @@ -1 +0,0 @@ -{"signatures":[{"keyid":"108d9ff4c711761cc37e706669673bcef4c5b3eed87934b277f4ae1d23ad3b2b","method":"rsassa-pss","sig":"W/kg6Q9h2qzKzvwlZ4qUVb6Z3WXXoeiAgKoh3zztOb6I6t17qchxEAg33NCk4EJihSu2JMMm9ohQpo6/Oo/sC79iulkuuOaZtcdQ9cbzAYk6AdeLHJBXBfDXNb3EPQEgFEZWcNjuySptM4M63pZNZ+D6xQ0YZhmo5LHdK2RvX2rHxyJjBfgdWoA8ym8+hSOKNQ6pCMcups0Hwh1giS9hYYbEio8Tn1SOM+OMNs9wTeq4Vo217JuDvXVxVNaRgyZM3mB6LXb1ecveZk8X+5ojnksdAne39alaDfLZDwasrBi4CRpEq35j80ngiZ/DoJ2ATu890VLcubMDQ351zaAYnA=="}],"signed":{"_type":"Timestamp","expires":"3019-02-10T13:33:02Z","meta":{"snapshot.json":{"hashes":{"sha256":"caca08796379eef2c10f26b02f3976d46fe5e0dcb1699b99a6a0040374ccce94"},"length":808,"version":2}},"version":2}} \ No newline at end of file diff --git a/tests/test_data/fake_root/repo/repo/targets/selfupdate_2.0 b/tests/test_data/selfupdate_2.0 similarity index 100% rename from tests/test_data/fake_root/repo/repo/targets/selfupdate_2.0 rename to tests/test_data/selfupdate_2.0 From dc2d3e507c4a5d0bbc75fd5e5967dc083fc7fa2b Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 19 Jul 2019 14:35:01 +0200 Subject: [PATCH 10/11] Remove Target's comparison operator and replace with MatchTarget. This should make Target matching more explicit (and easier to grep for). The == operator is not usually meaningful or desirable for Target objects. Signed-off-by: Patrick Vacek --- .../package_manager/debianmanager_test.cc | 2 +- .../package_manager/packagemanagerfake.cc | 2 +- src/libaktualizr/primary/sotauptaneclient.cc | 6 ++- src/libaktualizr/uptane/tuf.cc | 2 +- src/libaktualizr/uptane/tuf.h | 18 +++++++- src/libaktualizr/uptane/tuf_test.cc | 44 +++++++++---------- src/libaktualizr/uptane/uptane_test.cc | 6 +-- 7 files changed, 48 insertions(+), 32 deletions(-) diff --git a/src/libaktualizr/package_manager/debianmanager_test.cc b/src/libaktualizr/package_manager/debianmanager_test.cc index 9b0515a68b..ebad5a53a4 100644 --- a/src/libaktualizr/package_manager/debianmanager_test.cc +++ b/src/libaktualizr/package_manager/debianmanager_test.cc @@ -37,7 +37,7 @@ TEST(PackageManagerFactory, Debian_Install_Good) { fhandle->wcommit(); EXPECT_EQ(pacman->install(target).result_code.num_code, data::ResultCode::Numeric::kOk); - EXPECT_EQ(pacman->getCurrent(), target); + EXPECT_TRUE(pacman->getCurrent().MatchTarget(target)); } TEST(PackageManagerFactory, Debian_Install_Bad) { diff --git a/src/libaktualizr/package_manager/packagemanagerfake.cc b/src/libaktualizr/package_manager/packagemanagerfake.cc index e15ee2c13f..bccd0f4fe8 100644 --- a/src/libaktualizr/package_manager/packagemanagerfake.cc +++ b/src/libaktualizr/package_manager/packagemanagerfake.cc @@ -63,7 +63,7 @@ data::InstallationResult PackageManagerFake::finalizeInstall(const Uptane::Targe data::InstallationResult install_res; - if (target == targets[pending_version]) { + if (target.MatchTarget(targets[pending_version])) { if (fiu_fail("fake_install_finalization_failure") != 0) { std::string failure_cause = fault_injection_last_info(); if (failure_cause.empty()) { diff --git a/src/libaktualizr/primary/sotauptaneclient.cc b/src/libaktualizr/primary/sotauptaneclient.cc index a3d8f51640..bac364335f 100644 --- a/src/libaktualizr/primary/sotauptaneclient.cc +++ b/src/libaktualizr/primary/sotauptaneclient.cc @@ -85,7 +85,7 @@ void SotaUptaneClient::addSecondary(const std::shared_ptrgetCurrent(); + return target.MatchTarget(package_manager_->getCurrent()); } return false; } @@ -462,7 +462,9 @@ bool SotaUptaneClient::getNewTargets(std::vector *new_targets, u std::unique_ptr SotaUptaneClient::findTargetHelper(const Uptane::Targets &cur_targets, const Uptane::Target &queried_target, int level, bool terminating) { - auto it = std::find(cur_targets.targets.cbegin(), cur_targets.targets.cend(), queried_target); + auto it = + std::find_if(cur_targets.targets.cbegin(), cur_targets.targets.cend(), + [&queried_target](const Uptane::Target &target) { return target.MatchTarget(queried_target); }); if (it != cur_targets.targets.cend()) { return std_::make_unique(*it); } diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index 1b3cb9481e..a9a352e3d5 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -214,7 +214,7 @@ bool Target::IsOstree() const { } } -bool Target::operator==(const Target &t2) const { +bool Target::MatchTarget(const Target &t2) const { // type_ (targetFormat) is only provided by the Images repo. // ecus_ is only provided by the Images repo. // correlation_id_ is only provided by the Director. diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index 77ed78b7c2..d530e0eb94 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -261,7 +261,9 @@ class Target { */ bool IsOstree() const; - bool operator==(const Target &t2) const; + // Comparison is usually not meaningful. Use MatchTarget instead. + bool operator==(const Target &t2) = delete; + bool MatchTarget(const Target &t2) const; Json::Value toDebugJson() const; friend std::ostream &operator<<(std::ostream &os, const Target &t); @@ -401,6 +403,18 @@ class Root : public MetaWithKeys { Policy policy_; }; +static bool MatchTargetVector(const std::vector &v1, const std::vector &v2) { + if (v1.size() != v2.size()) { + return false; + } + for (size_t i = 0; i < v1.size(); ++i) { + if (!v1[i].MatchTarget(v2[i])) { + return false; + } + } + return true; +} + // Also used for delegated targets. class Targets : public MetaWithKeys { public: @@ -410,7 +424,7 @@ class Targets : public MetaWithKeys { ~Targets() override = default; bool operator==(const Targets &rhs) const { - return version_ == rhs.version() && expiry_ == rhs.expiry() && targets == rhs.targets; + return version_ == rhs.version() && expiry_ == rhs.expiry() && MatchTargetVector(targets, rhs.targets); } const std::string &correlation_id() const { return correlation_id_; } void clear() { diff --git a/src/libaktualizr/uptane/tuf_test.cc b/src/libaktualizr/uptane/tuf_test.cc index 477318a7a7..9f12bbd2ed 100644 --- a/src/libaktualizr/uptane/tuf_test.cc +++ b/src/libaktualizr/uptane/tuf_test.cc @@ -133,8 +133,8 @@ TEST(Target, Match) { ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_TRUE(target1 == target2); - EXPECT_TRUE(target2 == target1); + EXPECT_TRUE(target1.MatchTarget(target2)); + EXPECT_TRUE(target2.MatchTarget(target1)); } /* Two Target objects created by the Director should match. */ @@ -146,8 +146,8 @@ TEST(Target, MatchDirector) { ecu_map.insert({Uptane::EcuSerial("serial2"), hwid2}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("abc", generateDirectorTarget("hash_good", 739, ecu_map)); - EXPECT_TRUE(target1 == target2); - EXPECT_TRUE(target2 == target1); + EXPECT_TRUE(target1.MatchTarget(target2)); + EXPECT_TRUE(target2.MatchTarget(target1)); } /* Two Target objects created by the Images repo should match. */ @@ -159,8 +159,8 @@ TEST(Target, MatchImages) { hardwareIds.emplace_back(hwid2); Uptane::Target target1("abc", generateImagesTarget("hash_good", 739, hardwareIds)); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_TRUE(target1 == target2); - EXPECT_TRUE(target2 == target1); + EXPECT_TRUE(target1.MatchTarget(target2)); + EXPECT_TRUE(target2.MatchTarget(target1)); } /* Extra hardware IDs in the Images Target metadata should still match. */ @@ -173,8 +173,8 @@ TEST(Target, MatchExtraHwId) { Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); hardwareIds.emplace_back(Uptane::HardwareIdentifier("extra")); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_TRUE(target1 == target2); - EXPECT_TRUE(target2 == target1); + EXPECT_TRUE(target1.MatchTarget(target2)); + EXPECT_TRUE(target2.MatchTarget(target1)); } /* Multiple ECUs should still match. */ @@ -189,8 +189,8 @@ TEST(Target, MatchTwo) { ecu_map.insert({Uptane::EcuSerial("serial2"), hwid2}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_TRUE(target1 == target2); - EXPECT_TRUE(target2 == target1); + EXPECT_TRUE(target1.MatchTarget(target2)); + EXPECT_TRUE(target2.MatchTarget(target1)); } /* Reject inconsistent sets of multiple hardware IDs. */ @@ -202,8 +202,8 @@ TEST(Target, MultipleHwIdMismatch) { Uptane::Target target1("abc", generateImagesTarget("hash_good", 739, hardwareIds)); hardwareIds.emplace_back(Uptane::HardwareIdentifier("extra2")); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } /* Reject a missing hardware ID. */ @@ -216,8 +216,8 @@ TEST(Target, MissingHwId) { Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); hardwareIds.clear(); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } /* Reject mismatched filenames. */ @@ -229,8 +229,8 @@ TEST(Target, FilenameMismatch) { ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("xyz", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } /* Reject mismatched lengths. */ @@ -242,8 +242,8 @@ TEST(Target, LengthMismatch) { ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("abc", generateImagesTarget("hash_good", 1, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } /* Reject mismatched hardware IDs. */ @@ -256,8 +256,8 @@ TEST(Target, HardwareIdMismatch) { Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); hardwareIds[0] = Uptane::HardwareIdentifier("alt-test"); Uptane::Target target2("abc", generateImagesTarget("hash_good", 739, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } /* Reject mismatched hashes. */ @@ -269,8 +269,8 @@ TEST(Target, HashMismatch) { ecu_map.insert({Uptane::EcuSerial("serial"), hwid}); Uptane::Target target1("abc", generateDirectorTarget("hash_good", 739, ecu_map)); Uptane::Target target2("abc", generateImagesTarget("hash_bad", 739, hardwareIds)); - EXPECT_FALSE(target1 == target2); - EXPECT_FALSE(target2 == target1); + EXPECT_FALSE(target1.MatchTarget(target2)); + EXPECT_FALSE(target2.MatchTarget(target1)); } #ifndef __NO_MAIN__ diff --git a/src/libaktualizr/uptane/uptane_test.cc b/src/libaktualizr/uptane/uptane_test.cc index e40f0641ec..7bdf8fefe3 100644 --- a/src/libaktualizr/uptane/uptane_test.cc +++ b/src/libaktualizr/uptane/uptane_test.cc @@ -936,7 +936,7 @@ TEST(Uptane, FsToSqlFull) { EXPECT_EQ(sql_device_id, device_id); EXPECT_EQ(sql_serials, serials); EXPECT_EQ(sql_ecu_registered, ecu_registered); - EXPECT_EQ(sql_installed_versions, fixed_installed_versions); + EXPECT_TRUE(Uptane::MatchTargetVector(sql_installed_versions, fixed_installed_versions)); EXPECT_EQ(sql_director_root, director_root); EXPECT_EQ(sql_director_targets, director_targets); @@ -1010,7 +1010,7 @@ TEST(Uptane, SaveAndLoadVersion) { EXPECT_NE(f, installed_versions.end()); EXPECT_EQ(f->sha256Hash(), "a0fb2e119cf812f1aa9e993d01f5f07cb41679096cb4492f1265bff5ac901d0d"); EXPECT_EQ(f->length(), 123); - EXPECT_EQ(*f, t); + EXPECT_TRUE(f->MatchTarget(t)); } class HttpFakeUnstable : public HttpFake { @@ -1120,7 +1120,7 @@ TEST(Uptane, offlineIteration) { std::vector targets_offline; EXPECT_TRUE(sota_client->uptaneOfflineIteration(&targets_offline, nullptr)); - EXPECT_EQ(targets_online, targets_offline); + EXPECT_TRUE(Uptane::MatchTargetVector(targets_online, targets_offline)); } /* Ignore updates for unrecognized ECUs. From 5320005eb78483a42ce11e3ce99eca35fe526ebb Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 19 Jul 2019 14:37:02 +0200 Subject: [PATCH 11/11] Rename MatchWith to MatchHash for clarity. Signed-off-by: Patrick Vacek --- src/libaktualizr/package_manager/packagemanagerinterface.cc | 2 +- src/libaktualizr/storage/sqlstorage.cc | 4 ++-- src/libaktualizr/uptane/tuf.cc | 2 +- src/libaktualizr/uptane/tuf.h | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libaktualizr/package_manager/packagemanagerinterface.cc b/src/libaktualizr/package_manager/packagemanagerinterface.cc index b3902bd3c2..3119e94565 100644 --- a/src/libaktualizr/package_manager/packagemanagerinterface.cc +++ b/src/libaktualizr/package_manager/packagemanagerinterface.cc @@ -129,7 +129,7 @@ bool PackageManagerInterface::fetchTarget(const Uptane::Target& target, Uptane:: } throw Uptane::Exception("image", "Could not download file, error: " + response.error_message); } - if (!target.MatchWith(Uptane::Hash(ds.hash_type, ds.hasher().getHexDigest()))) { + if (!target.MatchHash(Uptane::Hash(ds.hash_type, ds.hasher().getHexDigest()))) { ds.fhandle->wabort(); throw Uptane::TargetHashMismatch(target.filename()); } diff --git a/src/libaktualizr/storage/sqlstorage.cc b/src/libaktualizr/storage/sqlstorage.cc index f2c9292ca7..777ab40fbe 100644 --- a/src/libaktualizr/storage/sqlstorage.cc +++ b/src/libaktualizr/storage/sqlstorage.cc @@ -1227,13 +1227,13 @@ boost::optional> SQLStorage::checkTargetFile(cons bool sha256_match = false; bool sha512_match = false; if (!(*sha256).empty()) { - if (target.MatchWith(Uptane::Hash(Uptane::Hash::Type::kSha256, *sha256))) { + if (target.MatchHash(Uptane::Hash(Uptane::Hash::Type::kSha256, *sha256))) { sha256_match = true; } } if (!(*sha512).empty()) { - if (target.MatchWith(Uptane::Hash(Uptane::Hash::Type::kSha512, *sha512))) { + if (target.MatchHash(Uptane::Hash(Uptane::Hash::Type::kSha512, *sha512))) { sha512_match = true; } } diff --git a/src/libaktualizr/uptane/tuf.cc b/src/libaktualizr/uptane/tuf.cc index a9a352e3d5..48a5f2ed45 100644 --- a/src/libaktualizr/uptane/tuf.cc +++ b/src/libaktualizr/uptane/tuf.cc @@ -181,7 +181,7 @@ Target Target::Unknown() { return target; } -bool Target::MatchWith(const Hash &hash) const { +bool Target::MatchHash(const Hash &hash) const { return (std::find(hashes_.begin(), hashes_.end(), hash) != hashes_.end()); } diff --git a/src/libaktualizr/uptane/tuf.h b/src/libaktualizr/uptane/tuf.h index d530e0eb94..39ee31d453 100644 --- a/src/libaktualizr/uptane/tuf.h +++ b/src/libaktualizr/uptane/tuf.h @@ -245,7 +245,7 @@ class Target { uint64_t length() const { return length_; } bool IsValid() const { return valid; } std::string uri() const { return uri_; }; - bool MatchWith(const Hash &hash) const; + bool MatchHash(const Hash &hash) const; bool IsForSecondary(const EcuSerial &ecuIdentifier) const { return (std::find_if(ecus_.cbegin(), ecus_.cend(), [&ecuIdentifier](std::pair pair) {