You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
337 lines
12 KiB
337 lines
12 KiB
/*
|
|
* Copyright (C) 2018 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include <string>
|
|
|
|
#include <android-base/file.h>
|
|
#include <android-base/logging.h>
|
|
#include <android-base/scopeguard.h>
|
|
#include <android-base/strings.h>
|
|
#include <gmock/gmock.h>
|
|
#include <gtest/gtest.h>
|
|
#include <libavb/libavb.h>
|
|
#include <ziparchive/zip_archive.h>
|
|
|
|
#include "apex_file.h"
|
|
#include "apexd_test_utils.h"
|
|
#include "apexd_utils.h"
|
|
|
|
using android::base::GetExecutableDirectory;
|
|
using android::base::Result;
|
|
|
|
static const std::string kTestDataDir = GetExecutableDirectory() + "/";
|
|
|
|
namespace android {
|
|
namespace apex {
|
|
namespace {
|
|
|
|
struct ApexFileTestParam {
|
|
const char* type;
|
|
const char* prefix;
|
|
};
|
|
|
|
constexpr const ApexFileTestParam kParameters[] = {
|
|
{"ext4", "apex.apexd_test"}, {"f2fs", "apex.apexd_test_f2fs"}};
|
|
|
|
class ApexFileTest : public ::testing::TestWithParam<ApexFileTestParam> {};
|
|
|
|
INSTANTIATE_TEST_SUITE_P(Apex, ApexFileTest, ::testing::ValuesIn(kParameters));
|
|
|
|
TEST_P(ApexFileTest, GetOffsetOfSimplePackage) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_TRUE(apex_file.ok());
|
|
|
|
int32_t zip_image_offset;
|
|
size_t zip_image_size;
|
|
{
|
|
ZipArchiveHandle handle;
|
|
int32_t rc = OpenArchive(file_path.c_str(), &handle);
|
|
ASSERT_EQ(0, rc);
|
|
auto close_guard =
|
|
android::base::make_scope_guard([&handle]() { CloseArchive(handle); });
|
|
|
|
ZipEntry entry;
|
|
rc = FindEntry(handle, "apex_payload.img", &entry);
|
|
ASSERT_EQ(0, rc);
|
|
|
|
zip_image_offset = entry.offset;
|
|
EXPECT_EQ(zip_image_offset % 4096, 0);
|
|
zip_image_size = entry.uncompressed_length;
|
|
EXPECT_EQ(zip_image_size, entry.compressed_length);
|
|
}
|
|
|
|
EXPECT_EQ(zip_image_offset, apex_file->GetImageOffset().value());
|
|
EXPECT_EQ(zip_image_size, apex_file->GetImageSize().value());
|
|
}
|
|
|
|
TEST(ApexFileTest, GetOffsetMissingFile) {
|
|
const std::string file_path = kTestDataDir + "missing.apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_FALSE(apex_file.ok());
|
|
ASSERT_THAT(apex_file.error().message(),
|
|
::testing::HasSubstr("Failed to open package"));
|
|
}
|
|
|
|
TEST_P(ApexFileTest, GetApexManifest) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
EXPECT_EQ("com.android.apex.test_package", apex_file->GetManifest().name());
|
|
EXPECT_EQ(1u, apex_file->GetManifest().version());
|
|
}
|
|
|
|
TEST_P(ApexFileTest, VerifyApexVerity) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
auto verity_or =
|
|
apex_file->VerifyApexVerity(apex_file->GetBundledPublicKey());
|
|
ASSERT_RESULT_OK(verity_or);
|
|
|
|
const ApexVerityData& data = *verity_or;
|
|
EXPECT_NE(nullptr, data.desc.get());
|
|
EXPECT_EQ(std::string("368a22e64858647bc45498e92f749f85482ac468"
|
|
"50ca7ec8071f49dfa47a243c"),
|
|
data.salt);
|
|
|
|
const std::string digest_path =
|
|
kTestDataDir + GetParam().prefix + "_digest.txt";
|
|
std::string root_digest;
|
|
ASSERT_TRUE(android::base::ReadFileToString(digest_path, &root_digest))
|
|
<< "Failed to read " << digest_path;
|
|
root_digest = android::base::Trim(root_digest);
|
|
|
|
EXPECT_EQ(std::string(root_digest), data.root_digest);
|
|
}
|
|
|
|
TEST_P(ApexFileTest, VerifyApexVerityWrongKey) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
auto verity_or = apex_file->VerifyApexVerity("wrong-key");
|
|
ASSERT_FALSE(verity_or.ok());
|
|
}
|
|
|
|
TEST_P(ApexFileTest, GetBundledPublicKey) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
const std::string key_path =
|
|
kTestDataDir + "apexd_testdata/com.android.apex.test_package.avbpubkey";
|
|
std::string key_content;
|
|
ASSERT_TRUE(android::base::ReadFileToString(key_path, &key_content))
|
|
<< "Failed to read " << key_path;
|
|
|
|
EXPECT_EQ(key_content, apex_file->GetBundledPublicKey());
|
|
}
|
|
|
|
TEST(ApexFileTest, CorrutedApexB146895998) {
|
|
const std::string apex_path = kTestDataDir + "corrupted_b146895998.apex";
|
|
Result<ApexFile> apex = ApexFile::Open(apex_path);
|
|
ASSERT_RESULT_OK(apex);
|
|
ASSERT_FALSE(apex->VerifyApexVerity("ignored").ok());
|
|
}
|
|
|
|
TEST_P(ApexFileTest, RetrieveFsType) {
|
|
const std::string file_path = kTestDataDir + GetParam().prefix + ".apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_TRUE(apex_file.ok());
|
|
|
|
EXPECT_EQ(std::string(GetParam().type), apex_file->GetFsType().value());
|
|
}
|
|
|
|
TEST(ApexFileTest, OpenInvalidFilesystem) {
|
|
const std::string file_path =
|
|
kTestDataDir + "apex.apexd_test_corrupt_superblock_apex.apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_FALSE(apex_file.ok());
|
|
ASSERT_THAT(apex_file.error().message(),
|
|
::testing::HasSubstr("Failed to retrieve filesystem type"));
|
|
}
|
|
|
|
TEST(ApexFileTest, OpenCompressedApexFile) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_TRUE(apex_file.ok());
|
|
|
|
ASSERT_TRUE(apex_file->IsCompressed());
|
|
ASSERT_FALSE(apex_file->GetImageOffset().has_value());
|
|
ASSERT_FALSE(apex_file->GetImageSize().has_value());
|
|
ASSERT_FALSE(apex_file->GetFsType().has_value());
|
|
}
|
|
|
|
TEST(ApexFileTest, OpenFailureForCompressedApexWithoutApex) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1_without_apex.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_FALSE(apex_file.ok());
|
|
ASSERT_THAT(apex_file.error().message(),
|
|
::testing::HasSubstr("Could not find entry"));
|
|
}
|
|
|
|
TEST(ApexFileTest, GetCompressedApexManifest) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
EXPECT_EQ("com.android.apex.compressed", apex_file->GetManifest().name());
|
|
EXPECT_EQ(1u, apex_file->GetManifest().version());
|
|
}
|
|
|
|
TEST(ApexFileTest, GetBundledPublicKeyOfCompressedApex) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
const std::string key_path =
|
|
kTestDataDir + "apexd_testdata/com.android.apex.compressed.avbpubkey";
|
|
std::string key_content;
|
|
ASSERT_TRUE(android::base::ReadFileToString(key_path, &key_content))
|
|
<< "Failed to read " << key_path;
|
|
|
|
EXPECT_EQ(key_content, apex_file->GetBundledPublicKey());
|
|
}
|
|
|
|
TEST(ApexFileTest, CannotVerifyApexVerityForCompressedApex) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
auto apex = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex);
|
|
auto result = apex->VerifyApexVerity(apex->GetBundledPublicKey());
|
|
ASSERT_FALSE(result.ok());
|
|
ASSERT_THAT(
|
|
result.error().message(),
|
|
::testing::HasSubstr("Cannot verify ApexVerity of compressed APEX"));
|
|
}
|
|
|
|
TEST(ApexFileTest, DecompressCompressedApex) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
// Create a temp dir for decompression
|
|
TemporaryDir tmp_dir;
|
|
|
|
const std::string package_name = apex_file->GetManifest().name();
|
|
const std::string decompression_file_path =
|
|
tmp_dir.path + package_name + ".capex";
|
|
|
|
auto result = apex_file->Decompress(decompression_file_path);
|
|
ASSERT_RESULT_OK(result);
|
|
|
|
// Assert output path is not empty
|
|
auto exists = PathExists(decompression_file_path);
|
|
ASSERT_RESULT_OK(exists);
|
|
ASSERT_TRUE(*exists) << decompression_file_path << " does not exist";
|
|
|
|
// Assert that decompressed apex is same as original apex
|
|
const std::string original_apex_file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1_original.apex";
|
|
auto comparison_result =
|
|
CompareFiles(original_apex_file_path, decompression_file_path);
|
|
ASSERT_RESULT_OK(comparison_result);
|
|
ASSERT_TRUE(*comparison_result);
|
|
}
|
|
|
|
TEST(ApexFileTest, DecompressFailForNormalApex) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1_original.apex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
|
|
TemporaryFile decompression_file;
|
|
|
|
auto result = apex_file->Decompress(decompression_file.path);
|
|
ASSERT_FALSE(result.ok());
|
|
ASSERT_THAT(result.error().message(),
|
|
::testing::HasSubstr("Cannot decompress an uncompressed APEX"));
|
|
}
|
|
|
|
TEST(ApexFileTest, DecompressFailIfDecompressionPathExists) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
|
|
// Attempt to decompress in a path that already exists
|
|
TemporaryFile decompression_file;
|
|
auto exists = PathExists(decompression_file.path);
|
|
ASSERT_RESULT_OK(exists);
|
|
ASSERT_TRUE(*exists) << decompression_file.path << " does not exist";
|
|
|
|
auto result = apex_file->Decompress(decompression_file.path);
|
|
ASSERT_FALSE(result.ok());
|
|
ASSERT_THAT(result.error().message(),
|
|
::testing::HasSubstr("Failed to open decompression destination"));
|
|
}
|
|
|
|
TEST(ApexFileTest, GetPathReturnsRealpath) {
|
|
const std::string real_path = kTestDataDir + "apex.apexd_test.apex";
|
|
const std::string symlink_path =
|
|
kTestDataDir + "apex.apexd_test.symlink.apex";
|
|
|
|
// In case the link already exists
|
|
int ret = unlink(symlink_path.c_str());
|
|
ASSERT_TRUE(ret == 0 || errno == ENOENT)
|
|
<< "failed to unlink " << symlink_path;
|
|
|
|
ret = symlink(real_path.c_str(), symlink_path.c_str());
|
|
ASSERT_EQ(0, ret) << "failed to create symlink at " << symlink_path;
|
|
|
|
// Open with the symlink. Realpath is expected.
|
|
Result<ApexFile> apex_file = ApexFile::Open(symlink_path);
|
|
ASSERT_RESULT_OK(apex_file);
|
|
ASSERT_EQ(real_path, apex_file->GetPath());
|
|
}
|
|
|
|
TEST(ApexFileTest, CompressedSharedLibsApexIsRejected) {
|
|
const std::string file_path =
|
|
kTestDataDir + "com.android.apex.compressed_sharedlibs.capex";
|
|
Result<ApexFile> apex_file = ApexFile::Open(file_path);
|
|
|
|
ASSERT_FALSE(apex_file.ok());
|
|
ASSERT_THAT(apex_file.error().message(),
|
|
::testing::HasSubstr("Apex providing sharedlibs shouldn't "
|
|
"be compressed"));
|
|
}
|
|
|
|
// Check if CAPEX contains originalApexDigest in its manifest
|
|
TEST(ApexFileTest, OriginalApexDigest) {
|
|
const std::string capex_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1.capex";
|
|
auto capex = ApexFile::Open(capex_path);
|
|
ASSERT_TRUE(capex.ok());
|
|
const std::string decompressed_apex_path =
|
|
kTestDataDir + "com.android.apex.compressed.v1_original.apex";
|
|
auto decompressed_apex = ApexFile::Open(decompressed_apex_path);
|
|
ASSERT_TRUE(decompressed_apex.ok());
|
|
// Validate root digest
|
|
auto digest = decompressed_apex->VerifyApexVerity(
|
|
decompressed_apex->GetBundledPublicKey());
|
|
ASSERT_TRUE(digest.ok());
|
|
ASSERT_EQ(digest->root_digest,
|
|
capex->GetManifest().capexmetadata().originalapexdigest());
|
|
}
|
|
} // namespace
|
|
} // namespace apex
|
|
} // namespace android
|