From 7ccaa2a594f3966069674f3d24346bb44550c4db Mon Sep 17 00:00:00 2001
From: Jayanth Othayoth <ojayanth@in.ibm.com>
Date: Wed, 21 Mar 2018 02:14:34 -0500
Subject: Added positive path Signature validation test

Added signature validation test cases infrastructre and
positive path test case for verify function.

Change-Id: I0e02a07b726ed08757a21b97871154622534c989
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>
---
 test/Makefile.am |  1 +
 test/utest.cpp   | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+)

diff --git a/test/Makefile.am b/test/Makefile.am
index 5b30065b2..6dcba3043 100755
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -35,4 +35,5 @@ utest_LDADD = \
 	$(top_builddir)/openpower_update_manager-watch.o \
 	$(top_builddir)/openpower_update_manager-item_updater.o \
 	$(top_builddir)/org/openbmc/Associations/openpower_update_manager-server.o \
+	$(top_builddir)/image_verify.cpp \
 	-lstdc++fs
diff --git a/test/utest.cpp b/test/utest.cpp
index e27655a7d..23d25552c 100644
--- a/test/utest.cpp
+++ b/test/utest.cpp
@@ -1,9 +1,12 @@
 #include <gtest/gtest.h>
 #include <openssl/sha.h>
 #include <string>
+#include <experimental/filesystem>
 #include "version.hpp"
+#include "image_verify.hpp"
 
 using namespace openpower::software::updater;
+using namespace openpower::software::image;
 
 /** @brief Make sure we correctly get the Id from getId()*/
 TEST(VersionTest, TestGetId)
@@ -23,3 +26,95 @@ TEST(VersionTest, TestGetId)
     hexId = hexId.substr(0, 8);
     EXPECT_EQ(Version::getId(version), hexId);
 }
+
+class SignatureTest : public testing::Test
+{
+    static constexpr auto opensslCmd = "openssl dgst -sha256 -sign ";
+    static constexpr auto testPath = "/tmp/_testSig";
+
+  protected:
+    void command(const std::string& cmd)
+    {
+        auto val = std::system(cmd.c_str());
+        if (val)
+        {
+            std::cout << "COMMAND Error: " << val << std::endl;
+        }
+    }
+    virtual void SetUp()
+    {
+        // Create test base directory.
+        fs::create_directories(testPath);
+
+        // Create unique temporary path for images.
+        std::string tmpDir(testPath);
+        tmpDir += "/extractXXXXXX";
+        std::string imageDir = mkdtemp(const_cast<char*>(tmpDir.c_str()));
+
+        // Create unique temporary configuration path
+        std::string tmpConfDir(testPath);
+        tmpConfDir += "/confXXXXXX";
+        std::string confDir = mkdtemp(const_cast<char*>(tmpConfDir.c_str()));
+
+        extractPath = imageDir;
+        extractPath /= "images";
+
+        signedConfPath = confDir;
+        signedConfPath /= "conf";
+
+        signedConfPNORPath = confDir;
+        signedConfPNORPath /= "conf";
+        signedConfPNORPath /= "OpenBMC";
+
+        std::cout << "SETUP " << std::endl;
+
+        command("mkdir " + extractPath.string());
+        command("mkdir " + signedConfPath.string());
+        command("mkdir " + signedConfPNORPath.string());
+
+        std::string hashFile = signedConfPNORPath.string() + "/hashfunc";
+        command("echo \"HashType=RSA-SHA256\" > " + hashFile);
+
+        std::string manifestFile = extractPath.string() + "/" + "MANIFEST";
+        command("echo \"HashType=RSA-SHA256\" > " + manifestFile);
+        command("echo \"KeyType=OpenBMC\" >> " + manifestFile);
+
+        std::string pnorFile = extractPath.string() + "/" + "pnor.xz.squashfs";
+        command("echo \"pnor.xz.squashfs file \" > " + pnorFile);
+
+        std::string pkeyFile = extractPath.string() + "/" + "private.pem";
+        command("openssl genrsa  -out " + pkeyFile + " 2048");
+
+        std::string pubkeyFile = extractPath.string() + "/" + "publickey";
+        command("openssl rsa -in " + pkeyFile + " -outform PEM " +
+                "-pubout -out " + pubkeyFile);
+
+        std::string pubKeyConfFile =
+            signedConfPNORPath.string() + "/" + "publickey";
+        command("cp " + pubkeyFile + " " + signedConfPNORPath.string());
+        command(opensslCmd + pkeyFile + " -out " + pnorFile + ".sig " +
+                pnorFile);
+
+        command(opensslCmd + pkeyFile + " -out " + manifestFile + ".sig " +
+                manifestFile);
+        command(opensslCmd + pkeyFile + " -out " + pubkeyFile + ".sig " +
+                pubkeyFile);
+
+        signature = std::make_unique<Signature>(extractPath, signedConfPath);
+    }
+    virtual void TearDown()
+    {
+        command("rm -rf " + std::string(testPath));
+    }
+
+    std::unique_ptr<Signature> signature;
+    fs::path extractPath;
+    fs::path signedConfPath;
+    fs::path signedConfPNORPath;
+};
+
+/** @brief Test for sucess scenario*/
+TEST_F(SignatureTest, TestSignatureVerify)
+{
+    EXPECT_TRUE(signature->verify());
+}
-- 
cgit v1.2.1