Merge lp:~apw/launchpad/signing-add-kernel-module-signing into lp:launchpad
- signing-add-kernel-module-signing
- Merge into devel
Proposed by
Andy Whitcroft
| Status: | Merged | ||||
|---|---|---|---|---|---|
| Merged at revision: | 18054 | ||||
| Proposed branch: | lp:~apw/launchpad/signing-add-kernel-module-signing | ||||
| Merge into: | lp:launchpad | ||||
| Diff against target: |
907 lines (+554/-118) 2 files modified
lib/lp/archivepublisher/signing.py (+182/-60) lib/lp/archivepublisher/tests/test_signing.py (+372/-58) |
||||
| To merge this branch: | bzr merge lp:~apw/launchpad/signing-add-kernel-module-signing | ||||
| Related bugs: |
|
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Colin Watson (community) | Approve | ||
|
Review via email:
|
|||
Commit message
Add Kernel Module (KMod) signing support to the raw-signing custom uploader and add support for signing options (tarball output and signature only modes).
Description of the change
Add Kernel Module (KMod) signing support to the raw-signing custom uploader and add support for signing options (tarball output and signature only modes).
This update adds support for signing kernel modules (.ko) files. A new kernel signing key is used (generated for PPAs) to create detached signatures for those modules. Appaendable signatures are generated and placed in module.ko.sig.
This update also adds support for raw-signing signing options. These are specified in the raw-signing tarball via the raw-signing.options files. Each line of this file specifies an option. There are two options supported:
1) tarball -- this indicates that rather than exposing all of the signing artifacts in dists directly they should be converted into a signing.tar.gz in the version directory, and
2) sigonly -- this indicates that we only want the signing artifacts not the original files.
To post a comment you must log in.
Revision history for this message
| Colin Watson (cjwatson) : | # |
review:
Needs Fixing
Revision history for this message
| Andy Whitcroft (apw) wrote : | # |
Revision history for this message
| Colin Watson (cjwatson) : | # |
review:
Approve
Revision history for this message
| Andy Whitcroft (apw) wrote : | # |
That fail thing, I meant to confirm it was valid. Anyhow fixed up those remaining issues and pushed them up. Thanks for the reviews.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
| 1 | === modified file 'lib/lp/archivepublisher/signing.py' | |||
| 2 | --- lib/lp/archivepublisher/signing.py 2016-05-11 15:31:20 +0000 | |||
| 3 | +++ lib/lp/archivepublisher/signing.py 2016-05-19 16:56:11 +0000 | |||
| 4 | @@ -9,6 +9,8 @@ | |||
| 5 | 9 | secure to hold signing keys, so we sign them as a custom upload instead. | 9 | secure to hold signing keys, so we sign them as a custom upload instead. |
| 6 | 10 | """ | 10 | """ |
| 7 | 11 | 11 | ||
| 8 | 12 | from __future__ import print_function | ||
| 9 | 13 | |||
| 10 | 12 | __metaclass__ = type | 14 | __metaclass__ = type |
| 11 | 13 | 15 | ||
| 12 | 14 | __all__ = [ | 16 | __all__ = [ |
| 13 | @@ -17,12 +19,26 @@ | |||
| 14 | 17 | ] | 19 | ] |
| 15 | 18 | 20 | ||
| 16 | 19 | import os | 21 | import os |
| 17 | 22 | import shutil | ||
| 18 | 20 | import subprocess | 23 | import subprocess |
| 19 | 24 | import tarfile | ||
| 20 | 25 | import tempfile | ||
| 21 | 26 | import textwrap | ||
| 22 | 21 | 27 | ||
| 24 | 22 | from lp.archivepublisher.customupload import CustomUpload | 28 | from lp.archivepublisher.customupload import ( |
| 25 | 29 | CustomUpload, | ||
| 26 | 30 | CustomUploadError, | ||
| 27 | 31 | ) | ||
| 28 | 23 | from lp.services.osutils import remove_if_exists | 32 | from lp.services.osutils import remove_if_exists |
| 29 | 24 | 33 | ||
| 30 | 25 | 34 | ||
| 31 | 35 | class SigningUploadPackError(CustomUploadError): | ||
| 32 | 36 | def __init__(self, tarfile_path, exc): | ||
| 33 | 37 | message = "Problem building tarball '%s': %s" % ( | ||
| 34 | 38 | tarfile_path, exc) | ||
| 35 | 39 | CustomUploadError.__init__(self, message) | ||
| 36 | 40 | |||
| 37 | 41 | |||
| 38 | 26 | class SigningUpload(CustomUpload): | 42 | class SigningUpload(CustomUpload): |
| 39 | 27 | """Signing custom upload. | 43 | """Signing custom upload. |
| 40 | 28 | 44 | ||
| 41 | @@ -67,12 +83,16 @@ | |||
| 42 | 67 | if self.logger is not None: | 83 | if self.logger is not None: |
| 43 | 68 | self.logger.warning( | 84 | self.logger.warning( |
| 44 | 69 | "No signing root configured for this archive") | 85 | "No signing root configured for this archive") |
| 47 | 70 | self.key = None | 86 | self.uefi_key = None |
| 48 | 71 | self.cert = None | 87 | self.uefi_cert = None |
| 49 | 88 | self.kmod_pem = None | ||
| 50 | 89 | self.kmod_x509 = None | ||
| 51 | 72 | self.autokey = False | 90 | self.autokey = False |
| 52 | 73 | else: | 91 | else: |
| 55 | 74 | self.key = os.path.join(pubconf.signingroot, "uefi.key") | 92 | self.uefi_key = os.path.join(pubconf.signingroot, "uefi.key") |
| 56 | 75 | self.cert = os.path.join(pubconf.signingroot, "uefi.crt") | 93 | self.uefi_cert = os.path.join(pubconf.signingroot, "uefi.crt") |
| 57 | 94 | self.kmod_pem = os.path.join(pubconf.signingroot, "kmod.pem") | ||
| 58 | 95 | self.kmod_x509 = os.path.join(pubconf.signingroot, "kmod.x509") | ||
| 59 | 76 | self.autokey = pubconf.signingautokey | 96 | self.autokey = pubconf.signingautokey |
| 60 | 77 | 97 | ||
| 61 | 78 | self.setComponents(tarfile_path) | 98 | self.setComponents(tarfile_path) |
| 62 | @@ -99,6 +119,19 @@ | |||
| 63 | 99 | dists_signed, "%s-%s" % (self.package, self.arch)) | 119 | dists_signed, "%s-%s" % (self.package, self.arch)) |
| 64 | 100 | self.archiveroot = pubconf.archiveroot | 120 | self.archiveroot = pubconf.archiveroot |
| 65 | 101 | 121 | ||
| 66 | 122 | def setSigningOptions(self): | ||
| 67 | 123 | """Find and extract raw-signing.options from the tarball.""" | ||
| 68 | 124 | self.signing_options = {} | ||
| 69 | 125 | |||
| 70 | 126 | options_file = os.path.join(self.tmpdir, self.version, | ||
| 71 | 127 | "raw-signing.options") | ||
| 72 | 128 | if not os.path.exists(options_file): | ||
| 73 | 129 | return | ||
| 74 | 130 | |||
| 75 | 131 | with open(options_file) as options_fd: | ||
| 76 | 132 | for option in options_fd: | ||
| 77 | 133 | self.signing_options[option.strip()] = True | ||
| 78 | 134 | |||
| 79 | 102 | @classmethod | 135 | @classmethod |
| 80 | 103 | def getSeriesKey(cls, tarfile_path): | 136 | def getSeriesKey(cls, tarfile_path): |
| 81 | 104 | try: | 137 | try: |
| 82 | @@ -107,81 +140,164 @@ | |||
| 83 | 107 | except ValueError: | 140 | except ValueError: |
| 84 | 108 | return None | 141 | return None |
| 85 | 109 | 142 | ||
| 88 | 110 | def findEfiFilenames(self): | 143 | def getArchiveOwnerAndName(self): |
| 89 | 111 | """Find all the *.efi files in an extracted tarball.""" | 144 | # XXX apw 2016-05-18: pull out the PPA owner and name to seed key CN |
| 90 | 145 | archive_name = os.path.dirname(self.archiveroot) | ||
| 91 | 146 | owner_name = os.path.basename(os.path.dirname(archive_name)) | ||
| 92 | 147 | archive_name = os.path.basename(archive_name) | ||
| 93 | 148 | |||
| 94 | 149 | return owner_name + ' ' + archive_name | ||
| 95 | 150 | |||
| 96 | 151 | def callLog(self, description, cmdl): | ||
| 97 | 152 | status = subprocess.call(cmdl) | ||
| 98 | 153 | if status != 0: | ||
| 99 | 154 | # Just log this rather than failing, since custom upload errors | ||
| 100 | 155 | # tend to make the publisher rather upset. | ||
| 101 | 156 | if self.logger is not None: | ||
| 102 | 157 | self.logger.warning("%s Failed (cmd='%s')" % | ||
| 103 | 158 | (description, " ".join(cmdl))) | ||
| 104 | 159 | return status | ||
| 105 | 160 | |||
| 106 | 161 | def findSigningHandlers(self): | ||
| 107 | 162 | """Find all the signable files in an extracted tarball.""" | ||
| 108 | 112 | for dirpath, dirnames, filenames in os.walk(self.tmpdir): | 163 | for dirpath, dirnames, filenames in os.walk(self.tmpdir): |
| 109 | 113 | for filename in filenames: | 164 | for filename in filenames: |
| 110 | 114 | if filename.endswith(".efi"): | 165 | if filename.endswith(".efi"): |
| 112 | 115 | yield os.path.join(dirpath, filename) | 166 | yield (os.path.join(dirpath, filename), self.signUefi) |
| 113 | 167 | elif filename.endswith(".ko"): | ||
| 114 | 168 | yield (os.path.join(dirpath, filename), self.signKmod) | ||
| 115 | 169 | |||
| 116 | 170 | def getKeys(self, which, generate, *keynames): | ||
| 117 | 171 | """Validate and return the uefi key and cert for encryption.""" | ||
| 118 | 172 | |||
| 119 | 173 | if self.autokey: | ||
| 120 | 174 | for keyfile in keynames: | ||
| 121 | 175 | if keyfile and not os.path.exists(keyfile): | ||
| 122 | 176 | generate() | ||
| 123 | 177 | break | ||
| 124 | 178 | |||
| 125 | 179 | valid = True | ||
| 126 | 180 | for keyfile in keynames: | ||
| 127 | 181 | if keyfile and not os.access(keyfile, os.R_OK): | ||
| 128 | 182 | if self.logger is not None: | ||
| 129 | 183 | self.logger.warning( | ||
| 130 | 184 | "%s key %s not readable" % (which, keyfile)) | ||
| 131 | 185 | valid = False | ||
| 132 | 186 | |||
| 133 | 187 | if not valid: | ||
| 134 | 188 | return [None for k in keynames] | ||
| 135 | 189 | return keynames | ||
| 136 | 116 | 190 | ||
| 137 | 117 | def generateUefiKeys(self): | 191 | def generateUefiKeys(self): |
| 138 | 118 | """Generate new UEFI Keys for this archive.""" | 192 | """Generate new UEFI Keys for this archive.""" |
| 140 | 119 | directory = os.path.dirname(self.key) | 193 | directory = os.path.dirname(self.uefi_key) |
| 141 | 120 | if not os.path.exists(directory): | 194 | if not os.path.exists(directory): |
| 142 | 121 | os.makedirs(directory) | 195 | os.makedirs(directory) |
| 143 | 122 | 196 | ||
| 149 | 123 | # XXX: pull out the PPA owner and name to seed key CN | 197 | common_name = '/CN=PPA ' + self.getArchiveOwnerAndName() + '/' |
| 145 | 124 | archive_name = os.path.dirname(self.archiveroot) | ||
| 146 | 125 | owner_name = os.path.basename(os.path.dirname(archive_name)) | ||
| 147 | 126 | archive_name = os.path.basename(archive_name) | ||
| 148 | 127 | common_name = '/CN=PPA ' + owner_name + ' ' + archive_name + '/' | ||
| 150 | 128 | 198 | ||
| 151 | 129 | old_mask = os.umask(0o077) | 199 | old_mask = os.umask(0o077) |
| 152 | 130 | try: | 200 | try: |
| 153 | 131 | new_key_cmd = [ | 201 | new_key_cmd = [ |
| 154 | 132 | 'openssl', 'req', '-new', '-x509', '-newkey', 'rsa:2048', | 202 | 'openssl', 'req', '-new', '-x509', '-newkey', 'rsa:2048', |
| 157 | 133 | '-subj', common_name, '-keyout', self.key, '-out', self.cert, | 203 | '-subj', common_name, '-keyout', self.uefi_key, |
| 158 | 134 | '-days', '3650', '-nodes', '-sha256', | 204 | '-out', self.uefi_cert, '-days', '3650', '-nodes', '-sha256', |
| 159 | 135 | ] | 205 | ] |
| 167 | 136 | if subprocess.call(new_key_cmd) != 0: | 206 | self.callLog("UEFI keygen", new_key_cmd) |
| 161 | 137 | # Just log this rather than failing, since custom upload errors | ||
| 162 | 138 | # tend to make the publisher rather upset. | ||
| 163 | 139 | if self.logger is not None: | ||
| 164 | 140 | self.logger.warning( | ||
| 165 | 141 | "Failed to generate UEFI signing keys for %s" % | ||
| 166 | 142 | common_name) | ||
| 168 | 143 | finally: | 207 | finally: |
| 169 | 144 | os.umask(old_mask) | 208 | os.umask(old_mask) |
| 170 | 145 | 209 | ||
| 197 | 146 | if os.path.exists(self.cert): | 210 | if os.path.exists(self.uefi_cert): |
| 198 | 147 | os.chmod(self.cert, 0o644) | 211 | os.chmod(self.uefi_cert, 0o644) |
| 173 | 148 | |||
| 174 | 149 | def getUefiKeys(self): | ||
| 175 | 150 | """Validate and return the uefi key and cert for encryption.""" | ||
| 176 | 151 | |||
| 177 | 152 | if self.key and self.cert: | ||
| 178 | 153 | # If neither of the key files exists then attempt to | ||
| 179 | 154 | # generate them. | ||
| 180 | 155 | if (self.autokey and not os.path.exists(self.key) | ||
| 181 | 156 | and not os.path.exists(self.cert)): | ||
| 182 | 157 | self.generateUefiKeys() | ||
| 183 | 158 | |||
| 184 | 159 | # If we have keys, but cannot read them they are dead to us. | ||
| 185 | 160 | if not os.access(self.key, os.R_OK): | ||
| 186 | 161 | if self.logger is not None: | ||
| 187 | 162 | self.logger.warning( | ||
| 188 | 163 | "UEFI private key %s not readable" % self.key) | ||
| 189 | 164 | self.key = None | ||
| 190 | 165 | if not os.access(self.cert, os.R_OK): | ||
| 191 | 166 | if self.logger is not None: | ||
| 192 | 167 | self.logger.warning( | ||
| 193 | 168 | "UEFI certificate %s not readable" % self.cert) | ||
| 194 | 169 | self.cert = None | ||
| 195 | 170 | |||
| 196 | 171 | return (self.key, self.cert) | ||
| 199 | 172 | 212 | ||
| 200 | 173 | def signUefi(self, image): | 213 | def signUefi(self, image): |
| 201 | 174 | """Attempt to sign an image.""" | 214 | """Attempt to sign an image.""" |
| 203 | 175 | (key, cert) = self.getUefiKeys() | 215 | remove_if_exists("%s.signed" % image) |
| 204 | 216 | (key, cert) = self.getKeys('UEFI', self.generateUefiKeys, | ||
| 205 | 217 | self.uefi_key, self.uefi_cert) | ||
| 206 | 176 | if not key or not cert: | 218 | if not key or not cert: |
| 207 | 177 | return | 219 | return |
| 208 | 178 | cmdl = ["sbsign", "--key", key, "--cert", cert, image] | 220 | cmdl = ["sbsign", "--key", key, "--cert", cert, image] |
| 215 | 179 | if subprocess.call(cmdl) != 0: | 221 | return self.callLog("UEFI signing", cmdl) |
| 216 | 180 | # Just log this rather than failing, since custom upload errors | 222 | |
| 217 | 181 | # tend to make the publisher rather upset. | 223 | def generateKmodKeys(self): |
| 218 | 182 | if self.logger is not None: | 224 | """Generate new Kernel Signing Keys for this archive.""" |
| 219 | 183 | self.logger.warning("UEFI Signing Failed '%s'" % | 225 | directory = os.path.dirname(self.kmod_pem) |
| 220 | 184 | " ".join(cmdl)) | 226 | if not os.path.exists(directory): |
| 221 | 227 | os.makedirs(directory) | ||
| 222 | 228 | |||
| 223 | 229 | old_mask = os.umask(0o077) | ||
| 224 | 230 | try: | ||
| 225 | 231 | with tempfile.NamedTemporaryFile(suffix='.keygen') as tf: | ||
| 226 | 232 | common_name = self.getArchiveOwnerAndName() | ||
| 227 | 233 | |||
| 228 | 234 | genkey_text = textwrap.dedent("""\ | ||
| 229 | 235 | [ req ] | ||
| 230 | 236 | default_bits = 4096 | ||
| 231 | 237 | distinguished_name = req_distinguished_name | ||
| 232 | 238 | prompt = no | ||
| 233 | 239 | string_mask = utf8only | ||
| 234 | 240 | x509_extensions = myexts | ||
| 235 | 241 | |||
| 236 | 242 | [ req_distinguished_name ] | ||
| 237 | 243 | CN = /CN=PPA """ + common_name + """ kmod/ | ||
| 238 | 244 | |||
| 239 | 245 | [ myexts ] | ||
| 240 | 246 | basicConstraints=critical,CA:FALSE | ||
| 241 | 247 | keyUsage=digitalSignature | ||
| 242 | 248 | subjectKeyIdentifier=hash | ||
| 243 | 249 | authorityKeyIdentifier=keyid | ||
| 244 | 250 | """) | ||
| 245 | 251 | |||
| 246 | 252 | print(genkey_text, file=tf) | ||
| 247 | 253 | |||
| 248 | 254 | # Close out the underlying file so we know it is complete. | ||
| 249 | 255 | tf.file.close() | ||
| 250 | 256 | |||
| 251 | 257 | new_key_cmd = [ | ||
| 252 | 258 | 'openssl', 'req', '-new', '-nodes', '-utf8', '-sha512', | ||
| 253 | 259 | '-days', '3650', '-batch', '-x509', '-config', tf.name, | ||
| 254 | 260 | '-outform', 'PEM', '-out', self.kmod_pem, | ||
| 255 | 261 | '-keyout', self.kmod_pem | ||
| 256 | 262 | ] | ||
| 257 | 263 | if self.callLog("Kmod keygen key", new_key_cmd) == 0: | ||
| 258 | 264 | new_x509_cmd = [ | ||
| 259 | 265 | 'openssl', 'x509', '-in', self.kmod_pem, | ||
| 260 | 266 | '-outform', 'DER', '-out', self.kmod_x509 | ||
| 261 | 267 | ] | ||
| 262 | 268 | if self.callLog("Kmod keygen cert", new_x509_cmd) != 0: | ||
| 263 | 269 | os.unlink(self.kmod_pem) | ||
| 264 | 270 | finally: | ||
| 265 | 271 | os.umask(old_mask) | ||
| 266 | 272 | |||
| 267 | 273 | def signKmod(self, image): | ||
| 268 | 274 | """Attempt to sign a kernel module.""" | ||
| 269 | 275 | remove_if_exists("%s.sig" % image) | ||
| 270 | 276 | (pem, cert) = self.getKeys('Kernel Module', self.generateKmodKeys, | ||
| 271 | 277 | self.kmod_pem, self.kmod_x509) | ||
| 272 | 278 | if not pem or not cert: | ||
| 273 | 279 | return | ||
| 274 | 280 | cmdl = ["kmodsign", "-D", "sha512", pem, cert, image, image + ".sig"] | ||
| 275 | 281 | return self.callLog("Kmod signing", cmdl) | ||
| 276 | 282 | |||
| 277 | 283 | def convertToTarball(self): | ||
| 278 | 284 | """Convert unpacked output to signing tarball.""" | ||
| 279 | 285 | tarfilename = os.path.join(self.tmpdir, "signed.tar.gz") | ||
| 280 | 286 | versiondir = os.path.join(self.tmpdir, self.version) | ||
| 281 | 287 | |||
| 282 | 288 | try: | ||
| 283 | 289 | with tarfile.open(tarfilename, "w:gz") as tarball: | ||
| 284 | 290 | tarball.add(versiondir, arcname=self.version) | ||
| 285 | 291 | except tarfile.TarError as exc: | ||
| 286 | 292 | raise SigningUploadPackError(tarfilename, exc) | ||
| 287 | 293 | |||
| 288 | 294 | # Clean out the original tree and move the signing tarball in. | ||
| 289 | 295 | try: | ||
| 290 | 296 | shutil.rmtree(versiondir) | ||
| 291 | 297 | os.mkdir(versiondir) | ||
| 292 | 298 | os.rename(tarfilename, os.path.join(versiondir, "signed.tar.gz")) | ||
| 293 | 299 | except OSError as exc: | ||
| 294 | 300 | raise SigningUploadPackError(tarfilename, exc) | ||
| 295 | 185 | 301 | ||
| 296 | 186 | def extract(self): | 302 | def extract(self): |
| 297 | 187 | """Copy the custom upload to a temporary directory, and sign it. | 303 | """Copy the custom upload to a temporary directory, and sign it. |
| 298 | @@ -189,10 +305,16 @@ | |||
| 299 | 189 | No actual extraction is required. | 305 | No actual extraction is required. |
| 300 | 190 | """ | 306 | """ |
| 301 | 191 | super(SigningUpload, self).extract() | 307 | super(SigningUpload, self).extract() |
| 306 | 192 | efi_filenames = list(self.findEfiFilenames()) | 308 | self.setSigningOptions() |
| 307 | 193 | for efi_filename in efi_filenames: | 309 | filehandlers = list(self.findSigningHandlers()) |
| 308 | 194 | remove_if_exists("%s.signed" % efi_filename) | 310 | for (filename, handler) in filehandlers: |
| 309 | 195 | self.signUefi(efi_filename) | 311 | if (handler(filename) == 0 and |
| 310 | 312 | 'signed-only' in self.signing_options): | ||
| 311 | 313 | os.unlink(filename) | ||
| 312 | 314 | |||
| 313 | 315 | # If tarball output is requested, tar up the results. | ||
| 314 | 316 | if 'tarball' in self.signing_options: | ||
| 315 | 317 | self.convertToTarball() | ||
| 316 | 196 | 318 | ||
| 317 | 197 | def shouldInstall(self, filename): | 319 | def shouldInstall(self, filename): |
| 318 | 198 | return filename.startswith("%s/" % self.version) | 320 | return filename.startswith("%s/" % self.version) |
| 319 | 199 | 321 | ||
| 320 | === modified file 'lib/lp/archivepublisher/tests/test_signing.py' | |||
| 321 | --- lib/lp/archivepublisher/tests/test_signing.py 2016-05-11 12:59:17 +0000 | |||
| 322 | +++ lib/lp/archivepublisher/tests/test_signing.py 2016-05-19 16:56:11 +0000 | |||
| 323 | @@ -6,6 +6,7 @@ | |||
| 324 | 6 | __metaclass__ = type | 6 | __metaclass__ = type |
| 325 | 7 | 7 | ||
| 326 | 8 | import os | 8 | import os |
| 327 | 9 | import tarfile | ||
| 328 | 9 | 10 | ||
| 329 | 10 | from fixtures import MonkeyPatch | 11 | from fixtures import MonkeyPatch |
| 330 | 11 | 12 | ||
| 331 | @@ -20,20 +21,56 @@ | |||
| 332 | 20 | from lp.testing.fakemethod import FakeMethod | 21 | from lp.testing.fakemethod import FakeMethod |
| 333 | 21 | 22 | ||
| 334 | 22 | 23 | ||
| 337 | 23 | class FakeMethodGenUefiKeys(FakeMethod): | 24 | class FakeMethodCallLog(FakeMethod): |
| 338 | 24 | """Fake execution of generation of Uefi keys pairs.""" | 25 | """Fake execution general commands.""" |
| 339 | 25 | def __init__(self, upload=None, *args, **kwargs): | 26 | def __init__(self, upload=None, *args, **kwargs): |
| 341 | 26 | super(FakeMethodGenUefiKeys, self).__init__(*args, **kwargs) | 27 | super(FakeMethodCallLog, self).__init__(*args, **kwargs) |
| 342 | 27 | self.upload = upload | 28 | self.upload = upload |
| 343 | 29 | self.callers = { | ||
| 344 | 30 | "UEFI signing": 0, | ||
| 345 | 31 | "Kmod signing": 0, | ||
| 346 | 32 | "UEFI keygen": 0, | ||
| 347 | 33 | "Kmod keygen key": 0, | ||
| 348 | 34 | "Kmod keygen cert": 0, | ||
| 349 | 35 | } | ||
| 350 | 28 | 36 | ||
| 351 | 29 | def __call__(self, *args, **kwargs): | 37 | def __call__(self, *args, **kwargs): |
| 359 | 30 | super(FakeMethodGenUefiKeys, self).__call__(*args, **kwargs) | 38 | super(FakeMethodCallLog, self).__call__(*args, **kwargs) |
| 360 | 31 | 39 | ||
| 361 | 32 | write_file(self.upload.key, "") | 40 | description = args[0] |
| 362 | 33 | write_file(self.upload.cert, "") | 41 | cmdl = args[1] |
| 363 | 34 | 42 | self.callers[description] += 1 | |
| 364 | 35 | 43 | if description == "UEFI signing": | |
| 365 | 36 | class FakeConfig: | 44 | filename = cmdl[-1] |
| 366 | 45 | if filename.endswith(".efi"): | ||
| 367 | 46 | write_file(filename + ".signed", "") | ||
| 368 | 47 | |||
| 369 | 48 | elif description == "Kmod signing": | ||
| 370 | 49 | filename = cmdl[-1] | ||
| 371 | 50 | if filename.endswith(".ko.sig"): | ||
| 372 | 51 | write_file(filename, "") | ||
| 373 | 52 | |||
| 374 | 53 | elif description == "Kmod keygen cert": | ||
| 375 | 54 | write_file(self.upload.kmod_x509, "") | ||
| 376 | 55 | |||
| 377 | 56 | elif description == "Kmod keygen key": | ||
| 378 | 57 | write_file(self.upload.kmod_pem, "") | ||
| 379 | 58 | |||
| 380 | 59 | elif description == "UEFI keygen": | ||
| 381 | 60 | write_file(self.upload.uefi_key, "") | ||
| 382 | 61 | write_file(self.upload.uefi_cert, "") | ||
| 383 | 62 | |||
| 384 | 63 | else: | ||
| 385 | 64 | raise AssertionError("unknown command executed cmd=(%s)" % | ||
| 386 | 65 | " ".join(cmdl)) | ||
| 387 | 66 | |||
| 388 | 67 | return 0 | ||
| 389 | 68 | |||
| 390 | 69 | def caller_count(self, caller): | ||
| 391 | 70 | return self.callers.get(caller, 0) | ||
| 392 | 71 | |||
| 393 | 72 | |||
| 394 | 73 | class FakeConfigPrimary: | ||
| 395 | 37 | """A fake publisher configuration for the main archive.""" | 74 | """A fake publisher configuration for the main archive.""" |
| 396 | 38 | def __init__(self, distroroot, signingroot): | 75 | def __init__(self, distroroot, signingroot): |
| 397 | 39 | self.distroroot = distroroot | 76 | self.distroroot = distroroot |
| 398 | @@ -42,6 +79,15 @@ | |||
| 399 | 42 | self.signingautokey = False | 79 | self.signingautokey = False |
| 400 | 43 | 80 | ||
| 401 | 44 | 81 | ||
| 402 | 82 | class FakeConfigCopy: | ||
| 403 | 83 | """A fake publisher configuration for a copy archive.""" | ||
| 404 | 84 | def __init__(self, distroroot): | ||
| 405 | 85 | self.distroroot = distroroot | ||
| 406 | 86 | self.signingroot = None | ||
| 407 | 87 | self.archiveroot = os.path.join(self.distroroot, 'ubuntu') | ||
| 408 | 88 | self.signingautokey = False | ||
| 409 | 89 | |||
| 410 | 90 | |||
| 411 | 45 | class FakeConfigPPA: | 91 | class FakeConfigPPA: |
| 412 | 46 | """A fake publisher configuration for a PPA.""" | 92 | """A fake publisher configuration for a PPA.""" |
| 413 | 47 | def __init__(self, distroroot, signingroot, owner, ppa): | 93 | def __init__(self, distroroot, signingroot, owner, ppa): |
| 414 | @@ -57,7 +103,7 @@ | |||
| 415 | 57 | super(TestSigning, self).setUp() | 103 | super(TestSigning, self).setUp() |
| 416 | 58 | self.temp_dir = self.makeTemporaryDirectory() | 104 | self.temp_dir = self.makeTemporaryDirectory() |
| 417 | 59 | self.signing_dir = self.makeTemporaryDirectory() | 105 | self.signing_dir = self.makeTemporaryDirectory() |
| 419 | 60 | self.pubconf = FakeConfig(self.temp_dir, self.signing_dir) | 106 | self.pubconf = FakeConfigPrimary(self.temp_dir, self.signing_dir) |
| 420 | 61 | self.suite = "distroseries" | 107 | self.suite = "distroseries" |
| 421 | 62 | # CustomUpload.installFiles requires a umask of 0o022. | 108 | # CustomUpload.installFiles requires a umask of 0o022. |
| 422 | 63 | old_umask = os.umask(0o022) | 109 | old_umask = os.umask(0o022) |
| 423 | @@ -68,28 +114,48 @@ | |||
| 424 | 68 | 'ubuntu-archive', 'testing') | 114 | 'ubuntu-archive', 'testing') |
| 425 | 69 | self.testcase_cn = '/CN=PPA ubuntu-archive testing/' | 115 | self.testcase_cn = '/CN=PPA ubuntu-archive testing/' |
| 426 | 70 | 116 | ||
| 428 | 71 | def setUpKeyAndCert(self, create=True): | 117 | def setUpUefiKeys(self, create=True): |
| 429 | 72 | self.key = os.path.join(self.signing_dir, "uefi.key") | 118 | self.key = os.path.join(self.signing_dir, "uefi.key") |
| 430 | 73 | self.cert = os.path.join(self.signing_dir, "uefi.crt") | 119 | self.cert = os.path.join(self.signing_dir, "uefi.crt") |
| 431 | 74 | if create: | 120 | if create: |
| 432 | 75 | write_file(self.key, "") | 121 | write_file(self.key, "") |
| 433 | 76 | write_file(self.cert, "") | 122 | write_file(self.cert, "") |
| 434 | 77 | 123 | ||
| 435 | 124 | def setUpKmodKeys(self, create=True): | ||
| 436 | 125 | self.kmod_pem = os.path.join(self.signing_dir, "kmod.pem") | ||
| 437 | 126 | self.kmod_x509 = os.path.join(self.signing_dir, "kmod.x509") | ||
| 438 | 127 | if create: | ||
| 439 | 128 | write_file(self.kmod_pem, "") | ||
| 440 | 129 | write_file(self.kmod_x509, "") | ||
| 441 | 130 | |||
| 442 | 78 | def openArchive(self, loader_type, version, arch): | 131 | def openArchive(self, loader_type, version, arch): |
| 443 | 79 | self.path = os.path.join( | 132 | self.path = os.path.join( |
| 444 | 80 | self.temp_dir, "%s_%s_%s.tar.gz" % (loader_type, version, arch)) | 133 | self.temp_dir, "%s_%s_%s.tar.gz" % (loader_type, version, arch)) |
| 445 | 81 | self.buffer = open(self.path, "wb") | 134 | self.buffer = open(self.path, "wb") |
| 446 | 82 | self.archive = LaunchpadWriteTarFile(self.buffer) | 135 | self.archive = LaunchpadWriteTarFile(self.buffer) |
| 447 | 83 | 136 | ||
| 448 | 137 | def process_emulate(self): | ||
| 449 | 138 | self.archive.close() | ||
| 450 | 139 | self.buffer.close() | ||
| 451 | 140 | upload = SigningUpload() | ||
| 452 | 141 | # Under no circumstances is it safe to execute actual commands. | ||
| 453 | 142 | self.fake_call = FakeMethod(result=0) | ||
| 454 | 143 | upload.callLog = FakeMethodCallLog(upload=upload) | ||
| 455 | 144 | self.useFixture(MonkeyPatch("subprocess.call", self.fake_call)) | ||
| 456 | 145 | upload.process(self.pubconf, self.path, self.suite) | ||
| 457 | 146 | |||
| 458 | 147 | return upload | ||
| 459 | 148 | |||
| 460 | 84 | def process(self): | 149 | def process(self): |
| 461 | 85 | self.archive.close() | 150 | self.archive.close() |
| 462 | 86 | self.buffer.close() | 151 | self.buffer.close() |
| 463 | 87 | fake_call = FakeMethod() | ||
| 464 | 88 | upload = SigningUpload() | 152 | upload = SigningUpload() |
| 465 | 89 | upload.signUefi = FakeMethod() | 153 | upload.signUefi = FakeMethod() |
| 466 | 154 | upload.signKmod = FakeMethod() | ||
| 467 | 155 | # Under no circumstances is it safe to execute actual commands. | ||
| 468 | 156 | fake_call = FakeMethod(result=0) | ||
| 469 | 90 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 157 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 470 | 91 | upload.process(self.pubconf, self.path, self.suite) | 158 | upload.process(self.pubconf, self.path, self.suite) |
| 471 | 92 | # Under no circumstances is it safe to execute actual commands. | ||
| 472 | 93 | self.assertEqual(0, fake_call.call_count) | 159 | self.assertEqual(0, fake_call.call_count) |
| 473 | 94 | 160 | ||
| 474 | 95 | return upload | 161 | return upload |
| 475 | @@ -106,37 +172,165 @@ | |||
| 476 | 106 | return os.path.join(self.getDistsPath(), "uefi", | 172 | return os.path.join(self.getDistsPath(), "uefi", |
| 477 | 107 | "%s-%s" % (loader_type, arch)) | 173 | "%s-%s" % (loader_type, arch)) |
| 478 | 108 | 174 | ||
| 480 | 109 | def test_unconfigured(self): | 175 | def test_archive_copy(self): |
| 481 | 110 | # If there is no key/cert configuration, processing succeeds but | 176 | # If there is no key/cert configuration, processing succeeds but |
| 498 | 111 | # nothing is signed. Signing is attempted. | 177 | # nothing is signed. |
| 499 | 112 | self.pubconf = FakeConfig(self.temp_dir, None) | 178 | self.pubconf = FakeConfigCopy(self.temp_dir) |
| 500 | 113 | self.openArchive("test", "1.0", "amd64") | 179 | self.openArchive("test", "1.0", "amd64") |
| 501 | 114 | self.archive.add_file("1.0/empty.efi", "") | 180 | self.archive.add_file("1.0/empty.efi", "") |
| 502 | 115 | upload = self.process() | 181 | self.archive.add_file("1.0/empty.ko", "") |
| 503 | 116 | self.assertEqual(1, upload.signUefi.call_count) | 182 | upload = self.process_emulate() |
| 504 | 117 | 183 | self.assertEqual(0, upload.callLog.caller_count('UEFI keygen')) | |
| 505 | 118 | def test_missing_key_and_cert(self): | 184 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen key')) |
| 506 | 119 | # If the configured key/cert are missing, processing succeeds but | 185 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen cert')) |
| 507 | 120 | # nothing is signed. Signing is attempted. | 186 | self.assertEqual(0, upload.callLog.caller_count('UEFI signing')) |
| 508 | 121 | self.openArchive("test", "1.0", "amd64") | 187 | self.assertEqual(0, upload.callLog.caller_count('Kmod signing')) |
| 509 | 122 | self.archive.add_file("1.0/empty.efi", "") | 188 | |
| 510 | 123 | upload = self.process() | 189 | def test_archive_primary_no_keys(self): |
| 511 | 124 | self.assertEqual(1, upload.signUefi.call_count) | 190 | # If the configured key/cert are missing, processing succeeds but |
| 512 | 125 | 191 | # nothing is signed. | |
| 513 | 126 | def test_no_efi_files(self): | 192 | self.openArchive("test", "1.0", "amd64") |
| 514 | 193 | self.archive.add_file("1.0/empty.efi", "") | ||
| 515 | 194 | self.archive.add_file("1.0/empty.ko", "") | ||
| 516 | 195 | upload = self.process_emulate() | ||
| 517 | 196 | self.assertEqual(0, upload.callLog.caller_count('UEFI keygen')) | ||
| 518 | 197 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen key')) | ||
| 519 | 198 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen cert')) | ||
| 520 | 199 | self.assertEqual(0, upload.callLog.caller_count('UEFI signing')) | ||
| 521 | 200 | self.assertEqual(0, upload.callLog.caller_count('Kmod signing')) | ||
| 522 | 201 | |||
| 523 | 202 | def test_archive_primary_keys(self): | ||
| 524 | 203 | # If the configured key/cert are missing, processing succeeds but | ||
| 525 | 204 | # nothing is signed. | ||
| 526 | 205 | self.setUpUefiKeys() | ||
| 527 | 206 | self.setUpKmodKeys() | ||
| 528 | 207 | self.openArchive("test", "1.0", "amd64") | ||
| 529 | 208 | self.archive.add_file("1.0/empty.efi", "") | ||
| 530 | 209 | self.archive.add_file("1.0/empty.ko", "") | ||
| 531 | 210 | upload = self.process_emulate() | ||
| 532 | 211 | self.assertEqual(0, upload.callLog.caller_count('UEFI keygen')) | ||
| 533 | 212 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen key')) | ||
| 534 | 213 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen cert')) | ||
| 535 | 214 | self.assertEqual(1, upload.callLog.caller_count('UEFI signing')) | ||
| 536 | 215 | self.assertEqual(1, upload.callLog.caller_count('Kmod signing')) | ||
| 537 | 216 | |||
| 538 | 217 | def test_PPA_creates_keys(self): | ||
| 539 | 218 | # If the configured key/cert are missing, processing succeeds but | ||
| 540 | 219 | # nothing is signed. | ||
| 541 | 220 | self.setUpPPA() | ||
| 542 | 221 | self.openArchive("test", "1.0", "amd64") | ||
| 543 | 222 | self.archive.add_file("1.0/empty.efi", "") | ||
| 544 | 223 | self.archive.add_file("1.0/empty.ko", "") | ||
| 545 | 224 | upload = self.process_emulate() | ||
| 546 | 225 | self.assertEqual(1, upload.callLog.caller_count('UEFI keygen')) | ||
| 547 | 226 | self.assertEqual(1, upload.callLog.caller_count('Kmod keygen key')) | ||
| 548 | 227 | self.assertEqual(1, upload.callLog.caller_count('Kmod keygen cert')) | ||
| 549 | 228 | self.assertEqual(1, upload.callLog.caller_count('UEFI signing')) | ||
| 550 | 229 | self.assertEqual(1, upload.callLog.caller_count('Kmod signing')) | ||
| 551 | 230 | |||
| 552 | 231 | def test_options_handling_none(self): | ||
| 553 | 232 | # If the configured key/cert are missing, processing succeeds but | ||
| 554 | 233 | # nothing is signed. | ||
| 555 | 234 | self.openArchive("test", "1.0", "amd64") | ||
| 556 | 235 | self.archive.add_file("1.0/raw-signing.options", "") | ||
| 557 | 236 | upload = self.process_emulate() | ||
| 558 | 237 | self.assertContentEqual([], upload.signing_options.keys()) | ||
| 559 | 238 | |||
| 560 | 239 | def test_options_handling_single(self): | ||
| 561 | 240 | # If the configured key/cert are missing, processing succeeds but | ||
| 562 | 241 | # nothing is signed. | ||
| 563 | 242 | self.openArchive("test", "1.0", "amd64") | ||
| 564 | 243 | self.archive.add_file("1.0/raw-signing.options", "first\n") | ||
| 565 | 244 | upload = self.process_emulate() | ||
| 566 | 245 | self.assertContentEqual(['first'], upload.signing_options.keys()) | ||
| 567 | 246 | |||
| 568 | 247 | def test_options_handling_multiple(self): | ||
| 569 | 248 | # If the configured key/cert are missing, processing succeeds but | ||
| 570 | 249 | # nothing is signed. | ||
| 571 | 250 | self.openArchive("test", "1.0", "amd64") | ||
| 572 | 251 | self.archive.add_file("1.0/raw-signing.options", "first\nsecond\n") | ||
| 573 | 252 | upload = self.process_emulate() | ||
| 574 | 253 | self.assertContentEqual(['first', 'second'], | ||
| 575 | 254 | upload.signing_options.keys()) | ||
| 576 | 255 | |||
| 577 | 256 | def test_options_tarball(self): | ||
| 578 | 257 | # Specifying the "tarball" option should create an tarball in | ||
| 579 | 258 | # the tmpdir. | ||
| 580 | 259 | self.setUpUefiKeys() | ||
| 581 | 260 | self.setUpKmodKeys() | ||
| 582 | 261 | self.openArchive("test", "1.0", "amd64") | ||
| 583 | 262 | self.archive.add_file("1.0/raw-signing.options", "tarball") | ||
| 584 | 263 | self.archive.add_file("1.0/empty.efi", "") | ||
| 585 | 264 | self.archive.add_file("1.0/empty.ko", "") | ||
| 586 | 265 | self.process_emulate() | ||
| 587 | 266 | self.assertFalse(os.path.exists(os.path.join( | ||
| 588 | 267 | self.getSignedPath("test", "amd64"), "1.0", "empty.efi"))) | ||
| 589 | 268 | self.assertFalse(os.path.exists(os.path.join( | ||
| 590 | 269 | self.getSignedPath("test", "amd64"), "1.0", "empty.ko"))) | ||
| 591 | 270 | tarfilename = os.path.join(self.getSignedPath("test", "amd64"), | ||
| 592 | 271 | "1.0", "signed.tar.gz") | ||
| 593 | 272 | self.assertTrue(os.path.exists(tarfilename)) | ||
| 594 | 273 | with tarfile.open(tarfilename) as tarball: | ||
| 595 | 274 | self.assertContentEqual([ | ||
| 596 | 275 | '1.0', '1.0/empty.efi', '1.0/empty.efi.signed', '1.0/empty.ko', | ||
| 597 | 276 | '1.0/empty.ko.sig', '1.0/raw-signing.options', | ||
| 598 | 277 | ], tarball.getnames()) | ||
| 599 | 278 | |||
| 600 | 279 | def test_options_signed_only(self): | ||
| 601 | 280 | # Specifying the "signed-only" option should trigger removal of | ||
| 602 | 281 | # the source files leaving signatures only. | ||
| 603 | 282 | self.setUpUefiKeys() | ||
| 604 | 283 | self.setUpKmodKeys() | ||
| 605 | 284 | self.openArchive("test", "1.0", "amd64") | ||
| 606 | 285 | self.archive.add_file("1.0/raw-signing.options", "signed-only") | ||
| 607 | 286 | self.archive.add_file("1.0/empty.efi", "") | ||
| 608 | 287 | self.archive.add_file("1.0/empty.ko", "") | ||
| 609 | 288 | self.process_emulate() | ||
| 610 | 289 | self.assertFalse(os.path.exists(os.path.join( | ||
| 611 | 290 | self.getSignedPath("test", "amd64"), "1.0", "empty.efi"))) | ||
| 612 | 291 | self.assertTrue(os.path.exists(os.path.join( | ||
| 613 | 292 | self.getSignedPath("test", "amd64"), "1.0", "empty.efi.signed"))) | ||
| 614 | 293 | self.assertFalse(os.path.exists(os.path.join( | ||
| 615 | 294 | self.getSignedPath("test", "amd64"), "1.0", "empty.ko"))) | ||
| 616 | 295 | self.assertTrue(os.path.exists(os.path.join( | ||
| 617 | 296 | self.getSignedPath("test", "amd64"), "1.0", "empty.ko.sig"))) | ||
| 618 | 297 | |||
| 619 | 298 | def test_options_tarball_signed_only(self): | ||
| 620 | 299 | # Specifying the "tarball" option should create an tarball in | ||
| 621 | 300 | # the tmpdir. Adding signed-only should trigger removal of the | ||
| 622 | 301 | # original files. | ||
| 623 | 302 | self.setUpUefiKeys() | ||
| 624 | 303 | self.setUpKmodKeys() | ||
| 625 | 304 | self.openArchive("test", "1.0", "amd64") | ||
| 626 | 305 | self.archive.add_file("1.0/raw-signing.options", | ||
| 627 | 306 | "tarball\nsigned-only") | ||
| 628 | 307 | self.archive.add_file("1.0/empty.efi", "") | ||
| 629 | 308 | self.archive.add_file("1.0/empty.ko", "") | ||
| 630 | 309 | self.process_emulate() | ||
| 631 | 310 | tarfilename = os.path.join(self.getSignedPath("test", "amd64"), | ||
| 632 | 311 | "1.0", "signed.tar.gz") | ||
| 633 | 312 | self.assertTrue(os.path.exists(tarfilename)) | ||
| 634 | 313 | with tarfile.open(tarfilename) as tarball: | ||
| 635 | 314 | self.assertContentEqual([ | ||
| 636 | 315 | '1.0', '1.0/empty.efi.signed', '1.0/empty.ko.sig', | ||
| 637 | 316 | '1.0/raw-signing.options', | ||
| 638 | 317 | ], tarball.getnames()) | ||
| 639 | 318 | |||
| 640 | 319 | def test_no_signed_files(self): | ||
| 641 | 127 | # Tarballs containing no *.efi files are extracted without complaint. | 320 | # Tarballs containing no *.efi files are extracted without complaint. |
| 642 | 128 | # Nothing is signed. | 321 | # Nothing is signed. |
| 644 | 129 | self.setUpKeyAndCert() | 322 | self.setUpUefiKeys() |
| 645 | 130 | self.openArchive("empty", "1.0", "amd64") | 323 | self.openArchive("empty", "1.0", "amd64") |
| 646 | 131 | self.archive.add_file("1.0/hello", "world") | 324 | self.archive.add_file("1.0/hello", "world") |
| 647 | 132 | upload = self.process() | 325 | upload = self.process() |
| 648 | 133 | self.assertTrue(os.path.exists(os.path.join( | 326 | self.assertTrue(os.path.exists(os.path.join( |
| 649 | 134 | self.getSignedPath("empty", "amd64"), "1.0", "hello"))) | 327 | self.getSignedPath("empty", "amd64"), "1.0", "hello"))) |
| 650 | 135 | self.assertEqual(0, upload.signUefi.call_count) | 328 | self.assertEqual(0, upload.signUefi.call_count) |
| 651 | 329 | self.assertEqual(0, upload.signKmod.call_count) | ||
| 652 | 136 | 330 | ||
| 653 | 137 | def test_already_exists(self): | 331 | def test_already_exists(self): |
| 654 | 138 | # If the target directory already exists, processing fails. | 332 | # If the target directory already exists, processing fails. |
| 656 | 139 | self.setUpKeyAndCert() | 333 | self.setUpUefiKeys() |
| 657 | 140 | self.openArchive("test", "1.0", "amd64") | 334 | self.openArchive("test", "1.0", "amd64") |
| 658 | 141 | self.archive.add_file("1.0/empty.efi", "") | 335 | self.archive.add_file("1.0/empty.efi", "") |
| 659 | 142 | os.makedirs(os.path.join(self.getSignedPath("test", "amd64"), "1.0")) | 336 | os.makedirs(os.path.join(self.getSignedPath("test", "amd64"), "1.0")) |
| 660 | @@ -144,7 +338,7 @@ | |||
| 661 | 144 | 338 | ||
| 662 | 145 | def test_bad_umask(self): | 339 | def test_bad_umask(self): |
| 663 | 146 | # The umask must be 0o022 to avoid incorrect permissions. | 340 | # The umask must be 0o022 to avoid incorrect permissions. |
| 665 | 147 | self.setUpKeyAndCert() | 341 | self.setUpUefiKeys() |
| 666 | 148 | self.openArchive("test", "1.0", "amd64") | 342 | self.openArchive("test", "1.0", "amd64") |
| 667 | 149 | self.archive.add_file("1.0/dir/file.efi", "foo") | 343 | self.archive.add_file("1.0/dir/file.efi", "foo") |
| 668 | 150 | os.umask(0o002) # cleanup already handled by setUp | 344 | os.umask(0o002) # cleanup already handled by setUp |
| 669 | @@ -153,8 +347,8 @@ | |||
| 670 | 153 | def test_correct_uefi_signing_command_executed(self): | 347 | def test_correct_uefi_signing_command_executed(self): |
| 671 | 154 | # Check that calling signUefi() will generate the expected command | 348 | # Check that calling signUefi() will generate the expected command |
| 672 | 155 | # when appropriate keys are present. | 349 | # when appropriate keys are present. |
| 675 | 156 | self.setUpKeyAndCert() | 350 | self.setUpUefiKeys() |
| 676 | 157 | fake_call = FakeMethod() | 351 | fake_call = FakeMethod(result=0) |
| 677 | 158 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 352 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 678 | 159 | upload = SigningUpload() | 353 | upload = SigningUpload() |
| 679 | 160 | upload.generateUefiKeys = FakeMethod() | 354 | upload.generateUefiKeys = FakeMethod() |
| 680 | @@ -173,8 +367,8 @@ | |||
| 681 | 173 | def test_correct_uefi_signing_command_executed_no_keys(self): | 367 | def test_correct_uefi_signing_command_executed_no_keys(self): |
| 682 | 174 | # Check that calling signUefi() will generate no commands when | 368 | # Check that calling signUefi() will generate no commands when |
| 683 | 175 | # no keys are present. | 369 | # no keys are present. |
| 686 | 176 | self.setUpKeyAndCert(create=False) | 370 | self.setUpUefiKeys(create=False) |
| 687 | 177 | fake_call = FakeMethod() | 371 | fake_call = FakeMethod(result=0) |
| 688 | 178 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 372 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 689 | 179 | upload = SigningUpload() | 373 | upload = SigningUpload() |
| 690 | 180 | upload.generateUefiKeys = FakeMethod() | 374 | upload.generateUefiKeys = FakeMethod() |
| 691 | @@ -188,8 +382,8 @@ | |||
| 692 | 188 | # Check that calling generateUefiKeys() will generate the | 382 | # Check that calling generateUefiKeys() will generate the |
| 693 | 189 | # expected command. | 383 | # expected command. |
| 694 | 190 | self.setUpPPA() | 384 | self.setUpPPA() |
| 697 | 191 | self.setUpKeyAndCert(create=False) | 385 | self.setUpUefiKeys(create=False) |
| 698 | 192 | fake_call = FakeMethod() | 386 | fake_call = FakeMethod(result=0) |
| 699 | 193 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 387 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 700 | 194 | upload = SigningUpload() | 388 | upload = SigningUpload() |
| 701 | 195 | upload.setTargetDirectory( | 389 | upload.setTargetDirectory( |
| 702 | @@ -205,17 +399,102 @@ | |||
| 703 | 205 | ] | 399 | ] |
| 704 | 206 | self.assertEqual(expected_cmd, args) | 400 | self.assertEqual(expected_cmd, args) |
| 705 | 207 | 401 | ||
| 713 | 208 | def test_signs_image(self): | 402 | def test_correct_kmod_signing_command_executed(self): |
| 714 | 209 | # Each image in the tarball is signed. | 403 | # Check that calling signKmod() will generate the expected command |
| 715 | 210 | self.setUpKeyAndCert() | 404 | # when appropriate keys are present. |
| 716 | 211 | self.openArchive("test", "1.0", "amd64") | 405 | self.setUpKmodKeys() |
| 717 | 212 | self.archive.add_file("1.0/empty.efi", "") | 406 | fake_call = FakeMethod(result=0) |
| 718 | 213 | upload = self.process() | 407 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 719 | 214 | self.assertEqual(1, upload.signUefi.call_count) | 408 | upload = SigningUpload() |
| 720 | 409 | upload.generateKmodKeys = FakeMethod() | ||
| 721 | 410 | upload.setTargetDirectory( | ||
| 722 | 411 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | ||
| 723 | 412 | upload.signKmod('t.ko') | ||
| 724 | 413 | self.assertEqual(1, fake_call.call_count) | ||
| 725 | 414 | # Assert command form. | ||
| 726 | 415 | args = fake_call.calls[0][0][0] | ||
| 727 | 416 | expected_cmd = [ | ||
| 728 | 417 | 'kmodsign', '-D', 'sha512', self.kmod_pem, self.kmod_x509, | ||
| 729 | 418 | 't.ko', 't.ko.sig' | ||
| 730 | 419 | ] | ||
| 731 | 420 | self.assertEqual(expected_cmd, args) | ||
| 732 | 421 | self.assertEqual(0, upload.generateKmodKeys.call_count) | ||
| 733 | 422 | |||
| 734 | 423 | def test_correct_kmod_signing_command_executed_no_keys(self): | ||
| 735 | 424 | # Check that calling signKmod() will generate no commands when | ||
| 736 | 425 | # no keys are present. | ||
| 737 | 426 | self.setUpKmodKeys(create=False) | ||
| 738 | 427 | fake_call = FakeMethod(result=0) | ||
| 739 | 428 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | ||
| 740 | 429 | upload = SigningUpload() | ||
| 741 | 430 | upload.generateKmodKeys = FakeMethod() | ||
| 742 | 431 | upload.setTargetDirectory( | ||
| 743 | 432 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | ||
| 744 | 433 | upload.signUefi('t.ko') | ||
| 745 | 434 | self.assertEqual(0, fake_call.call_count) | ||
| 746 | 435 | self.assertEqual(0, upload.generateKmodKeys.call_count) | ||
| 747 | 436 | |||
| 748 | 437 | def test_correct_kmod_keygen_command_executed(self): | ||
| 749 | 438 | # Check that calling generateUefiKeys() will generate the | ||
| 750 | 439 | # expected command. | ||
| 751 | 440 | self.setUpPPA() | ||
| 752 | 441 | self.setUpKmodKeys(create=False) | ||
| 753 | 442 | fake_call = FakeMethod(result=0) | ||
| 754 | 443 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | ||
| 755 | 444 | upload = SigningUpload() | ||
| 756 | 445 | upload.setTargetDirectory( | ||
| 757 | 446 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | ||
| 758 | 447 | upload.generateKmodKeys() | ||
| 759 | 448 | self.assertEqual(2, fake_call.call_count) | ||
| 760 | 449 | # Assert the actual command matches. | ||
| 761 | 450 | args = fake_call.calls[0][0][0] | ||
| 762 | 451 | # Sanitise the keygen tmp file. | ||
| 763 | 452 | if args[11].endswith('.keygen'): | ||
| 764 | 453 | args[11] = 'XXX.keygen' | ||
| 765 | 454 | expected_cmd = [ | ||
| 766 | 455 | 'openssl', 'req', '-new', '-nodes', '-utf8', '-sha512', | ||
| 767 | 456 | '-days', '3650', '-batch', '-x509', | ||
| 768 | 457 | '-config', 'XXX.keygen', '-outform', 'PEM', | ||
| 769 | 458 | '-out', self.kmod_pem, '-keyout', self.kmod_pem | ||
| 770 | 459 | ] | ||
| 771 | 460 | self.assertEqual(expected_cmd, args) | ||
| 772 | 461 | args = fake_call.calls[1][0][0] | ||
| 773 | 462 | expected_cmd = [ | ||
| 774 | 463 | 'openssl', 'x509', '-in', self.kmod_pem, '-outform', 'DER', | ||
| 775 | 464 | '-out', self.kmod_x509 | ||
| 776 | 465 | ] | ||
| 777 | 466 | self.assertEqual(expected_cmd, args) | ||
| 778 | 467 | |||
| 779 | 468 | def test_signs_uefi_image(self): | ||
| 780 | 469 | # Each image in the tarball is signed. | ||
| 781 | 470 | self.setUpUefiKeys() | ||
| 782 | 471 | self.openArchive("test", "1.0", "amd64") | ||
| 783 | 472 | self.archive.add_file("1.0/empty.efi", "") | ||
| 784 | 473 | upload = self.process() | ||
| 785 | 474 | self.assertEqual(1, upload.signUefi.call_count) | ||
| 786 | 475 | |||
| 787 | 476 | def test_signs_kmod_image(self): | ||
| 788 | 477 | # Each image in the tarball is signed. | ||
| 789 | 478 | self.setUpKmodKeys() | ||
| 790 | 479 | self.openArchive("test", "1.0", "amd64") | ||
| 791 | 480 | self.archive.add_file("1.0/empty.ko", "") | ||
| 792 | 481 | upload = self.process() | ||
| 793 | 482 | self.assertEqual(1, upload.signKmod.call_count) | ||
| 794 | 483 | |||
| 795 | 484 | def test_signs_combo_image(self): | ||
| 796 | 485 | # Each image in the tarball is signed. | ||
| 797 | 486 | self.setUpKmodKeys() | ||
| 798 | 487 | self.openArchive("test", "1.0", "amd64") | ||
| 799 | 488 | self.archive.add_file("1.0/empty.efi", "") | ||
| 800 | 489 | self.archive.add_file("1.0/empty.ko", "") | ||
| 801 | 490 | self.archive.add_file("1.0/empty2.ko", "") | ||
| 802 | 491 | upload = self.process() | ||
| 803 | 492 | self.assertEqual(1, upload.signUefi.call_count) | ||
| 804 | 493 | self.assertEqual(2, upload.signKmod.call_count) | ||
| 805 | 215 | 494 | ||
| 806 | 216 | def test_installed(self): | 495 | def test_installed(self): |
| 807 | 217 | # Files in the tarball are installed correctly. | 496 | # Files in the tarball are installed correctly. |
| 809 | 218 | self.setUpKeyAndCert() | 497 | self.setUpUefiKeys() |
| 810 | 219 | self.openArchive("test", "1.0", "amd64") | 498 | self.openArchive("test", "1.0", "amd64") |
| 811 | 220 | self.archive.add_file("1.0/empty.efi", "") | 499 | self.archive.add_file("1.0/empty.efi", "") |
| 812 | 221 | self.process() | 500 | self.process() |
| 813 | @@ -231,7 +510,7 @@ | |||
| 814 | 231 | def test_installed_existing_uefi(self): | 510 | def test_installed_existing_uefi(self): |
| 815 | 232 | # Files in the tarball are installed correctly. | 511 | # Files in the tarball are installed correctly. |
| 816 | 233 | os.makedirs(os.path.join(self.getDistsPath(), "uefi")) | 512 | os.makedirs(os.path.join(self.getDistsPath(), "uefi")) |
| 818 | 234 | self.setUpKeyAndCert() | 513 | self.setUpUefiKeys() |
| 819 | 235 | self.openArchive("test", "1.0", "amd64") | 514 | self.openArchive("test", "1.0", "amd64") |
| 820 | 236 | self.archive.add_file("1.0/empty.efi", "") | 515 | self.archive.add_file("1.0/empty.efi", "") |
| 821 | 237 | self.process() | 516 | self.process() |
| 822 | @@ -247,7 +526,7 @@ | |||
| 823 | 247 | def test_installed_existing_signing(self): | 526 | def test_installed_existing_signing(self): |
| 824 | 248 | # Files in the tarball are installed correctly. | 527 | # Files in the tarball are installed correctly. |
| 825 | 249 | os.makedirs(os.path.join(self.getDistsPath(), "signing")) | 528 | os.makedirs(os.path.join(self.getDistsPath(), "signing")) |
| 827 | 250 | self.setUpKeyAndCert() | 529 | self.setUpUefiKeys() |
| 828 | 251 | self.openArchive("test", "1.0", "amd64") | 530 | self.openArchive("test", "1.0", "amd64") |
| 829 | 252 | self.archive.add_file("1.0/empty.efi", "") | 531 | self.archive.add_file("1.0/empty.efi", "") |
| 830 | 253 | self.process() | 532 | self.process() |
| 831 | @@ -262,33 +541,68 @@ | |||
| 832 | 262 | 541 | ||
| 833 | 263 | def test_create_uefi_keys_autokey_off(self): | 542 | def test_create_uefi_keys_autokey_off(self): |
| 834 | 264 | # Keys are not created. | 543 | # Keys are not created. |
| 836 | 265 | self.setUpKeyAndCert(create=False) | 544 | self.setUpUefiKeys(create=False) |
| 837 | 266 | self.assertFalse(os.path.exists(self.key)) | 545 | self.assertFalse(os.path.exists(self.key)) |
| 838 | 267 | self.assertFalse(os.path.exists(self.cert)) | 546 | self.assertFalse(os.path.exists(self.cert)) |
| 840 | 268 | fake_call = FakeMethod() | 547 | fake_call = FakeMethod(result=0) |
| 841 | 269 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 548 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 842 | 270 | upload = SigningUpload() | 549 | upload = SigningUpload() |
| 844 | 271 | upload.generateUefiKeys = FakeMethodGenUefiKeys(upload=upload) | 550 | upload.callLog = FakeMethodCallLog(upload=upload) |
| 845 | 272 | upload.setTargetDirectory( | 551 | upload.setTargetDirectory( |
| 846 | 273 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | 552 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") |
| 847 | 274 | upload.signUefi('t.efi') | 553 | upload.signUefi('t.efi') |
| 849 | 275 | self.assertEqual(0, upload.generateUefiKeys.call_count) | 554 | self.assertEqual(0, upload.callLog.caller_count('UEFI keygen')) |
| 850 | 276 | self.assertFalse(os.path.exists(self.key)) | 555 | self.assertFalse(os.path.exists(self.key)) |
| 851 | 277 | self.assertFalse(os.path.exists(self.cert)) | 556 | self.assertFalse(os.path.exists(self.cert)) |
| 852 | 278 | 557 | ||
| 853 | 279 | def test_create_uefi_keys_autokey_on(self): | 558 | def test_create_uefi_keys_autokey_on(self): |
| 854 | 280 | # Keys are created on demand. | 559 | # Keys are created on demand. |
| 855 | 281 | self.setUpPPA() | 560 | self.setUpPPA() |
| 857 | 282 | self.setUpKeyAndCert(create=False) | 561 | self.setUpUefiKeys(create=False) |
| 858 | 283 | self.assertFalse(os.path.exists(self.key)) | 562 | self.assertFalse(os.path.exists(self.key)) |
| 859 | 284 | self.assertFalse(os.path.exists(self.cert)) | 563 | self.assertFalse(os.path.exists(self.cert)) |
| 861 | 285 | fake_call = FakeMethod() | 564 | fake_call = FakeMethod(result=0) |
| 862 | 286 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | 565 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) |
| 863 | 287 | upload = SigningUpload() | 566 | upload = SigningUpload() |
| 865 | 288 | upload.generateUefiKeys = FakeMethodGenUefiKeys(upload=upload) | 567 | upload.callLog = FakeMethodCallLog(upload=upload) |
| 866 | 289 | upload.setTargetDirectory( | 568 | upload.setTargetDirectory( |
| 867 | 290 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | 569 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") |
| 868 | 291 | upload.signUefi('t.efi') | 570 | upload.signUefi('t.efi') |
| 870 | 292 | self.assertEqual(1, upload.generateUefiKeys.call_count) | 571 | self.assertEqual(1, upload.callLog.caller_count('UEFI keygen')) |
| 871 | 293 | self.assertTrue(os.path.exists(self.key)) | 572 | self.assertTrue(os.path.exists(self.key)) |
| 872 | 294 | self.assertTrue(os.path.exists(self.cert)) | 573 | self.assertTrue(os.path.exists(self.cert)) |
| 873 | 574 | |||
| 874 | 575 | def test_create_kmod_keys_autokey_off(self): | ||
| 875 | 576 | # Keys are not created. | ||
| 876 | 577 | self.setUpKmodKeys(create=False) | ||
| 877 | 578 | self.assertFalse(os.path.exists(self.kmod_pem)) | ||
| 878 | 579 | self.assertFalse(os.path.exists(self.kmod_x509)) | ||
| 879 | 580 | fake_call = FakeMethod(result=0) | ||
| 880 | 581 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | ||
| 881 | 582 | upload = SigningUpload() | ||
| 882 | 583 | upload.callLog = FakeMethodCallLog(upload=upload) | ||
| 883 | 584 | upload.setTargetDirectory( | ||
| 884 | 585 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | ||
| 885 | 586 | upload.signKmod('t.ko') | ||
| 886 | 587 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen key')) | ||
| 887 | 588 | self.assertEqual(0, upload.callLog.caller_count('Kmod keygen cert')) | ||
| 888 | 589 | self.assertFalse(os.path.exists(self.kmod_pem)) | ||
| 889 | 590 | self.assertFalse(os.path.exists(self.kmod_x509)) | ||
| 890 | 591 | |||
| 891 | 592 | def test_create_kmod_keys_autokey_on(self): | ||
| 892 | 593 | # Keys are created on demand. | ||
| 893 | 594 | self.setUpPPA() | ||
| 894 | 595 | self.setUpKmodKeys(create=False) | ||
| 895 | 596 | self.assertFalse(os.path.exists(self.kmod_pem)) | ||
| 896 | 597 | self.assertFalse(os.path.exists(self.kmod_x509)) | ||
| 897 | 598 | fake_call = FakeMethod(result=0) | ||
| 898 | 599 | self.useFixture(MonkeyPatch("subprocess.call", fake_call)) | ||
| 899 | 600 | upload = SigningUpload() | ||
| 900 | 601 | upload.callLog = FakeMethodCallLog(upload=upload) | ||
| 901 | 602 | upload.setTargetDirectory( | ||
| 902 | 603 | self.pubconf, "test_1.0_amd64.tar.gz", "distroseries") | ||
| 903 | 604 | upload.signKmod('t.ko') | ||
| 904 | 605 | self.assertEqual(1, upload.callLog.caller_count('Kmod keygen key')) | ||
| 905 | 606 | self.assertEqual(1, upload.callLog.caller_count('Kmod keygen cert')) | ||
| 906 | 607 | self.assertTrue(os.path.exists(self.kmod_pem)) | ||
| 907 | 608 | self.assertTrue(os.path.exists(self.kmod_x509)) | ||
Ok I have pushed up and update to this branch which I hope will fix these concerns. This has all the formatting bits applied. I have also revamped the testing of command execution to be much simpler. Finally it adds some additional tests which seemed to be absent for Kmod signing.
In reviewing the command handling for testing I realised that the signing.py code had the call and emit error form repeated all over the place so I have pulled that out to its own helper, by doing this I now have a much more tractible test point for the unit-tests to hang off of. This has made the testing much simpler. I have also moved all tests that need keys made to the new form allowing removal of the duplicated FakeMethods for key generation.