def test_generate_developer_config_happy_day(tmp_path):
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(
key_file=key_file,
cert_file=certificate_file,
cred_valid_time=8
)
config = tmp_path / 'my_cfg.yaml'
class_id = uuid.uuid4()
vendor_id = uuid.uuid4()
generate_developer_config(
key_file=key_file,
cert_file=certificate_file,
config=config,
class_id=class_id,
vendor_id=vendor_id
)
with config.open('rb') as fh:
raw_cfg = yaml.safe_load(fh)
assert 'key_file' in raw_cfg
assert 'vendor-id' in raw_cfg
assert len(raw_cfg['vendor-id']) == 32
assert 'class-id' in raw_cfg
assert len(raw_cfg['class-id']) == 32
def test_bad_state(tmp_path):
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8)
key_file.unlink()
with pytest.raises(AssertionError):
generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8)
def test_overwriting_keys(tmp_path):
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8)
key_digest = digest_file(key_file)
cert_digest = digest_file(certificate_file)
generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=True,
cred_valid_time=8)
assert key_digest != digest_file(key_file)
assert cert_digest != digest_file(certificate_file)
def text_fixture(
tmp_path_factory: TempPathFactory
):
tmp_path = tmp_path_factory.mktemp("data")
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(
key_file=key_file,
cert_file=certificate_file,
cred_valid_time=8
)
return {
'tmp_path': tmp_path,
'key_file': key_file
}
def test_parse_and_verify_bad_signature(tmp_path, happy_day_data):
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(
key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8
)
with pytest.raises(AssertionError) as e:
ParseAction.do_parse(
certificate_data=certificate_file.read_bytes(),
manifest_data=happy_day_data['manifest_file'].read_bytes(),
public_key_data=None,
private_key_data=None
)
assert 'Signature verification failed' in str(e)
def data_generator(tmp_path_factory, size):
tmp_path = tmp_path_factory.mktemp("data")
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
dev_init.generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8)
bsdiff_version = armbsdiff.get_version().encode('utf-8')
fw_file = tmp_path / 'fw.bin'
fw_data = bsdiff_version + os.urandom(size)
fw_file.write_bytes(fw_data)
new_fw_file = tmp_path / 'new_fw.bin'
new_fw_data = fw_data + os.urandom(512)
new_fw_file.write_bytes(new_fw_data)
delta_file = tmp_path / 'delta.bin'
delta_tool.generate_delta(orig_fw=fw_file,
new_fw=new_fw_file,
output_delta_file=delta_file,
block_size=512,
threshold=60)
dev_cfg = tmp_path / 'dev.manifest_cfg.yaml'
dev_init.generate_developer_config(key_file=key_file,
certificate_file=certificate_file,
config=dev_cfg,
do_overwrite=True)
api_config_path = tmp_path / 'service_cfg.json'
dev_init.generate_service_config(api_key='sdsdadadadsdadasdadsadasdas',
api_url=defaults.API_GW,
api_config_path=api_config_path)
return {
'fw_file': fw_file,
'new_fw_file': new_fw_file,
'delta_file': delta_file,
'key_file': key_file,
'certificate_file': certificate_file,
'tmp_path': tmp_path,
'dev_cfg': dev_cfg,
'api_config_path': api_config_path
}
def test_generate_update_default_resources_c_happy_day(tmp_path):
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
generate_credentials(key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8)
c_source = tmp_path / 'my_source.c'
vendor_id = uuid.uuid4()
class_id = uuid.uuid4()
generate_update_default_resources_c(c_source=c_source,
vendor_id=vendor_id,
class_id=class_id,
private_key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False)
assert c_source.is_file()
gen_data = c_source.read_text()
assert 'arm_uc_vendor_id' in gen_data
assert 'arm_uc_class_id' in gen_data
assert 'arm_uc_default_certificate' in gen_data
def test_happy_day(tmp_path):
generate_credentials(
key_file=tmp_path / 'dev.key.pem',
cert_file=tmp_path / 'dev.cert.der',
cred_valid_time=8
)
def happy_day_data(
tmp_path_factory: TempPathFactory,
request
):
tmp_path = tmp_path_factory.mktemp("data")
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
manifest_version = request.param # Type[ManifestAsnCodecBase]
generate_credentials(
key_file=key_file,
certificate_file=certificate_file,
do_overwrite=False,
cred_valid_time=8
)
fw_file = tmp_path / 'fw.bin'
fw_file.write_bytes(os.urandom(512))
input_cfg = {
"manifest-version": manifest_version.get_name(),
"vendor": {
"domain": "arm.com",
"custom-data-path": fw_file.as_posix()
},
"device": {
"model-name": "my-device"
},
"priority": 15,
"payload": {
"url": "https://my.server.com/some.file?new=1",
"file-path": fw_file.as_posix(),
"format": "raw-binary"
}
}
fw_version = '100.500.0'
if 'v1' == manifest_version.get_name():
fw_version = 0
else:
input_cfg['sign-image'] = True
manifest_data = CreateAction.do_create(
pem_key_data=key_file.read_bytes(),
input_cfg=input_cfg,
fw_version=fw_version,
update_certificate=certificate_file,
asn1_codec_class=manifest_version
)
manifest_file = tmp_path / 'fota_manifest.bin'
manifest_file.write_bytes(manifest_data)
private_key = serialization.load_pem_private_key(
key_file.read_bytes(),
password=None,
backend=default_backend()
)
public_key = private_key.public_key()
public_key_bytes = public_key.public_bytes(
encoding=serialization.Encoding.X962,
format=serialization.PublicFormat.UncompressedPoint
)
public_key_file = tmp_path / 'pub_key.bin'
public_key_file.write_bytes(public_key_bytes)
return {
'manifest_file': manifest_file,
'certificate_file': certificate_file,
'pub_key_file': public_key_file,
'priv_key_file': key_file,
'manifest_version': manifest_version.get_name(),
}
def data_generator(tmp_path_factory, size, encryption_key : bytes = None):
tmp_path = tmp_path_factory.mktemp("data")
key_file = tmp_path / 'dev.key.pem'
certificate_file = tmp_path / 'dev.cert.der'
dev_init.generate_credentials(
key_file=key_file,
cert_file=certificate_file,
cred_valid_time=8
)
bsdiff_version = armbsdiff.get_version().encode('utf-8')
fw_file = tmp_path / 'fw.bin'
fw_data = bsdiff_version + os.urandom(size - len(bsdiff_version))
fw_file.write_bytes(fw_data)
new_fw_file = tmp_path / 'new_fw.bin'
new_fw_data = fw_data + os.urandom(512)
new_fw_file.write_bytes(new_fw_data)
delta_file = tmp_path / 'delta.bin'
delta_tool.generate_delta(
orig_fw=fw_file,
new_fw=new_fw_file,
output_delta_file=delta_file,
block_size=512,
threshold=60
)
if encryption_key:
encrypted_fw_file = tmp_path / 'encrypted_fw.bin'
encrypt_file(fw_file, encrypted_fw_file, encryption_key)
else:
encrypted_fw_file = None
class_id = uuid.uuid4()
vendor_id = uuid.uuid4()
dev_cfg = tmp_path / 'dev.cfg.yaml'
dev_init.generate_developer_config(
key_file=key_file,
cert_file=certificate_file,
config=dev_cfg,
class_id=class_id,
vendor_id=vendor_id
)
api_config_path = tmp_path / 'dev.cloud_cfg.yaml'
dev_init.generate_service_config(
access_key='sdsdadadadsdadasdadsadasdas',
api_url=defaults.API_GW,
api_config_path=api_config_path
)
package_data = package_data_generator(tmp_path_factory,1024*512)
return {
'fw_file': fw_file,
'new_fw_file': new_fw_file,
'encrypted_fw_file': encrypted_fw_file,
'delta_file': delta_file,
'key_file': key_file,
'certificate_file': certificate_file,
'tmp_path': tmp_path,
'dev_cfg': dev_cfg,
'api_config_path': api_config_path,
'package_data': package_data,
'encryption_key': encryption_key
}
def test_happy_day(tmp_path):
generate_credentials(key_file=tmp_path / 'dev.key.pem',
certificate_file=tmp_path / 'dev.cert.der',
do_overwrite=False,
cred_valid_time=8)
