Added negative path test cases for pnor signature validation
Resolves openbmc/openbmc#3000
Change-Id: Ia03385d74d9885975c411ac24769510bd1afc4c4
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>
diff --git a/test/utest.cpp b/test/utest.cpp
index 23d2555..21fdc28 100644
--- a/test/utest.cpp
+++ b/test/utest.cpp
@@ -106,7 +106,6 @@
{
command("rm -rf " + std::string(testPath));
}
-
std::unique_ptr<Signature> signature;
fs::path extractPath;
fs::path signedConfPath;
@@ -118,3 +117,38 @@
{
EXPECT_TRUE(signature->verify());
}
+
+/** @brief Test failure scenario with corrupted signature file*/
+TEST_F(SignatureTest, TestCorruptSignatureFile)
+{
+ // corrupt the image-kernel.sig file and ensure that verification fails
+ std::string kernelFile = extractPath.string() + "/" + "pnor.xz.squashfs";
+ command("echo \"dummy data\" > " + kernelFile + ".sig ");
+ EXPECT_FALSE(signature->verify());
+}
+
+/** @brief Test failure scenario with no public key in the image*/
+TEST_F(SignatureTest, TestNoPublicKeyInImage)
+{
+ // Remove publickey file from the image and ensure that verify fails
+ std::string pubkeyFile = extractPath.string() + "/" + "publickey";
+ command("rm " + pubkeyFile);
+ EXPECT_FALSE(signature->verify());
+}
+
+/** @brief Test failure scenario with invalid hash function value*/
+TEST_F(SignatureTest, TestInvalidHashValue)
+{
+ // Change the hashfunc value and ensure that verification fails
+ std::string hashFile = signedConfPNORPath.string() + "/hashfunc";
+ command("echo \"HashType=md5\" > " + hashFile);
+ EXPECT_FALSE(signature->verify());
+}
+
+/** @brief Test for failure scenario with no config file in system*/
+TEST_F(SignatureTest, TestNoConfigFileInSystem)
+{
+ // Remove the conf folder in the system and ensure that verify fails
+ command("rm -rf " + signedConfPNORPath.string());
+ EXPECT_FALSE(signature->verify());
+}