From e369d1976e84de65d70348dc2152e8dfa10d54c7 Mon Sep 17 00:00:00 2001
From: Denis Pynkin <denis.pynkin@collabora.com>
Date: Wed, 18 Sep 2019 16:13:48 +0300
Subject: [PATCH] Add manual test case for checking OTA signed upgrade

Test case allow to check that AUM refuses to use commit signed with
unknown key (or unsigned). Check the well-known place for public keys
in system configuration directory is parsed correctly.

Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
---
 .../apertis-update-manager-ota-signed.yaml    | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 test-cases/apertis-update-manager-ota-signed.yaml

diff --git a/test-cases/apertis-update-manager-ota-signed.yaml b/test-cases/apertis-update-manager-ota-signed.yaml
new file mode 100644
index 0000000..ac7df81
--- /dev/null
+++ b/test-cases/apertis-update-manager-ota-signed.yaml
@@ -0,0 +1,76 @@
+metadata:
+  name: apertis-update-manager-ota-signed
+  format: "Apertis Test Definition 1.0"
+  image-types:
+    minimal: [ armhf ]
+  image-deployment:
+    - OSTree
+  type: functional
+  exec-type: manual
+  priority: medium
+  maintainer: "Apertis Project"
+  description: "Test the apertis-update-manager uses only signed updates over the air."
+
+  resources:
+    - "The DUT u-boot environment must be clean: in u-boot, run: `env default -a` followed by `saveenv`"
+    - "A PC must be connected to DUT serial port"
+    - "The DUT must be connected to network"
+
+  expected:
+    - "The OTA update signed with 'unknown' signature is refused to update"
+
+run:
+  steps:
+    - "Check the initial deployment"
+    - $ sudo ostree admin status
+    - "Prepare the copy of commit and deploy to allow the upgrade to the same version"
+    - "Command below shows you an initial commit ID, for instance"
+    - |
+        $ export BOOTID=$(sudo ostree admin status | sed -n -e 's/^\* apertis \([0-9a-f]*\)\.[0-9]$/\1/p'); echo $BOOTID
+    - "Get the Collection ID and ref"
+    -  $ export CID=$(sudo ostree refs -c | head -n 1 | tr -d '(),' | cut -f 1 -d ' '); echo COLLECTION_ID=$CID
+    -  $ export REF=$(sudo ostree refs -c | head -n 1 | tr -d '(),' | cut -f 2 -d ' '); echo REF=$REF
+    - "Create the list of files to skip and ensure there are some files in those directories, the default Apertis 'ed25519' public key will be removed as well."
+    - $ ls -1d /usr/share/locale /usr/share/man /usr/share/zoneinfo /usr/share/ostree/trusted.ed25519.d > /tmp/skip
+    - $ du -sh /usr/share/locale /usr/share/man /usr/share/zoneinfo /usr/share/ostree/trusted.ed25519.d
+    - "Create the commit with changed timestamp and skipped list from above to allow upgrade with recent update file"
+    - |
+        $ export NEWID=$(sudo ostree commit --orphan --tree=ref=$BOOTID --add-metadata-string=ostree.collection-binding=$CID --bind-ref=$REF --timestamp="1 year ago" --skip-list=/tmp/skip); echo "New commit: $NEWID"
+    - "Copy public key to home directory"
+    - $ cp -av /usr/share/ostree/trusted.ed25519.d/apertis.ed25519 ./
+    - "Deploy the prepared commit"
+    - $ sudo ostree admin upgrade --allow-downgrade --deploy-only --override-commit=$NEWID --reboot
+    - "Wait until the system is booted again and check the deployment"
+    - $ sudo ostree admin status
+    - "The booted commit (started with '*') must have ID which we prepare and the initial commit ID should be marked as '(rollback)'"
+    - "Remove the initial deployment"
+    - $ sudo ostree admin undeploy 1
+    - "Reboot the system"
+    - "Check the current deployment"
+    - $ sudo ostree admin status
+    - "Start the user interface agent with mode preventing automatic system reboot after update"
+    - $ sudo updatectl --register-upgrade-handler &
+    - "Need to monitor the journal log to catch events"
+    - $ sudo journalctl -ef --unit apertis-update-manager &
+    - "Enable network updates with CLI tool"
+    - $ sudo updatectl --check-network-updates
+    - "Check that the update manager refuses to update"
+    - |
+        > Sep 18 12:54:09 apertis apertis-update-[426]: Ostree upgrade failed: Can't verify commit
+    - "Copy the public key to system-wide directory -- this allowing to use signed commits for update"
+    - $ sudo mkdir -p /etc/ostree/trusted.ed25519.d/; sudo cp -av apertis.ed25519 /etc/ostree/trusted.ed25519.d/
+    - "Try to update via network again"
+    - $ sudo updatectl --check-network-updates
+    - "Should to see started download/deploy process. Check the string saying we are using the signed commit: 'security: SIGN: commit'"
+    - |
+        > Sep 18 13:01:13 apertis apertis-update-managerd[426]: libostree pull from 'origin' for apertis/v2020dev0/amd64-uefi/minimal complete
+                                                      security: disabled 
+                                                      security: SIGN: commit http: TLS
+                                                      non-delta: meta: 438 content: 3962
+                                                      transfer: secs: 64 size: 44.5 MB
+    - "After the update, the device does *not* reboot automatically"
+    - "Check if there is pending deployment and reboot the DUT"
+    - $ sudo ostree admin status
+    - $ sudo reboot
+    - "Check the current deployment has been updated and that the rollback entry points to the prepared deployment"
+    - $ sudo ostree admin status
-- 
GitLab