More TUF role testing. Update actions and changelog.

Signed-off-by: Patrick Vacek <[email protected]>
advancedtelematic · Jan 29, 2019 · 3b1f5af · 3b1f5af
1 parent ffad9a3
commit 3b1f5af
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,10 @@ Our versioning scheme is `YEAR.N` where `N` is incremented whenever a new releas
 
 ## [??? (unreleased)]
 
+### Added
+
+- Basic first-order delegation support.
+
 ## [2019.1] - 2019-01-10
 
 ### Changed

diff --git a/actions.md b/actions.md
@@ -94,6 +94,8 @@ These are the primary actions that a user of libaktualizr can perform through th
   - [x] Send UpdateCheckComplete event after successful check with no available updates (aktualizr_test.cc)
   - [x] Send UpdateCheckComplete event after failure (aktualizr_test.cc)
 - [x] Download updates
+  - [x] Find requested target
+    - [x] Search first-order delegations (uptane_delegation_test.cc)
   - [x] Download an update
     - [x] Download an OSTree package (fetcher_test.cc)
     - [x] Download a binary package (uptane_vector_tests.cc, aktualizr_test.cc)
@@ -175,6 +177,9 @@ These are internal requirements that are relatively opaque to the user and/or co
   - [x] Sign TUF metadata
     - [x] Sign TUF metadata with RSA2048 (keymanager_test.cc)
     - [x] Sign TUF metadata with ED25519 (keymanager_test.cc)
+  - [x] Validate TUF roles (tuf_test.cc)
+    - [x] Delegated roles have custom names (tuf_test.cc)
+    - [x] Reject delegated role names that are identical to reserved role names (tuf_test.cc)
   - [x] Validate a TUF root (tuf_test.cc, uptane_test.cc)
     - [x] Throw an exception if a TUF root is invalid
       - [x] Throw an exception if a TUF root is unsigned (tuf_test.cc, uptane_test.cc)
@@ -185,6 +190,7 @@ These are internal requirements that are relatively opaque to the user and/or co
   - [x] Parse Uptane timestamps (types_test.cc)
     - [x] Throw an exception if an Uptane timestamp is invalid (types_test.cc)
     - [x] Get current time (types_test.cc)
+  - [x] Validate first-order target delegations (uptane_delegation_test.cc)
   - [x] Reject http GET responses that exceed size limit (httpclient_test.cc)
   - [x] Reject http GET responses that do not meet speed limit (httpclient_test.cc)
   - [x] Abort update if any signature threshold is <= 0 (REQ-153, uptane_vector_tests.cc)

diff --git a/src/libaktualizr/uptane/tuf_test.cc b/src/libaktualizr/uptane/tuf_test.cc
@@ -47,20 +47,44 @@ TEST(Root, RootJsonRsassaPssSha256) {
   EXPECT_NO_THROW(Uptane::Root(Uptane::RepositoryType::Director(), initial_root, root));
 }
 
-/* Reject delegated role names that are identical to other roles. */
+/* Validate TUF roles. */
+TEST(Role, ValidateRoles) {
+  Uptane::Role root = Uptane::Role::Root();
+  EXPECT_EQ(root.ToInt(), 0);
+  EXPECT_EQ(root.ToString(), "root");
+  EXPECT_EQ(root.IsDelegation(), false);
+
+  Uptane::Role snapshot = Uptane::Role::Snapshot();
+  EXPECT_EQ(snapshot.ToInt(), 1);
+  EXPECT_EQ(snapshot.ToString(), "snapshot");
+  EXPECT_EQ(snapshot.IsDelegation(), false);
+
+  Uptane::Role targets = Uptane::Role::Targets();
+  EXPECT_EQ(targets.ToInt(), 2);
+  EXPECT_EQ(targets.ToString(), "targets");
+  EXPECT_EQ(targets.IsDelegation(), false);
+
+  Uptane::Role timestamp = Uptane::Role::Timestamp();
+  EXPECT_EQ(timestamp.ToInt(), 3);
+  EXPECT_EQ(timestamp.ToString(), "timestamp");
+  EXPECT_EQ(timestamp.IsDelegation(), false);
+}
+
+/* Delegated roles have custom names. */
+TEST(Role, ValidateDelegation) {
+  Uptane::Role delegated = Uptane::Role::Delegated("whatever");
+  EXPECT_EQ(delegated.ToString(), "whatever");
+  EXPECT_EQ(delegated.IsDelegation(), true);
+}
+
+/* Reject delegated role names that are identical to reserved role names. */
 TEST(Role, InvalidDelegationName) {
   EXPECT_THROW(Uptane::Role::Delegated("root"), Uptane::Exception);
   EXPECT_THROW(Uptane::Role::Delegated("snapshot"), Uptane::Exception);
   EXPECT_THROW(Uptane::Role::Delegated("targets"), Uptane::Exception);
   EXPECT_THROW(Uptane::Role::Delegated("timestamp"), Uptane::Exception);
 }
 
-/* Delegated role has custom name. */
-TEST(Role, ValidDelegationName) {
-  Uptane::Role delegated = Uptane::Role::Delegated("whatever");
-  EXPECT_EQ(delegated.ToString(), "whatever");
-}
-
 #ifndef __NO_MAIN__
 int main(int argc, char** argv) {
   ::testing::InitGoogleTest(&argc, argv);

diff --git a/src/libaktualizr/uptane/uptane_delegation_test.cc b/src/libaktualizr/uptane/uptane_delegation_test.cc
@@ -30,7 +30,9 @@ class HttpFakeDelegationBasic : public HttpFake {
   unsigned int events_seen{0};
 };
 
-/* Correlation ID is empty if none was provided in targets metadata. */
+/* Validate first-order target delegations.
+ * Search first-order delegations.
+ * Correlation ID is empty if none was provided in targets metadata. */
 TEST(Delegation, Basic) {
   TemporaryDirectory temp_dir;
   auto http = std::make_shared<HttpFakeDelegationBasic>(temp_dir.Path());